urlscan.io logo urlscan.io
SecurityTrails logo

google-pax.xyz Open in urlscan Pro
2606:4700:3033::ac43:c0f4  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://google-pax.xyz/
Effective URL: https://google-pax.xyz/
Submission Tags: @phishunt_io
Submission: On December 06 via api from DE — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 7 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3033::ac43:c0f4, located in United States and belongs to CLOUDFLARENET, US. The main domain is google-pax.xyz.
TLS certificate: Issued by WE1 on December 4th 2024. Valid for: 3 months.
This is the only time google-pax.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
21 188.114.97.3 13335 (CLOUDFLAR...)
2 52.95.179.42 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
5 142.250.185.195 15169 (GOOGLE)
1 2 59.82.31.160 37963 (ALIBABA-C...)
1 142.250.185.163 15169 (GOOGLE)
41 9
1    2606:4700:3033::ac43:c0f4 (United States)

ASN13335 (CLOUDFLARENET, US)
google-pax.xyz
21    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.game-s80.com
2    52.95.179.42 (Jakarta, Indonesia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com
appdv76.s3.ap-southeast-3.amazonaws.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
8    2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com
5    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
2    59.82.31.160 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
new.cnzz.com
uweb.umeng.com
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
www.gstatic.com
Domain Requested by
21 www.game-s80.com google-pax.xyz
8 play-lh.googleusercontent.com google-pax.xyz
5 fonts.gstatic.com www.game-s80.com
2 appdv76.s3.ap-southeast-3.amazonaws.com google-pax.xyz
1 www.gstatic.com
1 uweb.umeng.com google-pax.xyz
1 new.cnzz.com 1 redirects
1 lh3.googleusercontent.com google-pax.xyz
1 google-pax.xyz
41 9

This site contains no links.

Subject Issuer Validity Valid
google-pax.xyz
WE1		 2024-12-04 -
2025-03-04		 3 months crt.sh
game-s80.com
WE1		 2024-12-03 -
2025-03-03		 3 months crt.sh
*.s3.ap-southeast-3.amazonaws.com
Amazon RSA 2048 M01		 2024-10-20 -
2025-09-30		 a year crt.sh
*.googleusercontent.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
edgestatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://google-pax.xyz/
Frame ID: 92E1C0951E706B73FC1F73F85CD03FEC
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

s80 – Apps on Google Play

Page URL History Show full URLs

  1. http://google-pax.xyz/ HTTP 307
    https://google-pax.xyz/ Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Page Statistics

41
Requests

95 %
HTTPS

38 %
IPv6

7
Domains

9
Subdomains

9
IPs

5
Countries

3404 kB
Transfer

4513 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://google-pax.xyz/ HTTP 307
    https://google-pax.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://new.cnzz.com/v1/login.php?siteid=1281397231 HTTP 302
  • https://uweb.umeng.com/v1/login.php?siteid=1281397231

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
google-pax.xyz/
Redirect Chain
  • http://google-pax.xyz/
  • https://google-pax.xyz/
540 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29d4b9cccea2807d52bae92e092395d1d986a72650db06ab1d6dbfbf41f1b970

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ed89e759d8130d2-FRA
content-encoding
zstd
content-type
text/html
date
Fri, 06 Dec 2024 01:49:22 GMT
last-modified
Thu, 05 Dec 2024 05:25:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6sxs3LiDsZ8Pm7TSu3F%2BMefph05XWF4%2F%2BTkRaatePwDRTKQKJBpRRe%2Fb%2Fh%2BRb1Z2fJHUCQOoggEnOoSGQqaZYg1tM9tCBrs103ftJzburAkq5%2FZqqaCyauoaFPALAK5m9rbgdS5vxw4wWLlsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=20544&min_rtt=20144&rtt_var=3765&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2380&delivery_rate=184606&cwnd=35&unsent_bytes=0&cid=01d8095f7f449bb5&ts=376&x=0"
vary
Accept-Encoding

Redirect headers

Location
https://google-pax.xyz/
Non-Authoritative-Reason
HttpsUpgrades
style.css
www.game-s80.com/resource/google/common/ 		658 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/google/common/style.css
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"673ff5f9-a4995"
age
10018
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cmr4YXP2FaoCmxv%2Fkq65hBgWycDph6v9G7xuAHEMPCctav51Y8b2%2F0%2BhqHhkKu9MHt2rFyoxjGZyx8F%2FnA%2Bq%2BP9vcvsrshSHC0l%2BdOPTP8dB7JvUx8jZ3BKDYYxrwCE%2Fzi6s"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 11:02:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20579&min_rtt=20578&rtt_var=7719&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4888&delivery_rate=145578&cwnd=12000&unsent_bytes=0&cid=2a4996c7550773bb&ts=33&x=1", cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 01:49:22 GMT
content-type
text/css
last-modified
Fri, 22 Nov 2024 03:09:45 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e782e40d3c1-FRA
server
cloudflare
clipboard.min.js
www.game-s80.com/resource/common/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/clipboard.min.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fca1a-4950"
age
35850
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SLkkLuor%2FnFatG34bpOw3aPOsuX%2BotmXUbdwRbNvf%2B4Iqp9tbrkGsHYFSJ0NkjEaPGF1kxSKCnbm7StoOuOos2Xf5L6piRLu2cxFzZNZ6JLHbsSSlJetBIW6n9O2IVd7gKKm"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 03:51:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20579&min_rtt=20578&rtt_var=7719&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4888&delivery_rate=145578&cwnd=12000&unsent_bytes=0&cid=2a4996c7550773bb&ts=33&x=1", cfHdrFlush;dur=24
date
Fri, 06 Dec 2024 01:49:22 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 03:18:50 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e782e41d3c1-FRA
server
cloudflare
qrcode.min.js
www.game-s80.com/resource/common/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/qrcode.min.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fca1a-4dd7"
age
35909
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OlzjhPTU0mvwlBCtVqXL%2FsBYBv8gLIZKiZp5%2FfFJl7p%2BLwKL88xC0eKah1S17xMrhssPQAIGuJPIs6w23T2br7aVZu0D3EMxNSplsMw5GkO7RR9LpEm2GskdLu8lU8V8Du9M"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 03:50:53 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20579&min_rtt=20578&rtt_var=7719&sent=22&recv=9&lost=0&retrans=0&sent_bytes=15571&recv_bytes=4888&delivery_rate=145578&cwnd=12000&unsent_bytes=0&cid=2a4996c7550773bb&ts=35&x=1", cfHdrFlush;dur=22
date
Fri, 06 Dec 2024 01:49:22 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 03:18:50 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e782e42d3c1-FRA
server
cloudflare
import-scripts.js
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.95.179.42 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

x-amz-id-2
FV0rVSf/jokp4K9HmTE2kX7l3p/nCR6rEEWcf6bP6iFW8o1Tk4D4ut0Fmt+JAdIpclKO0JgjA7w=
ETag
"0a718bb010a4bc901c45eba9dad3b0a2"
x-amz-request-id
AZFMW21M1C2AWCNK
Accept-Ranges
bytes
Content-Length
8988
Date
Fri, 06 Dec 2024 01:49:23 GMT
Last-Modified
Sun, 07 Jul 2024 03:32:15 GMT
Content-Type
application/javascript; charset=utf-8
Server
AmazonS3
x-amz-server-side-encryption
AES256
alpine.3.x.x.min.js
www.game-s80.com/resource/google/common/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d284e695a6a5d8239e58c8b6e677e4130be213d92e25ffec0f4ce640d8995f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fe2ee-aee4"
age
10017
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OxcYPs9IDRP3kwwDO%2FhOde0UVH4MiKbhGUu4%2FiI6cvX5xUXrSsEvDMqmPLkK2hydVaAqFIcFmGit%2FaSH%2FuVcYZ5py%2Bk6piP7INMdQSe0XT%2Bf8UQTehqA6i0yubYXRPgV2XVM"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 11:02:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21446&min_rtt=20331&rtt_var=752&sent=129&recv=62&lost=0&retrans=0&sent_bytes=127749&recv_bytes=7448&delivery_rate=2614032&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=149&x=1", cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 01:49:22 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 05:04:46 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e78eefcd3c1-FRA
server
cloudflare
email-decode.min.js
www.game-s80.com/resource/common/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/email-decode.min.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fca1a-4d7"
age
2868
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujYztB2UdfJVTgsUL%2Fh4Obc6NxGTNMvWe9eqlpt%2FsifO9GzipBW%2FQvOFDfuF%2BZH5erSSVpe%2BaMtofavf2rrZ3sT%2FzK8httxnNQSMJknPSRIMUykxpvP%2FWe47doguzoqEnbKY"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 13:01:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21413&min_rtt=20331&rtt_var=477&sent=154&recv=69&lost=0&retrans=0&sent_bytes=154234&recv_bytes=9071&delivery_rate=685975&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=329&x=1", cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 01:49:22 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 03:18:50 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e79f82fd3c1-FRA
server
cloudflare
adtiS80.js
appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/ 		202 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/adtiS80.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.95.179.42 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
10f7998fb09d8440e0a7be017ce3682030a605437f9da0877e59053e706436a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

x-amz-id-2
sZIaRl1Wj/mgXYw0CwP9VZcQLK/RCM52QP0jQcr30LkU+Jq1dX/iR3cWr4El7lxDJvjDPJVnkV4=
ETag
"9b9dae0e3eea15c29d8b88166b431493"
x-amz-request-id
MHTP4XY0N0RD31KY
Accept-Ranges
bytes
Content-Length
202
Date
Fri, 06 Dec 2024 01:49:24 GMT
Last-Modified
Wed, 04 Dec 2024 09:47:46 GMT
Content-Type
application/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
s80.com-adjust-targetInstall.js
www.game-s80.com/resource/common/ 		0
0
adti-advertise.v1.10.3.6.js
www.game-s80.com/resource/common/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/adti-advertise.v1.10.3.6.js?v=2
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fca1a-37ba"
age
25623
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FjcZkWAMn5Xy3IOTU0Q5qoG6ETPML189Vv%2Fqv0pF8EXO0pMAks%2FYrojxG0k1Nufbuvy%2B0ZoW2AERL4maqm1Wv9zj1DGcTsnnQDasfY%2Bx0Vp1x%2BkehJD3KMXVej6KGjofe85"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 06:42:19 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21413&min_rtt=20331&rtt_var=477&sent=146&recv=69&lost=0&retrans=0&sent_bytes=146737&recv_bytes=9071&delivery_rate=685975&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=325&x=1", cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 01:49:22 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 03:18:50 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e79f833d3c1-FRA
server
cloudflare
servers.js
www.game-s80.com/resource/common/ 		477 B
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/servers.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"674fca1a-1dd"
age
41163
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hjABCvqzOy%2FifgpdhhA6uouly2RBHUSczWLDLH6p5nUNtnRUh0gPhQ7Kn0cNQ8OTDl6NHG0DpekKC4xe22WG0VFXSmFOrJN6whfbBKpMPhttLzjlYbaeI4lJKm%2B7yzMJVSBq"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 02:23:19 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21413&min_rtt=20331&rtt_var=477&sent=152&recv=69&lost=0&retrans=0&sent_bytes=153268&recv_bytes=9071&delivery_rate=685975&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=326&x=1", cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 01:49:22 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 03:18:50 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e79f834d3c1-FRA
server
cloudflare
s8-targetInstall.js
www.game-s80.com/resource/common/ 		463 B
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/s8-targetInstall.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bfbca4ff46b39f126945cffabce480e8f7d6c5da77354c62ee7e111929ac06a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"674fe137-1cf"
age
2868
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8VJVf5Fo%2BvBZU01yJ2QyC6QtTLItMuJKHnk9NxQQjL0LA55Bmkl75V85XiQTC0dEQvOl62DI56RdEiODCkVKeC8RqblDuLon8DHqq7BzwSnt02AQ29KXia907V0%2Ba8TcXQi"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 13:01:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21413&min_rtt=20331&rtt_var=477&sent=151&recv=69&lost=0&retrans=0&sent_bytes=152251&recv_bytes=9071&delivery_rate=685975&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=325&x=1", cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 01:49:22 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 04:57:27 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e79f835d3c1-FRA
server
cloudflare
ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fa8124ac4fe21c49f2bb4373761e0550e03306f125522ef08a114288fb74e8c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v18"
age
9939
x-content-type-options
nosniff
expires
Fri, 06 Dec 2024 23:03:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 23:03:44 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
2384
x-xss-protection
0
server
fife
_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ 		222 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
786
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 01:36:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 01:36:17 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
222
x-xss-protection
0
server
fife
iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 		200 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
6593
x-content-type-options
nosniff
expires
Fri, 06 Dec 2024 23:59:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 23:59:30 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
200
x-xss-protection
0
server
fife
12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 		244 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
6572
x-content-type-options
nosniff
expires
Fri, 06 Dec 2024 23:59:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 23:59:51 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
244
x-xss-protection
0
server
fife
W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 		200 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
4824
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 00:28:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 00:28:59 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
200
x-xss-protection
0
server
fife
ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 		164 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
5656
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 00:15:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 00:15:07 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
164
x-xss-protection
0
server
fife
4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
Requested by
Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://google-pax.xyz
Referer
https://www.game-s80.com/

Response headers

age
536988
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 20:39:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 20:39:35 GMT
last-modified
Tue, 23 Feb 2021 01:47:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24652
x-xss-protection
0
server
sffe
Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ 		227 KB
227 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
Requested by
Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://google-pax.xyz
Referer
https://www.game-s80.com/

Response headers

age
592306
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 05:17:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 05:17:37 GMT
last-modified
Mon, 08 May 2023 17:53:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
232676
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://google-pax.xyz
Referer
https://www.game-s80.com/

Response headers

age
211437
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 15:05:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:05:26 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
Requested by
Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://google-pax.xyz
Referer
https://www.game-s80.com/

Response headers

age
235637
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 08:22:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 08:22:06 GMT
last-modified
Thu, 25 Aug 2022 00:15:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
162924
x-xss-protection
0
server
sffe
ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
play-lh.googleusercontent.com/a-/ 		454 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/a-/ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v69"
age
2868
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 01:01:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 01:01:35 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
454
x-xss-protection
0
server
fife
ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
play-lh.googleusercontent.com/a/ 		302 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/a/ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v0"
age
2868
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 01:01:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 01:01:35 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
302
x-xss-protection
0
server
fife
ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
play-lh.googleusercontent.com/a-/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/a-/ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
caeddda7eda7f1e46ca3158f3aee127ac02e60a9e414d0eaa4ba169d0173a4c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"vc"
age
3225
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 00:55:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 00:55:38 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
1124
x-xss-protection
0
server
fife
login.php
uweb.umeng.com/v1/
Redirect Chain
  • https://new.cnzz.com/v1/login.php?siteid=1281397231
  • https://uweb.umeng.com/v1/login.php?siteid=1281397231
57 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uweb.umeng.com/v1/login.php?siteid=1281397231
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Server
59.82.31.160 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
b3169d4d64228398bc5c1e746b7ce270688ad1cee74ebcbc9e174701e941533e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
eagleeye-traceid
2131031e17334497643054426e1dd8
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Fri, 06 Dec 2024 01:49:24 GMT
content-type
text/html
vary
Accept-Encoding
server
Tengine

Redirect headers

strict-transport-security
max-age=31536000
location
https://uweb.umeng.com/v1/login.php?siteid=1281397231
timing-allow-origin
*
date
Fri, 06 Dec 2024 01:49:24 GMT
content-type
text/html
server
Tengine
eagleeye-traceid
2131031e17334497640594410e1dd8
s1.png
www.game-s80.com/resource/google/google-store/assets/image/ 		397 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8cdd6bbf7d39ad78b40e6fc34d827b808e698f2db056d9ade7143af2cc8cbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd167-6358f"
age
36723
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9EvXGIBzXEpFW96BWOB0j02wyYEayWHvDD4s0bQ3RrlcNlcasGqCki1UHdKMzYMugQnG2DP%2BluYd3QzCJPFHWAw6KKcEABTUQy7qhpqO4FRkdqmxRIoodVl%2FL8dzmLC1OEeQ"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 15:37:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=170&recv=84&lost=0&retrans=0&sent_bytes=168429&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=765&x=1", cfHdrFlush;dur=22
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:59 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7cbb4bd3c1-FRA
server
cloudflare
s1-1.png
www.game-s80.com/resource/google/google-store/assets/image/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1-1.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa3a4fb49799cb0795d492704110dcdacf0edda8f7a85fb87e091302ec9e7aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd15e-9998"
age
155168
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JypAZGx75pTmXMcEyEosC8LOJIl%2FI68YNoZ1R1Yd1nqFYoubolDQGpZltuJMv%2FPaW1IuqA7yhvv5p8kgU9SX%2FwpMn5pQWeznoh%2FU%2FSq5IIhzsatXniv0VVhDk7g5TtvPjd%2B6"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 06:43:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=160&recv=84&lost=0&retrans=0&sent_bytes=156429&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=765&x=1", cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:50 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7cbb4cd3c1-FRA
server
cloudflare
s1-2.png
www.game-s80.com/resource/google/google-store/assets/image/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1-2.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5333da32d9b419aed5594426c8bc40f8c015eeb5dd0d65e3362b15097bbc04e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd15e-a964"
age
155168
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l5sSVUGXc1w4KPdlQvAZE3sXTo5%2BHhW8CHDzZv8xE9fd9omEjPQcurKt6RpcrqLHUPheMcDoZdGXLOORC4Lk%2FdrKXFS%2BPmdc9f8uSICuLp1Qm%2Fm%2F5eS3qA6Eb6OD26wFbVGn"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 06:43:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=160&recv=84&lost=0&retrans=0&sent_bytes=156429&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=765&x=1", cfHdrFlush;dur=23
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:50 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7cbb4fd3c1-FRA
server
cloudflare
s1-3.png
www.game-s80.com/resource/google/google-store/assets/image/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1-3.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da90e5cf63e5f3c359f32d5394bbfe06e0f76aa827cfffdb7e586dd3de912ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd161-a336"
age
155168
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTEAu3v%2BDiGeSVCryysQohNs2FAmaEg2Uxx%2FScpLsmcPA2nr7QK4Hp4kfTuIA9jRU3CIh%2BxqdCq0%2BoQjVytHb5%2FhsT8MlSUTipf5Qqz7xnn12lkEXNU9vxki9T6kc8DzEWFe"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 06:43:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=160&recv=84&lost=0&retrans=0&sent_bytes=156429&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=765&x=1", cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:53 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7cbb50d3c1-FRA
server
cloudflare
s1-4.png
www.game-s80.com/resource/google/google-store/assets/image/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1-4.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b936cdd00acf6f38a000454b62b105d7e87d83cc884237ddc1e218672a9e6ce6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd164-a314"
age
159952
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GtFNKmBH55oIDBVIFryGKNRHVQazwx2xbCxL91LTwtUhEywSBUQAu0XsbgjrPJOpvHIrW4jJWkcPwZZFaGz3d0HRp0XPtYcPi1kfbji01nJqxtu0E4f3VmR7Kt1QOqbw9zk5"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 05:23:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=170&recv=84&lost=0&retrans=0&sent_bytes=168429&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=765&x=1", cfHdrFlush;dur=23
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:56 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7cbb51d3c1-FRA
server
cloudflare
s1-5.png
www.game-s80.com/resource/google/google-store/assets/image/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1-5.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d32e712cff91d7ea3b1b44f55bf269b0a88310d25f0fb7788c6f14a56cfd425

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd165-9ffa"
age
155168
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D5okc%2Frrk0yReiFozQAp7zukBJBOT657PS7xdojSIocOm2%2F5P3LsPDt4dYaGHOOqRMKvM3rjBaPqFoZcvBMWcLQvIEnA3ZqFwQLKYbE3NtOt9XjRbo0oArYuNk3%2Bjocw4gR6"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 06:43:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=170&recv=84&lost=0&retrans=0&sent_bytes=168429&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=765&x=1", cfHdrFlush;dur=23
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:57 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7cbb52d3c1-FRA
server
cloudflare
indonesia.png
www.game-s80.com/resource/google/google-store/assets/image// 		192 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image//indonesia.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

cf-cache-status
HIT
etag
"674fd15c-c0"
age
36723
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0l1P%2BdMerIfcj7ceuttcjSkn3Mu4wGyGMVemwZEf0orshiXZ92CX8aAeFaZYq0BKJXWtl%2FlzbGJvRwdnkov%2Bh5%2BVHaf%2BvvqyzbX7a00vuyVIn9WKg5RXbshR5PMUoanUfN1l"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 15:37:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=160&recv=84&lost=0&retrans=0&sent_bytes=156429&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=765&x=1", cfHdrFlush;dur=23
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:48 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7cbb53d3c1-FRA
accept-ranges
bytes
content-length
192
server
cloudflare
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://google-pax.xyz
Referer
https://www.game-s80.com/

Response headers

age
232558
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 09:13:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 09:13:25 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
s2.png
www.game-s80.com/resource/google/google-store/assets/image/ 		361 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s2.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83950eabc8cecf94289cb9a6980ab85ee0c8f4193b2a7326fbb161a00f72dc3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd178-5a4d8"
age
155168
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZAtU%2BMwAcY3Z7CckQPwoLZMAcUToIrzdFqqWmGycENBQTtNRkbBQeFGfMS7EVRRx9IQ4FFV5BCSWSNGlvdyNNOu23ubKe7IEG4elyQpos9THe5ND8SpSq5L0Eolzdzrit15l"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 06:43:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=207&recv=84&lost=0&retrans=0&sent_bytes=211629&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=770&x=1", cfHdrFlush;dur=18
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:50:16 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7ccb5cd3c1-FRA
server
cloudflare
s3.png
www.game-s80.com/resource/google/google-store/assets/image/ 		393 KB
394 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s3.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1abc5a4c235d0d75f9c3d59394ac3d3e20a053597498724c1dc677d343ba29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd17f-625fc"
age
155168
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a5OfCMer1KD1YnDa8zb5rGWuvkkbgfcJXQH9%2FUfeqRueHszp%2BUyySuA8DDXM8hEEHG%2FrrxRKuX54WxPjozwzWt3rcxwLT6zenTk5t16swIgcRE3i4AxObv8dc7jFFAV0Y4Up"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 06:43:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=207&recv=84&lost=0&retrans=0&sent_bytes=211629&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=772&x=1", cfHdrFlush;dur=21
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:50:23 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7ccb5dd3c1-FRA
server
cloudflare
s4.png
www.game-s80.com/resource/google/google-store/assets/image/ 		335 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s4.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df64210b09856bee73cd3619b65a7cebc06e3c1b069191f61da56eb9e588e75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd18c-53a33"
age
159952
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sslz5oANS6jFMfSpz8WNaxQ2HaKfppI9IW4qhl3qvFvzQgPt2KZi8hmVwxaJpqehy0PpPnE9z0LkNBuNMzRREhQiPgW0WPmLKztGdzUzkScrVYqwWivXqIBeYA44boQttXg"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 05:23:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=207&recv=84&lost=0&retrans=0&sent_bytes=211629&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=772&x=1", cfHdrFlush;dur=36
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:50:36 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7ccb5ed3c1-FRA
server
cloudflare
s5.png
www.game-s80.com/resource/google/google-store/assets/image/ 		321 KB
322 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s5.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e82303a87da5e17a15d76495d64009b3142f6da67885ab861b9f88de0dae625d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd195-5030b"
age
155167
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gf0Q7BLYtSMAj9gm2j59kucZQkEV0WpwDe5YBYvdCt0MJnGWph3kNG4ydPnDEA61myC4kigQydLFXt6D3YTql29r4%2B15sLaTGni7Bl9kAhW6jJLXRW%2FJAnB1IxJ0ZXBvX9G3"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 06:43:16 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=207&recv=84&lost=0&retrans=0&sent_bytes=211629&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=771&x=1", cfHdrFlush;dur=37
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:50:45 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7ccb5fd3c1-FRA
server
cloudflare
s6.png
www.game-s80.com/resource/google/google-store/assets/image/ 		407 KB
408 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s6.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad67b8fe552cf64c2c61b653e497ba4a41e96e16eb77845fc287034fde7222fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd1a4-65dc7"
age
155167
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FOSQK5OesCd8qhBWmq472VCodz09u%2Fc930qyf4CdHP6DJngHcrwpuJzIKEp%2FLTF%2BJZHjWCoaV129D7dcm5evzpsdXlkHanDoUUYPF2d9TF3w8AQvGkQmwJoMDeqBud%2F3KKaj"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 06:43:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=207&recv=84&lost=0&retrans=0&sent_bytes=211629&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=771&x=1", cfHdrFlush;dur=38
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:51:00 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7ccb60d3c1-FRA
server
cloudflare
s7.png
www.game-s80.com/resource/google/google-store/assets/image/ 		341 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s7.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df938ea3887aaedd1731b93a33cb2fa66a195bc0e90b686ce019893e74571e34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674fd1ab-552dc"
age
159951
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2jnYGKBqqVTN1Z02fcUyuE5Dj3TrF2uAgOQ%2BuSublfSfHEhEgc1fiQIP5J%2BCyHWbX5eaV3ahbqvfwigEb7KhOyBrk17x4vLQQzxagqZdwEHjHUFXzZv80ruNkZNTihsSBqq"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 05:23:32 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21263&min_rtt=20331&rtt_var=505&sent=207&recv=84&lost=0&retrans=0&sent_bytes=211629&recv_bytes=13862&delivery_rate=29059&cwnd=55200&unsent_bytes=0&cid=2a4996c7550773bb&ts=772&x=1", cfHdrFlush;dur=37
date
Fri, 06 Dec 2024 01:49:23 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:51:07 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed89e7ccb61d3c1-FRA
server
cloudflare
favicon_v3.ico
www.gstatic.com/android/market_images/web/ 		4 KB
866 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/android/market_images/web/favicon_v3.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
br
age
154736
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 06:50:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 06:50:28 GMT
last-modified
Thu, 23 Jun 2022 19:28:00 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
841
x-xss-protection
0
server
sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.game-s80.com
URL
https://www.game-s80.com/resource/common/s80.com-adjust-targetInstall.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ClipboardJS function| QRCode object| urlParams object| downloadLink function| copyText object| servers string| apklink string| ioslink object| data object| _czc object| Alpine

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appdv76.s3.ap-southeast-3.amazonaws.com
fonts.gstatic.com
google-pax.xyz
lh3.googleusercontent.com
new.cnzz.com
play-lh.googleusercontent.com
uweb.umeng.com
www.game-s80.com
www.gstatic.com
www.game-s80.com
142.250.185.163
142.250.185.195
188.114.97.3
2606:4700:3033::ac43:c0f4
2a00:1450:4001:801::2016
2a00:1450:4001:806::2001
52.95.179.42
59.82.31.160
0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1
10f7998fb09d8440e0a7be017ce3682030a605437f9da0877e59053e706436a8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29d4b9cccea2807d52bae92e092395d1d986a72650db06ab1d6dbfbf41f1b970
329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5
3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689
3bfbca4ff46b39f126945cffabce480e8f7d6c5da77354c62ee7e111929ac06a
3df64210b09856bee73cd3619b65a7cebc06e3c1b069191f61da56eb9e588e75
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6
5333da32d9b419aed5594426c8bc40f8c015eeb5dd0d65e3362b15097bbc04e3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
6d284e695a6a5d8239e58c8b6e677e4130be213d92e25ffec0f4ce640d8995f4
7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118
7c8cdd6bbf7d39ad78b40e6fc34d827b808e698f2db056d9ade7143af2cc8cbe
7da90e5cf63e5f3c359f32d5394bbfe06e0f76aa827cfffdb7e586dd3de912ee
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
83950eabc8cecf94289cb9a6980ab85ee0c8f4193b2a7326fbb161a00f72dc3d
857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba
89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94
8aa3a4fb49799cb0795d492704110dcdacf0edda8f7a85fb87e091302ec9e7aa
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
8d32e712cff91d7ea3b1b44f55bf269b0a88310d25f0fb7788c6f14a56cfd425
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a
ad67b8fe552cf64c2c61b653e497ba4a41e96e16eb77845fc287034fde7222fc
b3169d4d64228398bc5c1e746b7ce270688ad1cee74ebcbc9e174701e941533e
b936cdd00acf6f38a000454b62b105d7e87d83cc884237ddc1e218672a9e6ce6
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
caeddda7eda7f1e46ca3158f3aee127ac02e60a9e414d0eaa4ba169d0173a4c6
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
dd1abc5a4c235d0d75f9c3d59394ac3d3e20a053597498724c1dc677d343ba29
de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec
df938ea3887aaedd1731b93a33cb2fa66a195bc0e90b686ce019893e74571e34
e82303a87da5e17a15d76495d64009b3142f6da67885ab861b9f88de0dae625d
f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1
f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875
fa8124ac4fe21c49f2bb4373761e0550e03306f125522ef08a114288fb74e8c9