urlscan.io logo urlscan.io
SecurityTrails logo

9.gamalanding.com Open in urlscan Pro
104.21.16.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://issweet.net/
Effective URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Submission: On November 22 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 38 HTTP transactions. The main IP is 104.21.16.220, located in and belongs to CLOUDFLARENET, US. The main domain is 9.gamalanding.com.
TLS certificate: Issued by E1 on October 13th 2023. Valid for: 3 months.
This is the only time 9.gamalanding.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.177.72 61969 (TEAMINTER...)
1 18.66.121.138 16509 (AMAZON-02)
2 18.215.111.30 14618 (AMAZON-AES)
2 193.200.65.61 6681 (GIVEME-CLOUD)
1 1 193.200.64.30 6681 (GIVEME-CLOUD)
1 1 172.67.184.172 13335 (CLOUDFLAR...)
4 104.21.16.220 13335 (CLOUDFLAR...)
21 2606:4700:303... 13335 (CLOUDFLAR...)
1 142.250.186.104 15169 (GOOGLE)
3 188.114.97.3 13335 (CLOUDFLAR...)
38 8
4    185.53.177.72 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
issweet.net
1    18.66.121.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-138.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    18.215.111.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-111-30.compute-1.amazonaws.com
sorou-cxa.com
2    193.200.65.61 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network
popvalcom.com
1    193.200.64.30 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: cpabeta.com
alanwaketor.com
1    172.67.184.172 (United States)

ASN13335 (CLOUDFLARENET, US)
colorful-road-three.com
4    104.21.16.220 (None, )

ASN13335 (CLOUDFLARENET, US)
9.gamalanding.com
21    2606:4700:3032::6815:10dc (United States)

ASN13335 (CLOUDFLARENET, US)
9.gamalanding.com
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
posthog-cat.com
Domain Requested by
25 9.gamalanding.com popvalcom.com
9.gamalanding.com
4 issweet.net d38psrni17bvxu.cloudfront.net
issweet.net
3 posthog-cat.com issweet.net
posthog-cat.com
2 popvalcom.com sorou-cxa.com
popvalcom.com
2 sorou-cxa.com issweet.net
sorou-cxa.com
1 www.googletagmanager.com 9.gamalanding.com
1 colorful-road-three.com 1 redirects
1 alanwaketor.com 1 redirects
1 d38psrni17bvxu.cloudfront.net issweet.net
38 9

This site contains links to these domains. Also see Links.

Domain
land.see2gama.com
Subject Issuer Validity Valid
popvalcom.com
R3		 2023-10-31 -
2024-01-29		 3 months crt.sh
gamalanding.com
E1		 2023-10-13 -
2024-01-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
posthog-cat.com
E1		 2023-10-12 -
2024-01-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Frame ID: 9A33A09DE3CD51790E26F865A80F68C2
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gama

Page URL History Show full URLs

  1. http://issweet.net/ Page URL
  2. http://sorou-cxa.com/zclkvisitor/7ad193a3-88d9-11ee-a744-1299c0e8e78b/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. http://sorou-cxa.com/zclkredirect?visitid=7ad193a3-88d9-11ee-a744-1299c0e8e78b&type=js&browserWid... Page URL
  4. https://popvalcom.com/bens/vinos.js?24261&mode=redir&subsite=zulu-cue-v5m52enx0w Page URL
  5. https://popvalcom.com/clicks/MjQyNjFfMjc5ODczXzIzLjYwM18xM18xNzAwNjE3NDg5NTI4ODMzODk3XzM1XjI3NWYwM... Page URL
  6. http://alanwaketor.com/click/?id=15193&subid_1=279873&subid_2=31698&subid_3=15467&subid_5=zulu-cue-... HTTP 302
    https://colorful-road-three.com/de610bbd5?ClickID=5288338971700617816&WebID=410_15467 HTTP 302
    https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

38
Requests

82 %
HTTPS

10 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

1661 kB
Transfer

1836 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://issweet.net/ Page URL
  2. http://sorou-cxa.com/zclkvisitor/7ad193a3-88d9-11ee-a744-1299c0e8e78b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8d4f6f70-1d3c-11ed-ba03-128084d1ce51 Page URL
  3. http://sorou-cxa.com/zclkredirect?visitid=7ad193a3-88d9-11ee-a744-1299c0e8e78b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
  4. https://popvalcom.com/bens/vinos.js?24261&mode=redir&subsite=zulu-cue-v5m52enx0w Page URL
  5. https://popvalcom.com/clicks/MjQyNjFfMjc5ODczXzIzLjYwM18xM18xNzAwNjE3NDg5NTI4ODMzODk3XzM1XjI3NWYwMTJmYTkwOTY3ZmI4ZTA4ZjU5ZmFlNzJhYjg0XjA0LjExLjIyLjIwMjM=?&subid=zulu-cue-v5m52enx0w Page URL
  6. http://alanwaketor.com/click/?id=15193&subid_1=279873&subid_2=31698&subid_3=15467&subid_5=zulu-cue-v5m52enx0w&click_id=24261_279873_7_5_s31_zulu-cue-v5m52enx0w HTTP 302
    https://colorful-road-three.com/de610bbd5?ClickID=5288338971700617816&WebID=410_15467 HTTP 302
    https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
issweet.net/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://issweet.net/
Protocol
HTTP/1.1
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
5fc8a19d0321c1e5a31261c5a3ffa9d54da64a6c09b4a42128418784a4f83d0d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Nov 2023 01:50:14 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_BizFSF9J/AdX+kasbJuL7oxA30nG+BPrdBUO32Kkc02klpe1k2eA6UvcCANgDSkootTFC4E9s8HVyBuaLQrF+g==
X-Buckets
bucket011
X-Domain
issweet.net
X-Language
german
X-Redirect
zeropark_zeroclick
X-Subdomain
X-Template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: issweet.net
URL: http://issweet.net/
Protocol
HTTP/1.1
Server
18.66.121.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-138.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://issweet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 21 Nov 2023 04:31:13 GMT
Via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 11:12:07 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
76742
ETag
"63ce6b87-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
GCTsVt7Udm-WaWRC8bwCnQe93CRYilgtrHF5j-Elf5FUUvWsNZ1t1w==
track.php
issweet.net/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://issweet.net/track.php?domain=issweet.net&toggle=browserjs&uid=MTcwMDYxNzgxNC4zMjc5OjYzZWRlMDRjOTAzYzIyZTJkZjJhNGIyMzI5NGQzOWE1ZjY5NTMzMmVmMjhkYWI5ZjE5ZTQwOTUwY2M1MWJmNTg6NjU1ZDVlNTY1MDBjZA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://issweet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 01:50:15 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
issweet.net/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://issweet.net/ls.php?t=655d5e56&token=ae2298db0fb07428305d3bc2ba4fe5831bd77047
Requested by
Host: issweet.net
URL: http://issweet.net/
Protocol
HTTP/1.1
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://issweet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 01:50:15 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_U7nQ9llvuKkwF37E9TLJLHQ87ViCIbPp2Y41+5Kv2isQ3AMtnpBPLQHDWE+R09ZXl6R48V6w9hShHn8vZKo0sA==
Connection
keep-alive
X-Log-Success
655d5e57a3caf61b0e5c2990
track.php
issweet.net/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://issweet.net/track.php?click=d49d63c4e4121d86d5839d58711349e1b1ddb357&domain=issweet.net&uid=MTcwMDYxNzgxNC4zMjc5OjYzZWRlMDRjOTAzYzIyZTJkZjJhNGIyMzI5NGQzOWE1ZjY5NTMzMmVmMjhkYWI5ZjE5ZTQwOTUwY2M1MWJmNTg6NjU1ZDVlNTY1MDBjZA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NTVkNWU1NjUwMDlmfHx8MTcwMDYxNzgxNC42OTYxfDIxNWViNjEyOTBhNTU3ZWNkZDIzNzQ3OTdhYjM0ZWNkYWY2ODdlNGN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxhZTIyOThkYjBmYjA3NDI4MzA1ZDNiYzJiYTRmZTU4MzFiZDc3MDQ3fDB8fDB8MHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://issweet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 01:50:15 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
none
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
sorou-cxa.com/zclkvisitor/7ad193a3-88d9-11ee-a744-1299c0e8e78b/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sorou-cxa.com/zclkvisitor/7ad193a3-88d9-11ee-a744-1299c0e8e78b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8d4f6f70-1d3c-11ed-ba03-128084d1ce51
Requested by
Host: issweet.net
URL: http://issweet.net/
Protocol
HTTP/1.1
Server
18.215.111.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-111-30.compute-1.amazonaws.com
Software
lgHWbEZS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://issweet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Wed, 22 Nov 2023 01:50:15 GMT
Server
lgHWbEZS
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
zclkredirect
sorou-cxa.com/ 		342 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sorou-cxa.com/zclkredirect?visitid=7ad193a3-88d9-11ee-a744-1299c0e8e78b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Requested by
Host: sorou-cxa.com
URL: http://sorou-cxa.com/zclkvisitor/7ad193a3-88d9-11ee-a744-1299c0e8e78b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8d4f6f70-1d3c-11ed-ba03-128084d1ce51
Protocol
HTTP/1.1
Server
18.215.111.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-111-30.compute-1.amazonaws.com
Software
mOlfVgSF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://sorou-cxa.com/zclkvisitor/7ad193a3-88d9-11ee-a744-1299c0e8e78b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8d4f6f70-1d3c-11ed-ba03-128084d1ce51
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Wed, 22 Nov 2023 01:50:15 GMT
Server
mOlfVgSF
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
vinos.js
popvalcom.com/bens/ 		522 B
679 B 		Document
General
Check archive.org
Download Go to
Full URL
https://popvalcom.com/bens/vinos.js?24261&mode=redir&subsite=zulu-cue-v5m52enx0w
Requested by
Host: sorou-cxa.com
URL: http://sorou-cxa.com/zclkredirect?visitid=7ad193a3-88d9-11ee-a744-1299c0e8e78b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.61 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash

Request headers

Referer
http://sorou-cxa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Nov 2023 01:50:15 GMT
P3P
CP="NON DSP COR CURa TIA"
Server
nginx
Transfer-Encoding
chunked
MjQyNjFfMjc5ODczXzIzLjYwM18xM18xNzAwNjE3NDg5NTI4ODMzODk3XzM1XjI3NWYwMTJmYTkwOTY3ZmI4ZTA4ZjU5ZmFlNzJhYjg0XjA0LjExLjIyLjIwMjM=
popvalcom.com/clicks/ 		248 B
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://popvalcom.com/clicks/MjQyNjFfMjc5ODczXzIzLjYwM18xM18xNzAwNjE3NDg5NTI4ODMzODk3XzM1XjI3NWYwMTJmYTkwOTY3ZmI4ZTA4ZjU5ZmFlNzJhYjg0XjA0LjExLjIyLjIwMjM=?&subid=zulu-cue-v5m52enx0w
Requested by
Host: popvalcom.com
URL: https://popvalcom.com/bens/vinos.js?24261&mode=redir&subsite=zulu-cue-v5m52enx0w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.61 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash

Request headers

Referer
https://popvalcom.com/bens/vinos.js?24261&mode=redir&subsite=zulu-cue-v5m52enx0w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Nov 2023 01:50:16 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
P3P
CP="NON DSP COR CURa TIA"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Primary Request /
9.gamalanding.com/
Redirect Chain
  • http://alanwaketor.com/click/?id=15193&subid_1=279873&subid_2=31698&subid_3=15467&subid_5=zulu-cue-v5m52enx0w&click_id=24261_279873_7_5_s31_zulu-cue-v5m52enx0w
  • https://colorful-road-three.com/de610bbd5?ClickID=5288338971700617816&WebID=410_15467
  • https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Requested by
Host: popvalcom.com
URL: https://popvalcom.com/clicks/MjQyNjFfMjc5ODczXzIzLjYwM18xM18xNzAwNjE3NDg5NTI4ODMzODk3XzM1XjI3NWYwMTJmYTkwOTY3ZmI4ZTA4ZjU5ZmFlNzJhYjg0XjA0LjExLjIyLjIwMjM=?&subid=zulu-cue-v5m52enx0w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8895ca8ca63fc8d7205e24d3cce434cb5962344ef517708a641a13c16dcc706e

Request headers

Referer
https://popvalcom.com/clicks/MjQyNjFfMjc5ODczXzIzLjYwM18xM18xNzAwNjE3NDg5NTI4ODMzODk3XzM1XjI3NWYwMTJmYTkwOTY3ZmI4ZTA4ZjU5ZmFlNzJhYjg0XjA0LjExLjIyLjIwMjM=?&subid=zulu-cue-v5m52enx0w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
829d854cda400c5d-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Nov 2023 01:50:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvCW1xn4q7km9YLUNIEjZhXXt%2BpRoU6kt4VbNZBfrugfFekccLs6f3YnDnsRgVAkRcUeenFJATTn3Y%2FetXf8dMhDkQWTZQPTJGhccoO5nFhdTYtQqyadX2BPaMY%2F7OfaW2%2FQyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
829d8549bcfd929f-FRA
content-type
text/html; charset=utf-8
date
Wed, 22 Nov 2023 01:50:16 GMT
location
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VryuPUqqf%2BtD88kTOq%2Fw9NbdpSzgMVqwaXEBHOkoX7oDbNRNDPyxApaW6n65KCEpweUYzrjz62vHovfjLSgK0t0cdJ6rlTH0ArDPMt32Rk44QvOQf%2BvAy17ANo10NGxA9dmiWi6YbCSQpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains max-age=31536000
vary
Accept-Encoding
style.min.css
9.gamalanding.com/public/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/public/css/style.min.css
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a9bf5a9c164f35128b45bb365ce7e260c03087aefbb86a4d1f79c002e29467

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6667
etag
W/"65158e6d-7037"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppoZtmEcWTuneRcVav0%2BGNXzZeroWgdSME63KxHH9%2FfkQHxUeaICQ5QvKrIMJNmzwcRakloNOg0URthmubmsij8BHhmOhYdRLBF0WoGPMWunMGOHgxm%2Bqeh92J8sibYAHg4MlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
829d854d4a5b0c5d-AMS
alt-svc
h3=":443"; ma=86400
logo.png
9.gamalanding.com/public/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/logo.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbf96291a96a2dae59c1998861b9f7134534173660c8c668af6f04b1c883344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6070
etag
"65158e72-1579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzMzv1c74DCtRKJ9DW%2ByoDM91%2Bcm8bAwVxeOeY%2BKVFZP0lSdg4oOvpQ2RiFRh9YFk5sO6pE5yd1mxjrlLMcojukxmazk%2BdMLwRDS4REuO3pHilWbFf1KnfSXFAD3RWZefrnvLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854d4a5d0c5d-AMS
alt-svc
h3=":443"; ma=86400
content-length
5497
circle-back.png
9.gamalanding.com/public/img/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/circle-back.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39713f38165e519029197b4b90f4d56d4d4d62bb01a57a076fb7a28faac49224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6070
etag
"65158e70-10c9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4%2FTf6RfoIRBrg%2BpkJ7QTdi%2FmXQUp9yN5HV7hgL8R9VkBsmwuS2uvkViF1TwA6ZhCelrm3AKmYlbzDSI2p4UoY%2FqXcvXDIZ2TUExuP1LyCoHXuHMMr0LN0KfXsF2kzGfz8JIlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854d4a5e0c5d-AMS
alt-svc
h3=":443"; ma=86400
content-length
68764
circle-main.png
9.gamalanding.com/public/img/ 		214 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/circle-main.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23023e7c81167ab993c5b12192dd518d94ca41e65f900442d82fc90d850376c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e71-358f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyMYL7hnzYQnrcGxObjB6t8hKbylMqfeyrp8avzV69JgTlbjjoBqR%2FxNXglUs4m2oQt8mZpwUAoW2W8vVgpKl2S97IAZg%2FEtAqQMAgAbTpz1gyyvE0wGOWg14gUpTwy54raQqQK%2F72odhn5Zjvi9sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854defe71c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
219384
glow-1.png
9.gamalanding.com/public/img/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/glow-1.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2febb3c26d06c71efd18cd15d1a7000e06e29760cdfca9a37439a6bc15d4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3537
etag
"65158e71-7c19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u66OjRbOF3lTDt5QAM7%2FYcOj0VHViakHbict2zXcRhCBd4gXJWd1phoWH0GioUvhZHO%2Fhq0TjCmtRhnIiz5eRPJdSuElEw00ZOTZGosGlWgwW6wU03VXYyzYIZZl7WysF0zX6c62IlGb7R%2F1tSFqdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854defe81c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
31769
glow-2.png
9.gamalanding.com/public/img/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/glow-2.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7d693a3236b40def59bcfa6fb3e68e80119664b1c64df87b86f6eef47f09d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e72-8dc2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzPP0iFzqgma86VSb9%2BLMr2EMbFqZyQuMg3bnkTtkxWMzgHGd4eyWY5%2FrQsk0ZV0IvOYjElktKl%2BR1lFpqhSmVpbUoqnEvYZn548T3a3sbgA0Mp0WQdvDshE66qwDYlZAC8%2B0wxNVUgomRgtQIx6mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deff01c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
36290
circle-arr.png
9.gamalanding.com/public/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/circle-arr.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12a01e644a3b76f823380abbc488c385898af484fba13370338cbba17989676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3536
etag
"65158e70-2bd6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U50rBO2JMgcUKQIZ%2BZS5oNoEXq1tiZlYceOGq4cHI3fSAZhUnG51dFNhDG7ts4eCS12XkUIZDIgzmZYafYufeMUgEkovbD%2FgSWjDGZ7Fz9TPaxbFgcpmoyTaFJ0xHjnetsEIzOCwVYRYGYE3nkmWRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deff11c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
11222
circle-btn.png
9.gamalanding.com/public/img/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/circle-btn.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3054af22c58a550d61b59578e0444d2700bdaff77a771cd1d532a3c1524639d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e70-9798"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzIPas%2B8XY0ivp2YExV1K2%2FVK9QOyN9RQTvFNj%2Fv%2BASzcBOwsIg6Pcvud1ADVxN3v0xgSa0hblD6H1zDuvMwR9IzOOJblsNPoiojAG0PoiFSJ%2BzZzjchIltMnyiCtKVkFvYp046okPKhcDWRurFcEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deff21c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
38808
zeus.png
9.gamalanding.com/public/img/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/zeus.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8068b0ff4dea4d80682180aeba89ca04e5fe9418b98012a3114e22496df136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e74-14cdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQlTMdBtjDiZanSyOj3GlrsVLDWkrqGTyvxjn8%2BE7pEqI3S1JV0bSfX24jh1h44MhEArgO6AfOP36SymxeHQDygu6KxaYo9svr26iY2uUSwBsJCgBFLe9HPKqe1qjck1xncQbi9LcUfUN8Xov%2BIqeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deff31c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
85213
flash2.png
9.gamalanding.com/public/img/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/flash2.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d32cd89e4284ed5db34a31963d3b4f7b644a228e64726de522eaa4af5f68f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e71-282a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifXPrzOaIwdnJuI45M7pAsAo8DCJlJXYJnx5o1CSc2YZ711abZD9UAoUraDYIt9k9hOLO%2FMR4X1cUs0gRR5NNk89Xzwqb7ZtC4MghF7dvhYHdrucOzThPhAaqTDHjSMvWN4lJOHc9wNRDZ8fkWuCoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deff41c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
164521
flash1.png
9.gamalanding.com/public/img/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/flash1.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f0ca716f08c8004b90ca617ab730e710707a3822b3365197db42b2568a4d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e71-137e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yVk1FZS4exwv%2B%2FC%2BHMdALx9icjDsVtPZUD1%2FOcyWlKYmRN637xJCyEVGFaJX4%2Bb5uwlD%2FGKYT69%2FiBVMwtWtFqIiC6%2Fw1BhlPMvTgcnWHzKiqDxqPFYDJpKnwpjSOqG0uYPRsp6NdOGH2ivWjIv1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deff51c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
79846
item-1.png
9.gamalanding.com/public/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/item-1.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65e5d9026e2d1da01d3eec3df4fef757f19018969df7349f397c549e3680175b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3536
etag
"65158e72-3e8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzbQcrQYshWNMd0qmls2Nn3lESzsycPGvqGDzkyLlKAkoyCXKrz07WNVBgvJjLxtY4%2B91cI2tPnUr0E4WsxQEh05v7NJPaRJALZLPo6X1bjdyuxfi2ELiQLQvWHaiJwiZv240oVMOVr9ywuYAXqApw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deff61c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
16011
item-2.png
9.gamalanding.com/public/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/item-2.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3544cbe73dd34c448777812779612e8d028338b2ee9e5445b185a804b980355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e72-5bf4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oo%2B18krpgBZ0EOd8D7dh%2FajHnV6sXxiwyzCWlgG0hs8MVLxAOWsQVWALewGcqO2eD8g%2Fl6lS3MerUWqFAm6gIbLYEREeYy47XEnb0o6daCurr6y2PAdc84vSZXVMSVoXKQdrjSmBSFI839JtOrTqXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deff71c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
23540
item-3.png
9.gamalanding.com/public/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/item-3.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a4eedf87ffdc640cd5ea5428920decc357c8fcc6fce321328e78c202445891

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e72-2c74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezIpca5BGk0ahUK9bHHo2dbtVPJodQCxtIurw%2B5MpW%2FR%2FVu6yducxpwxanO99HBpU1wZv3ddGUEybNeOM0TRGPo15zwAevpAtgBl3cevuybw5BUixepR17PUDTtb2YHQMr8yRbdFaRBBbY%2F5G52k2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deff81c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
11380
item-4.png
9.gamalanding.com/public/img/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/item-4.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7be38626b08045319de9788c54b2bb76e3c0ea93f384dcbcb698a15313675b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3536
etag
"65158e72-7138"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JukEmuwXFpFNFROH%2FclTloRkPTiuhBcxIPKe6NBHaJJUmzqMj%2B0E1f0xq1K6rzlcmR%2FOEs6AEDfKZJKdx6x4Cd9rsF7kX7h241QfldsQEqukAHy8kzxpNv530oeNjzJUry5DM%2Bgd3GvrFjJZVk%2FQDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deff91c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
28984
parallax.min.js
9.gamalanding.com/public/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/public/js/parallax.min.js
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa4cad8b8c65ae062f64172ceb16f7eb02242cee0ec506f6a18390b650b98e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
W/"65158e75-43a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EC4T5yuuGgxCBXHNQqJMewR8qfGcA1WdwU%2BXu7ru2khNWCUyEc2poORhEU%2FhVGbg06j5RNtzlg0kf0hhmrvelJ14rmPvRgLEpJsACaTqHeG7x9CbT%2FcNcf1U7UDOjU4xEhf0oDEw0MRSkGVG7khXMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
829d854defeb1c89-AMS
alt-svc
h3=":443"; ma=86400
main.min.js
9.gamalanding.com/public/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/public/js/main.min.js
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8968289813831b28d45afaab3a708f25ee275e2a14a763ef8217db736c6cb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
W/"65158e75-1391"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0Rtm0IgPhPdauRoDETveTnepL0s5H9IMOzlTZr92jUW%2FnhL%2BG%2Btg41kmOLJUdVVjpEXZIp172Y0GK1IkVsPGs%2FnNfKxAxDiJEey0KEkQ%2BarDtZRSBiEhNeMCf3YFDGcowmQKFdyDAA9oNx4Usmszw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
829d854defee1c89-AMS
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBN57N8N&gtm_auth=SFfZkaTIUPXNVKwBaA16cA&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/?stag=35690_655d5e58320223de13caee07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
16481813d8fb53ad56d707b7ef42f1b0598e3004e301c82c6748b01bcb97a408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45736
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg.jpg
9.gamalanding.com/public/img/ 		229 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/bg.jpg
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69aed3330afcf35cf79ed03294cb27399b26f4586f795772a35df8fc03ad0363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/public/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e70-39563"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqqOI0Qnmu1q8pW3hw3Yr%2FK8JK%2BWOMQT3fBbb87vchvma2U5QfIQqUht6R0TIkiePZXNnExBfWCai%2BI2gGJ6D3BPsnsSjxhVVgXWIpY8FfQq5qM5jrRvGxg3l%2B2QhrtUcOoot%2BjNvA49wUIx9YxAIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deffb1c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
234851
pergament.png
9.gamalanding.com/public/img/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/pergament.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0728bed6ff44490ceff9efeeed7b3a3abfc35ff2a28407eced1c9b827da398e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/public/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3536
etag
"65158e73-f716"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtblbIa3cocRle%2F0FnyBtIaOdm3Xy2x%2BVsY%2FHLD%2Fkkfy1e4lDHVFqHS9rh7rsCw7vbWXQsRL25U6DFuk9xGLCqukjtrVs9Wf8cjXCFM0y1J3854zuWL2HCGIM0KYOj8dlmmx2DmKIffWwj62IDd4Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deffc1c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
63254
popup-bg-bg.png
9.gamalanding.com/public/img/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/popup-bg-bg.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87050d490d4837d2b3b3be3f9fdbb148d8128822e434627e39881c541eeeb75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/public/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e73-1e486"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvIw8T%2BA99BZi5E1NoVbbwm5qysDcamz19QoW4GxWo0ARGAR9bIfCr91YfWU9rp7TSONhlO%2F11bl6Qi7SZyBfSVcR4bryp%2F3ld8fmrMUjBgkHE1dh%2Fr3GbcT3lfk%2B62rg9WY7hel%2FDoPswfR6B8Xpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deffd1c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
124038
popup-bg.png
9.gamalanding.com/public/img/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/popup-bg.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b9604e621df27b780c902b6c3c120702bc1b9aaf2b21a82e8e01a626edaa2cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/public/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3536
etag
"65158e73-16119"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9DKX6dZ92BzOrh4TZSBpq1565Bdd9tNXxrDjCjTeCG856w1xK7YnRMf3eXMhUK489yHVnZc9C3NyvZY8rD4%2B2xtMxRPArHfaVEQG00jGMGZpmAwKMNIviZA9jNtp6WgFDH4iELzb2YCd%2B6W0gGE2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854deffe1c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
90393
popup-btn.png
9.gamalanding.com/public/img/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9.gamalanding.com/public/img/popup-btn.png
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ffede959f751da77ce3c32f21610d6d828d9bd6c397fa9cdf894c54ad29fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/public/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2576
etag
"65158e73-f9f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJSKo%2FXELcajmkTcFBZl5hsDJN7NqmZdb2vdobR05M6FbH1w3Ja06z%2FMrL0rNTKpnbVSiB2d8w9rrc7I4xX6UCnYWsw7kc1jC9wzzAqnIT1eOtf%2BEAqn9ipSZybK%2FDCwyqIhWQPng%2FErzvTyDMI6xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854defff1c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
63984
Montserrat-Bold.woff2
9.gamalanding.com/public/fonts/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/public/fonts/Montserrat-Bold.woff2
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e35a837e4f22c75cc03c4e501023d6f4ffe074c786064a9b2c0d27257897ac1

Request headers

Referer
https://9.gamalanding.com/public/css/style.min.css
Origin
https://9.gamalanding.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3414
etag
"65158e6f-167f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQyCkwUfi9KIJBL%2FyfSUhfOqaSdmtpy4INmkJcShBEGtQfyS9clw2Y%2BGm1ylFy4zkGt7H50QxQpIq64UGsFE2tGStO6mE9DJCd9XzKCcyRyuSEiVAzUUE02m5%2FD9Ewr%2FN9V%2Bs%2BGYNvPqd1k74GnL8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854de8011c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
92152
Montserrat-Black.woff2
9.gamalanding.com/public/fonts/ 		89 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://9.gamalanding.com/public/fonts/Montserrat-Black.woff2
Requested by
Host: 9.gamalanding.com
URL: https://9.gamalanding.com/public/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78440cef291a9e1e12fbf0fe238828e77b2d55fe8f0dc045edf2f95f276099b

Request headers

Referer
https://9.gamalanding.com/public/css/style.min.css
Origin
https://9.gamalanding.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:17 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:32:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3536
etag
"65158e6f-163b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cw2fdrE9WlpkXJQM6veZVEDLCtaPnN5QpQuoCG9YBkn6CHXab8RSGJ3UxMpYx0JQlCNYMUA1O16hPuICa%2FY4r7vkGYwDPwetj5t1CJQyY0Urh5L4ERGJN0pVWWotORFydlXFZwtONGOP1nflHT1xbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
829d854de8021c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
91060
array.js
posthog-cat.com/static/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://posthog-cat.com/static/array.js
Requested by
Host: issweet.net
URL: http://issweet.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0db7d29c221fbfb75787d73b7ad4cbd8ead007b5254a043af356c623fb0fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9.gamalanding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
last-modified
Tue, 17 Oct 2023 14:20:49 GMT
server
cloudflare
etag
W/"652e9841-1ce8d"
vary
Cookie, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vk9gotEY9lLkDZv%2FxbYfKtljcXPJBgY5wrbXpDwhcjMOpr2ydfWpqFj49Vi%2B1Atq%2F7TXjsJTgqFXuv0IT3uDZlHAdAMZ%2FaNfPWG3EyaYPr6oi4EU7rGZrL7mzZDcjbmGFbI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
x-robots-tag
noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
cf-ray
829d8553ba3a3689-FRA
/
posthog-cat.com/e/ 		13 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://posthog-cat.com/e/?ip=1&_=1700617818279&ver=1.83.2
Requested by
Host: posthog-cat.com
URL: https://posthog-cat.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://9.gamalanding.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Nov 2023 01:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://9.gamalanding.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aat5vshme9AydHxVThhoUeqOhiltAgB6DOZP0%2FmSStbaTZW233B01pMFN3qGJY5CBv096WsjaO%2B7HZ5XLPk7wykInsWwtEtofQQKKWeSi37GsDte7gSwxx6a0Qa6t8Wm9ak%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
x-robots-tag
noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
access-control-allow-headers
X-Requested-With,Content-Type
cf-ray
829d85544a883689-FRA
/
posthog-cat.com/decide/ 		374 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://posthog-cat.com/decide/?v=3&ip=1&_=1700617818280&ver=1.83.2
Requested by
Host: posthog-cat.com
URL: https://posthog-cat.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b52d0d52c69620247edc1f169666223d3c872dcc15c3acb87012f8606cc6cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://9.gamalanding.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Nov 2023 01:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://9.gamalanding.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nrdp8t6oT4wDVYBiP6bfEamYxW70izcoNws06BRWRNha2rGl%2BlmfPHSpwsMR8XngT%2FAedRaJ1d%2BLrfjYDDendbz%2BvybbBWKk%2F2224hG5i6rru4k9BkZ8sJjTAZp3dCiIWmE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
x-robots-tag
noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
access-control-allow-headers
X-Requested-With,Content-Type
cf-ray
829d85544a893689-FRA

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer function| Parallax function| $$ function| addCss function| getElementIndex function| h_el function| debugging function| addEv number| counter function| removeDismiss function| firstBonus function| secondBonus function| Opn number| size object| c object| ctx object| center number| minSegmentHeight number| groundHeight string| color number| roughness number| maxDifference function| render function| createLightning object| google_tag_manager object| google_tag_data object| posthog

4 Cookies

Domain/Path Name / Value
.popvalcom.com/ Name: uuid
Value: 1700617489528833897
.alanwaketor.com/ Name: uid
Value: 5288338971700617816
colorful-road-three.com/ Name: 49d180ecf56132819571
Value: 655d5e58320223de13caee07
.gamalanding.com/ Name: ph_phc_vk7ry35fgSZLyRTYWK4py4MAFpsJLlG6JLi00Nk7cqY_posthog
Value: %7B%22distinct_id%22%3A%22018bf4b8-90a3-7fc9-a087-593790646d17%22%2C%22%24device_id%22%3A%22018bf4b8-90a3-7fc9-a087-593790646d17%22%2C%22%24user_state%22%3A%22anonymous%22%2C%22%24sesid%22%3A%5B1700617818278%2C%22018bf4b8-90a6-7fee-a16b-8dcc256c5e63%22%2C1700617818278%5D%2C%22%24session_recording_enabled_server_side%22%3Afalse%2C%22%24autocapture_disabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%2C%22%24feature_flag_payloads%22%3A%7B%7D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9.gamalanding.com
alanwaketor.com
colorful-road-three.com
d38psrni17bvxu.cloudfront.net
issweet.net
popvalcom.com
posthog-cat.com
sorou-cxa.com
www.googletagmanager.com
104.21.16.220
142.250.186.104
172.67.184.172
18.215.111.30
18.66.121.138
185.53.177.72
188.114.97.3
193.200.64.30
193.200.65.61
2606:4700:3032::6815:10dc
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
0728bed6ff44490ceff9efeeed7b3a3abfc35ff2a28407eced1c9b827da398e8
0e35a837e4f22c75cc03c4e501023d6f4ffe074c786064a9b2c0d27257897ac1
16481813d8fb53ad56d707b7ef42f1b0598e3004e301c82c6748b01bcb97a408
1aa4cad8b8c65ae062f64172ceb16f7eb02242cee0ec506f6a18390b650b98e3
23023e7c81167ab993c5b12192dd518d94ca41e65f900442d82fc90d850376c0
3054af22c58a550d61b59578e0444d2700bdaff77a771cd1d532a3c1524639d7
34a9bf5a9c164f35128b45bb365ce7e260c03087aefbb86a4d1f79c002e29467
39713f38165e519029197b4b90f4d56d4d4d62bb01a57a076fb7a28faac49224
5a2febb3c26d06c71efd18cd15d1a7000e06e29760cdfca9a37439a6bc15d4d6
5f7d693a3236b40def59bcfa6fb3e68e80119664b1c64df87b86f6eef47f09d4
5fc8a19d0321c1e5a31261c5a3ffa9d54da64a6c09b4a42128418784a4f83d0d
65e5d9026e2d1da01d3eec3df4fef757f19018969df7349f397c549e3680175b
69aed3330afcf35cf79ed03294cb27399b26f4586f795772a35df8fc03ad0363
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8895ca8ca63fc8d7205e24d3cce434cb5962344ef517708a641a13c16dcc706e
8bbf96291a96a2dae59c1998861b9f7134534173660c8c668af6f04b1c883344
9b9604e621df27b780c902b6c3c120702bc1b9aaf2b21a82e8e01a626edaa2cc
b0a4eedf87ffdc640cd5ea5428920decc357c8fcc6fce321328e78c202445891
b4d32cd89e4284ed5db34a31963d3b4f7b644a228e64726de522eaa4af5f68f7
b6ffede959f751da77ce3c32f21610d6d828d9bd6c397fa9cdf894c54ad29fe3
b78440cef291a9e1e12fbf0fe238828e77b2d55fe8f0dc045edf2f95f276099b
b7b52d0d52c69620247edc1f169666223d3c872dcc15c3acb87012f8606cc6cb
b9f0ca716f08c8004b90ca617ab730e710707a3822b3365197db42b2568a4d29
cc8068b0ff4dea4d80682180aeba89ca04e5fe9418b98012a3114e22496df136
de8968289813831b28d45afaab3a708f25ee275e2a14a763ef8217db736c6cb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7be38626b08045319de9788c54b2bb76e3c0ea93f384dcbcb698a15313675b5
e87050d490d4837d2b3b3be3f9fdbb148d8128822e434627e39881c541eeeb75
f12a01e644a3b76f823380abbc488c385898af484fba13370338cbba17989676
f3544cbe73dd34c448777812779612e8d028338b2ee9e5445b185a804b980355
fd0db7d29c221fbfb75787d73b7ad4cbd8ead007b5254a043af356c623fb0fa1