urlscan.io logo urlscan.io
SecurityTrails logo

gamerxyt.com Open in urlscan Pro
172.67.196.147  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsadda4u.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bI...
Effective URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bI...
Submission: On November 27 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 14 domains to perform 24 HTTP transactions. The main IP is 172.67.196.147, located in United States and belongs to CLOUDFLARENET, US. The main domain is gamerxyt.com.
TLS certificate: Issued by WE1 on October 10th 2024. Valid for: 3 months.
This is the only time gamerxyt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.164.232 13335 (CLOUDFLAR...)
2 172.67.196.147 13335 (CLOUDFLAR...)
1 104.21.42.179 13335 (CLOUDFLAR...)
2 2 172.67.168.250 13335 (CLOUDFLAR...)
2 2 172.67.140.205 13335 (CLOUDFLAR...)
2 104.21.58.103 13335 (CLOUDFLAR...)
1 18.164.93.102 16509 (AMAZON-02)
5 142.251.111.97 15169 (GOOGLE)
2 104.21.1.232 13335 (CLOUDFLAR...)
1 108.156.91.121 16509 (AMAZON-02)
5 142.251.179.102 15169 (GOOGLE)
24 9
1    172.67.164.232 (United States)

ASN13335 (CLOUDFLARENET, US)
newsadda4u.com
2    172.67.196.147 (United States)

ASN13335 (CLOUDFLARENET, US)
gamerxyt.com
1    104.21.42.179 (None, )

ASN13335 (CLOUDFLARENET, US)
greenanalytics.autos
2    172.67.168.250 (United States)

ASN13335 (CLOUDFLARENET, US)
hubcdn.cc
2    172.67.140.205 (United States)

ASN13335 (CLOUDFLARENET, US)
hubcdn.site
2    104.21.58.103 (None, )

ASN13335 (CLOUDFLARENET, US)
hubcdn.vip
1    18.164.93.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-93-102.jfk50.r.cloudfront.net
d1vy7td57198sq.cloudfront.net
5    142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
2    104.21.1.232 (None, )

ASN13335 (CLOUDFLARENET, US)
positeasysembl.org
1    108.156.91.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-91-121.ord56.r.cloudfront.net
ndlesexwrecko.org
5    142.251.179.102 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f102.1e100.net
www.google-analytics.com
Domain Requested by
5 www.google-analytics.com www.googletagmanager.com
5 www.googletagmanager.com greenanalytics.autos
www.googletagmanager.com
gamerxyt.com
2 positeasysembl.org gamerxyt.com
2 hubcdn.vip gamerxyt.com
2 hubcdn.site 2 redirects
2 hubcdn.cc 2 redirects
2 gamerxyt.com
1 ndlesexwrecko.org d1vy7td57198sq.cloudfront.net
1 d1vy7td57198sq.cloudfront.net gamerxyt.com
1 greenanalytics.autos gamerxyt.com
1 newsadda4u.com 1 redirects
0 accounts.google.com Failed gamerxyt.com
0 www.facebook.com Failed gamerxyt.com
0 ukankingwithea.com Failed d1vy7td57198sq.cloudfront.net
24 14

This site contains no links.

Subject Issuer Validity Valid
gamerxyt.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
greenanalytics.autos
WE1		 2024-10-28 -
2025-01-26		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
positeasysembl.org
WE1		 2024-11-08 -
2025-02-06		 3 months crt.sh
ndlesexwrecko.org
Amazon RSA 2048 M03		 2024-11-07 -
2025-12-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF
Frame ID: 22BC7512BC2F6370171AB8A93B41E063
Requests: 23 HTTP requests in this frame

Frame: https://ndlesexwrecko.org/RTZsd0MkVA8afCQLDlE2N1pRUnEDE14xJ3RAFUA3IQNbRnp9RR1ZIClZGRMlN1kCA20rUxhScQN+ORkzE2ArRzsDYh8OFixvODoUKVU1RzMxbF0bMh11ORoAAWQkOikQdyIAJDF6Pht7AmIDQhA/USY4KSpSDg0SPXMFPnIDcQ8EChJwDz4QcXwORicxVQsyOQNyJgcQP1U5OS4pVQg1MD14ADUuHXUpHAIvWiQ4KhxsIwAkYAQqJzQmRy8ZDi1yK08bCl9YMhMtb1wUFX1jOEQ3LmUrNQgjZRQUGnQPATEoLVE/HSh8dxUUACZxNhMILnwGNHIxWzlEbgdbNCMODnw4EAoPZFREEzJnAS9xJmU7MAULU14TISEGBBslBG9aMykiAj8wAnBVKy0nFV4hUnEHezkfJBZcJQ8HL106EQsDUDUfKHx8Cz5md3AkRAEofV45CR9+HBMlAEZbLQYtUT8eGnR1FjoKFX4qEQUADwEucwteOD8OLWMrOmUvRQMZM3h4CDEMIlheDw92
Frame ID: 2067AA54EBBCD71BD962C6E3C2E40BF7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GamerXyt

Page URL History Show full URLs

  1. https://newsadda4u.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003... HTTP 302
    https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

24
Requests

71 %
HTTPS

0 %
IPv6

14
Domains

14
Subdomains

9
IPs

2
Countries

528 kB
Transfer

1652 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newsadda4u.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF HTTP 302
    https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://hubcdn.cc/css/dl.min.css HTTP 301
  • https://hubcdn.site/css/dl.min.css HTTP 301
  • https://hubcdn.vip/css/dl.min.css
Request Chain 2
  • https://hubcdn.cc/css/dlstyle.css HTTP 301
  • https://hubcdn.site/css/dlstyle.css HTTP 301
  • https://hubcdn.vip/css/dlstyle.css
Request Chain 9
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-cyRI6FWsmrN1ab-2t6fjq6WrWpeA8ZWV0oyskIKOzGIWyfDTB2aIwrKFVNRi-UcgWG7UU5-w HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cNl_MaOv-fxz98COvZlN3AGxHz84Ak2UZLyRYuV5YZQpIx0u9ow4DbENCEcnDTxiGQOvDT&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1562041662%3A1732739430112820&ddm=1
Request Chain 10
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-emVDa22moyC3LyzCUPvwgr529TvFlkkzT1uEpHAMvA44URUPDwmXnB7y96Ni5KsGgySu_UyQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-fiwvp8ld6NAXBYr-LYfYWb3-VE-XLNGdVLKEn8_rCoxB2GtheU4tg37pGWBaKn2iXf9dtl&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1371803470%3A1732739430112093&ddm=1

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dl.php
gamerxyt.com/
Redirect Chain
  • https://newsadda4u.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3N...
  • https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkU...
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ebf942c7811524f653436204dd2e0ca91e4c832a8ed74fd5514adde95b75bd4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
6525
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8e94e04fefbeab4c-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 20:30:27 GMT
last-modified
Wed, 27 Nov 2024 18:41:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3uRC4t8KHgMCz861XXdpXfsS3CMjnjq63XjxT34LVGH9OyDSs8Gmh9wlWrR9WDfzYAdZIhXdOW69dLHSxQD%2BmIh0snAJh2i0AD0Qe%2FvuazsPsjVuY5YAiVI8tzdes68%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=29068&min_rtt=28893&rtt_var=11186&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4141&recv_bytes=4589&delivery_rate=105157&cwnd=12000&unsent_bytes=0&cid=076670d048d09821&ts=61&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8e94e04eea7f36bb-YYZ
content-length
143
content-type
text/html
date
Wed, 27 Nov 2024 20:30:27 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpHy%2BpfDimlAqhvJp33TR0xGAqH7ZEn4YBdqjJlpVX7W3YOsvMQj8idSh%2FqbYNBVu%2FJH5CL9WMnxJfNO1NImPGYEy2KSjQXGaXxipD%2B5YdFNh709dOQdg6vLH7vaYtKxxA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
v4_enc.js
greenanalytics.autos/recaptcha/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenanalytics.autos/recaptcha/v4_enc.js
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aecc49fcf95342132a035bde03744d96195bdb6142bc61acac745a7e383415f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
119588
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YDtjlNsRL91NWHIsSdeMykV4q3k3V8EofhBzSr3j3EEEF0iG01PRzRQbD9wmvZ%2BodGIRtvJEl0U1KjHYYYsLba2hxk4lKMESovILosVwWjIRno1umAOD1TbTDOk2pYkCwYOJglUAug%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 29 Nov 2024 17:38:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27032&min_rtt=26407&rtt_var=10349&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4170&recv_bytes=4266&delivery_rate=104000&cwnd=12000&unsent_bytes=0&cid=c74d0865fd3675de&ts=74&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 20:30:28 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 17:38:37 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e94e055eba0a1f0-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare
dl.min.css
hubcdn.vip/css/
Redirect Chain
  • https://hubcdn.cc/css/dl.min.css
  • https://hubcdn.site/css/dl.min.css
  • https://hubcdn.vip/css/dl.min.css
172 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hubcdn.vip/css/dl.min.css
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF
Protocol
H3
Server
104.21.58.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be4e052c7f7ac374901bc04faea577b9d1c43b7969f8cd1cd4ed9dc413686bb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"2aeec-610f310b-f228a0;br"
age
17249
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5b88Ekz6VJTQ%2BYpRekL73yNEwbAQz24t1i5VIfXo5eikzWkf6nxGH5TUWhzxUe97ulnxX8zXvG5bMcBuX6aFmK6Jvo0DnrbSPmDKHFmUE0kCeokjCt2z8KF2T5RT"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 03:43:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28426&min_rtt=24350&rtt_var=8978&sent=15&recv=11&lost=0&retrans=0&sent_bytes=6151&recv_bytes=4670&delivery_rate=67793&cwnd=12000&unsent_bytes=0&cid=572dbabc224052ef&ts=105&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 20:30:29 GMT
content-type
text/css
last-modified
Sun, 08 Aug 2021 01:19:07 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e94e0583e14ac2a-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://hubcdn.vip/css/dl.min.css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BPN2FFfAPk3f6hlQ%2F%2FmC4Yo4%2BvSX%2Bqufc8%2BPonqV%2BsxuEpmQMqV8I7dQamgZ2rbsB2aoYheusb1pmZ6YOcfTPYol3XKZ0mPTY28HISiJ4PibLeeqMQmP8Fw5dVufQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e94e0571a9139e7-YYZ
expires
Wed, 27 Nov 2024 21:30:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24959&min_rtt=24862&rtt_var=9392&sent=12&recv=8&lost=0&retrans=0&sent_bytes=5001&recv_bytes=4534&delivery_rate=110774&cwnd=12000&unsent_bytes=0&cid=1e02ed1dc6c60fc7&ts=56&x=1", cfHdrFlush;dur=0
content-length
167
date
Wed, 27 Nov 2024 20:30:28 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
dlstyle.css
hubcdn.vip/css/
Redirect Chain
  • https://hubcdn.cc/css/dlstyle.css
  • https://hubcdn.site/css/dlstyle.css
  • https://hubcdn.vip/css/dlstyle.css
3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hubcdn.vip/css/dlstyle.css
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF
Protocol
H3
Server
104.21.58.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45003e7f62edcd58e78646401c98d621a979f46524f114fe24d02f576f138ccb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"bb2-66e3be39-f2289a;br"
age
17249
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDAo8FViS2qwUgFuqIUpSfbgM%2BjRVgobvjLCyMnLid57E3Q0oqbUuSIkzEEJTcdCJoyfPL%2Fy3FcbYoYhb7dIFL%2Fi86V42GdKHRXuhbsiSNFC7UqA7u1isAAFi4J%2F"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 03:43:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24373&min_rtt=24350&rtt_var=9177&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4126&recv_bytes=4250&delivery_rate=118849&cwnd=12000&unsent_bytes=0&cid=572dbabc224052ef&ts=53&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 20:30:29 GMT
content-type
text/css
last-modified
Fri, 13 Sep 2024 04:23:21 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e94e057dd6aac2a-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://hubcdn.vip/css/dlstyle.css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkIkdeOErsGiGcPwaEG85oKWhNWpc2NUe7YQPjmLP%2FUH%2Br4fYc%2Fv2nAAIlfdLUP%2Bz7Zo9F28Im2wDODT884UyFfsF4lpTL%2FMttPsRRDejX6Jl0%2FsAABGxyd4pyuIxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e94e0571a9339e7-YYZ
expires
Wed, 27 Nov 2024 21:30:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24959&min_rtt=24862&rtt_var=9392&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4124&recv_bytes=4534&delivery_rate=110774&cwnd=12000&unsent_bytes=0&cid=1e02ed1dc6c60fc7&ts=53&x=1", cfHdrFlush;dur=0
content-length
167
date
Wed, 27 Nov 2024 20:30:28 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
/
d1vy7td57198sq.cloudfront.net/ 		164 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vy7td57198sq.cloudfront.net/?dtyvd=1108348
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-93-102.jfk50.r.cloudfront.net
Software
/
Resource Hash
1dacd091cc2c0f7933f27d13c42788d3eb31256973d7e392f4a36c29d8ec016c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding
gzip
pragma
no-cache
via
1.1 98bc8180e0431e8f05afc9802305f1d2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
54601
x-amz-cf-id
cUiVgbOq69nSFRtFx1bJzJmMixmPtaw-GIhZaNKJ93MfDOCBAf1hlA==
date
Wed, 27 Nov 2024 20:30:29 GMT
x-amz-cf-pop
JFK50-P5
js
www.googletagmanager.com/gtag/ 		322 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Requested by
Host: greenanalytics.autos
URL: https://greenanalytics.autos/recaptcha/v4_enc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e23c65eaa0a00eb12af72eb3da00544061bfde360422dccae7c8b8f732a1490f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 27 Nov 2024 20:30:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:30:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109644
x-xss-protection
0
server
Google Tag Manager
asd100.bin
ukankingwithea.com/ 		0
0
/
ukankingwithea.com/ 		0
0
MHRFM1cfSyZAamU8HwUDdxgvYmcFTRJkBXQnK2EOaSETeDJmQGNHPlRJdAJnCEdxC3FAHSEOZhYHMVIjRQd4AnFZGiNcahYCeAJ5A0BrAGEeQGNGagFSMUM2V0l0FSdEACkOZgdHdwRkCUB3CmUFQQ
positeasysembl.org/ 		0
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://positeasysembl.org/MHRFM1cfSyZAamU8HwUDdxgvYmcFTRJkBXQnK2EOaSETeDJmQGNHPlRJdAJnCEdxC3FAHSEOZhYHMVIjRQd4AnFZGiNcahYCeAJ5A0BrAGEeQGNGagFSMUM2V0l0FSdEACkOZgdHdwRkCUB3CmUFQQ
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stBSgxet%2FPZZJf3202gSaDh0G9Qs5WiUYA1UeCBEWHiYxyiQzE8J%2BDqtB8qAxu0DnydgsGHAulOFzJkJmSLsLhT5dpssVLt9W8ovR8is4tnybfsTa2tpNTdTTRbZgh0mdNc8MjU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e94e05cfd3bab46-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27876&min_rtt=25796&rtt_var=7124&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5000&recv_bytes=4853&delivery_rate=22561&cwnd=12000&unsent_bytes=0&cid=c87da510c3be044a&ts=616&x=1", cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 20:30:29 GMT
server
cloudflare
login.php
www.facebook.com/ 		0
0
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-cyRI6FWsmrN1ab-2t6fjq6WrWpeA8ZWV0oyskIKOzGIWyfDTB2aIwrKFV...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cNl_MaOv-fxz98COvZlN3AGxHz84Ak2UZLyRYuV5YZQpIx0u9ow4DbENCEcnDTxiGQOvDT&passive=...
0
0
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-emVDa22moyC3LyzCUPvwgr529TvFlkkzT1uEpHAMvA44URUPDwmXn...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-fiwvp8ld6NAXBYr-LYfYWb3-VE-XLNGdVLKEn8_rCoxB2GtheU4tg37pGWBaKn2iXf9dtl&passive...
0
0
popunder.gif
positeasysembl.org/ 		35 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://positeasysembl.org/popunder.gif
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/dl.php?link=video-downloads.googleusercontent.com/ADGPM2lenKnUHfjxt8l-aRz003Shl05pRjLQ1WcxFhU9bIfj1IqOhuGQBhTVkYqMTF54kS0_XechSfQiACgDyCOtV7rTf9e2Q-F9hg57hJzgrn9guzJQ9DeV4W3NkUrNm9Bee9XGa0lM5uD8U2dQWQgP_jxFBzoOigrUmdsgSQwZqZxUwVKVWpJ8xRlgPjgXZjXIrWCLrf2z1...%20312%20...Kgz-FnSG2tzgMuJfZkhNU875XOmHPF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
20365
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2F9eEfD7K1i1j%2FrZrEkWutDKQDo44mkw5cjaWbVDhXcSmbtmfU6oHFZTF%2B1s5bxAPG8en%2FTGJYLY6Rn3PrXximtlEaukCjre9Ra5mIvnppKsGVofc4qR4Ew2MDSgBo8xYqU0gos%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28506&min_rtt=28403&rtt_var=10725&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4198&recv_bytes=4763&delivery_rate=108343&cwnd=12000&unsent_bytes=0&cid=c87da510c3be044a&ts=603&x=1", cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 20:30:29 GMT
content-type
image/gif
last-modified
Wed, 27 Nov 2024 14:51:04 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
cf-ray
8e94e05cfd3eab46-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
58
server
cloudflare
HSh8dxUUACZxNhMILnwGNHIxWzlEbgdbNCMODnw4EAoPZFREEzJnAS9xJmU7MAULU14TISEGBBslBG9aMykiAj8wAnBVKy0nFV4hUnEHezkfJBZcJQ8HL106EQsDUDUfKHx8Cz5md3AkRAEofV45CR9+HBMlAEZbLQYtUT8eGnR1FjoKFX4qEQUADwEucwteOD8OL...
ndlesexwrecko.org/RTZsd0MkVA8afCQLDlE2N1pRUnEDE14xJ3RAFUA3IQNbRnp9RR1ZIClZGRMlN1kCA20rUxhScQN+ORkzE2ArRzsDYh8OFixvODoUKVU1RzMxbF0bMh11ORoAAWQkOikQdyIAJDF6Pht7AmIDQhA/USY4KSpSDg0SPXMFPnIDcQ8EChJwDz4... Frame 2067 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ndlesexwrecko.org/RTZsd0MkVA8afCQLDlE2N1pRUnEDE14xJ3RAFUA3IQNbRnp9RR1ZIClZGRMlN1kCA20rUxhScQN+ORkzE2ArRzsDYh8OFixvODoUKVU1RzMxbF0bMh11ORoAAWQkOikQdyIAJDF6Pht7AmIDQhA/USY4KSpSDg0SPXMFPnIDcQ8EChJwDz4QcXwORicxVQsyOQNyJgcQP1U5OS4pVQg1MD14ADUuHXUpHAIvWiQ4KhxsIwAkYAQqJzQmRy8ZDi1yK08bCl9YMhMtb1wUFX1jOEQ3LmUrNQgjZRQUGnQPATEoLVE/HSh8dxUUACZxNhMILnwGNHIxWzlEbgdbNCMODnw4EAoPZFREEzJnAS9xJmU7MAULU14TISEGBBslBG9aMykiAj8wAnBVKy0nFV4hUnEHezkfJBZcJQ8HL106EQsDUDUfKHx8Cz5md3AkRAEofV45CR9+HBMlAEZbLQYtUT8eGnR1FjoKFX4qEQUADwEucwteOD8OLWMrOmUvRQMZM3h4CDEMIlheDw92
Requested by
Host: d1vy7td57198sq.cloudfront.net
URL: https://d1vy7td57198sq.cloudfront.net/?dtyvd=1108348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-121.ord56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1235
content-type
text/html
date
Wed, 27 Nov 2024 20:30:29 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 3cab2977109e9e185607e6a3005951e0.cloudfront.net (CloudFront)
x-amz-cf-id
i889kystN3Cizy4GEutmWoLr_M8QPuG4OrigbCQVOERsX_6a4rlyQg==
x-amz-cf-pop
ORD56-P1
x-cache
Miss from cloudfront
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EWNBXGCVJW&l=dataLayer&cx=c&gtm=45je4bk0v9199579945za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
a573d75ccd5833c8d8a7a5c93a3c3b485d9cf394c706cd27a1c7ba3328334078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 27 Nov 2024 20:30:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:30:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109801
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8T2RLBFKDH&l=dataLayer&cx=c&gtm=45je4bk0v9199579945za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d4815cdb6e8eb0b53f76b803c282854402587311294fb99aa14e38accd98262d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 27 Nov 2024 20:30:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:30:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109798
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		322 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NXMFQ1WG71&l=dataLayer&cx=c&gtm=45je4bk0v9199579945za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
24c529e3cd3a564e5af71f9eb0037e1c39109abc85ce67ad44f3d0f4267b4afb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 27 Nov 2024 20:30:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:30:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109600
x-xss-protection
0
server
Google Tag Manager
td
www.googletagmanager.com/ 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-P4E51ZP5QC&v=3&t=t&pid=485762377&dl=gamerxyt.com%2Fadrinolinks-url-shortner-real-or-fake%2F&tdp=G-P4E51ZP5QC;199579945;0;0;0&frm=0&rtg=199579945&slo=2&hlo=1&lst=3&z=0
Requested by
Host: gamerxyt.com
URL: https://gamerxyt.com/adrinolinks-url-shortner-real-or-fake/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Wed, 27 Nov 2024 20:30:29 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P4E51ZP5QC&gtm=45je4bk0v9199579945za200&_p=1732739429672&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=373102317.1732739430&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=What%20Causes%20The%20Blue%20Screen%20In%20Windows%2010%20-%20PayalTips&dl=%2Fwhat-causes-the-blue-screen-in-windows-10%2F&dr=https%3A%2F%2Fwww.google.com%2F&sid=1732739429&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2907
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gamerxyt.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:30:30 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EWNBXGCVJW&gtm=45je4bk0v9193593174za200zb9199579945&_p=1732739429672&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=373102317.1732739430&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=Gamepractice%20On%20Me%20-%20Cloud%20Arcade&dl=%2Fgame%2Fpractice-on-me%2F&dr=https%3A%2F%2Fwww.google.com%2F&sid=1732739430&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3206
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EWNBXGCVJW&l=dataLayer&cx=c&gtm=45je4bk0v9199579945za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gamerxyt.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:30:30 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8T2RLBFKDH&gtm=45je4bk0v9194383193za200zb9199579945&_p=1732739429672&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=373102317.1732739430&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=5%20Ways%20To%20Improve%20Your%20Internet%20Speed%20At%20Home%20-%20RahulTricks&dl=%2F5-ways-to-improve-your-internet-speed-at-home%2F&dr=https%3A%2F%2Fwww.google.com%2F&sid=1732739430&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3301
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8T2RLBFKDH&l=dataLayer&cx=c&gtm=45je4bk0v9199579945za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gamerxyt.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:30:30 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NXMFQ1WG71&gtm=45je4bk0v9200416245za200zb9199579945&_p=1732739429672&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=373102317.1732739430&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=Sim%20Card%20-%20Shetkari%20Today&dl=%2Fsim-card%2F&dr=https%3A%2F%2Fwww.youtube.com%2F&sid=1732739430&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3454
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NXMFQ1WG71&l=dataLayer&cx=c&gtm=45je4bk0v9199579945za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gamerxyt.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:30:30 GMT
content-type
text/plain
server
Golfe2
favicon.ico
gamerxyt.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gamerxyt.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7becc0246aa4fcb8127b3459b2b8c6c04879c6855b0fcf370f8c83d2de88d319

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
2365
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSn9MjywztcKQdwjqkcnlcZ%2BM%2FO9S3qfKGUSIT4Y8w5Yh%2BYrsDWOztAYSZoFK6lFlqQ%2BgKz%2F7UjnqHPJTIZ%2BKqzHK%2Bmz3UGyCcJOoy25a2svHw8R%2FSxRcmEpV9o%2FLxw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34952&min_rtt=28893&rtt_var=11892&sent=17&recv=13&lost=0&retrans=0&sent_bytes=8629&recv_bytes=5326&delivery_rate=83824&cwnd=12000&unsent_bytes=0&cid=076670d048d09821&ts=2859&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 20:30:30 GMT
content-type
text/html
vary
Accept-Encoding
priority
u=1,i
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8e94e0616cefab4c-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P4E51ZP5QC&gtm=45je4bk0v9199579945za200&_p=1732739429672&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=373102317.1732739430&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732739429&sct=1&seg=0&dl=https%3A%2F%2Fgamerxyt.com%2Fadrinolinks-url-shortner-real-or-fake%2F&dt=GamerXyt&en=scroll&epn.percent_scrolled=90&_et=9&tfd=7925
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4E51ZP5QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gamerxyt.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:30:34 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ukankingwithea.com
URL
https://ukankingwithea.com/asd100.bin
Domain
ukankingwithea.com
URL
https://ukankingwithea.com/
Domain
www.facebook.com
URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cNl_MaOv-fxz98COvZlN3AGxHz84Ak2UZLyRYuV5YZQpIx0u9ow4DbENCEcnDTxiGQOvDT&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1562041662%3A1732739430112820&ddm=1
Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-fiwvp8ld6NAXBYr-LYfYWb3-VE-XLNGdVLKEn8_rCoxB2GtheU4tg37pGWBaKn2iXf9dtl&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1371803470%3A1732739430112093&ddm=1

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x361d function| _0xe128 object| utr_1108348 number| userTrackingInterval number| _554840993 function| changeUrlWithReplaceState function| setCookie object| google_tag_manager object| google_tag_data object| dataLayer function| onYouTubeIframeAPIReady object| gaGlobal number| iinf

6 Cookies

Domain/Path Name / Value
gamerxyt.com/ Name: xyt
Value: 1
.gamerxyt.com/ Name: _ga
Value: GA1.1.373102317.1732739430
.gamerxyt.com/ Name: _ga_P4E51ZP5QC
Value: GS1.1.1732739429.1.0.1732739429.0.0.0
.gamerxyt.com/ Name: _ga_EWNBXGCVJW
Value: GS1.1.1732739430.1.0.1732739430.0.0.0
.gamerxyt.com/ Name: _ga_8T2RLBFKDH
Value: GS1.1.1732739430.1.0.1732739430.0.0.0
.gamerxyt.com/ Name: _ga_NXMFQ1WG71
Value: GS1.1.1732739430.1.0.1732739430.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://gamerxyt.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()