google-pax.xyz Open in urlscan Pro
2606:4700:3033::ac43:c0f4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://google-pax.xyz/
Effective URL:
https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_...
Submission: On December 04 via api (December 4th 2024, 10:10:37 am UTC) from US — Scanned from US

Summary HTTP 113 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 113 HTTP transactions. The main IP is 2606:4700:3033::ac43:c0f4, located in United States and belongs to CLOUDFLARENET, US. The main domain is google-pax.xyz.
TLS certificate: Issued by WE1 on December 4th 2024. Valid for: 3 months.

This is the only time google-pax.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3033::ac43:c0f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
54	2606:4700:303... 2606:4700:3037::ac43:b1e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	52.95.179.58 52.95.179.58	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c21::84	15169 (GOOGLE) (GOOGLE)
24	2607:f8b0:400... 2607:f8b0:4004:c09::77	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
2	172.67.74.152 172.67.74.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::ac43:ca98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.151.204.6 185.151.204.6	396535 (ADJUST-) (ADJUST-)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5e	() ()
113	10

3 2606:4700:3033::ac43:c0f4 (United States)

ASN13335 (CLOUDFLARENET, US)

google-pax.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2606:4700:3037::ac43:b1e0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.game-s80.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.95.179.58 (Jakarta, Indonesia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com

appdv76.s3.ap-southeast-3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c21::84 (Washington, United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4004:c09::77 (Washington, United States)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:ca98 (United States)

ASN13335 (CLOUDFLARENET, US)

api-tester.feiwindevelopment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.151.204.6 (United States) 1 redirects

ASN396535 (ADJUST-, US)

app.adjust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5e (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	game-s80.com www.game-s80.com	3 MB
27	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 45 play-lh.googleusercontent.com — Cisco Umbrella Rank: 557	6 KB
12	gstatic.com fonts.gstatic.com Failed www.gstatic.com	343 KB
7	amazonaws.com appdv76.s3.ap-southeast-3.amazonaws.com	10 KB
3	google-pax.xyz google-pax.xyz	66 KB
2	ipify.org api.ipify.org — Cisco Umbrella Rank: 2001 Failed	569 B
1	adjust.com 1 redirects app.adjust.com — Cisco Umbrella Rank: 3095	1 KB
1	feiwindevelopment.com api-tester.feiwindevelopment.com	1 KB
0	umeng.com Failed uweb.umeng.com Failed
113	9

	Domain	Requested by
54	www.game-s80.com	google-pax.xyz www.game-s80.com
24	play-lh.googleusercontent.com	google-pax.xyz
11	fonts.gstatic.com	www.game-s80.com
7	appdv76.s3.ap-southeast-3.amazonaws.com	google-pax.xyz
3	lh3.googleusercontent.com	google-pax.xyz
3	google-pax.xyz	www.game-s80.com
2	api.ipify.org	www.game-s80.com
1	www.gstatic.com
1	app.adjust.com	1 redirects
1	api-tester.feiwindevelopment.com	www.game-s80.com
0	uweb.umeng.com Failed	google-pax.xyz
113	11

This site contains no links.

Subject Issuer	Validity	Valid
google-pax.xyz WE1	`2024-12-04` - `2025-03-04`	3 months	crt.sh
game-s80.com WE1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
*.s3.ap-southeast-3.amazonaws.com Amazon RSA 2048 M01	`2024-10-20` - `2025-09-30`	a year	crt.sh
*.googleusercontent.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
edgestatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ipify.org WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
feiwindevelopment.com WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Frame ID: 97A40E82847A3AA0CDA5F741741ACC65
Requests: 119 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

99s8 – Apps on Google Play

Page URL History Show full URLs

https://google-pax.xyz/ Page URL
https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adg... Page URL
https://app.adjust.com/1jcstnlx?campaign=99s8_campaign%28123%29&adgroup=99s8_adgroup%28123%29&creat... HTTP 302
https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adg... Page URL

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Page Statistics

113
Requests

94 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

3326 kB
Transfer

10372 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://google-pax.xyz/ Page URL
https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang Page URL
https://app.adjust.com/1jcstnlx?campaign=99s8_campaign%28123%29&adgroup=99s8_adgroup%28123%29&creative=99s8_creative%28123%29&redirect=https%3A%2F%2Fgoogle-pax.xyz%2F%3Ft%3D1%26p0_android%3D1jcstnlx%26p0_ios%3D1jh8oxks%26p1%3D99s8_campaign%26p2%3D123%26p3%3D99s8_adgroup%26p4%3D123%26p5%3D99s8_creative%26p6%3D123%26channelCode%3Dguanwang&label=guanwang HTTP 302
https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://new.cnzz.com/v1/login.php?siteid=1281397231 HTTP 302
https://uweb.umeng.com/v1/login.php?siteid=1281397231

Request Chain 102

https://new.cnzz.com/v1/login.php?siteid=1281397231 HTTP 302
https://uweb.umeng.com/v1/login.php?siteid=1281397231

113 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
google-pax.xyz/ 540 KB
33 KB 863ms
549ms Document
text/html 2606:4700:3033::ac43:c0f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://google-pax.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb76db5d0d91febb35338236f6ba9f69372614f41a50787c2f6503f689f2cb49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ecb0193399c43eb-EWR
content-encoding: zstd
content-type: text/html
date: Wed, 04 Dec 2024 10:10:21 GMT
last-modified: Wed, 04 Dec 2024 05:05:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k3AFKI0YTkHcQWdwkGsuccrpa3XJp2iHHqrYV1VxxSOWgOm9aCCu3eApCJTd%2B6nwvgBXYqgC4L2LMi2%2BTS8j65%2BT5MKzWEiwFHiPeTqYci4dTeASvwPOQFoaApv%2FEJIrUVQWsuVPSziUJsJkcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=30233&min_rtt=27082&rtt_var=10336&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4199&recv_bytes=4471&delivery_rate=547&cwnd=12000&unsent_bytes=0&cid=bbdcd403fef0c4a8&ts=726&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 style.css
www.game-s80.com/resource/google/common/ 658 KB
104 KB 202ms
48ms Stylesheet
text/css 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/google/common/style.css
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673ff5f9-a4995"
age: 8688
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5pAsxe6JLKd87bPu%2FzPqVsyI1ERqCvffySsc6eUilGS8yBFXtKdObmqog9AnQ7XBNNjLiafzEt2VyC07tpNrzgBYULmKuj1FKrZOaXIAg%2BptOXjVo7r5RL5slYrSEShnU3BTcix31NbQnt%2FpFeD"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 19:45:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34075&min_rtt=33899&rtt_var=12837&sent=17&recv=10&lost=0&retrans=0&sent_bytes=9730&recv_bytes=4874&delivery_rate=87425&cwnd=12000&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=76&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 03:09:45 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01993b208c0f-EWR
server: cloudflare

GET
H3 200 clipboard.min.js Show response
www.game-s80.com/resource/common/ 18 KB
5 KB 198ms
47ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/clipboard.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-4950"
age: 21266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1J9NghBhFpHpcim2zzZlCQ%2BQS9chZQM0jgypxY2e%2F1PsR1vBiDLZ6HYv5lfpiGJoreM8%2BeDSnsGIG6aKDJU3NvcYGdvOL4MoT5AHYktAz6EL%2BP4Y25eHKSOsKbvDdYLVLxDYFYAc9pU9T4I4IyK"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:15:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34075&min_rtt=33899&rtt_var=12837&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4874&delivery_rate=87425&cwnd=12000&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=75&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01993b1f8c0f-EWR
server: cloudflare

GET
H3 200 qrcode.min.js Show response
www.game-s80.com/resource/common/ 19 KB
8 KB 224ms
73ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/qrcode.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-4dd7"
age: 21266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0J9etqoDMSeZQyE7oODa2P9jM7UMO1P2A25AcpzBy4bCeO%2B6XBIKHNCOEnh3ky%2Fdw9YdSz52uZBThJe6Rzw5LUALR2IsGxAwQ%2FH8lyqaV%2FpP1pce9b0mNuEQhZZqikLoObFErzOsVx1TjHUKg2Nq"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:15:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34075&min_rtt=33899&rtt_var=12837&sent=22&recv=10&lost=0&retrans=0&sent_bytes=15601&recv_bytes=4874&delivery_rate=87425&cwnd=12000&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=76&x=1", cfHdrFlush;dur=30
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01993b1e8c0f-EWR
server: cloudflare

GET
H/1.1 200
OK import-scripts.js
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 9 KB
9 KB 1370ms
573ms Script
application/javascript 52.95.179.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.58 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

x-amz-id-2: xR4LTaCRWLOJQMX7FU8VSV9HYUc14P2y8huyNdZVAJu2P2zSYihqDRWBYoxSExyu1uBFS5HWJvk=
ETag: "0a718bb010a4bc901c45eba9dad3b0a2"
x-amz-request-id: 0766C8B0KYVM67QH
Accept-Ranges: bytes
Content-Length: 8988
Date: Wed, 04 Dec 2024 10:10:24 GMT
Last-Modified: Sun, 07 Jul 2024 03:32:15 GMT
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET alpine.3.x.x.min.js
www.game-s80.com/resource/google/common/ 0
0

GET
H3 200 email-decode.min.js Show response
www.game-s80.com/resource/common/ 1 KB
1 KB 52ms
49ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/email-decode.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-4d7"
age: 21235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KO5YIFgeJApZyNE3v%2BjIJamfVYl4jy7%2FV66u39trm985wLTU7DAGgy13VpWwjZ0D2RnocWBreBCy%2FvZ7ES2fZK8TdLVvEkw9fL%2BDa4vD4HjHl0uyJ4n5m5KQpRXHm1mSh%2Ftuszu3wWyyhvPPyhoJ"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=177&x=1", cfHdrFlush;dur=5
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8a8c0f-EWR
server: cloudflare

GET
H/1.1 200
OK adtiS80.js
appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/ 202 B
609 B 1233ms
574ms Script
application/javascript 52.95.179.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/adtiS80.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.58 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

x-amz-id-2: lX/ievLej+o+sb2rRg+3710S6CFL0C4FrOer17twEnOMNLC+SVtuzxKhCEvX5/H51/7XRBuV/bo=
ETag: "9b9dae0e3eea15c29d8b88166b431493"
x-amz-request-id: 076A8HWK73DD3F6Y
Accept-Ranges: bytes
Content-Length: 202
Date: Wed, 04 Dec 2024 10:10:24 GMT
Last-Modified: Wed, 04 Dec 2024 09:47:46 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 99s8-adjust-targetInstall.js Show response
www.game-s80.com/resource/common/ 12 KB
5 KB 53ms
50ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/99s8-adjust-targetInstall.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbbd3efbe53e0e20aa83d119cd8223b433703603f7cafe036616cb4e2948e340

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd943-31b8"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2Bk%2BhKjT5olcnGIsor7CthqrefZdPkeorEWbU7xuPBueuSj12jYmcuavGRLXTeAJTJec%2F0SbD3yUKtmKgIASIooizAo1x%2BqR29%2FVXj%2BcEnkczr0tzsmygVVbh%2FiIgUepoLsbLyKD2GgofFSJWd6L"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 17:02:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=177&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 04:23:31 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8b8c0f-EWR
server: cloudflare

GET
H3 200 adti-advertise.v1.10.3.6.js Show response
www.game-s80.com/resource/common/ 14 KB
5 KB 52ms
50ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/adti-advertise.v1.10.3.6.js?v=2
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-37ba"
age: 21235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BGq0EKoNzFrtv2%2F7XSHI6fFJ%2FudfIRXyQfbqGP5qJhlL2Wkx47KlZTanPC8p%2FX7DLamO%2FMO%2B8%2BKdBHXV%2FPnXerSoQvs5xkrqyJGq4%2FfzsjlV6qKpnnx3SqSqRday7UEQhW9ieOJcNjsspoexTN3"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=179&x=1", cfHdrFlush;dur=3
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8f8c0f-EWR
server: cloudflare

GET
H3 200 servers.js Show response
www.game-s80.com/resource/common/ 477 B
937 B 76ms
74ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/servers.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"674fca1a-1dd"
age: 21265
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tP0nubev%2BeJOHpnGahPHQEBoDTDDLmYU3UNw3smBzq8z11ZVBL2fVttr%2BFds1Qd35dezKmtJb%2FSB3G3MtV6bf%2FGygIohI4A94WneEJABhFD%2FnpS0ZQlDmudhb4E%2F4TsT2lQQIWjFN8s%2FeurLLhsv"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:15:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=179&x=1", cfHdrFlush;dur=3
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199eb918c0f-EWR
server: cloudflare

GET
H3 200 s8-targetInstall.js Show response
www.game-s80.com/resource/common/ 463 B
1007 B 75ms
73ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/s8-targetInstall.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bfbca4ff46b39f126945cffabce480e8f7d6c5da77354c62ee7e111929ac06a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"674fe137-1cf"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wE3kJrKHhD%2FGFXb9yGloCKKHT6pEcthcQzK3Ed62P4tnAQ4eQFMJRTLHqusYyYzg1astQmhiWx1zHq5SxqjNWilJxB0PnNqOeFqQEBUhVO4Gp9eVCar8cs8UaJI8DUKiajIw3sY3PT7pn%2FlGIDbu"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 17:02:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=180&x=1", cfHdrFlush;dur=2
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 04:57:27 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199eb928c0f-EWR
server: cloudflare

GET
H2 200 ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ 2 KB
3 KB 706ms
53ms Image
image/png 2607:f8b0:4004:c21::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v18"
age: 3553
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:11:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:11:11 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 2378
x-xss-protection: 0
server: fife

GET
H2 200 _KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ 222 B
312 B 618ms
44ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10230
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 07:19:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 07:19:54 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 222
x-xss-protection: 0
server: fife

GET
H2 200 iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 200 B
287 B 621ms
47ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 13893
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 06:18:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 06:18:51 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 244 B
334 B 619ms
45ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1777
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:40:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:40:47 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 244
x-xss-protection: 0
server: fife

GET
H2 200 W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 200 B
499 B 621ms
47ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 3654
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:09:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:09:30 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 164 B
254 B 620ms
46ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 9901
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 07:25:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 07:25:23 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 164
x-xss-protection: 0
server: fife

GET 4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ 0
0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 435ms
59ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 374419
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 02:10:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 02:10:05 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ 0
0

GET kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 0
0

GET
H2 200 ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
play-lh.googleusercontent.com/a-/ 454 B
550 B 350ms
44ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v69"
age: 3553
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:11:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:11:11 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 454
x-xss-protection: 0
server: fife

GET
H2 200 ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
play-lh.googleusercontent.com/a/ 302 B
369 B 83ms
74ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v0"
age: 3553
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:11:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:11:11 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 302
x-xss-protection: 0
server: fife

GET
H2 200 ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
play-lh.googleusercontent.com/a-/ 1 KB
1 KB 39ms
31ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "vc"
age: 4321
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 08:58:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 08:58:23 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1124
x-xss-protection: 0
server: fife

GET /
api.ipify.org/ 0
0

GET
H3 200 / Show response
google-pax.xyz/ 540 KB
33 KB 306ms
305ms Document
text/html 2606:4700:3033::ac43:c0f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/common/99s8-adjust-targetInstall.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb76db5d0d91febb35338236f6ba9f69372614f41a50787c2f6503f689f2cb49

Request headers

Referer: https://google-pax.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ecb01a40ef543eb-EWR
content-encoding: zstd
content-type: text/html
date: Wed, 04 Dec 2024 10:10:24 GMT
last-modified: Wed, 04 Dec 2024 05:05:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vT5m%2BuO3ayLO2nWfklIp18vCPWUNeiLNKFbl5BBGG0E1mCkC3cuV4hKee6YFBGUp12iOs9IRE4WvxKzX1mIq9lDKrzzeV%2Fd9MxQkKQZVwugzMUHmMiD8ZBEvBv0vAFdM5sB9pgFh04gdWMmzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=31673&min_rtt=25158&rtt_var=5758&sent=48&recv=30&lost=0&retrans=0&sent_bytes=38992&recv_bytes=5736&delivery_rate=150270&cwnd=19200&unsent_bytes=0&cid=bbdcd403fef0c4a8&ts=3163&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

Content-Type: image/png

GET
H3 200 style.css
www.game-s80.com/resource/google/common/ 658 KB
0 3ms
3ms Stylesheet
text/css 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/google/common/style.css
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673ff5f9-a4995"
age: 8688
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5pAsxe6JLKd87bPu%2FzPqVsyI1ERqCvffySsc6eUilGS8yBFXtKdObmqog9AnQ7XBNNjLiafzEt2VyC07tpNrzgBYULmKuj1FKrZOaXIAg%2BptOXjVo7r5RL5slYrSEShnU3BTcix31NbQnt%2FpFeD"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 19:45:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34075&min_rtt=33899&rtt_var=12837&sent=17&recv=10&lost=0&retrans=0&sent_bytes=9730&recv_bytes=4874&delivery_rate=87425&cwnd=12000&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=76&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 03:09:45 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01993b208c0f-EWR
server: cloudflare

GET
H3 200 clipboard.min.js Show response
www.game-s80.com/resource/common/ 18 KB
0 5ms
5ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/clipboard.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-4950"
age: 21266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1J9NghBhFpHpcim2zzZlCQ%2BQS9chZQM0jgypxY2e%2F1PsR1vBiDLZ6HYv5lfpiGJoreM8%2BeDSnsGIG6aKDJU3NvcYGdvOL4MoT5AHYktAz6EL%2BP4Y25eHKSOsKbvDdYLVLxDYFYAc9pU9T4I4IyK"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:15:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34075&min_rtt=33899&rtt_var=12837&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4874&delivery_rate=87425&cwnd=12000&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=75&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01993b1f8c0f-EWR
server: cloudflare

GET
H3 200 qrcode.min.js Show response
www.game-s80.com/resource/common/ 19 KB
0 5ms
5ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/qrcode.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-4dd7"
age: 21266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0J9etqoDMSeZQyE7oODa2P9jM7UMO1P2A25AcpzBy4bCeO%2B6XBIKHNCOEnh3ky%2Fdw9YdSz52uZBThJe6Rzw5LUALR2IsGxAwQ%2FH8lyqaV%2FpP1pce9b0mNuEQhZZqikLoObFErzOsVx1TjHUKg2Nq"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:15:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34075&min_rtt=33899&rtt_var=12837&sent=22&recv=10&lost=0&retrans=0&sent_bytes=15601&recv_bytes=4874&delivery_rate=87425&cwnd=12000&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=76&x=1", cfHdrFlush;dur=30
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01993b1e8c0f-EWR
server: cloudflare

GET
H/1.1 200
OK import-scripts.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 9 KB
0 6ms
6ms Script
application/javascript 52.95.179.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.58 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

x-amz-id-2: xR4LTaCRWLOJQMX7FU8VSV9HYUc14P2y8huyNdZVAJu2P2zSYihqDRWBYoxSExyu1uBFS5HWJvk=
ETag: "0a718bb010a4bc901c45eba9dad3b0a2"
x-amz-request-id: 0766C8B0KYVM67QH
Accept-Ranges: bytes
Content-Length: 8988
Date: Wed, 04 Dec 2024 10:10:24 GMT
Last-Modified: Sun, 07 Jul 2024 03:32:15 GMT
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 alpine.3.x.x.min.js Show response
www.game-s80.com/resource/google/common/ 44 KB
0 1ms
1ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d284e695a6a5d8239e58c8b6e677e4130be213d92e25ffec0f4ce640d8995f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fe2ee-aee4"
age: 494
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qync4dsjDo2X2yU6R6p6o2VDQNPSjP6ASrCMRpQlpvk1KMpR3xoCuErneL%2B%2B01I6K46Y5GNZyvnP%2Bn0Yl%2F3MZc3IkX1gfwjDlR%2Fipb56qLITdVc7YhVdqgEvuKKC1ngoBIbeZr4B%2BjwB4oaUBIc"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 22:02:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34756&min_rtt=26925&rtt_var=5501&sent=145&recv=68&lost=0&retrans=0&sent_bytes=141657&recv_bytes=8964&delivery_rate=1218675&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=1303&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:23 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 05:04:46 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01a0e9dc8c0f-EWR
server: cloudflare

GET
H3 200 email-decode.min.js Show response
www.game-s80.com/resource/common/ 1 KB
0 52ms
49ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/email-decode.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-4d7"
age: 21235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KO5YIFgeJApZyNE3v%2BjIJamfVYl4jy7%2FV66u39trm985wLTU7DAGgy13VpWwjZ0D2RnocWBreBCy%2FvZ7ES2fZK8TdLVvEkw9fL%2BDa4vD4HjHl0uyJ4n5m5KQpRXHm1mSh%2Ftuszu3wWyyhvPPyhoJ"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=177&x=1", cfHdrFlush;dur=5
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8a8c0f-EWR
server: cloudflare

GET
H/1.1 200
OK adtiS80.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/ 202 B
0 1233ms
574ms Script
application/javascript 52.95.179.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/adtiS80.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.58 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 10f7998fb09d8440e0a7be017ce3682030a605437f9da0877e59053e706436a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

x-amz-id-2: lX/ievLej+o+sb2rRg+3710S6CFL0C4FrOer17twEnOMNLC+SVtuzxKhCEvX5/H51/7XRBuV/bo=
ETag: "9b9dae0e3eea15c29d8b88166b431493"
x-amz-request-id: 076A8HWK73DD3F6Y
Accept-Ranges: bytes
Content-Length: 202
Date: Wed, 04 Dec 2024 10:10:24 GMT
Last-Modified: Wed, 04 Dec 2024 09:47:46 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 99s8-adjust-targetInstall.js Show response
www.game-s80.com/resource/common/ 12 KB
0 53ms
50ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/99s8-adjust-targetInstall.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbbd3efbe53e0e20aa83d119cd8223b433703603f7cafe036616cb4e2948e340

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd943-31b8"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2Bk%2BhKjT5olcnGIsor7CthqrefZdPkeorEWbU7xuPBueuSj12jYmcuavGRLXTeAJTJec%2F0SbD3yUKtmKgIASIooizAo1x%2BqR29%2FVXj%2BcEnkczr0tzsmygVVbh%2FiIgUepoLsbLyKD2GgofFSJWd6L"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 17:02:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=177&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 04:23:31 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8b8c0f-EWR
server: cloudflare

GET
H3 200 adti-advertise.v1.10.3.6.js Show response
www.game-s80.com/resource/common/ 14 KB
0 2ms
2ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/adti-advertise.v1.10.3.6.js?v=2
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-37ba"
age: 21235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BGq0EKoNzFrtv2%2F7XSHI6fFJ%2FudfIRXyQfbqGP5qJhlL2Wkx47KlZTanPC8p%2FX7DLamO%2FMO%2B8%2BKdBHXV%2FPnXerSoQvs5xkrqyJGq4%2FfzsjlV6qKpnnx3SqSqRday7UEQhW9ieOJcNjsspoexTN3"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=179&x=1", cfHdrFlush;dur=3
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8f8c0f-EWR
server: cloudflare

GET
H3 200 servers.js Show response
www.game-s80.com/resource/common/ 477 B
0 6ms
6ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/servers.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"674fca1a-1dd"
age: 21265
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tP0nubev%2BeJOHpnGahPHQEBoDTDDLmYU3UNw3smBzq8z11ZVBL2fVttr%2BFds1Qd35dezKmtJb%2FSB3G3MtV6bf%2FGygIohI4A94WneEJABhFD%2FnpS0ZQlDmudhb4E%2F4TsT2lQQIWjFN8s%2FeurLLhsv"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:15:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=179&x=1", cfHdrFlush;dur=3
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199eb918c0f-EWR
server: cloudflare

GET
H3 200 s8-targetInstall.js Show response
www.game-s80.com/resource/common/ 463 B
0 9ms
9ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/s8-targetInstall.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bfbca4ff46b39f126945cffabce480e8f7d6c5da77354c62ee7e111929ac06a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"674fe137-1cf"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wE3kJrKHhD%2FGFXb9yGloCKKHT6pEcthcQzK3Ed62P4tnAQ4eQFMJRTLHqusYyYzg1astQmhiWx1zHq5SxqjNWilJxB0PnNqOeFqQEBUhVO4Gp9eVCar8cs8UaJI8DUKiajIw3sY3PT7pn%2FlGIDbu"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 17:02:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=180&x=1", cfHdrFlush;dur=2
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 04:57:27 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199eb928c0f-EWR
server: cloudflare

GET
H2 200 ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ 2 KB
0 8ms
7ms Image
image/png 2607:f8b0:4004:c21::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1899a841d86f48016031006062751e6fe16b1761b7f6a10df87c534d5e07f480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v18"
age: 3553
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:11:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:11:11 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 2378
x-xss-protection: 0
server: fife

GET
H2 200 _KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ 222 B
0 8ms
8ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10230
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 07:19:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 07:19:54 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 222
x-xss-protection: 0
server: fife

GET
H2 200 iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 200 B
0 9ms
9ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 13893
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 06:18:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 06:18:51 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 244 B
0 11ms
11ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1777
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:40:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:40:47 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 244
x-xss-protection: 0
server: fife

GET
H2 200 W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 200 B
0 11ms
11ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 3654
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:09:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:09:30 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 164 B
0 13ms
13ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 9901
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 07:25:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 07:25:23 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 164
x-xss-protection: 0
server: fife

GET
H3 200 4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ 24 KB
0 5ms
5ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 396702
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 19:58:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 19:58:42 GMT
last-modified: Tue, 23 Feb 2021 01:47:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24652
x-xss-protection: 0
server: sffe

GET
H3 200 Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ 227 KB
191 KB 74ms
67ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 491749
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 17:34:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 17:34:35 GMT
last-modified: Mon, 08 May 2023 17:53:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 232676
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
0 13ms
13ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 374419
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 02:10:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 02:10:05 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET
H3 200 kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 159 KB
121 KB 66ms
59ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 513040
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 11:39:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 11:39:44 GMT
last-modified: Thu, 25 Aug 2022 00:15:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 162924
x-xss-protection: 0
server: sffe

GET
H2 200 ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
play-lh.googleusercontent.com/a-/ 454 B
0 2ms
2ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v69"
age: 3553
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:11:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:11:11 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 454
x-xss-protection: 0
server: fife

GET
H2 200 ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
play-lh.googleusercontent.com/a/ 302 B
0 3ms
3ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v0"
age: 3553
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:11:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:11:11 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 302
x-xss-protection: 0
server: fife

GET
H2 200 ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
play-lh.googleusercontent.com/a-/ 1 KB
0 6ms
6ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

caeddda7eda7f1e46ca3158f3aee127ac02e60a9e414d0eaa4ba169d0173a4c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "vc"
age: 4321
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 08:58:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 08:58:23 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1124
x-xss-protection: 0
server: fife

GET
H3 200 email-decode.min.js Show response
www.game-s80.com/resource/common/ 1 KB
0 29ms
29ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/email-decode.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-4d7"
age: 21235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KO5YIFgeJApZyNE3v%2BjIJamfVYl4jy7%2FV66u39trm985wLTU7DAGgy13VpWwjZ0D2RnocWBreBCy%2FvZ7ES2fZK8TdLVvEkw9fL%2BDa4vD4HjHl0uyJ4n5m5KQpRXHm1mSh%2Ftuszu3wWyyhvPPyhoJ"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=177&x=1", cfHdrFlush;dur=5
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8a8c0f-EWR
server: cloudflare

GET
H/1.1 200
OK adtiS80.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/ 202 B
0 1ms
1ms Script
application/javascript 52.95.179.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/adtiS80.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.58 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 10f7998fb09d8440e0a7be017ce3682030a605437f9da0877e59053e706436a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

x-amz-id-2: lX/ievLej+o+sb2rRg+3710S6CFL0C4FrOer17twEnOMNLC+SVtuzxKhCEvX5/H51/7XRBuV/bo=
ETag: "9b9dae0e3eea15c29d8b88166b431493"
x-amz-request-id: 076A8HWK73DD3F6Y
Accept-Ranges: bytes
Content-Length: 202
Date: Wed, 04 Dec 2024 10:10:24 GMT
Last-Modified: Wed, 04 Dec 2024 09:47:46 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 99s8-adjust-targetInstall.js Show response
www.game-s80.com/resource/common/ 12 KB
0 0ms
0ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/99s8-adjust-targetInstall.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbbd3efbe53e0e20aa83d119cd8223b433703603f7cafe036616cb4e2948e340

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd943-31b8"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2Bk%2BhKjT5olcnGIsor7CthqrefZdPkeorEWbU7xuPBueuSj12jYmcuavGRLXTeAJTJec%2F0SbD3yUKtmKgIASIooizAo1x%2BqR29%2FVXj%2BcEnkczr0tzsmygVVbh%2FiIgUepoLsbLyKD2GgofFSJWd6L"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 17:02:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=177&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 04:23:31 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8b8c0f-EWR
server: cloudflare

GET
H2 200 / Show response
api.ipify.org/ 23 B
318 B 61ms
43ms Fetch
application/json 172.67.74.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/common/99s8-adjust-targetInstall.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca13b26ad6bb38144fa3c2912e93e67b1811efe30d4795f2e1aa9a93dab6eb8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8ecb01afaaba78e7-EWR
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=11327&min_rtt=8304&rtt_var=5556&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4047&recv_bytes=2265&delivery_rate=348781&cwnd=255&unsent_bytes=0&cid=c3bb66d57b954f4c&ts=1941&x=0"
content-length: 23
date: Wed, 04 Dec 2024 10:10:25 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de3c764f181d7ee91cc53677df76b071c091875d70881abc51de4660cfed9427

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

Content-Type: image/png

GET

https://new.cnzz.com/v1/login.php?siteid=1281397231
https://uweb.umeng.com/v1/login.php?siteid=1281397231

0
0

GET
H3 200 s1.png
www.game-s80.com/resource/google/google-store/assets/image/ 397 KB
398 KB 38ms
34ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c8cdd6bbf7d39ad78b40e6fc34d827b808e698f2db056d9ade7143af2cc8cbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd167-6358f"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tBkiOtRNVsvhPnMUbqNmR2Ho1VIR35%2Bjljr42ua0vc1ZN9DzL9ghdwJ8XGCrVqgGCAB7Hvm5rfhlsmcJG1aJjUkQ61quBRdkQWTUbf4oI9pyFngVl82kqcQgNC7%2BAJaa4yImlyMits8r%2F%2FjsTwV7"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=165&recv=77&lost=0&retrans=0&sent_bytes=160731&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3967&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:59 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b18d3e8c0f-EWR
server: cloudflare

GET
H3 200 s1-1.png
www.game-s80.com/resource/google/google-store/assets/image/ 38 KB
39 KB 74ms
70ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1-1.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa3a4fb49799cb0795d492704110dcdacf0edda8f7a85fb87e091302ec9e7aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd15e-9998"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JWEdTyru3HZ46YOCYPMuYw9WTB2mEfTbPHGyVyn%2FvPGylhboN55zIhMDnLPbXo09r6rFwz%2FBliIAkcp4nZRKtWJlVHvofmQjUNOHo6%2FUSP%2BKlPXiJsEAZVyZwZCH52eql0%2FPhxnBPgAATh1eO1FQ"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3970&x=1", cfHdrFlush;dur=24
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:50 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d408c0f-EWR
server: cloudflare

GET
H3 200 s1-2.png
www.game-s80.com/resource/google/google-store/assets/image/ 42 KB
43 KB 78ms
73ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1-2.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5333da32d9b419aed5594426c8bc40f8c015eeb5dd0d65e3362b15097bbc04e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd15e-a964"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfvRyPAI3%2F%2B3VTjACVuFfAILfM0L%2Bz0taxzqt5c%2FuC7jAB%2BMU7JbjNcE4obAVmOJ5qi7VX4goKqdrQRYuqg6Pv5odn1bnsuUy5nw4RJ52QfHPgWoFSSZmGDgMn%2Fqt%2BOXUHKhWzL0F5x6WsgMKiYB"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3970&x=1", cfHdrFlush;dur=27
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:50 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d428c0f-EWR
server: cloudflare

GET
H3 200 s1-3.png
www.game-s80.com/resource/google/google-store/assets/image/ 41 KB
42 KB 78ms
71ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1-3.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7da90e5cf63e5f3c359f32d5394bbfe06e0f76aa827cfffdb7e586dd3de912ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd161-a336"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mpqurwHbugXShl9aAYawAcHgCfbYgCQmAvQlFk8XUIfO%2BfdffDDNDs64eZkGm4MhIEvHWybhT08Voo%2F1iF1ADwaO41wV%2BefzMIhvzPNy0f%2FC4bzJWzYFa4m2%2BnBsYDwbFfZvxa7LEWQVVR3YOVU"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3972&x=1", cfHdrFlush;dur=26
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:53 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d438c0f-EWR
server: cloudflare

GET
H3 200 s1-4.png
www.game-s80.com/resource/google/google-store/assets/image/ 41 KB
41 KB 83ms
76ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1-4.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b936cdd00acf6f38a000454b62b105d7e87d83cc884237ddc1e218672a9e6ce6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd164-a314"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xo%2FHGMWyNkI0zaYLJ4TODclShQnMGKM1zd4yavbzmPZCcY9yw%2FcWJ8Ycy76tU8rlA%2B5U5tMl8pX9Gd5FYMv7qVnjaD8Xz95TMxp24p2JC2iFGrsD9AcU3jzZ91Ka9I%2BuLLwwxx8HEbrjBjHT5yJX"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3975&x=1", cfHdrFlush;dur=29
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:56 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d488c0f-EWR
server: cloudflare

GET
H3 200 s1-5.png
www.game-s80.com/resource/google/google-store/assets/image/ 40 KB
41 KB 87ms
80ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1-5.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d32e712cff91d7ea3b1b44f55bf269b0a88310d25f0fb7788c6f14a56cfd425

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd165-9ffa"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNfjqO7DsDDEgjODZBnYiQ5nYX1UU3aqN7CijtI4BKjaf%2FUFiawjO%2FdHolKjoNaTNBcXjlVqkO9%2FrYxsFr2tgK3wONlVtJ6FDlRPNErcO8aqYO7NqIKzreguYRCpYXWg4L7sF%2BzjO3ggODUA7KiK"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3975&x=1", cfHdrFlush;dur=33
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:57 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d4a8c0f-EWR
server: cloudflare

GET
H3 200 indonesia.png
www.game-s80.com/resource/google/google-store/assets/image// 192 B
864 B 178ms
171ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image//indonesia.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

cf-cache-status: HIT
etag: "674fd15c-c0"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7c9gnW9X%2FC70uxyKJdlHUqA5XmpT95rsfnECWaOryq6SR891KmbCzW%2FqWRSu0yj7vOma4TzCuJSg9vSR2bzffcZerp65YKHGHxGXzzf7gXwtP2KnEdmjxxfIZOrnQVfdjft5l5BbAja7Kz34heLO"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3974&x=1", cfHdrFlush;dur=45
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:48 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d4b8c0f-EWR
accept-ranges: bytes
content-length: 192
server: cloudflare

GET
H3 200 downloadPageLogs
api-tester.feiwindevelopment.com/api/ 725 B
1 KB 1112ms
521ms Fetch
application/json 2606:4700:3031::ac43:ca98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-tester.feiwindevelopment.com/api/downloadPageLogs?source=DOWNLOAD_PAGE&status=SUCCESS&ip=208.252.80.168&device_name=Linux%20x86_64&device=android&platform=Linux%20x86_64&referrerUrl=https%3A%2F%2Fgoogle-pax.xyz%2F%3Ft%3D1%26p0_android%3D1jcstnlx%26p0_ios%3D1jh8oxks%26p1%3D99s8_campaign%26p2%3D123%26p3%3D99s8_adgroup%26p4%3D123%26p5%3D99s8_creative%26p6%3D123%26channelCode%3Dguanwang&downloadLink=https%3A%2F%2Fapp.adjust.com%2F1jcstnlx%3Fcampaign%3D99s8_campaign%2528123%2529%26adgroup%3D99s8_adgroup%2528123%2529%26creative%3D99s8_creative%2528123%2529%26redirect%3Dhttps%253A%252F%252Fgoogle-pax.xyz%252F%253Ft%253D1%2526p0_android%253D1jcstnlx%2526p0_ios%253D1jh8oxks%2526p1%253D99s8_campaign%2526p2%253D123%2526p3%253D99s8_adgroup%2526p4%253D123%2526p5%253D99s8_creative%2526p6%253D123%2526channelCode%253Dguanwang%26label%3Dguanwang

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/common/99s8-adjust-targetInstall.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:ca98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yHHA7xCD%2BjFHri8%2Bx3yuLpzUm8MX0eAYJC63RGsMKZVx81U8DvYYUlXVwNQSmr2Trm0x%2BgG5rz10P6mVtqfjKlGvEf2K8%2Bj9GmlmoBR7dbzAnRld7nbcNp8RVsz4AT3dwCCm%2FBdh2n7GdwxNieWHhh0s%2Fipby9V15nxsDSnI2g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36119&min_rtt=29491&rtt_var=13505&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4267&recv_bytes=4995&delivery_rate=328&cwnd=12000&unsent_bytes=0&cid=925c80baaa95e351&ts=947&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:27 GMT
content-type: application/json
priority: u=1,i
strict-transport-security: max-age=31536000
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining: 59
cf-ray: 8ecb01b668865e7a-EWR
access-control-allow-origin: *
x-ratelimit-limit: 60
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 31ms
30ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 394893
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 20:28:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 20:28:53 GMT
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15552
x-xss-protection: 0
server: sffe

GET
H3 200 s2.png
www.game-s80.com/resource/google/google-store/assets/image/ 361 KB
362 KB 45ms
44ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s2.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83950eabc8cecf94289cb9a6980ab85ee0c8f4193b2a7326fbb161a00f72dc3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd178-5a4d8"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xaqj5Gb7tK45V52lntmtfgtqlX4N869m0Ob0wGbB2A%2FkwfbFAA98jUZKlhBG8hlMeZrNtDSWHK53T9Lo5TySI2Ga9hKV6dxFRJ%2FMyUl9OMRBWCelusQXF3H5q6%2Fn6dmCSPK7YFI8y%2FBGReO28OPZ"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=709&recv=141&lost=0&retrans=0&sent_bytes=794200&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4190&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:50:16 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee0f8c0f-EWR
server: cloudflare

GET
H3 200 s3.png
www.game-s80.com/resource/google/google-store/assets/image/ 393 KB
394 KB 101ms
99ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s3.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd1abc5a4c235d0d75f9c3d59394ac3d3e20a053597498724c1dc677d343ba29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd17f-625fc"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhgS%2BwKUjhG6wED6e%2BTdVpbC4h3W1bmbOXsiTzD3llut%2BkB9U8wKHv3Mk9lGFIipzPow6%2Fi%2BH1cq86eJJ4VLj9lllChxN5S5%2BlT87K1mj5ZohPm%2BCfxADCe8GjFqir42lojKu%2FSoiObBpnzSSYVm"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=729&recv=141&lost=0&retrans=0&sent_bytes=818200&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4190&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:50:23 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee108c0f-EWR
server: cloudflare

GET
H3 200 s4.png
www.game-s80.com/resource/google/google-store/assets/image/ 335 KB
335 KB 116ms
114ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s4.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3df64210b09856bee73cd3619b65a7cebc06e3c1b069191f61da56eb9e588e75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd18c-53a33"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XwmC6ZOCeYwCM7izs4bg0Qur%2BIdpuNsc%2BMRtPQRiKASgkyca%2Fo504RGeRyiE8BOejclRpcEoArKLTHCpdi%2B6RNJi%2FTk51JxaFxIgbP5QTSc0MK16oZqCc3uL1aW%2FAwnlxdKLQ%2FNl50oa9Eoy2mZ5"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=973&recv=141&lost=0&retrans=0&sent_bytes=1108900&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4193&x=1", cfHdrFlush;dur=38
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:50:36 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee128c0f-EWR
server: cloudflare

GET
H3 200 s5.png
www.game-s80.com/resource/google/google-store/assets/image/ 321 KB
322 KB 122ms
121ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s5.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e82303a87da5e17a15d76495d64009b3142f6da67885ab861b9f88de0dae625d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd195-5030b"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5iozZ9y2SxdUDPe%2B8pXaqpvP7ODUkD8vQAbgkdG5Oju3r5w0hL%2BkqhDZftnWYVZlfGPw8rJsSeOc%2BkMUQDrJcpNxcUQ3%2FyV8ofkjFYFbKtnk4u%2FHpog4%2FWwIbzPbj58KStxrlh8fJDrEl%2B1CaPjM"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=973&recv=141&lost=0&retrans=0&sent_bytes=1108900&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4194&x=1", cfHdrFlush;dur=37
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:50:45 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee138c0f-EWR
server: cloudflare

GET
H3 200 s6.png
www.game-s80.com/resource/google/google-store/assets/image/ 407 KB
408 KB 122ms
120ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s6.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad67b8fe552cf64c2c61b653e497ba4a41e96e16eb77845fc287034fde7222fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd1a4-65dc7"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wjMf8FdyAkVXbxFiaFbC2vCi%2BNzxEI%2FhEdZRtLcTXuekmVvsmYRZNwMPimIhIYg6pxIaAgUOGhwIqMAnw4RZnKO2Z9UaouNKhD7H%2FWpbT4Bp4LyJxNcFatNd7ckZ4bsHTRvZko8arXN%2FM4x3FGd"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=973&recv=141&lost=0&retrans=0&sent_bytes=1108900&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4193&x=1", cfHdrFlush;dur=38
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:51:00 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee148c0f-EWR
server: cloudflare

GET
H3 200 s7.png
www.game-s80.com/resource/google/google-store/assets/image/ 341 KB
342 KB 139ms
138ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s7.png
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df938ea3887aaedd1731b93a33cb2fa66a195bc0e90b686ce019893e74571e34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd1ab-552dc"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4W80VviknR1BS5IYSU6jFATM%2BB8%2BBKsJji%2B0%2B20wJ3V3blJ4T43wxlhBYg9uwc65kslw2zKFCQl%2FU1E8mi75V6WfFbpxDZ47virlELBjrRU%2F2hNDvUdQdBB6Dfaue2PjxJ6Va96RrAkVGnyeT6D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=973&recv=141&lost=0&retrans=0&sent_bytes=1108900&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4191&x=1", cfHdrFlush;dur=40
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:51:07 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee158c0f-EWR
server: cloudflare

GET
H3

200

Primary Request / Show response
google-pax.xyz/
Redirect Chain

https://app.adjust.com/1jcstnlx?campaign=99s8_campaign%28123%29&adgroup=99s8_adgroup%28123%29&creative=99s8_creative%28123%29&redirect=https%3A%2F%2Fgoogle-pax.xyz%2F%3Ft%3D1%26p0_android%3D1jcstnl...
https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

540 KB
0

2ms
2ms

Document
text/html

2606:4700:3033::ac43:c0f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/common/99s8-adjust-targetInstall.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb76db5d0d91febb35338236f6ba9f69372614f41a50787c2f6503f689f2cb49

Request headers

Referer: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ecb01a40ef543eb-EWR
content-encoding: zstd
content-type: text/html
date: Wed, 04 Dec 2024 10:10:24 GMT
last-modified: Wed, 04 Dec 2024 05:05:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vT5m%2BuO3ayLO2nWfklIp18vCPWUNeiLNKFbl5BBGG0E1mCkC3cuV4hKee6YFBGUp12iOs9IRE4WvxKzX1mIq9lDKrzzeV%2Fd9MxQkKQZVwugzMUHmMiD8ZBEvBv0vAFdM5sB9pgFh04gdWMmzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=31673&min_rtt=25158&rtt_var=5758&sent=48&recv=30&lost=0&retrans=0&sent_bytes=38992&recv_bytes=5736&delivery_rate=150270&cwnd=19200&unsent_bytes=0&cid=bbdcd403fef0c4a8&ts=3163&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UAm, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness
content-length: 214
content-type: text/html; charset=utf-8
date: Wed, 04 Dec 2024 10:10:29 GMT
location: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noindex

GET
H3 200 style.css
www.game-s80.com/resource/google/common/ 658 KB
0 2ms
2ms Stylesheet
text/css 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/google/common/style.css
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673ff5f9-a4995"
age: 8688
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5pAsxe6JLKd87bPu%2FzPqVsyI1ERqCvffySsc6eUilGS8yBFXtKdObmqog9AnQ7XBNNjLiafzEt2VyC07tpNrzgBYULmKuj1FKrZOaXIAg%2BptOXjVo7r5RL5slYrSEShnU3BTcix31NbQnt%2FpFeD"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 19:45:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34075&min_rtt=33899&rtt_var=12837&sent=17&recv=10&lost=0&retrans=0&sent_bytes=9730&recv_bytes=4874&delivery_rate=87425&cwnd=12000&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=76&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 03:09:45 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01993b208c0f-EWR
server: cloudflare

GET
H3 200 clipboard.min.js Show response
www.game-s80.com/resource/common/ 18 KB
0 3ms
3ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/clipboard.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-4950"
age: 21266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1J9NghBhFpHpcim2zzZlCQ%2BQS9chZQM0jgypxY2e%2F1PsR1vBiDLZ6HYv5lfpiGJoreM8%2BeDSnsGIG6aKDJU3NvcYGdvOL4MoT5AHYktAz6EL%2BP4Y25eHKSOsKbvDdYLVLxDYFYAc9pU9T4I4IyK"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:15:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34075&min_rtt=33899&rtt_var=12837&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4874&delivery_rate=87425&cwnd=12000&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=75&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01993b1f8c0f-EWR
server: cloudflare

GET
H3 200 qrcode.min.js Show response
www.game-s80.com/resource/common/ 19 KB
0 39ms
39ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/qrcode.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-4dd7"
age: 21266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0J9etqoDMSeZQyE7oODa2P9jM7UMO1P2A25AcpzBy4bCeO%2B6XBIKHNCOEnh3ky%2Fdw9YdSz52uZBThJe6Rzw5LUALR2IsGxAwQ%2FH8lyqaV%2FpP1pce9b0mNuEQhZZqikLoObFErzOsVx1TjHUKg2Nq"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:15:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34075&min_rtt=33899&rtt_var=12837&sent=22&recv=10&lost=0&retrans=0&sent_bytes=15601&recv_bytes=4874&delivery_rate=87425&cwnd=12000&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=76&x=1", cfHdrFlush;dur=30
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01993b1e8c0f-EWR
server: cloudflare

GET
H/1.1 200
OK import-scripts.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 9 KB
0 40ms
39ms Script
application/javascript 52.95.179.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.58 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

x-amz-id-2: xR4LTaCRWLOJQMX7FU8VSV9HYUc14P2y8huyNdZVAJu2P2zSYihqDRWBYoxSExyu1uBFS5HWJvk=
ETag: "0a718bb010a4bc901c45eba9dad3b0a2"
x-amz-request-id: 0766C8B0KYVM67QH
Accept-Ranges: bytes
Content-Length: 8988
Date: Wed, 04 Dec 2024 10:10:24 GMT
Last-Modified: Sun, 07 Jul 2024 03:32:15 GMT
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 alpine.3.x.x.min.js Show response
www.game-s80.com/resource/google/common/ 44 KB
0 1ms
0ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d284e695a6a5d8239e58c8b6e677e4130be213d92e25ffec0f4ce640d8995f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fe2ee-aee4"
age: 494
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qync4dsjDo2X2yU6R6p6o2VDQNPSjP6ASrCMRpQlpvk1KMpR3xoCuErneL%2B%2B01I6K46Y5GNZyvnP%2Bn0Yl%2F3MZc3IkX1gfwjDlR%2Fipb56qLITdVc7YhVdqgEvuKKC1ngoBIbeZr4B%2BjwB4oaUBIc"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 22:02:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34756&min_rtt=26925&rtt_var=5501&sent=145&recv=68&lost=0&retrans=0&sent_bytes=141657&recv_bytes=8964&delivery_rate=1218675&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=1303&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:23 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 05:04:46 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01a0e9dc8c0f-EWR
server: cloudflare

GET
H3 200 email-decode.min.js Show response
www.game-s80.com/resource/common/ 1 KB
0 41ms
40ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/email-decode.min.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-4d7"
age: 21235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KO5YIFgeJApZyNE3v%2BjIJamfVYl4jy7%2FV66u39trm985wLTU7DAGgy13VpWwjZ0D2RnocWBreBCy%2FvZ7ES2fZK8TdLVvEkw9fL%2BDa4vD4HjHl0uyJ4n5m5KQpRXHm1mSh%2Ftuszu3wWyyhvPPyhoJ"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=177&x=1", cfHdrFlush;dur=5
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8a8c0f-EWR
server: cloudflare

GET
H/1.1 200
OK adtiS80.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/ 202 B
0 1ms
1ms Script
application/javascript 52.95.179.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/adtiS80.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.58 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 10f7998fb09d8440e0a7be017ce3682030a605437f9da0877e59053e706436a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

x-amz-id-2: lX/ievLej+o+sb2rRg+3710S6CFL0C4FrOer17twEnOMNLC+SVtuzxKhCEvX5/H51/7XRBuV/bo=
ETag: "9b9dae0e3eea15c29d8b88166b431493"
x-amz-request-id: 076A8HWK73DD3F6Y
Accept-Ranges: bytes
Content-Length: 202
Date: Wed, 04 Dec 2024 10:10:24 GMT
Last-Modified: Wed, 04 Dec 2024 09:47:46 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 99s8-adjust-targetInstall.js Show response
www.game-s80.com/resource/common/ 12 KB
0 0ms
0ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/99s8-adjust-targetInstall.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbbd3efbe53e0e20aa83d119cd8223b433703603f7cafe036616cb4e2948e340

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd943-31b8"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2Bk%2BhKjT5olcnGIsor7CthqrefZdPkeorEWbU7xuPBueuSj12jYmcuavGRLXTeAJTJec%2F0SbD3yUKtmKgIASIooizAo1x%2BqR29%2FVXj%2BcEnkczr0tzsmygVVbh%2FiIgUepoLsbLyKD2GgofFSJWd6L"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 17:02:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=177&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 04:23:31 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8b8c0f-EWR
server: cloudflare

GET
H3 200 adti-advertise.v1.10.3.6.js Show response
www.game-s80.com/resource/common/ 14 KB
0 43ms
43ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/adti-advertise.v1.10.3.6.js?v=2
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fca1a-37ba"
age: 21235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BGq0EKoNzFrtv2%2F7XSHI6fFJ%2FudfIRXyQfbqGP5qJhlL2Wkx47KlZTanPC8p%2FX7DLamO%2FMO%2B8%2BKdBHXV%2FPnXerSoQvs5xkrqyJGq4%2FfzsjlV6qKpnnx3SqSqRday7UEQhW9ieOJcNjsspoexTN3"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=179&x=1", cfHdrFlush;dur=3
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199db8f8c0f-EWR
server: cloudflare

GET
H3 200 servers.js Show response
www.game-s80.com/resource/common/ 477 B
0 50ms
50ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/servers.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"674fca1a-1dd"
age: 21265
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tP0nubev%2BeJOHpnGahPHQEBoDTDDLmYU3UNw3smBzq8z11ZVBL2fVttr%2BFds1Qd35dezKmtJb%2FSB3G3MtV6bf%2FGygIohI4A94WneEJABhFD%2FnpS0ZQlDmudhb4E%2F4TsT2lQQIWjFN8s%2FeurLLhsv"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 16:15:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=179&x=1", cfHdrFlush;dur=3
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199eb918c0f-EWR
server: cloudflare

GET
H3 200 s8-targetInstall.js Show response
www.game-s80.com/resource/common/ 463 B
0 55ms
55ms Script
application/javascript 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-s80.com/resource/common/s8-targetInstall.js
Requested by: Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bfbca4ff46b39f126945cffabce480e8f7d6c5da77354c62ee7e111929ac06a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"674fe137-1cf"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wE3kJrKHhD%2FGFXb9yGloCKKHT6pEcthcQzK3Ed62P4tnAQ4eQFMJRTLHqusYyYzg1astQmhiWx1zHq5SxqjNWilJxB0PnNqOeFqQEBUhVO4Gp9eVCar8cs8UaJI8DUKiajIw3sY3PT7pn%2FlGIDbu"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 17:02:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35226&min_rtt=30133&rtt_var=1135&sent=90&recv=37&lost=0&retrans=0&sent_bytes=85552&recv_bytes=7356&delivery_rate=744506&cwnd=38100&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=180&x=1", cfHdrFlush;dur=2
date: Wed, 04 Dec 2024 10:10:22 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 04:57:27 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb0199eb928c0f-EWR
server: cloudflare

GET
H2 200 ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ 2 KB
0 4ms
4ms Image
image/png 2607:f8b0:4004:c21::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1899a841d86f48016031006062751e6fe16b1761b7f6a10df87c534d5e07f480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v18"
age: 3553
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:11:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:11:11 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 2378
x-xss-protection: 0
server: fife

GET
H2 200 _KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ 222 B
0 6ms
6ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10230
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 07:19:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 07:19:54 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 222
x-xss-protection: 0
server: fife

GET
H2 200 iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 200 B
0 8ms
8ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 13893
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 06:18:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 06:18:51 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 244 B
0 9ms
9ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1777
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:40:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:40:47 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 244
x-xss-protection: 0
server: fife

GET
H2 200 W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 200 B
0 9ms
9ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 3654
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:09:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:09:30 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 164 B
0 10ms
10ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 9901
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 07:25:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 07:25:23 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 164
x-xss-protection: 0
server: fife

GET
H2 200 / Show response
api.ipify.org/ 23 B
251 B 48ms
39ms Fetch
application/json 172.67.74.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/common/99s8-adjust-targetInstall.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca13b26ad6bb38144fa3c2912e93e67b1811efe30d4795f2e1aa9a93dab6eb8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8ecb01cbcf9e78e7-EWR
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=10965&min_rtt=8304&rtt_var=4890&sent=9&recv=12&lost=0&retrans=0&sent_bytes=4431&recv_bytes=2326&delivery_rate=519264&cwnd=258&unsent_bytes=0&cid=c3bb66d57b954f4c&ts=6442&x=0"
content-length: 23
date: Wed, 04 Dec 2024 10:10:30 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

Content-Type: image/gif

GET
H3 200 4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ 24 KB
0 27ms
27ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 396702
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 19:58:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 19:58:42 GMT
last-modified: Tue, 23 Feb 2021 01:47:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24652
x-xss-protection: 0
server: sffe

GET
H3 200 Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ 227 KB
0 28ms
28ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 491749
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 17:34:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 17:34:35 GMT
last-modified: Mon, 08 May 2023 17:53:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 232676
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
0 29ms
29ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 374419
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 02:10:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 02:10:05 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET
H3 200 kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 159 KB
0 30ms
30ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 513040
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 11:39:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 11:39:44 GMT
last-modified: Thu, 25 Aug 2022 00:15:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 162924
x-xss-protection: 0
server: sffe

GET
H2 200 ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
play-lh.googleusercontent.com/a-/ 454 B
0 15ms
15ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v69"
age: 3553
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:11:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:11:11 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 454
x-xss-protection: 0
server: fife

GET
H2 200 ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
play-lh.googleusercontent.com/a/ 302 B
0 15ms
15ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v0"
age: 3553
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:11:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 09:11:11 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 302
x-xss-protection: 0
server: fife

GET
H2 200 ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
play-lh.googleusercontent.com/a-/ 1 KB
0 16ms
16ms Image
image/webp 2607:f8b0:4004:c09::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw

Requested by

Host: google-pax.xyz
URL: https://google-pax.xyz/?t=1&p0_android=1jcstnlx&p0_ios=1jh8oxks&p1=99s8_campaign&p2=123&p3=99s8_adgroup&p4=123&p5=99s8_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

caeddda7eda7f1e46ca3158f3aee127ac02e60a9e414d0eaa4ba169d0173a4c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "vc"
age: 4321
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 08:58:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 08:58:23 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1124
x-xss-protection: 0
server: fife

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de3c764f181d7ee91cc53677df76b071c091875d70881abc51de4660cfed9427

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

Content-Type: image/png

GET

https://new.cnzz.com/v1/login.php?siteid=1281397231
https://uweb.umeng.com/v1/login.php?siteid=1281397231

0
0

GET
H3 200 s1.png
www.game-s80.com/resource/google/google-store/assets/image/ 397 KB
0 38ms
34ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c8cdd6bbf7d39ad78b40e6fc34d827b808e698f2db056d9ade7143af2cc8cbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd167-6358f"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tBkiOtRNVsvhPnMUbqNmR2Ho1VIR35%2Bjljr42ua0vc1ZN9DzL9ghdwJ8XGCrVqgGCAB7Hvm5rfhlsmcJG1aJjUkQ61quBRdkQWTUbf4oI9pyFngVl82kqcQgNC7%2BAJaa4yImlyMits8r%2F%2FjsTwV7"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=165&recv=77&lost=0&retrans=0&sent_bytes=160731&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3967&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:59 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b18d3e8c0f-EWR
server: cloudflare

GET
H3 200 s1-1.png
www.game-s80.com/resource/google/google-store/assets/image/ 38 KB
0 74ms
70ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1-1.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa3a4fb49799cb0795d492704110dcdacf0edda8f7a85fb87e091302ec9e7aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd15e-9998"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JWEdTyru3HZ46YOCYPMuYw9WTB2mEfTbPHGyVyn%2FvPGylhboN55zIhMDnLPbXo09r6rFwz%2FBliIAkcp4nZRKtWJlVHvofmQjUNOHo6%2FUSP%2BKlPXiJsEAZVyZwZCH52eql0%2FPhxnBPgAATh1eO1FQ"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3970&x=1", cfHdrFlush;dur=24
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:50 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d408c0f-EWR
server: cloudflare

GET
H3 200 s1-2.png
www.game-s80.com/resource/google/google-store/assets/image/ 42 KB
0 78ms
73ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1-2.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5333da32d9b419aed5594426c8bc40f8c015eeb5dd0d65e3362b15097bbc04e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd15e-a964"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfvRyPAI3%2F%2B3VTjACVuFfAILfM0L%2Bz0taxzqt5c%2FuC7jAB%2BMU7JbjNcE4obAVmOJ5qi7VX4goKqdrQRYuqg6Pv5odn1bnsuUy5nw4RJ52QfHPgWoFSSZmGDgMn%2Fqt%2BOXUHKhWzL0F5x6WsgMKiYB"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3970&x=1", cfHdrFlush;dur=27
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:50 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d428c0f-EWR
server: cloudflare

GET
H3 200 s1-3.png
www.game-s80.com/resource/google/google-store/assets/image/ 41 KB
0 78ms
71ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1-3.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7da90e5cf63e5f3c359f32d5394bbfe06e0f76aa827cfffdb7e586dd3de912ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd161-a336"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mpqurwHbugXShl9aAYawAcHgCfbYgCQmAvQlFk8XUIfO%2BfdffDDNDs64eZkGm4MhIEvHWybhT08Voo%2F1iF1ADwaO41wV%2BefzMIhvzPNy0f%2FC4bzJWzYFa4m2%2BnBsYDwbFfZvxa7LEWQVVR3YOVU"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3972&x=1", cfHdrFlush;dur=26
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:53 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d438c0f-EWR
server: cloudflare

GET
H3 200 s1-4.png
www.game-s80.com/resource/google/google-store/assets/image/ 41 KB
0 83ms
76ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1-4.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b936cdd00acf6f38a000454b62b105d7e87d83cc884237ddc1e218672a9e6ce6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd164-a314"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xo%2FHGMWyNkI0zaYLJ4TODclShQnMGKM1zd4yavbzmPZCcY9yw%2FcWJ8Ycy76tU8rlA%2B5U5tMl8pX9Gd5FYMv7qVnjaD8Xz95TMxp24p2JC2iFGrsD9AcU3jzZ91Ka9I%2BuLLwwxx8HEbrjBjHT5yJX"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3975&x=1", cfHdrFlush;dur=29
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:56 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d488c0f-EWR
server: cloudflare

GET
H3 200 s1-5.png
www.game-s80.com/resource/google/google-store/assets/image/ 40 KB
0 87ms
80ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s1-5.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d32e712cff91d7ea3b1b44f55bf269b0a88310d25f0fb7788c6f14a56cfd425

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd165-9ffa"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNfjqO7DsDDEgjODZBnYiQ5nYX1UU3aqN7CijtI4BKjaf%2FUFiawjO%2FdHolKjoNaTNBcXjlVqkO9%2FrYxsFr2tgK3wONlVtJ6FDlRPNErcO8aqYO7NqIKzreguYRCpYXWg4L7sF%2BzjO3ggODUA7KiK"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3975&x=1", cfHdrFlush;dur=33
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:57 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d4a8c0f-EWR
server: cloudflare

GET
H3 200 s2.png
www.game-s80.com/resource/google/google-store/assets/image/ 361 KB
0 45ms
44ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s2.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83950eabc8cecf94289cb9a6980ab85ee0c8f4193b2a7326fbb161a00f72dc3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd178-5a4d8"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xaqj5Gb7tK45V52lntmtfgtqlX4N869m0Ob0wGbB2A%2FkwfbFAA98jUZKlhBG8hlMeZrNtDSWHK53T9Lo5TySI2Ga9hKV6dxFRJ%2FMyUl9OMRBWCelusQXF3H5q6%2Fn6dmCSPK7YFI8y%2FBGReO28OPZ"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=709&recv=141&lost=0&retrans=0&sent_bytes=794200&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4190&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:50:16 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee0f8c0f-EWR
server: cloudflare

GET
H3 200 s3.png
www.game-s80.com/resource/google/google-store/assets/image/ 393 KB
0 101ms
99ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s3.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd1abc5a4c235d0d75f9c3d59394ac3d3e20a053597498724c1dc677d343ba29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd17f-625fc"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhgS%2BwKUjhG6wED6e%2BTdVpbC4h3W1bmbOXsiTzD3llut%2BkB9U8wKHv3Mk9lGFIipzPow6%2Fi%2BH1cq86eJJ4VLj9lllChxN5S5%2BlT87K1mj5ZohPm%2BCfxADCe8GjFqir42lojKu%2FSoiObBpnzSSYVm"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=729&recv=141&lost=0&retrans=0&sent_bytes=818200&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4190&x=1", cfHdrFlush;dur=0
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:50:23 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee108c0f-EWR
server: cloudflare

GET
H3 200 s4.png
www.game-s80.com/resource/google/google-store/assets/image/ 335 KB
0 116ms
114ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s4.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3df64210b09856bee73cd3619b65a7cebc06e3c1b069191f61da56eb9e588e75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd18c-53a33"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XwmC6ZOCeYwCM7izs4bg0Qur%2BIdpuNsc%2BMRtPQRiKASgkyca%2Fo504RGeRyiE8BOejclRpcEoArKLTHCpdi%2B6RNJi%2FTk51JxaFxIgbP5QTSc0MK16oZqCc3uL1aW%2FAwnlxdKLQ%2FNl50oa9Eoy2mZ5"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=973&recv=141&lost=0&retrans=0&sent_bytes=1108900&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4193&x=1", cfHdrFlush;dur=38
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:50:36 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee128c0f-EWR
server: cloudflare

GET
H3 200 s5.png
www.game-s80.com/resource/google/google-store/assets/image/ 321 KB
0 122ms
121ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s5.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e82303a87da5e17a15d76495d64009b3142f6da67885ab861b9f88de0dae625d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd195-5030b"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5iozZ9y2SxdUDPe%2B8pXaqpvP7ODUkD8vQAbgkdG5Oju3r5w0hL%2BkqhDZftnWYVZlfGPw8rJsSeOc%2BkMUQDrJcpNxcUQ3%2FyV8ofkjFYFbKtnk4u%2FHpog4%2FWwIbzPbj58KStxrlh8fJDrEl%2B1CaPjM"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=973&recv=141&lost=0&retrans=0&sent_bytes=1108900&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4194&x=1", cfHdrFlush;dur=37
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:50:45 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee138c0f-EWR
server: cloudflare

GET
H3 200 s6.png
www.game-s80.com/resource/google/google-store/assets/image/ 407 KB
0 122ms
120ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s6.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad67b8fe552cf64c2c61b653e497ba4a41e96e16eb77845fc287034fde7222fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd1a4-65dc7"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wjMf8FdyAkVXbxFiaFbC2vCi%2BNzxEI%2FhEdZRtLcTXuekmVvsmYRZNwMPimIhIYg6pxIaAgUOGhwIqMAnw4RZnKO2Z9UaouNKhD7H%2FWpbT4Bp4LyJxNcFatNd7ckZ4bsHTRvZko8arXN%2FM4x3FGd"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=973&recv=141&lost=0&retrans=0&sent_bytes=1108900&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4193&x=1", cfHdrFlush;dur=38
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:51:00 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee148c0f-EWR
server: cloudflare

GET
H3 200 s7.png
www.game-s80.com/resource/google/google-store/assets/image/ 341 KB
0 139ms
138ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image/s7.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df938ea3887aaedd1731b93a33cb2fa66a195bc0e90b686ce019893e74571e34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674fd1ab-552dc"
age: 18468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4W80VviknR1BS5IYSU6jFATM%2BB8%2BBKsJji%2B0%2B20wJ3V3blJ4T43wxlhBYg9uwc65kslw2zKFCQl%2FU1E8mi75V6WfFbpxDZ47virlELBjrRU%2F2hNDvUdQdBB6Dfaue2PjxJ6Va96RrAkVGnyeT6D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 05:02:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54190&min_rtt=24782&rtt_var=6129&sent=973&recv=141&lost=0&retrans=0&sent_bytes=1108900&recv_bytes=16374&delivery_rate=2396685&cwnd=314700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=4191&x=1", cfHdrFlush;dur=40
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:51:07 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b2ee158c0f-EWR
server: cloudflare

GET
H3 200 indonesia.png
www.game-s80.com/resource/google/google-store/assets/image// 192 B
0 178ms
171ms Image
image/png 2606:4700:3037::ac43:b1e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-s80.com/resource/google/google-store/assets/image//indonesia.png
Requested by: Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

cf-cache-status: HIT
etag: "674fd15c-c0"
age: 21239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7c9gnW9X%2FC70uxyKJdlHUqA5XmpT95rsfnECWaOryq6SR891KmbCzW%2FqWRSu0yj7vOma4TzCuJSg9vSR2bzffcZerp65YKHGHxGXzzf7gXwtP2KnEdmjxxfIZOrnQVfdjft5l5BbAja7Kz34heLO"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 04:16:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34381&min_rtt=26925&rtt_var=3720&sent=218&recv=77&lost=0&retrans=0&sent_bytes=223431&recv_bytes=11583&delivery_rate=434515&cwnd=62700&unsent_bytes=0&cid=c0c690b04d5a80fa&ts=3974&x=1", cfHdrFlush;dur=45
date: Wed, 04 Dec 2024 10:10:26 GMT
content-type: image/png
last-modified: Wed, 04 Dec 2024 03:49:48 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ecb01b19d4b8c0f-EWR
accept-ranges: bytes
content-length: 192
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
0 4ms
4ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-pax.xyz
Referer: https://www.game-s80.com/

Response headers

age: 394893
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 20:28:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 20:28:53 GMT
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15552
x-xss-protection: 0
server: sffe

GET
H3 200 favicon_v3.ico
www.gstatic.com/android/market_images/web/ 4 KB
866 B 261ms
32ms Other
image/x-icon 2607:f8b0:4004:c08::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/android/market_images/web/favicon_v3.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-pax.xyz/

Response headers

content-encoding: br
age: 242833
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Mon, 01 Dec 2025 14:43:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 01 Dec 2024 14:43:18 GMT
last-modified: Thu, 23 Jun 2022 19:28:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 841
x-xss-protection: 0
server: sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Domain: uweb.umeng.com
URL: https://uweb.umeng.com/v1/login.php?siteid=1281397231

Domain: uweb.umeng.com
URL: https://uweb.umeng.com/v1/login.php?siteid=1281397231

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-tester.feiwindevelopment.com
api.ipify.org
app.adjust.com
appdv76.s3.ap-southeast-3.amazonaws.com
fonts.gstatic.com
google-pax.xyz
lh3.googleusercontent.com
play-lh.googleusercontent.com
uweb.umeng.com
www.game-s80.com
www.gstatic.com
api.ipify.org
fonts.gstatic.com
uweb.umeng.com
www.game-s80.com
172.67.74.152
185.151.204.6
2606:4700:3031::ac43:ca98
2606:4700:3033::ac43:c0f4
2606:4700:3037::ac43:b1e0
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::77
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c21::84
52.95.179.58
0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1
10f7998fb09d8440e0a7be017ce3682030a605437f9da0877e59053e706436a8
1899a841d86f48016031006062751e6fe16b1761b7f6a10df87c534d5e07f480
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5
3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689
3bfbca4ff46b39f126945cffabce480e8f7d6c5da77354c62ee7e111929ac06a
3df64210b09856bee73cd3619b65a7cebc06e3c1b069191f61da56eb9e588e75
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6
5333da32d9b419aed5594426c8bc40f8c015eeb5dd0d65e3362b15097bbc04e3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
6d284e695a6a5d8239e58c8b6e677e4130be213d92e25ffec0f4ce640d8995f4
7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118
7c8cdd6bbf7d39ad78b40e6fc34d827b808e698f2db056d9ade7143af2cc8cbe
7da90e5cf63e5f3c359f32d5394bbfe06e0f76aa827cfffdb7e586dd3de912ee
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
83950eabc8cecf94289cb9a6980ab85ee0c8f4193b2a7326fbb161a00f72dc3d
857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba
89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94
8aa3a4fb49799cb0795d492704110dcdacf0edda8f7a85fb87e091302ec9e7aa
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
8d32e712cff91d7ea3b1b44f55bf269b0a88310d25f0fb7788c6f14a56cfd425
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a
ad67b8fe552cf64c2c61b653e497ba4a41e96e16eb77845fc287034fde7222fc
b936cdd00acf6f38a000454b62b105d7e87d83cc884237ddc1e218672a9e6ce6
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
ca13b26ad6bb38144fa3c2912e93e67b1811efe30d4795f2e1aa9a93dab6eb8d
caeddda7eda7f1e46ca3158f3aee127ac02e60a9e414d0eaa4ba169d0173a4c6
cb76db5d0d91febb35338236f6ba9f69372614f41a50787c2f6503f689f2cb49
cbbd3efbe53e0e20aa83d119cd8223b433703603f7cafe036616cb4e2948e340
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
dd1abc5a4c235d0d75f9c3d59394ac3d3e20a053597498724c1dc677d343ba29
de3c764f181d7ee91cc53677df76b071c091875d70881abc51de4660cfed9427
de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec
df938ea3887aaedd1731b93a33cb2fa66a195bc0e90b686ce019893e74571e34
e82303a87da5e17a15d76495d64009b3142f6da67885ab861b9f88de0dae625d
f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1
f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875

google-pax.xyz Open in urlscan Pro 2606:4700:3033::ac43:c0f4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

94 %HTTPS

70 %IPv6

9 Domains

11 Subdomains

10 IPs

3 Countries

3326 kBTransfer

10372 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

google-pax.xyz Open in urlscan Pro
2606:4700:3033::ac43:c0f4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

94 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

3326 kB
Transfer

10372 kB
Size

0
Cookies

113 HTTP transactions
6 data transactions