Submitted URL: https://refer9.com/m/sl3qk
Effective URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BA...
Submission: On April 19 via manual from US — Scanned from DE

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 22 HTTP transactions. The main IP is 3.161.119.8, located in United States and belongs to AMAZON-02, US. The main domain is xusht.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 5th 2024. Valid for: a year.
This is the only time xusht.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Size: 67 MB (70008589 bytes, 0% done)
Downloaded from: https://d3mtghnxrnat1v.cloudfront.net/cg/files/gpnk5c5r0hmc5udztwg9wq0/Master_sl3qk.apk?ss=custom_default&rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0=

Domain & IP information

IP Address AS Autonomous System
1 18.66.147.62 16509 (AMAZON-02)
1 18.245.31.95 16509 (AMAZON-02)
1 3.161.119.8 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 18.245.31.115 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 15.206.225.32 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2600:9000:236... 16509 (AMAZON-02)
1 108.138.24.207 16509 (AMAZON-02)
22 11
Domain Requested by
9 assets.agent61.com xusht.com
2 report.taurus.cash xusht.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 www.googletagmanager.com www.gstatic.com
www.googletagmanager.com
2 www.gstatic.com xusht.com
1 d3mtghnxrnat1v.cloudfront.net xusht.com
1 region1.google-analytics.com www.googletagmanager.com
1 share.agent61.com xusht.com
1 xusht.com refer9.com
1 refer9.com
22 10

This site contains no links.

Subject Issuer Validity Valid
refer9.com
Amazon RSA 2048 M03
2024-03-05 -
2025-04-04
a year crt.sh
assets.agent61.com
Amazon RSA 2048 M01
2023-06-07 -
2024-07-05
a year crt.sh
xusht.com
Amazon RSA 2048 M02
2024-03-05 -
2025-04-04
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.agent61.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-09 -
2025-02-08
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
report.taurus.cash
Amazon RSA 2048 M02
2023-06-10 -
2024-07-08
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh

This page contains 1 frames:

Frame: https://d3mtghnxrnat1v.cloudfront.net/cg/files/gpnk5c5r0hmc5udztwg9wq0/Master_sl3qk.apk?ss=custom_default&rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0=
Frame ID: 8F84C5197022E393D855AAEE9C127810
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

I earns 5.87 lakh rupees in this game even without good skills

Page URL History Show full URLs

  1. https://refer9.com/m/sl3qk Page URL
  2. https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJv... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

100 %
HTTPS

45 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

1103 kB
Transfer

1354 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://refer9.com/m/sl3qk Page URL
  2. https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
sl3qk
refer9.com/m/
3 KB
3 KB
Document
General
Full URL
https://refer9.com/m/sl3qk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-62.fra60.r.cloudfront.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cc3a3b52ce24a688bfadef70bcebb595a2da9181d6ba83a369019847bbae721b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-language
de-DE
content-type
text/html;charset=UTF-8
date
Fri, 19 Apr 2024 13:25:33 GMT
server
nginx/1.18.0 (Ubuntu)
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-cf-id
tqERnerscQX17nReNWBNo1Tb_F45x0UIqd8WicaGXar3qIzL-NJdGA==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
icon.png
assets.agent61.com/images/share/master_page_20230421/
39 KB
40 KB
Other
General
Full URL
https://assets.agent61.com/images/share/master_page_20230421/icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://refer9.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:45:15 GMT
via
1.1 74cd4e6bd806cc7209ac94e0173f5ac8.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 11:25:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
20623
x-amz-server-side-encryption
AES256
etag
"00e333f8cf33f1f5099030b865d5c076"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
40373
x-amz-cf-id
VniYhyU18qjDTzY9h0UMAqtquAZBoQc_T5Zqk4rUwxBEAyCFWSpKRg==
Primary Request sl3qk
xusht.com/aw/
10 KB
10 KB
Document
General
Full URL
https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Requested by
Host: refer9.com
URL: https://refer9.com/m/sl3qk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-8.vie50.r.cloudfront.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8e4d6d6fcd2233286c3b3e3b9208bd6b9ad204f7973c2b4cbf294a13f7b0f837
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://refer9.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-language
de-DE
content-type
text/html;charset=UTF-8
date
Fri, 19 Apr 2024 13:25:34 GMT
server
nginx/1.18.0 (Ubuntu)
via
1.1 b7e3fe9e93a263950f30a1525491b1aa.cloudfront.net (CloudFront)
x-amz-cf-id
sqvC2xYUNyAdaeORm3Z4vdXKPNJWYm6x2DK3xfvhUl8pmdaT3i46ow==
x-amz-cf-pop
VIE50-P2
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN
firebase-app.js
www.gstatic.com/firebasejs/7.14.5/
19 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/7.14.5/firebase-app.js
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
312bfec0279eeedf613a8f9377c4ddcbedc08c993c61b50d9ff8fa4c6b593aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 07:12:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
540809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6581
x-xss-protection
0
last-modified
Thu, 21 May 2020 21:27:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Apr 2025 07:12:05 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/7.14.5/
26 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/7.14.5/firebase-analytics.js
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ce06e5dbd365ac925dfaf0807c120263cc227aab1e20691559e9a753106fe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:54:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8636
x-xss-protection
0
last-modified
Thu, 21 May 2020 21:27:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Apr 2025 23:54:05 GMT
ldy-01.png
assets.agent61.com/images/share/master_page_20230421/
19 KB
19 KB
Image
General
Full URL
https://assets.agent61.com/images/share/master_page_20230421/ldy-01.png
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c6777a856d72127ec2991ed29352f59baac51cdd695d40031117a2a06a47d7e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 04:45:26 GMT
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 11:22:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
31326
x-amz-server-side-encryption
AES256
etag
"c06e146e3a618ae3eb01f74904b8f68c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
19029
x-amz-cf-id
C0aIC7jRFo-KllKcTzn4mogqeWGLYGryU4OzUK4tOQCTqPNcr8gvZg==
ldy-02.png
assets.agent61.com/images/share/master_page_20230421/
8 KB
8 KB
Image
General
Full URL
https://assets.agent61.com/images/share/master_page_20230421/ldy-02.png
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
123354d2af8510c272f33f03134df8d20bbf3225b98bc6bc5d2f4553243039ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 04:45:26 GMT
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 11:22:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
31326
x-amz-server-side-encryption
AES256
etag
"6608053b5c9c852bd153ca501854d92f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7927
x-amz-cf-id
4p19459t08J6Bx9VbzjKJ6E92uytgf5jUMMmcCKQTYRtLobCMWVe0Q==
01.jpg
assets.agent61.com/images/share/master_page_20230421/
177 KB
178 KB
Image
General
Full URL
https://assets.agent61.com/images/share/master_page_20230421/01.jpg
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbe0788227db625d5806f6e0b13adb4792c486220a0013efbc0d8e76ea2e583f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 09:23:51 GMT
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 11:22:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
14504
x-amz-server-side-encryption
AES256
etag
"5263d028351e44fb127677c8898ec9dc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
181508
x-amz-cf-id
yHXe58RXnWKIqWkLiatF5SbGZWNNVI5GPunDg5_BuOyhm210_RppdQ==
02.jpg
assets.agent61.com/images/share/master_page_20230421/
178 KB
179 KB
Image
General
Full URL
https://assets.agent61.com/images/share/master_page_20230421/02.jpg
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e0027d8bf14f84c3e335e419b4da2f45798f34b6eebacffadeb03af0c749711

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 04:45:26 GMT
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 11:22:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
31396
x-amz-server-side-encryption
AES256
etag
"aaa50b1b1aa87b4283ca72b4c7b2c677"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
182425
x-amz-cf-id
regg2J57Sxk4cVHtjqq_XzrbOC8O7SWr6Cr7WwWFj6MjYmTzR_KJXA==
03.jpg
assets.agent61.com/images/share/master_page_20230421/
175 KB
176 KB
Image
General
Full URL
https://assets.agent61.com/images/share/master_page_20230421/03.jpg
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e8e5abf836f025804ff1a3ab5b4b5a9c1150522674e32516e37556d39e208a7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 05:35:44 GMT
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 11:22:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
28251
x-amz-server-side-encryption
AES256
etag
"9b286f095a34acea2cd9922ce3b780fd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
179646
x-amz-cf-id
aLRkJqHpjj37_19dV-R5fkc9ZXkksp8wUOnNDArViy2ztQ1_lQen1g==
04.jpg
assets.agent61.com/images/share/master_page_20230421/
168 KB
169 KB
Image
General
Full URL
https://assets.agent61.com/images/share/master_page_20230421/04.jpg
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
274850dbc95ae01c67e5737cdf52b493020e1e22a3b4a1dd2450d245c9ea53f0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 11:38:33 GMT
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 11:22:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
14504
x-amz-server-side-encryption
AES256
etag
"787107ca52ccbecbe5b59d3e8ba6dcfa"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
172197
x-amz-cf-id
ou19DPzWNW2ss-7O-MHVbaHv7xlQs6kqjTGE_WPh3lJO3KJOd4qy0w==
ldy-03.png
assets.agent61.com/images/share/master_page_20230421/
131 KB
132 KB
Image
General
Full URL
https://assets.agent61.com/images/share/master_page_20230421/ldy-03.png
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc13bd59da02e785de4ae08f9a8d10566b225734f77dbab972e49acd8f6d01e7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 04:45:26 GMT
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 11:22:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
31396
x-amz-server-side-encryption
AES256
etag
"2aa16a0b03430ef36c85a8f80f9c3e41"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
134413
x-amz-cf-id
GQt1f3Se7uAQK5XhJHf2rnxrg14ZxEq4lPzOOtFJmJR5x4EG6Cz-gA==
js
www.googletagmanager.com/gtag/
122 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.14.5/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c3761399ca645ebaa68db7cb4140a81279b54dd545d735e54b490674f38b45d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:25:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47850
x-xss-protection
0
last-modified
Fri, 19 Apr 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Apr 2024 13:25:34 GMT
stat
share.agent61.com/bizzclient/app/promotion/
2 B
537 B
XHR
General
Full URL
https://share.agent61.com/bizzclient/app/promotion/stat?code=sl3qk&source=custom_default&platform=default&pkg=com.teen.patti.master.in&tp=
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
15.206.225.32 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-206-225-32.ap-south-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 19 Apr 2024 13:25:35 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://xusht.com
Access-Control-Expose-Headers
access-control-allow-headers, access-control-allow-methods, access-control-allow-origin, access-control-max-age, X-Frame-Options
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
installations
firebaseinstallations.googleapis.com/v1/projects/taurus-cash/
0
0
Preflight
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/taurus-cash/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://xusht.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://xusht.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 19 Apr 2024 13:25:34 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/taurus-cash/
622 B
676 B
Fetch
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/taurus-cash/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.14.5/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36752918aceaee59010152a3bd07d6bcba9205b23a4c5ab76481f028a999ee7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://xusht.com/
x-goog-api-key
AIzaSyA5YBxfRFjKvn-p4fv6DvFTG1IdvqzT8Kk
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://xusht.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
486
x-xss-protection
0
js
www.googletagmanager.com/gtag/
238 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CCY90W06QY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08852f8735a4433fead8c879f243e9ff93173fb94b8755c3c451e494fb40b833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:25:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86736
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Apr 2024 13:25:34 GMT
collect
region1.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CCY90W06QY&gtm=45je44h0v873270033za200&_p=1713533134545&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&_fid=cV-_yBR29LFLMKmnsl_Igm&cid=1146296727.1713533135&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713533134&sct=1&seg=0&dl=https%3A%2F%2Fxusht.com%2Faw%2Fsl3qk%3Frtk%3DmukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%253D&dr=https%3A%2F%2Frefer9.com%2F&dt=I%20earns%205.87%20lakh%20rupees%20in%20this%20game%20even%20without%20good%20skills&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=897
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CCY90W06QY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 19 Apr 2024 13:25:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xusht.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
report.taurus.cash/producerController/
0
0
Preflight
General
Full URL
https://report.taurus.cash/producerController/send
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:7800:6:e82a:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xusht.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true true
access-control-allow-headers
content-type
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS GET,POST,OPTIONS
access-control-allow-origin
https://xusht.com
access-control-expose-headers
access-control-allow-headers, access-control-allow-methods, access-control-allow-origin, access-control-max-age, X-Frame-Options
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 19 Apr 2024 13:25:35 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
x-amz-cf-id
94mGn_e7kTO06VLPwxJLwCEqK545wcOtmG8qY9EAd63lmyVe5IyJvA==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
send
report.taurus.cash/producerController/
57 B
617 B
XHR
General
Full URL
https://report.taurus.cash/producerController/send
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:7800:6:e82a:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a30ed1838754740a4883693ea07e28f35a9ea2e1e289af31321f7f4afb48d334

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json; charset=UTF-8

Response headers

date
Fri, 19 Apr 2024 13:25:35 GMT
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://xusht.com
x-cache
Miss from cloudfront
access-control-expose-headers
access-control-allow-headers, access-control-allow-methods, access-control-allow-origin, access-control-max-age, X-Frame-Options
access-control-allow-credentials
true, true
content-length
57
x-amz-cf-id
EzVPaWUS4GBkeHvDpih4mjEQ0El8YuovU4oF5jJAX48UOgzPssic6A==
Master_sl3qk.apk
d3mtghnxrnat1v.cloudfront.net/cg/files/gpnk5c5r0hmc5udztwg9wq0/
0
0
Document
General
Full URL
https://d3mtghnxrnat1v.cloudfront.net/cg/files/gpnk5c5r0hmc5udztwg9wq0/Master_sl3qk.apk?ss=custom_default&rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0=
Requested by
Host: xusht.com
URL: https://xusht.com/aw/sl3qk?rtk=mukRKyFn1YfOnY2w2bHdtJIpKlPQMX1UQp5hM3V2HG7kkRZUqoTBcgqNOp6NZJvaPaEIXygoZx3QwtGn1BAPs2zoLaP9ebvAqjd6JcQRmr0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.207 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-207.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xusht.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Disposition
attachment;filename=Master_sl3qk.apk
Content-Length
70008589
Content-Type
application/vnd.android.package-archive
Date
Fri, 19 Apr 2024 13:25:35 GMT
Server
nginx/1.14.0 (Ubuntu)
Via
1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
X-Amz-Cf-Id
rfPkJqvn8vCIX8CUwjrMTx5htrE9053b20HmOvNjP8ZMHb64opF9vg==
X-Amz-Cf-Pop
FRA56-P7
X-Cache
Miss from cloudfront
icon.png
assets.agent61.com/images/share/master_page_20230421/
39 KB
40 KB
Other
General
Full URL
https://assets.agent61.com/images/share/master_page_20230421/icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ee23f2e95e67de057e7afa5c8e7629bf550d8921feff43bf4c834e3fb448f12

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xusht.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:45:15 GMT
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 11:25:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
20624
x-amz-server-side-encryption
AES256
etag
"00e333f8cf33f1f5099030b865d5c076"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
40373
x-amz-cf-id
KZPf7FtIAcRfGGdH64j8QJd3wbyGd8WoJcNaBg-EBZBeyW3f7aNOcw==

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| firebase object| firebaseConfig object| analytics object| dataLayer function| gtag object| xhr function| isAndroid function| isIPhone function| asyncRequest function| reportBuriedPoint function| createEventId function| redirect1 object| google_tag_manager object| google_tag_data object| gaGlobal

2 Cookies

Domain/Path Name / Value
.xusht.com/ Name: _ga_CCY90W06QY
Value: GS1.1.1713533134.1.0.1713533134.0.0.0
.xusht.com/ Name: _ga
Value: GA1.1.1146296727.1713533135

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.agent61.com
d3mtghnxrnat1v.cloudfront.net
firebaseinstallations.googleapis.com
refer9.com
region1.google-analytics.com
report.taurus.cash
share.agent61.com
www.googletagmanager.com
www.gstatic.com
xusht.com
108.138.24.207
15.206.225.32
18.245.31.115
18.245.31.95
18.66.147.62
2001:4860:4802:32::36
2600:9000:236e:7800:6:e82a:a380:93a1
2a00:1450:4001:806::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:82f::2003
3.161.119.8
08852f8735a4433fead8c879f243e9ff93173fb94b8755c3c451e494fb40b833
123354d2af8510c272f33f03134df8d20bbf3225b98bc6bc5d2f4553243039ec
1c3761399ca645ebaa68db7cb4140a81279b54dd545d735e54b490674f38b45d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
274850dbc95ae01c67e5737cdf52b493020e1e22a3b4a1dd2450d245c9ea53f0
312bfec0279eeedf613a8f9377c4ddcbedc08c993c61b50d9ff8fa4c6b593aad
36752918aceaee59010152a3bd07d6bcba9205b23a4c5ab76481f028a999ee7c
7e0027d8bf14f84c3e335e419b4da2f45798f34b6eebacffadeb03af0c749711
7e8e5abf836f025804ff1a3ab5b4b5a9c1150522674e32516e37556d39e208a7
7ee23f2e95e67de057e7afa5c8e7629bf550d8921feff43bf4c834e3fb448f12
8e4d6d6fcd2233286c3b3e3b9208bd6b9ad204f7973c2b4cbf294a13f7b0f837
9c6777a856d72127ec2991ed29352f59baac51cdd695d40031117a2a06a47d7e
a30ed1838754740a4883693ea07e28f35a9ea2e1e289af31321f7f4afb48d334
a9ce06e5dbd365ac925dfaf0807c120263cc227aab1e20691559e9a753106fe2
bc13bd59da02e785de4ae08f9a8d10566b225734f77dbab972e49acd8f6d01e7
cbe0788227db625d5806f6e0b13adb4792c486220a0013efbc0d8e76ea2e583f
cc3a3b52ce24a688bfadef70bcebb595a2da9181d6ba83a369019847bbae721b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855