urlscan.io logo urlscan.io
SecurityTrails logo

gamerxyt.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsadda4u.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frF...
Effective URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frF...
Submission: On November 20 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 12 domains to perform 22 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is gamerxyt.com.
TLS certificate: Issued by WE1 on October 10th 2024. Valid for: 3 months.
This is the only time gamerxyt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.96.3 13335 (CLOUDFLAR...)
3 188.114.97.3 13335 (CLOUDFLAR...)
1 172.67.207.121 13335 (CLOUDFLAR...)
1 2600:9000:264... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 18.66.112.80 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
3 216.239.32.36 15169 (GOOGLE)
22 8
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
newsadda4u.com
3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
gamerxyt.com
therplungestrang.org
1    172.67.207.121 (United States)

ASN13335 (CLOUDFLARENET, US)
greenanalytics.autos
1    2600:9000:2644:6c00:14:2610:7280:21 (United States)

ASN16509 (AMAZON-02, US)
d1vy7td57198sq.cloudfront.net
4    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.112.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-80.fra56.r.cloudfront.net
elasticalsdebatic.org
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Domain Requested by
5 region1.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com greenanalytics.autos
www.googletagmanager.com
2 therplungestrang.org gamerxyt.com
1 elasticalsdebatic.org d1vy7td57198sq.cloudfront.net
1 d1vy7td57198sq.cloudfront.net gamerxyt.com
1 greenanalytics.autos gamerxyt.com
1 gamerxyt.com
1 newsadda4u.com 1 redirects
0 accounts.google.com Failed gamerxyt.com
0 www.facebook.com Failed gamerxyt.com
0 ukankingwithea.com Failed d1vy7td57198sq.cloudfront.net
0 hubcdn.vip Failed gamerxyt.com
22 12

This site contains no links.

Subject Issuer Validity Valid
gamerxyt.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
greenanalytics.autos
WE1		 2024-10-28 -
2025-01-26		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
therplungestrang.org
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
elasticalsdebatic.org
Amazon RSA 2048 M03		 2024-11-07 -
2025-12-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iFiB80hSDq_8qsT7WlXDyZD7KWEkWyxqOoxFQMD-57GE4D7qjv3KNbyy1tiiwJmd5-wsx4W-P2V3nejTCic...%20312%20...ZbRSTZl3z5YnME5JoiCT6w9LVHA5mh
Frame ID: 1224BB08CBA6F8A5A655006334E58FBF
Requests: 21 HTTP requests in this frame

Frame: https://elasticalsdebatic.org/TUtkTTUsKQcgCix2BmtAPydZaAcLblYLUXw9HXpBKX5TfAx1OBVjViEkESlTPyQKORsjLhBoBwsGKSNFBiozOWcLGDUdYwgSMAFZHyolfUU0HAh1fhUPCy9xIRksAWQqDDI6UjQOJnVWChgxCGEbLC4HZC4pIDp0JAAleAUePAMvehosKQx2AAwBfEJoeSYIQnUbN39CCwgIOlEpe1wCbQ8nVxpwfB8sJF0YExwcegIsPQxxNSAPBVJ8CCAOAQwPMhdWHTwMGm01HhMMdCkuI38MLwc1KWAoIBwXdCECHRpzIhM3HF0AHDUEYgQ8ByhmIXJQGmcAADAPGBstPDVBKy4iJn4cLAsgcQ8zPAp2CAosNVEEDyI1bA8dNnhtfX8lHlgECCV9bBUBDzVvLh1deWIcLwYIZnQGMxx8KQcTInQVHSo7Ynw/NghfKgwmIVErLid0VAweFCZiGB4nG309BjMcfAcAE3V+HAkqO2I0eywebXwDMwxnLhtVH1RrIRciWz12HiV0KA1VD0cfERIHfyAC
Frame ID: 2245BF5D730050A9855835A56292861A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GamerXyt

Page URL History Show full URLs

  1. https://newsadda4u.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfK... HTTP 302
    https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfK... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

68 %
HTTPS

38 %
IPv6

12
Domains

12
Subdomains

8
IPs

4
Countries

492 kB
Transfer

1469 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newsadda4u.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iFiB80hSDq_8qsT7WlXDyZD7KWEkWyxqOoxFQMD-57GE4D7qjv3KNbyy1tiiwJmd5-wsx4W-P2V3nejTCic...%20312%20...ZbRSTZl3z5YnME5JoiCT6w9LVHA5mh HTTP 302
    https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iFiB80hSDq_8qsT7WlXDyZD7KWEkWyxqOoxFQMD-57GE4D7qjv3KNbyy1tiiwJmd5-wsx4W-P2V3nejTCic...%20312%20...ZbRSTZl3z5YnME5JoiCT6w9LVHA5mh Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://hubcdn.cc/css/dl.min.css HTTP 301
  • https://hubcdn.site/css/dl.min.css HTTP 301
  • https://hubcdn.vip/css/dl.min.css
Request Chain 2
  • https://hubcdn.cc/css/dlstyle.css HTTP 301
  • https://hubcdn.site/css/dlstyle.css HTTP 301
  • https://hubcdn.vip/css/dlstyle.css
Request Chain 9
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-cDCvyxCsWHkyl-455lzS2UukmoKB-NUjfJzUE4mhJsPCQ1ZQNJDuvRt4kqSgow6X_1wMIZaw HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-d0Ija5WrTE_eJWeAHw-Od16G73lOEAFirV4BqWiVHM24xQ3r3ATOKj2a0aYHUSmX8KR_lG&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S3198301%3A1732105880146716&ddm=1
Request Chain 10
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-cW02j6f_R0fggMcR1-dLNqCrDsGJWkQf9EOv9qw_TugxbVPFyA7SV4fYzJ7VCEgFMD9YuLlA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-dI-zcqPnJz19Njmi2FKhptrV-IkY_uALPirXAw7k2IRjQtHh8jHHpck7WmYT6zV-sZQciL&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S672597430%3A1732105880147137&ddm=1

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dl.php
gamerxyt.com/
Redirect Chain
  • https://newsadda4u.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iF...
  • https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iFiB...
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iFiB80hSDq_8qsT7WlXDyZD7KWEkWyxqOoxFQMD-57GE4D7qjv3KNbyy1tiiwJmd5-wsx4W-P2V3nejTCic...%20312%20...ZbRSTZl3z5YnME5JoiCT6w9LVHA5mh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8c1b235e6c6fed57d629e2a6be931ab8b5a05c6b1f7b918d857c1b9b960282

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
7044
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8e5874c77c5d0c05-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 12:31:17 GMT
last-modified
Wed, 20 Nov 2024 10:33:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URv4igiLFLfh3unuC94EDrCDWkGXJKMb3hf7ZOU216OyNufHl04lUDDP6PBIX5fG9M3EAHRTV6XL7zEUDku59yvXLnsmDOSkN7dgb6FVqpbnCAn5hFYi4QkkQV3gFs4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=35589&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4589&delivery_rate=86105&cwnd=12000&unsent_bytes=0&cid=ede2a31f5b43fdf8&ts=66&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8e5874c6bddd66e6-AMS
content-length
143
content-type
text/html
date
Wed, 20 Nov 2024 12:31:17 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iFiB80hSDq_8qsT7WlXDyZD7KWEkWyxqOoxFQMD-57GE4D7qjv3KNbyy1tiiwJmd5-wsx4W-P2V3nejTCic...%20312%20...ZbRSTZl3z5YnME5JoiCT6w9LVHA5mh
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bm0CH3Kvs5zDoBtEf5rs3gJBKbcvGLMIK5xu0jNhhrH0L5CstYvWgYvdUeDnGv60wqhbpAjyFqAAY8VyRHMQNTkwl5JfpTZFkYHUOwmuj5Nbe8CqmLS9weyIlCZOAHqtYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
v4_enc.js
greenanalytics.autos/recaptcha/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenanalytics.autos/recaptcha/v4_enc.js
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iFiB80hSDq_8qsT7WlXDyZD7KWEkWyxqOoxFQMD-57GE4D7qjv3KNbyy1tiiwJmd5-wsx4W-P2V3nejTCic...%20312%20...ZbRSTZl3z5YnME5JoiCT6w9LVHA5mh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e33b9c28b743026b25a781d4df5b591034f5c9de5bf045d6a8af852ed9a13277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
26842
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqC1sb1l%2FPpL3Kf38mSSyarK3i140vukNvEoshPv0nauE%2FeAB03eZp4HRojnAvjt9bbtf%2FmZoPxGM%2F%2Fcbr0SrLLh4YxfAbuVkYa%2FbUMawPdOeZQaoZM19ctQNCD%2Fg7SbbNe0bNP6ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 27 Nov 2024 05:03:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18820&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4224&delivery_rate=139931&cwnd=12000&unsent_bytes=0&cid=e0d4c0587c22d9b8&ts=63&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 12:31:17 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 05:02:38 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5874c87f33d0b5-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
dl.min.css
hubcdn.vip/css/
Redirect Chain
  • https://hubcdn.cc/css/dl.min.css
  • https://hubcdn.site/css/dl.min.css
  • https://hubcdn.vip/css/dl.min.css
0
0
dlstyle.css
hubcdn.vip/css/
Redirect Chain
  • https://hubcdn.cc/css/dlstyle.css
  • https://hubcdn.site/css/dlstyle.css
  • https://hubcdn.vip/css/dlstyle.css
0
0
/
d1vy7td57198sq.cloudfront.net/ 		164 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vy7td57198sq.cloudfront.net/?dtyvd=1108348
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iFiB80hSDq_8qsT7WlXDyZD7KWEkWyxqOoxFQMD-57GE4D7qjv3KNbyy1tiiwJmd5-wsx4W-P2V3nejTCic...%20312%20...ZbRSTZl3z5YnME5JoiCT6w9LVHA5mh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:6c00:14:2610:7280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
575d84c751af522d7628e45a1ad70bbb0a5d2849abcd04b56e463d0fa4fafb42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding
gzip
pragma
no-cache
age
228
via
1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
54595
x-amz-cf-id
XY-zE25kKxUUSm6U9Sq4D3vu7K9w9ramIla9woChE0PU-O8uX64SSg==
date
Wed, 20 Nov 2024 12:27:30 GMT
x-amz-cf-pop
FRA60-P6
js
www.googletagmanager.com/gtag/ 		322 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Requested by
Host: greenanalytics.autos
URL: https://greenanalytics.autos/recaptcha/v4_enc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2710d51e4f95dd259e26ef2d6ea6ae17bcd76d21eb139b514727577f8bf8222
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 20 Nov 2024 12:31:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 12:31:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109593
x-xss-protection
0
server
Google Tag Manager
asd100.bin
ukankingwithea.com/ 		0
0
/
ukankingwithea.com/ 		0
0
JBRrVXp9SGVQc2sAPwB2fFYlECo5BSVZemsZOAIkcFYgWXpjQ2JKeHteYkI+cEFwEDssF2tVbT0EIgh2fEdlVnp9RW5Tc3VBYg
therplungestrang.org/cFZkS01faQc4cBU9DH8AQG8qLRgfHQIgfAcHJR15Ix5dBwxDJUI/ 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://therplungestrang.org/cFZkS01faQc4cBU9DH8AQG8qLRgfHQIgfAcHJR15Ix5dBwxDJUI/JBRrVXp9SGVQc2sAPwB2fFYlECo5BSVZemsZOAIkcFYgWXpjQ2JKeHteYkI+cEFwEDssF2tVbT0EIgh2fEdlVnp9RW5Tc3VBYg
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iFiB80hSDq_8qsT7WlXDyZD7KWEkWyxqOoxFQMD-57GE4D7qjv3KNbyy1tiiwJmd5-wsx4W-P2V3nejTCic...%20312%20...ZbRSTZl3z5YnME5JoiCT6w9LVHA5mh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHlzeX0wysALPOYofBDVPCn1bHryix2mt72x6gZYOVnK3Pbs6yNqQjscvTi2wHJWlTSE6u0umLNr36SaXluqs65fM7J5F%2BXjD%2FrMop1wcWVNlzsxbFtE27E5vfPMCx4lh%2BOC%2B%2FtK%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5874d28c3f671f-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46538&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5010&recv_bytes=4907&delivery_rate=334&cwnd=12000&unsent_bytes=0&cid=da0c9bda54aa97af&ts=691&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 12:31:19 GMT
server
cloudflare
login.php
www.facebook.com/ 		0
0
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-cDCvyxCsWHkyl-455lzS2UukmoKB-NUjfJzUE4mhJsPCQ1ZQNJDuvRt4k...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-d0Ija5WrTE_eJWeAHw-Od16G73lOEAFirV4BqWiVHM24xQ3r3ATOKj2a0aYHUSmX8KR_lG&passive=...
0
0
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-cW02j6f_R0fggMcR1-dLNqCrDsGJWkQf9EOv9qw_TugxbVPFyA7SV...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-dI-zcqPnJz19Njmi2FKhptrV-IkY_uALPirXAw7k2IRjQtHh8jHHpck7WmYT6zV-sZQciL&passive...
0
0
popunder.gif
therplungestrang.org/ 		35 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://therplungestrang.org/popunder.gif
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2kaXVbiF-f5ss9l7N5lfKF1-tHSTQexCPCJdv2frFXfeubv8g8h0KfcdDgLPrlYROj-RlXCiWEk7HM1Xozkenzo1CExvCqgzbM37lVEuC-GUZX0tqnWQ0iFiB80hSDq_8qsT7WlXDyZD7KWEkWyxqOoxFQMD-57GE4D7qjv3KNbyy1tiiwJmd5-wsx4W-P2V3nejTCic...%20312%20...ZbRSTZl3z5YnME5JoiCT6w9LVHA5mh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
73286
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ph2WYDDq080edKpCA%2FpDAMS2I39PCJC0GNgQ%2F%2Bs4qVsREyXw6vw4ziHxC4YVZl%2BCIbpl67SLjfE9nJE4nmy2dwXHA987vrr3MOH4NylqRc4a20fOEgaazntsJmaQV4ZLDj93FmjnWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46538&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4250&recv_bytes=4907&delivery_rate=334&cwnd=12000&unsent_bytes=0&cid=da0c9bda54aa97af&ts=606&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 12:31:19 GMT
content-type
image/gif
last-modified
Tue, 19 Nov 2024 16:09:53 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
cf-ray
8e5874d28c3d671f-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
58
server
cloudflare
NghfKgwmIVErLid0VAweFCZiGB4nG309BjMcfAcAE3V+HAkqO2I0eywebXwDMwxnLhtVH1RrIRciWz12HiV0KA1VD0cfERIHfyAC
elasticalsdebatic.org/TUtkTTUsKQcgCix2BmtAPydZaAcLblYLUXw9HXpBKX5TfAx1OBVjViEkESlTPyQKORsjLhBoBwsGKSNFBiozOWcLGDUdYwgSMAFZHyolfUU0HAh1fhUPCy9xIRksAWQqDDI6UjQOJnVWChgxCGEbLC4HZC4pIDp0JAAleAUePAMveho... Frame 2245 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://elasticalsdebatic.org/TUtkTTUsKQcgCix2BmtAPydZaAcLblYLUXw9HXpBKX5TfAx1OBVjViEkESlTPyQKORsjLhBoBwsGKSNFBiozOWcLGDUdYwgSMAFZHyolfUU0HAh1fhUPCy9xIRksAWQqDDI6UjQOJnVWChgxCGEbLC4HZC4pIDp0JAAleAUePAMvehosKQx2AAwBfEJoeSYIQnUbN39CCwgIOlEpe1wCbQ8nVxpwfB8sJF0YExwcegIsPQxxNSAPBVJ8CCAOAQwPMhdWHTwMGm01HhMMdCkuI38MLwc1KWAoIBwXdCECHRpzIhM3HF0AHDUEYgQ8ByhmIXJQGmcAADAPGBstPDVBKy4iJn4cLAsgcQ8zPAp2CAosNVEEDyI1bA8dNnhtfX8lHlgECCV9bBUBDzVvLh1deWIcLwYIZnQGMxx8KQcTInQVHSo7Ynw/NghfKgwmIVErLid0VAweFCZiGB4nG309BjMcfAcAE3V+HAkqO2I0eywebXwDMwxnLhtVH1RrIRciWz12HiV0KA1VD0cfERIHfyAC
Requested by
Host: d1vy7td57198sq.cloudfront.net
URL: https://d1vy7td57198sq.cloudfront.net/?dtyvd=1108348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1240
content-type
text/html
date
Wed, 20 Nov 2024 12:31:20 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-id
TYPKBL2iEl9qixinC2Caddgio44Ntk93qhToWcTs9SQ6yI4cjCo3BA==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EWNBXGCVJW&l=dataLayer&cx=c&gtm=45je4bj0v9199579945za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e05d61335d3d4906a46671adb5ff79ee1e8db62d7f0ace376f3806221288633
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 20 Nov 2024 12:31:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 12:31:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109759
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8T2RLBFKDH&l=dataLayer&cx=c&gtm=45je4bj0v9199579945za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2465f0a5e55ae30ae8e32350fc54f4b8b702226d7e9ae9c967bfba7f0867c39b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 20 Nov 2024 12:31:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 12:31:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109757
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		322 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NXMFQ1WG71&l=dataLayer&cx=c&gtm=45je4bj0v9199579945za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
095e5f7ec96c41ab31b11acf367953d3981e6b14b3c7186ed3eba704d14ac21e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 20 Nov 2024 12:31:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 12:31:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109565
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P4E51ZP5QC&gtm=45je4bj0v9199579945za200&_p=1732105882546&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=65050771.1732105883&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=The%20Top%207%20Pc%20Tips%20Everyone%20Should%20Know%20-%20PayalTips&dl=%2Fthe-top-7-pc-tips-everyone-should-know%2F&dr=https%3A%2F%2Fwww.google.com%2F&sid=1732105882&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5475
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gamerxyt.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 12:31:23 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8T2RLBFKDH&gtm=45je4bj0v9194383193za200zb9199579945&_p=1732105882546&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=65050771.1732105883&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=5%20Ways%20To%20Improve%20Your%20Internet%20Speed%20At%20Home%20-%20RahulTricks&dl=%2F5-ways-to-improve-your-internet-speed-at-home%2F&dr=https%3A%2F%2Fwww.google.com%2F&sid=1732105884&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7032
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8T2RLBFKDH&l=dataLayer&cx=c&gtm=45je4bj0v9199579945za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gamerxyt.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 12:31:24 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EWNBXGCVJW&gtm=45je4bj0v9193593174za200zb9199579945&_p=1732105882546&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=65050771.1732105883&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=Gamepractice%20On%20Me%20-%20Cloud%20Arcade&dl=%2Fgame%2Fpractice-on-me%2F&dr=https%3A%2F%2Fwww.google.com%2F&sid=1732105884&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7195
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EWNBXGCVJW&l=dataLayer&cx=c&gtm=45je4bj0v9199579945za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gamerxyt.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 12:31:24 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NXMFQ1WG71&gtm=45je4bj0v9200416245za200zb9199579945&_p=1732105882546&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=65050771.1732105883&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=Crop%20Insurance%20Approval%20-%20Shetkari%20Today&dl=%2Fcrop-insurance-approval%2F&dr=https%3A%2F%2Fwww.google.com%2F&sid=1732105884&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7289
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NXMFQ1WG71&l=dataLayer&cx=c&gtm=45je4bj0v9199579945za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gamerxyt.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 12:31:24 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P4E51ZP5QC&gtm=45je4bj0v9199579945za200&_p=1732105882546&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=65050771.1732105883&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732105882&sct=1&seg=0&dl=https%3A%2F%2Fgamerxyt.com%2Fallintitle-business-loan-for-startup%2F&dt=GamerXyt&en=scroll&epn.percent_scrolled=90&_et=27&tfd=10555
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gamerxyt.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 12:31:27 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hubcdn.vip
URL
https://hubcdn.vip/css/dl.min.css
Domain
hubcdn.vip
URL
https://hubcdn.vip/css/dlstyle.css
Domain
ukankingwithea.com
URL
https://ukankingwithea.com/asd100.bin
Domain
ukankingwithea.com
URL
https://ukankingwithea.com/
Domain
www.facebook.com
URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-d0Ija5WrTE_eJWeAHw-Od16G73lOEAFirV4BqWiVHM24xQ3r3ATOKj2a0aYHUSmX8KR_lG&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S3198301%3A1732105880146716&ddm=1
Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-dI-zcqPnJz19Njmi2FKhptrV-IkY_uALPirXAw7k2IRjQtHh8jHHpck7WmYT6zV-sZQciL&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S672597430%3A1732105880147137&ddm=1

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x5175 function| _0x552c object| utr_1108348 number| userTrackingInterval number| _554840993 function| changeUrlWithReplaceState function| setCookie number| iinf object| google_tag_manager object| google_tag_data object| dataLayer function| onYouTubeIframeAPIReady object| gaGlobal

6 Cookies

Domain/Path Name / Value
gamerxyt.com/ Name: xyt
Value: 1
.gamerxyt.com/ Name: _ga
Value: GA1.1.65050771.1732105883
.gamerxyt.com/ Name: _ga_P4E51ZP5QC
Value: GS1.1.1732105882.1.0.1732105882.0.0.0
.gamerxyt.com/ Name: _ga_8T2RLBFKDH
Value: GS1.1.1732105884.1.0.1732105884.0.0.0
.gamerxyt.com/ Name: _ga_EWNBXGCVJW
Value: GS1.1.1732105884.1.0.1732105884.0.0.0
.gamerxyt.com/ Name: _ga_NXMFQ1WG71
Value: GS1.1.1732105884.1.0.1732105884.0.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://hubcdn.vip/css/dl.min.css
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://hubcdn.vip/css/dlstyle.css
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin