gfwannacheat2024.click Open in urlscan Pro
188.114.97.9  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://keiradm8.thraltfulnessthrubeq.ru.com/Keira-profile-56 Page URL
2. https://gfwannacheat2024.click/?s1=ser10 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Keira-profile-56 Show response keiradm8.thraltfulnessthrubeq.ru.com/	294 B 853 B	643ms 139ms	Document text/html	172.67.157.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://keiradm8.thraltfulnessthrubeq.ru.com/Keira-profile-56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.157.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash 65908e392aa9d7cd1e52dacaf41911bd7cf6a6386a76b34f4f1ae33f7b3694ae Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8dfa7aa3ad845a13-MXP content-encoding zstd content-type text/html; charset=UTF-8 date Sat, 09 Nov 2024 02:47:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ce6OSm8WAlTQz9aZyLFrho1oHplrvKi6crcXIwTTOj2pmowgZLteFYzw%2BH7yVEP3xKDI6WxE%2FL1MX1PjXKYioUl3ZP0xVmSureqMFPWbH4L4HaSeusuo91LjUZaVNucsFvajBj1ComqDDnUDYpMMYRly4siuEHw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=19705&sent=6&recv=8&lost=0&retrans=0&sent_bytes=3925&recv_bytes=2349&delivery_rate=197596&cwnd=253&unsent_bytes=0&cid=7672a8690feae907&ts=191&x=0" x-powered-by PHP/5.4.16
GET H2	200	favicon.ico keiradm8.thraltfulnessthrubeq.ru.com/	293 B 718 B	141ms 140ms	Other text/html	172.67.157.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://keiradm8.thraltfulnessthrubeq.ru.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.157.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash 9a50755f2db4f7a9450676253107b9d773eee4b3439f082b2a3446fcd4eadcf8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://keiradm8.thraltfulnessthrubeq.ru.com/Keira-profile-56 Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6ohm3vRVfvMWd7fbET4BrjEZSZbr%2BvTTXDC5TQOMtI6KSFPwuBGKFQBsvuzRBy5zF2%2B62Cm0VDPjBt725BjCl1ABwhTIpC0%2Fsb2xBwTMsmpJB2Dy%2Fy1M6W2pcqVtUFNyM2dSkJWUaKXgzRRS4ao0KpXhTtxGj0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8dfa7aa4ae145a13-MXP alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24890&sent=10&recv=11&lost=0&retrans=0&sent_bytes=4844&recv_bytes=2533&delivery_rate=197596&cwnd=256&unsent_bytes=0&cid=7672a8690feae907&ts=354&x=0" date Sat, 09 Nov 2024 02:47:36 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/5.4.16 vary Accept-Encoding last-modified Sat, 09 Nov 2024 02:47:36 GMT
GET H2	200	Primary Request / Show response gfwannacheat2024.click/	15 KB 5 KB	1018ms 606ms	Document text/html	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfwannacheat2024.click/?s1=ser10 Requested by Host: keiradm8.thraltfulnessthrubeq.ru.com URL: https://keiradm8.thraltfulnessthrubeq.ru.com/Keira-profile-56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4654d3f2ce59ede73db005b82b0c1b700eeb6ec6db49ba1192adee8a6b9dab9f Request headers Referer https://keiradm8.thraltfulnessthrubeq.ru.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 8dfa7aad7f2c0e6b-MXP content-encoding zstd content-type text/html; charset=UTF-8 date Sat, 09 Nov 2024 02:47:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BnCjqvzwKo%2Bs7o46uwfRcfHl1YPVKStSwzpMSWeBYOJpdhZksiG9wWiksfs%2FogKIsRANxo9EwOI9WaZe4Rho6tJ7PN5Gze8mNCULka04Y3AEA0K3J3BoWib98fTynjARCSsua6h4kl3o"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=17465&sent=7&recv=7&lost=0&retrans=0&sent_bytes=3902&recv_bytes=2326&delivery_rate=300139&cwnd=253&unsent_bytes=0&cid=f12c3500fec761b6&ts=638&x=0" vary accept-encoding
GET H2	200	ser10_672ecd4a50350.js Show response svntrk.com/assets/	0 657 B	767ms 287ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://svntrk.com/assets/ser10_672ecd4a50350.js Requested by Host: gfwannacheat2024.click URL: https://gfwannacheat2024.click/?s1=ser10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://gfwannacheat2024.click/ Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status BYPASS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5i%2FITR9Idz8gbMAJn2JSM0dy2RWaMAEWjRVGRtYMk%2F%2BDZVlmSuUascI52IK5F7lKTfQyWuaqf1%2F1QZ2fSmFDBWMowYRmOgrx0Jkxba9eog9AJ%2B5Yk4cZP8j0%2FA8"}],"group":"cf-nel","max_age":604800} cf-ray 8dfa7ab45d475a01-MXP alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=21797&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3743&recv_bytes=2195&delivery_rate=177475&cwnd=254&unsent_bytes=0&cid=df86dd86d2d4fe1b&ts=345&x=0" date Sat, 09 Nov 2024 02:47:39 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H2	200	fp.v3.646d4b3deea4287def3fdfc18906bcc7.js Show response gfwannacheat2024.click/scripts/	39 KB 17 KB	43ms 41ms	Script application/javascript	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfwannacheat2024.click/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js Requested by Host: gfwannacheat2024.click URL: https://gfwannacheat2024.click/?s1=ser10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://gfwannacheat2024.click/?s1=ser10 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"6720af54-9ca8" age 1087 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtyKpXyUjQrD7fyl6A8ss2QzQIpMw7umOKyTXIeQXFcuW9Lgb45KAxS6xT2KhlTyRmTD17opMrPfoRM%2BAPnKrEzFin4mePq%2B%2FAbV62mU88o2Cze9xo%2Belh0IMnb6jM3tv2vOBqoXJVgW"}],"group":"cf-nel","max_age":604800} cf-ray 8dfa7ab149430e6b-MXP alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=19165&sent=16&recv=11&lost=0&retrans=0&sent_bytes=8932&recv_bytes=2917&delivery_rate=664455&cwnd=257&unsent_bytes=0&cid=f12c3500fec761b6&ts=688&x=0" date Sat, 09 Nov 2024 02:47:38 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 29 Oct 2024 09:48:04 GMT vary Accept-Encoding server cloudflare
GET H2	200	vendor.d37ebf288b525822dee4d612ecbd57af.css gfwannacheat2024.click/landings/8it/fonts/	11 KB 4 KB	358ms 353ms	Stylesheet text/css	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfwannacheat2024.click/landings/8it/fonts/vendor.d37ebf288b525822dee4d612ecbd57af.css Requested by Host: gfwannacheat2024.click URL: https://gfwannacheat2024.click/?s1=ser10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cd1e1c79f171653fe232015f05b7846a2315511504bf9d74329bf786142c2f1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://gfwannacheat2024.click/?s1=ser10 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"6720af9b-2cfb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pIaIBkBeUPt2vTZu8Q%2F426IsBdmNeVvisn57pEmQlZksFZartcEnE56HRi4wA2Nd89byGR201l2XHP6z3Ujj4KJMXqSv2nyIjszfykCIBzE84M6UtvXrG%2F7S3GM2hZgr5YocG8UNi3wJ"}],"group":"cf-nel","max_age":604800} cf-ray 8dfa7ab169530e6b-MXP alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=17141&sent=34&recv=15&lost=0&retrans=0&sent_bytes=26213&recv_bytes=3280&delivery_rate=1637941&cwnd=257&unsent_bytes=0&cid=f12c3500fec761b6&ts=1020&x=0" date Sat, 09 Nov 2024 02:47:38 GMT content-type text/css last-modified Tue, 29 Oct 2024 09:49:15 GMT vary Accept-Encoding server cloudflare
GET H2	200	vendor.d7b30e18b01f4c2f51e153e66f301581.js Show response gfwannacheat2024.click/landings/8it/js/	95 KB 35 KB	608ms 607ms	Script application/javascript	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfwannacheat2024.click/landings/8it/js/vendor.d7b30e18b01f4c2f51e153e66f301581.js Requested by Host: gfwannacheat2024.click URL: https://gfwannacheat2024.click/?s1=ser10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 618b9f9455f942f0c2006f83ea2d1bfb618a17258c27fec116f3fb1eee22f334 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://gfwannacheat2024.click/?s1=ser10 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"6720af9b-17d57" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fexX0bSyE%2BKZ78VeiwVdi3DrOFbPwfxOutYsvsDNuNYFsOwD%2BQ6sqkD6%2FkTXD%2Fq%2BZvKRFMd0rJJhxW8FrbujVdE%2BpqTF0Ej8GgA%2FV1Hhz52sRXTExUGVIuadKtyuDm5hZmFCWvKVr8Qy"}],"group":"cf-nel","max_age":604800} cf-ray 8dfa7ab169540e6b-MXP alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=15395&sent=45&recv=19&lost=0&retrans=0&sent_bytes=34820&recv_bytes=3280&delivery_rate=1637941&cwnd=257&unsent_bytes=0&cid=f12c3500fec761b6&ts=1270&x=0" date Sat, 09 Nov 2024 02:47:39 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 29 Oct 2024 09:49:15 GMT vary Accept-Encoding server cloudflare
GET H2	200	DonneMatureBLCK.png gfwannacheat2024.click/landings/8it/img/	3 KB 4 KB	357ms 356ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gfwannacheat2024.click/landings/8it/img/DonneMatureBLCK.png Requested by Host: gfwannacheat2024.click URL: https://gfwannacheat2024.click/?s1=ser10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff253fa98268aa35c2903e9e4c7723a3c614abe746b936dcfc481fbbaef6ea13 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://gfwannacheat2024.click/?s1=ser10 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "6720af9b-db5" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyI9BTuVO7M12Z4JU9ap9Np602vkRq9w8nxVjFWTJCiLp9Ln6c7sJKXj9bq9GVwgAJ%2BlehH5TyN7IIn9%2Bmv11uzx1hygxm4y%2FuuDhGpz5aGRE4iVYG0f5XIg6ojLz2taGqHsBatbIMrq"}],"group":"cf-nel","max_age":604800} cf-ray 8dfa7ab169550e6b-MXP accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=17141&sent=40&recv=15&lost=0&retrans=0&sent_bytes=30764&recv_bytes=3280&delivery_rate=1637941&cwnd=257&unsent_bytes=0&cid=f12c3500fec761b6&ts=1022&x=0" content-length 3509 date Sat, 09 Nov 2024 02:47:38 GMT content-type image/png last-modified Tue, 29 Oct 2024 09:49:15 GMT vary Accept-Encoding server cloudflare
GET H2	200	bg1.webp gfwannacheat2024.click/landings/8it/img/	171 KB 171 KB	595ms 594ms	Image image/webp	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gfwannacheat2024.click/landings/8it/img/bg1.webp Requested by Host: gfwannacheat2024.click URL: https://gfwannacheat2024.click/landings/8it/fonts/vendor.d37ebf288b525822dee4d612ecbd57af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d7e8cc3f1fe466a37be3191186f0a85aa9aa7679a22c143bc03d08e4325084a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://gfwannacheat2024.click/landings/8it/fonts/vendor.d37ebf288b525822dee4d612ecbd57af.css Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "6720af9b-2aa3c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5xw1bXN9htgLr%2Bn0KgdgH5uLTyF0JajGxZ4tyTQl7nE%2Boo4%2BAIHd3U%2BquA4qClbe9%2BzPNN0LImFMbpN%2F2lQf4%2BObefmPc0eNbeRFn5LspP%2FHyd%2F%2Bu7jsk7OsM5rKQQHT%2B66K%2FzJvMTg8"}],"group":"cf-nel","max_age":604800} cf-ray 8dfa7ab62cce0e6b-MXP accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=13530&sent=116&recv=32&lost=0&retrans=0&sent_bytes=116609&recv_bytes=3543&delivery_rate=3561201&cwnd=257&unsent_bytes=0&cid=f12c3500fec761b6&ts=2012&x=0" content-length 174652 date Sat, 09 Nov 2024 02:47:39 GMT content-type image/webp last-modified Tue, 29 Oct 2024 09:49:15 GMT vary Accept-Encoding server cloudflare
GET H2	200	wrtaegfr-1676023063364.jpg gfwannacheat2024.click/landings/8it/img/	43 KB 44 KB	507ms 506ms	Image image/jpeg	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gfwannacheat2024.click/landings/8it/img/wrtaegfr-1676023063364.jpg Requested by Host: gfwannacheat2024.click URL: https://gfwannacheat2024.click/landings/8it/fonts/vendor.d37ebf288b525822dee4d612ecbd57af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86e3bc03ee60fd8f9c59cea9c4b40897eab40a447ef5d4a42b417510fe7625c9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://gfwannacheat2024.click/landings/8it/fonts/vendor.d37ebf288b525822dee4d612ecbd57af.css Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "6720af9b-add1" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1TvHPtxam2pKEyA9xEyawhRbZ%2BDe%2BixoqiDyW%2FFt%2BfrdElo610cX%2FWv9YRi48Yx6ffLXIshwSv%2FpM47JPlhXowoSUomXotu7baq0m6a6OoI6%2FUI5ZsPhjrqQeRwnLRW%2FssE00B51xZ3O"}],"group":"cf-nel","max_age":604800} cf-ray 8dfa7ab62cd00e6b-MXP accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=14117&sent=79&recv=27&lost=0&retrans=0&sent_bytes=71254&recv_bytes=3543&delivery_rate=2707482&cwnd=257&unsent_bytes=0&cid=f12c3500fec761b6&ts=1929&x=0" content-length 44497 date Sat, 09 Nov 2024 02:47:39 GMT content-type image/jpeg last-modified Tue, 29 Oct 2024 09:49:15 GMT vary Accept-Encoding server cloudflare
GET		1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 lh3.google.com/u/0/d/	0 0
GET		like.php www.facebook.com/v14.0/plugins/	0 0
GET		favicon.png gfwannacheat2024.click/landings/8it/img/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

lh3.google.com

URL

https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100

Domain

www.facebook.com

URL

https://www.facebook.com/v14.0/plugins/like.php

Domain

gfwannacheat2024.click

URL

https://gfwannacheat2024.click/landings/8it/img/favicon.png

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FingerprintJS function| getScreenInfo function| getUserAgent function| getLanguages function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| deviceOrientationHandler string| thirdParty object| fpPromise function| openPopup function| clickButton function| nextStep function| getTimezone function| $ function| jQuery boolean| sf

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gfwannacheat2024.click/	1970-01-21 00:52:07	Name: XSRF-TOKEN Value: eyJpdiI6ImdxUEdPMURiTEsxTnlZYUVTbFdlaUE9PSIsInZhbHVlIjoiNHZ5VnBFL0VyT0ZJbnFFVXdoUHhDR2MxdFhuTWtyZ0NoN2tvVTJIVzhTNjhVK3lLSUhtSk9DQ1JlK1F2djlnMiIsIm1hYyI6ImZjMDkxMmM5ZTBmODlmNmZjNGVmZTQzOWRiM2E5NTJkZDFjNzA3NTE2OTk0MGNiM2FkOTYzMzU5Y2FhYjg5NDMifQ%3D%3D
			gfwannacheat2024.click/	1970-01-21 00:52:07	Name: laravel_session Value: eyJpdiI6InJ5RE85RHZjb284S2JSbnRhNlVMWmc9PSIsInZhbHVlIjoibDU5RGx0ZFp3WXAzWDdCb1BLQnMzWXpTTmZyb001NTdZN0FhY3pVWXFSckk2VmtJQ2U2WUhFRGlGZ1FiY0s4NiIsIm1hYyI6IjJiNzk2MWM3MjJlOTQ4YTcwNzQzNzNhY2Q2NjJmNDYzYzFjMTZhYmMwNzQ2MTllMTdlYmU0NzI2MWQ5ODBjOWIifQ%3D%3D
			gfwannacheat2024.click/	1969-12-31 23:59:59	Name: SRVNAME Value: w2
			svntrk.com/	1969-12-31 23:59:59	Name: svnimp Value: 672ecd4b1b65f

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://gfwannacheat2024.click/?s1=ser10 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0201D00FC330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://gfwannacheat2024.click/?s1=ser10 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D09708FC330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gfwannacheat2024.click
keiradm8.thraltfulnessthrubeq.ru.com
lh3.google.com
svntrk.com
www.facebook.com
gfwannacheat2024.click
lh3.google.com
www.facebook.com
172.67.157.43
188.114.96.3
188.114.97.9
4654d3f2ce59ede73db005b82b0c1b700eeb6ec6db49ba1192adee8a6b9dab9f
618b9f9455f942f0c2006f83ea2d1bfb618a17258c27fec116f3fb1eee22f334
65908e392aa9d7cd1e52dacaf41911bd7cf6a6386a76b34f4f1ae33f7b3694ae
7d7e8cc3f1fe466a37be3191186f0a85aa9aa7679a22c143bc03d08e4325084a
86e3bc03ee60fd8f9c59cea9c4b40897eab40a447ef5d4a42b417510fe7625c9
8cd1e1c79f171653fe232015f05b7846a2315511504bf9d74329bf786142c2f1
9a50755f2db4f7a9450676253107b9d773eee4b3439f082b2a3446fcd4eadcf8
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff253fa98268aa35c2903e9e4c7723a3c614abe746b936dcfc481fbbaef6ea13