google-buka.xyz Open in urlscan Pro
104.21.70.45 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://google-buka.xyz/
Effective URL:
https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d...
Submission Tags: @phishunt_io
Submission: On January 05 via api (January 5th 2025, 1:27:47 am UTC) from DE — Scanned from IL

Summary HTTP 110 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 110 HTTP transactions. The main IP is 104.21.70.45, located in and belongs to CLOUDFLARENET, US. The main domain is google-buka.xyz.
TLS certificate: Issued by WE1 on January 2nd 2025. Valid for: 3 months.

This is the only time google-buka.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	104.21.70.45 104.21.70.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	104.21.48.1 104.21.48.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.95.179.66 52.95.179.66	16509 (AMAZON-02) (AMAZON-02)
3	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
24	142.250.74.214 142.250.74.214	15169 (GOOGLE) (GOOGLE)
12	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
2	104.26.13.205 104.26.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.44.182 104.21.44.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.151.204.8 185.151.204.8	396535 (ADJUST-) (ADJUST-)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
110	10

3 104.21.70.45 (None, )

ASN13335 (CLOUDFLARENET, US)

google-buka.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 104.21.48.1 (None, )

ASN13335 (CLOUDFLARENET, US)

www.game-d73.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.95.179.66 (Jakarta, Indonesia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com

appdv76.s3.ap-southeast-3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.74.214 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f22.1e100.net

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.44.182 (None, )

ASN13335 (CLOUDFLARENET, US)

api-tester.feiwindevelopment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.151.204.8 (United States) 1 redirects

ASN396535 (ADJUST-, US)

app.adjust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	game-d73.com www.game-d73.com	3 MB
27	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 45 play-lh.googleusercontent.com — Cisco Umbrella Rank: 557	6 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	305 KB
6	amazonaws.com appdv76.s3.ap-southeast-3.amazonaws.com	10 KB
3	google-buka.xyz google-buka.xyz	67 KB
2	ipify.org api.ipify.org — Cisco Umbrella Rank: 2001 Failed	479 B
1	adjust.com 1 redirects app.adjust.com — Cisco Umbrella Rank: 3095	1 KB
1	feiwindevelopment.com api-tester.feiwindevelopment.com	1 KB
0	umeng.com Failed uweb.umeng.com Failed
0	cnzz.com Failed new.cnzz.com Failed
110	10

	Domain	Requested by
43	www.game-d73.com	google-buka.xyz www.game-d73.com
24	play-lh.googleusercontent.com	google-buka.xyz
12	fonts.gstatic.com	www.game-d73.com
6	appdv76.s3.ap-southeast-3.amazonaws.com	google-buka.xyz
3	lh3.googleusercontent.com	google-buka.xyz
3	google-buka.xyz	www.game-d73.com
2	api.ipify.org	www.game-d73.com
1	www.gstatic.com
1	app.adjust.com	1 redirects
1	api-tester.feiwindevelopment.com	www.game-d73.com
0	uweb.umeng.com Failed	google-buka.xyz
0	new.cnzz.com Failed	google-buka.xyz
110	12

This site contains no links.

Subject Issuer	Validity	Valid
google-buka.xyz WE1	`2025-01-02` - `2025-04-02`	3 months	crt.sh
game-d73.com WE1	`2024-12-24` - `2025-03-24`	3 months	crt.sh
*.s3.ap-southeast-3.amazonaws.com Amazon RSA 2048 M01	`2024-10-20` - `2025-09-30`	a year	crt.sh
*.googleusercontent.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
edgestatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
ipify.org WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
feiwindevelopment.com WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Frame ID: BE5BE3FF3B616AE6146838C36ACCC1C0
Requests: 116 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

D73 – Apps on Google Play

Page URL History Show full URLs

http://google-buka.xyz/ HTTP 307
https://google-buka.xyz/ Page URL
https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_a... Page URL
https://app.adjust.com/1jgueef2?campaign=99d73_campaign%28123%29&adgroup=99d73_adgroup%28123%29&cre... HTTP 302
https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_a... Page URL

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Page Statistics

110
Requests

86 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

10
IPs

4
Countries

3274 kB
Transfer

7740 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://google-buka.xyz/ HTTP 307
https://google-buka.xyz/ Page URL
https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang Page URL
https://app.adjust.com/1jgueef2?campaign=99d73_campaign%28123%29&adgroup=99d73_adgroup%28123%29&creative=99d73_creative%28123%29&redirect=https%3A%2F%2Fgoogle-buka.xyz%2F%3Ft%3D1%26p0_android%3D1jgueef2%26p0_ios%3D1jufsfk4%26p1%3D99d73_campaign%26p2%3D123%26p3%3D99d73_adgroup%26p4%3D123%26p5%3D99d73_creative%26p6%3D123%26channelCode%3Dguanwang&label=guanwang HTTP 302
https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://google-buka.xyz/ HTTP 307
https://google-buka.xyz/

Request Chain 100

https://new.cnzz.com/v1/login.php?siteid=1281399884 HTTP 302
https://uweb.umeng.com/v1/login.php?siteid=1281399884

110 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
google-buka.xyz/
Redirect Chain

http://google-buka.xyz/
https://google-buka.xyz/

540 KB
33 KB

764ms
686ms

Document
text/html

104.21.70.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://google-buka.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.70.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75feaabeed0a57d195ab7598149e624a7363bc3b31e1e582f973c707f5fd038

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8fcfafcf7d517da0-TLV
content-encoding: zstd
content-type: text/html
date: Sun, 05 Jan 2025 01:27:36 GMT
last-modified: Fri, 03 Jan 2025 07:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6n1OmT3Axd8CG8GWb7C3V5KD4hUpf8CVGwLmb0DvCwSpAlRwDYI49ftClKjNhW3qtp1%2BgX4c%2BmjU1%2BDw6t8Uc6R0PQ4DIpGMhNFFbbTb%2BzCQlU6pRSBXXRYzqhkrBm%2BXlM8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=60709&min_rtt=60525&rtt_var=9694&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4161&recv_bytes=4486&delivery_rate=326&cwnd=12000&unsent_bytes=0&cid=f29f8b3cea773b75&ts=692&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

Location: https://google-buka.xyz/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style.css
www.game-d73.com/resource/google/common/ 658 KB
104 KB 887ms
731ms Stylesheet
text/css 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/google/common/style.css
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"673ff5f9-a4995"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QBSrweBYxxCam09mFcIl%2BRD0H%2FGLJrW0CTYSylNeOGMb7ElIcRQmK3O9aU1zfj0AAUK8Wbmvgjc6R%2FeFFeFZ7qi%2BeihMxm7AW1ZUWfXxFFijA5ZaLlrrlpnce5aczIIYP%2BX"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd4cf66c21d-TLV
expires: Sun, 05 Jan 2025 13:27:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4777&min_rtt=4732&rtt_var=101&sent=28&recv=26&lost=0&retrans=0&sent_bytes=17865&recv_bytes=2851&delivery_rate=2385185&cwnd=257&unsent_bytes=0&cid=2202c7a2bd851460&ts=737&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 03:09:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clipboard.min.js Show response
www.game-d73.com/resource/common/ 18 KB
5 KB 689ms
534ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/clipboard.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"674fca1a-4950"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BbQbsB1Sfg7vNRVIawOZZqMoFslTLzOua3LlOxuZ%2FXZPHn06P6rbi81PzHa%2FhQ2uPKNYuIn9RXRWfAgM8dxgNnlRCWijgW1ZFPF9BQAjivfS7MlaKY9VB3GnXBpN68BFpHbN"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd4cf67c21d-TLV
expires: Sun, 05 Jan 2025 13:27:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4764&min_rtt=4732&rtt_var=779&sent=12&recv=18&lost=0&retrans=0&sent_bytes=4012&recv_bytes=2851&delivery_rate=799503&cwnd=254&unsent_bytes=0&cid=2202c7a2bd851460&ts=539&x=0"
date: Sun, 05 Jan 2025 01:27:36 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 qrcode.min.js Show response
www.game-d73.com/resource/common/ 19 KB
8 KB 733ms
578ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/qrcode.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"674fca1a-4dd7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JElLVetAzuyZPkV9CPLQNI9QESNWl7lje5UZDsNL5EZ4v0hl6EXS%2FC7vYUuQvSZ1vftBfAVTgWbAXLOepgrnnxymqBLeId8NjBoW31U4SfSeeJgj6sN6FHFdCt7SKUrcIU0m"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd4cf68c21d-TLV
expires: Sun, 05 Jan 2025 13:27:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4780&min_rtt=4732&rtt_var=283&sent=19&recv=22&lost=0&retrans=0&sent_bytes=9534&recv_bytes=2851&delivery_rate=1817741&cwnd=257&unsent_bytes=0&cid=2202c7a2bd851460&ts=585&x=0"
date: Sun, 05 Jan 2025 01:27:36 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK import-scripts.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 9 KB
9 KB 1104ms
370ms Script
application/javascript 52.95.179.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.66 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

x-amz-id-2: arya79aE2Ofn4HVz+H9kCSz9QpuKYEblOJkripAsMSpOgpCqINDFpUYykc3aZIh+H8OeG0Jmu2Q=
ETag: "0a718bb010a4bc901c45eba9dad3b0a2"
x-amz-request-id: WDBKCKBYTWXWP0T8
Accept-Ranges: bytes
Content-Length: 8988
Date: Sun, 05 Jan 2025 01:27:38 GMT
Last-Modified: Sun, 07 Jul 2024 03:32:15 GMT
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET alpine.3.x.x.min.js
www.game-d73.com/resource/google/common/ 0
0

GET
H2 200 email-decode.min.js Show response
www.game-d73.com/resource/common/ 1 KB
1 KB 577ms
576ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/email-decode.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"674fca1a-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eU3LPv%2BTDO0JftertPA0luhCO3JjL66p6srYJFBW4cnZJmYXuMaVYjUnK%2BXF5w7rpSPKaJ9tzfGOGz511eLSAOU38YRAoIuPUD51CsOpQPMElz3sUz19DgzvLIpW%2BemiWar%2F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c0c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4980&min_rtt=4692&rtt_var=311&sent=124&recv=53&lost=0&retrans=0&sent_bytes=122559&recv_bytes=2851&delivery_rate=12790243&cwnd=283&unsent_bytes=0&cid=2202c7a2bd851460&ts=1001&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK adtid73.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/download-appd73/ 201 B
623 B 951ms
369ms Script
application/javascript 52.95.179.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/download-appd73/adtid73.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.66 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 918942fe4ae8bf4816a6c5c234a535a4fab9e85e0a8f88d3fa70b30b2a64ce0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

x-amz-id-2: Zi8pqkh2FQzaXt4VdIPwZyLqS48S5wqFgPOieYeCKxDHErhjNwAWWg9JL8BXJoTyvw6AoVySncI=
ETag: "8e3c4c328a411a9236c0d4cfbbcd9c94"
x-amz-request-id: WDBNND1YTKG4H67N
Accept-Ranges: bytes
Content-Length: 201
Date: Sun, 05 Jan 2025 01:27:38 GMT
Last-Modified: Thu, 02 Jan 2025 16:13:22 GMT
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 99d73-adjust-targetInstall.js Show response
www.game-d73.com/resource/common/ 12 KB
4 KB 577ms
576ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/99d73-adjust-targetInstall.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3389039eba983f3b1f35aeae04d4127572ba4a8aceb9fe684e9bf7fd832d67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"676d1bd6-31bc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilNJg7OaR89DO5X1MpvIIPfO97mDzGSD8LkuRmwzom8splYBPjFXwuCvaDUa2bjZUMLOtk7CPW%2Fa6EEOWQ0K%2FLRwL0saBPF8RPdqww6IUULFEWCR4IGfCWgbnjUqpkrYyDwH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c1c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4917&min_rtt=4692&rtt_var=221&sent=127&recv=56&lost=0&retrans=0&sent_bytes=123729&recv_bytes=2851&delivery_rate=12790243&cwnd=286&unsent_bytes=0&cid=2202c7a2bd851460&ts=1012&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Thu, 26 Dec 2024 09:03:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 adti-advertise.v1.10.3.6.js Show response
www.game-d73.com/resource/common/ 14 KB
5 KB 571ms
570ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/adti-advertise.v1.10.3.6.js?v=2
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"674fca1a-37ba"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMFIat%2F0OEnv7rwDwTZ5YzsRAgwI%2BfQgeAoC83LXiZLcX%2BM21yVsUiCZ2KHFaod11y%2FrV4Bk%2F2FBte4rHNZOldKDL7TIaTlkWwK8COo2i1L%2BxrgfGh37970eCs5ZHizcqjvJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c2c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4777&min_rtt=4692&rtt_var=17&sent=118&recv=50&lost=0&retrans=0&sent_bytes=117159&recv_bytes=2851&delivery_rate=12790243&cwnd=277&unsent_bytes=0&cid=2202c7a2bd851460&ts=984&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 servers.js Show response
www.game-d73.com/resource/common/ 477 B
681 B 571ms
570ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/servers.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"674fca1a-1dd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68IRu%2BVJj9CiwlLuW5cN5T8L4vD2pBEf43RFZDnSmzkyoIPs0qRjHl%2F2RMmkOMSehdubv48zkEW8Max3c50MRqASgWOGLTo6v0n5DMTlGOkFKsHTFKhYSanGgWseIWPeO6LY"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c3c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4776&min_rtt=4692&rtt_var=20&sent=116&recv=46&lost=0&retrans=0&sent_bytes=116412&recv_bytes=2851&delivery_rate=12790243&cwnd=273&unsent_bytes=0&cid=2202c7a2bd851460&ts=962&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 d73-targetInstall.js Show response
www.game-d73.com/resource/common/ 463 B
808 B 568ms
567ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/d73-targetInstall.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3645239de2ef67d1735857af148ae89c4d55f5ab5bd82e4ae24eedec7b0a1099

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67768170-1cf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nti0WHNZSv3UDH65nJlWOmYmUXm%2FdpZ05fav3xlWx1vo26FkpsRwCKC22LnAAl%2FbHD8WgHgwhOOoEjRoBrCjk0ApQjH5vgpOSZOpI2z8BNhrV5whkRqS4B%2FTnWtbocy9Nt0M"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c4c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4783&min_rtt=4732&rtt_var=37&sent=114&recv=33&lost=0&retrans=0&sent_bytes=115538&recv_bytes=2851&delivery_rate=7520032&cwnd=257&unsent_bytes=0&cid=2202c7a2bd851460&ts=958&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Thu, 02 Jan 2025 12:07:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ 2 KB
3 KB 369ms
115ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v18"
age: 10289
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:36:08 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 2384
x-xss-protection: 0
server: fife

GET
H2 200 _KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ 222 B
311 B 359ms
115ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1271
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 01:06:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 01:06:26 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 222
x-xss-protection: 0
server: fife

GET
H2 200 iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 200 B
499 B 356ms
112ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 7524
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 23:22:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 23:22:13 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 244 B
307 B 359ms
115ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 7524
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 23:22:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 23:22:13 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 244
x-xss-protection: 0
server: fife

GET
H2 200 W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 200 B
287 B 357ms
114ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 12405
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:00:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:00:52 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 164 B
254 B 358ms
114ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 9082
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:56:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:56:15 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 164
x-xss-protection: 0
server: fife

GET
H3 200 4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ 24 KB
24 KB 328ms
203ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-buka.xyz
Referer: https://www.game-d73.com/

Response headers

age: 314191
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 01 Jan 2026 10:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 01 Jan 2025 10:11:06 GMT
last-modified: Tue, 23 Feb 2021 01:47:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24652
x-xss-protection: 0
server: sffe

GET Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ 0
0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 291ms
167ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-buka.xyz
Referer: https://www.game-d73.com/

Response headers

age: 420473
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 04:39:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 04:39:44 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 0
0

GET
H2 200 ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
play-lh.googleusercontent.com/a-/ 454 B
550 B 326ms
116ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v69"
age: 9997
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:41:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:41:00 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 454
x-xss-protection: 0
server: fife

GET
H2 200 ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
play-lh.googleusercontent.com/a/ 302 B
397 B 115ms
113ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v0"
age: 6521
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 23:38:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 23:38:57 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 302
x-xss-protection: 0
server: fife

GET
H2 200 ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
play-lh.googleusercontent.com/a-/ 1 KB
1 KB 113ms
112ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "vc"
age: 12399
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:00:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:00:59 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1124
x-xss-protection: 0
server: fife

GET /
api.ipify.org/ 0
0

GET
H3 200 / Show response
google-buka.xyz/ 540 KB
34 KB 388ms
388ms Document
text/html 104.21.70.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Requested by: Host: www.game-d73.com
URL: https://www.game-d73.com/resource/common/99d73-adjust-targetInstall.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.70.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75feaabeed0a57d195ab7598149e624a7363bc3b31e1e582f973c707f5fd038

Request headers

Referer: https://google-buka.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8fcfafdd8be37da0-TLV
content-encoding: zstd
content-type: text/html
date: Sun, 05 Jan 2025 01:27:38 GMT
last-modified: Fri, 03 Jan 2025 07:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77CZVQkUCaAnZzXAWuUJGjGzE17uECuy2wuQ3%2Fy9EcwbYJbCwOcDLqIGWxEJhJHTNj9nWWifMc2Y9TyLAH6DApolkkVsvTPSMyqfB9pw3aT%2FfjE694%2FmQFY%2Bl3EcnSFRRFo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=60756&min_rtt=60463&rtt_var=355&sent=46&recv=28&lost=0&retrans=0&sent_bytes=39129&recv_bytes=5712&delivery_rate=101223&cwnd=21600&unsent_bytes=0&cid=f29f8b3cea773b75&ts=2648&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

Content-Type: image/png

GET
H2 200 style.css
www.game-d73.com/resource/google/common/ 658 KB
0 887ms
731ms Stylesheet
text/css 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/google/common/style.css
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"673ff5f9-a4995"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QBSrweBYxxCam09mFcIl%2BRD0H%2FGLJrW0CTYSylNeOGMb7ElIcRQmK3O9aU1zfj0AAUK8Wbmvgjc6R%2FeFFeFZ7qi%2BeihMxm7AW1ZUWfXxFFijA5ZaLlrrlpnce5aczIIYP%2BX"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd4cf66c21d-TLV
expires: Sun, 05 Jan 2025 13:27:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4777&min_rtt=4732&rtt_var=101&sent=28&recv=26&lost=0&retrans=0&sent_bytes=17865&recv_bytes=2851&delivery_rate=2385185&cwnd=257&unsent_bytes=0&cid=2202c7a2bd851460&ts=737&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 03:09:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clipboard.min.js Show response
www.game-d73.com/resource/common/ 18 KB
0 689ms
534ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/clipboard.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"674fca1a-4950"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BbQbsB1Sfg7vNRVIawOZZqMoFslTLzOua3LlOxuZ%2FXZPHn06P6rbi81PzHa%2FhQ2uPKNYuIn9RXRWfAgM8dxgNnlRCWijgW1ZFPF9BQAjivfS7MlaKY9VB3GnXBpN68BFpHbN"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd4cf67c21d-TLV
expires: Sun, 05 Jan 2025 13:27:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4764&min_rtt=4732&rtt_var=779&sent=12&recv=18&lost=0&retrans=0&sent_bytes=4012&recv_bytes=2851&delivery_rate=799503&cwnd=254&unsent_bytes=0&cid=2202c7a2bd851460&ts=539&x=0"
date: Sun, 05 Jan 2025 01:27:36 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 qrcode.min.js Show response
www.game-d73.com/resource/common/ 19 KB
0 733ms
578ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/qrcode.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"674fca1a-4dd7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JElLVetAzuyZPkV9CPLQNI9QESNWl7lje5UZDsNL5EZ4v0hl6EXS%2FC7vYUuQvSZ1vftBfAVTgWbAXLOepgrnnxymqBLeId8NjBoW31U4SfSeeJgj6sN6FHFdCt7SKUrcIU0m"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd4cf68c21d-TLV
expires: Sun, 05 Jan 2025 13:27:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4780&min_rtt=4732&rtt_var=283&sent=19&recv=22&lost=0&retrans=0&sent_bytes=9534&recv_bytes=2851&delivery_rate=1817741&cwnd=257&unsent_bytes=0&cid=2202c7a2bd851460&ts=585&x=0"
date: Sun, 05 Jan 2025 01:27:36 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK import-scripts.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 9 KB
0 1104ms
370ms Script
application/javascript 52.95.179.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.66 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

x-amz-id-2: arya79aE2Ofn4HVz+H9kCSz9QpuKYEblOJkripAsMSpOgpCqINDFpUYykc3aZIh+H8OeG0Jmu2Q=
ETag: "0a718bb010a4bc901c45eba9dad3b0a2"
x-amz-request-id: WDBKCKBYTWXWP0T8
Accept-Ranges: bytes
Content-Length: 8988
Date: Sun, 05 Jan 2025 01:27:38 GMT
Last-Modified: Sun, 07 Jul 2024 03:32:15 GMT
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 alpine.3.x.x.min.js Show response
www.game-d73.com/resource/google/common/ 44 KB
18 KB 766ms
766ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/google/common/alpine.3.x.x.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d284e695a6a5d8239e58c8b6e677e4130be213d92e25ffec0f4ce640d8995f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: MISS
etag: W/"674fe2ee-aee4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bev%2BssefWBRrIq9QfD7Ca5TSDx%2F8%2BcTxwrppnE9Nqvb4MU60DHKWbEZIl1PzUhyLAiUMbQvEf8GPMboCAOlCwjNAsNgjxL3F8TvPa3T8oTN%2BX4wjSItUTNRVBbVIeiedB%2BaX"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafe009a1c227-TLV
expires: Sun, 05 Jan 2025 13:27:38 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:38 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 05:04:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
0 291ms
167ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-buka.xyz
Referer: https://www.game-d73.com/

Response headers

age: 420473
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 04:39:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 04:39:44 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET
H3 200 4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ 24 KB
0 328ms
203ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-buka.xyz
Referer: https://www.game-d73.com/

Response headers

age: 314191
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 01 Jan 2026 10:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 01 Jan 2025 10:11:06 GMT
last-modified: Tue, 23 Feb 2021 01:47:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24652
x-xss-protection: 0
server: sffe

GET
H2 200 ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ 2 KB
0 369ms
115ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

fife /

Resource Hash

fa8124ac4fe21c49f2bb4373761e0550e03306f125522ef08a114288fb74e8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v18"
age: 10289
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:36:08 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 2384
x-xss-protection: 0
server: fife

GET
H2 200 _KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ 222 B
0 359ms
115ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1271
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 01:06:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 01:06:26 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 222
x-xss-protection: 0
server: fife

GET
H2 200 iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 200 B
0 356ms
112ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 7524
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 23:22:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 23:22:13 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 244 B
0 359ms
115ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 7524
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 23:22:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 23:22:13 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 244
x-xss-protection: 0
server: fife

GET
H2 200 W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 200 B
0 357ms
114ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 12405
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:00:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:00:52 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 164 B
0 358ms
114ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 9082
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:56:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:56:15 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 164
x-xss-protection: 0
server: fife

GET
H2 200 ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
play-lh.googleusercontent.com/a-/ 454 B
0 326ms
116ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v69"
age: 9997
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:41:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:41:00 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 454
x-xss-protection: 0
server: fife

GET
H2 200 ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
play-lh.googleusercontent.com/a/ 302 B
0 115ms
113ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v0"
age: 6521
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 23:38:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 23:38:57 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 302
x-xss-protection: 0
server: fife

GET
H2 200 ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
play-lh.googleusercontent.com/a-/ 1 KB
0 113ms
112ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

caeddda7eda7f1e46ca3158f3aee127ac02e60a9e414d0eaa4ba169d0173a4c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "vc"
age: 12399
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:00:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:00:59 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1124
x-xss-protection: 0
server: fife

GET
H3 200 Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ 227 KB
159 KB 115ms
115ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-buka.xyz
Referer: https://www.game-d73.com/

Response headers

age: 255506
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 02 Jan 2026 02:29:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 02 Jan 2025 02:29:12 GMT
last-modified: Mon, 08 May 2023 17:53:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 232676
x-xss-protection: 0
server: sffe

GET
H3 200 kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 159 KB
90 KB 116ms
116ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-buka.xyz
Referer: https://www.game-d73.com/

Response headers

age: 212265
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 02 Jan 2026 14:29:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 02 Jan 2025 14:29:53 GMT
last-modified: Thu, 25 Aug 2022 00:15:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 162924
x-xss-protection: 0
server: sffe

GET
H2 200 email-decode.min.js Show response
www.game-d73.com/resource/common/ 1 KB
0 577ms
576ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/email-decode.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"674fca1a-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eU3LPv%2BTDO0JftertPA0luhCO3JjL66p6srYJFBW4cnZJmYXuMaVYjUnK%2BXF5w7rpSPKaJ9tzfGOGz511eLSAOU38YRAoIuPUD51CsOpQPMElz3sUz19DgzvLIpW%2BemiWar%2F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c0c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4980&min_rtt=4692&rtt_var=311&sent=124&recv=53&lost=0&retrans=0&sent_bytes=122559&recv_bytes=2851&delivery_rate=12790243&cwnd=283&unsent_bytes=0&cid=2202c7a2bd851460&ts=1001&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK adtid73.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/download-appd73/ 201 B
0 951ms
369ms Script
application/javascript 52.95.179.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/download-appd73/adtid73.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.66 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 918942fe4ae8bf4816a6c5c234a535a4fab9e85e0a8f88d3fa70b30b2a64ce0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

x-amz-id-2: Zi8pqkh2FQzaXt4VdIPwZyLqS48S5wqFgPOieYeCKxDHErhjNwAWWg9JL8BXJoTyvw6AoVySncI=
ETag: "8e3c4c328a411a9236c0d4cfbbcd9c94"
x-amz-request-id: WDBNND1YTKG4H67N
Accept-Ranges: bytes
Content-Length: 201
Date: Sun, 05 Jan 2025 01:27:38 GMT
Last-Modified: Thu, 02 Jan 2025 16:13:22 GMT
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 99d73-adjust-targetInstall.js Show response
www.game-d73.com/resource/common/ 12 KB
0 577ms
576ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/99d73-adjust-targetInstall.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3389039eba983f3b1f35aeae04d4127572ba4a8aceb9fe684e9bf7fd832d67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"676d1bd6-31bc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilNJg7OaR89DO5X1MpvIIPfO97mDzGSD8LkuRmwzom8splYBPjFXwuCvaDUa2bjZUMLOtk7CPW%2Fa6EEOWQ0K%2FLRwL0saBPF8RPdqww6IUULFEWCR4IGfCWgbnjUqpkrYyDwH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c1c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4917&min_rtt=4692&rtt_var=221&sent=127&recv=56&lost=0&retrans=0&sent_bytes=123729&recv_bytes=2851&delivery_rate=12790243&cwnd=286&unsent_bytes=0&cid=2202c7a2bd851460&ts=1012&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Thu, 26 Dec 2024 09:03:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 / Show response
api.ipify.org/ 22 B
228 B 197ms
197ms Fetch
application/json 104.26.13.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.game-d73.com
URL: https://www.game-d73.com/resource/common/99d73-adjust-targetInstall.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee2a62def34df2f11b66161b43c9d157fb2badb5c3a13f9c99cd05ec546e4bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8fcfafe0ccf5d2f2-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=52525&min_rtt=52372&rtt_var=4766&sent=14&recv=16&lost=0&retrans=0&sent_bytes=4430&recv_bytes=2298&delivery_rate=73748&cwnd=257&unsent_bytes=0&cid=9096bdd8d046952f&ts=467&x=0"
content-length: 22
date: Sun, 05 Jan 2025 01:27:38 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f71af8552721204ec103ce2cbd9d2429bded26caa85d5bbddeb541d06b50fc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

Content-Type: image/png

GET
H2 200 adti-advertise.v1.10.3.6.js Show response
www.game-d73.com/resource/common/ 14 KB
0 0ms
0ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/adti-advertise.v1.10.3.6.js?v=2
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"674fca1a-37ba"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMFIat%2F0OEnv7rwDwTZ5YzsRAgwI%2BfQgeAoC83LXiZLcX%2BM21yVsUiCZ2KHFaod11y%2FrV4Bk%2F2FBte4rHNZOldKDL7TIaTlkWwK8COo2i1L%2BxrgfGh37970eCs5ZHizcqjvJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c2c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4777&min_rtt=4692&rtt_var=17&sent=118&recv=50&lost=0&retrans=0&sent_bytes=117159&recv_bytes=2851&delivery_rate=12790243&cwnd=277&unsent_bytes=0&cid=2202c7a2bd851460&ts=984&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 servers.js Show response
www.game-d73.com/resource/common/ 477 B
0 0ms
0ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/servers.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"674fca1a-1dd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68IRu%2BVJj9CiwlLuW5cN5T8L4vD2pBEf43RFZDnSmzkyoIPs0qRjHl%2F2RMmkOMSehdubv48zkEW8Max3c50MRqASgWOGLTo6v0n5DMTlGOkFKsHTFKhYSanGgWseIWPeO6LY"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c3c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4776&min_rtt=4692&rtt_var=20&sent=116&recv=46&lost=0&retrans=0&sent_bytes=116412&recv_bytes=2851&delivery_rate=12790243&cwnd=273&unsent_bytes=0&cid=2202c7a2bd851460&ts=962&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 d73-targetInstall.js Show response
www.game-d73.com/resource/common/ 463 B
0 1ms
1ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/d73-targetInstall.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3645239de2ef67d1735857af148ae89c4d55f5ab5bd82e4ae24eedec7b0a1099

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67768170-1cf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nti0WHNZSv3UDH65nJlWOmYmUXm%2FdpZ05fav3xlWx1vo26FkpsRwCKC22LnAAl%2FbHD8WgHgwhOOoEjRoBrCjk0ApQjH5vgpOSZOpI2z8BNhrV5whkRqS4B%2FTnWtbocy9Nt0M"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c4c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4783&min_rtt=4732&rtt_var=37&sent=114&recv=33&lost=0&retrans=0&sent_bytes=115538&recv_bytes=2851&delivery_rate=7520032&cwnd=257&unsent_bytes=0&cid=2202c7a2bd851460&ts=958&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Thu, 02 Jan 2025 12:07:12 GMT
vary: Accept-Encoding
server: cloudflare

GET login.php
new.cnzz.com/v1/ 0
0

GET
H3 200 downloadPageLogs
api-tester.feiwindevelopment.com/api/ 735 B
1 KB 611ms
480ms Fetch
application/json 104.21.44.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-tester.feiwindevelopment.com/api/downloadPageLogs?source=DOWNLOAD_PAGE&status=SUCCESS&ip=31.187.78.187&device_name=Linux%20x86_64&device=android&platform=Linux%20x86_64&referrerUrl=https%3A%2F%2Fgoogle-buka.xyz%2F%3Ft%3D1%26p0_android%3D1jgueef2%26p0_ios%3D1jufsfk4%26p1%3D99d73_campaign%26p2%3D123%26p3%3D99d73_adgroup%26p4%3D123%26p5%3D99d73_creative%26p6%3D123%26channelCode%3Dguanwang&downloadLink=https%3A%2F%2Fapp.adjust.com%2F1jgueef2%3Fcampaign%3D99d73_campaign%2528123%2529%26adgroup%3D99d73_adgroup%2528123%2529%26creative%3D99d73_creative%2528123%2529%26redirect%3Dhttps%253A%252F%252Fgoogle-buka.xyz%252F%253Ft%253D1%2526p0_android%253D1jgueef2%2526p0_ios%253D1jufsfk4%2526p1%253D99d73_campaign%2526p2%253D123%2526p3%253D99d73_adgroup%2526p4%253D123%2526p5%253D99d73_creative%2526p6%253D123%2526channelCode%253Dguanwang%26label%3Dguanwang

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/common/99d73-adjust-targetInstall.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwqqU%2FJbpzz8YBWb%2FHDioFfE%2BKoqeDAkvRP9ZMIiyxbfSh1lAW8Ahwq0IHqqwaoGecjAR9lGitsO%2Fo9wf7Phnor2ohZTrZvajMR9EzOukd2clwlrOXacTbHxEXOQhW149eGjSu1NvMtYwGFLI%2Bw%2BrRnFMw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=110129&min_rtt=109860&rtt_var=17652&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4196&recv_bytes=5016&delivery_rate=206&cwnd=12000&unsent_bytes=0&cid=9409af6bf7ffc61a&ts=486&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: application/json
priority: u=1,i
strict-transport-security: max-age=31536000
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining: 59
cf-ray: 8fcfafe4caee383d-FRA
access-control-allow-origin: *
x-ratelimit-limit: 60
server: cloudflare

GET s1.png
www.game-d73.com/resource/google/google-store/assets/image/ 0
0

GET s1-1.png
www.game-d73.com/resource/google/google-store/assets/image/ 0
0

GET
H3 200 s1-2.png
www.game-d73.com/resource/google/google-store/assets/image/ 14 KB
0 692ms
691ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1-2.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"670f537b-10ae2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIhiyYJC5gOVKLnOOh41QvjHIbPq9ezthr2Pju0afbfpY1TrehSM%2B3Y%2Bjn%2BKB2Zqz7qbACRfJr77a%2FcekCef7dloXryXeHaGZsN2b7cstnxDzWylJ7wDGG5cTn32rA2Gu3%2BH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafe559d0c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 05:47:39 GMT
vary: Accept-Encoding
server: cloudflare

GET s1-3.png
www.game-d73.com/resource/google/google-store/assets/image/ 0
0

GET
H3 200 s1-4.png
www.game-d73.com/resource/google/google-store/assets/image/ 30 KB
0 508ms
507ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1-4.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"670f537c-10ae2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YV5SHrj3Ub95WXRGGRqh0yoLAeqOvHuVn4r8VSifNXFCk5oYE%2FbikvqAxdGvjEZNUGgpFu%2BGLGjtyZryOBz%2FiEESZdsryBrJZuSzAVHtQ4uIHzJj22TIYsinObu9ujCLcah5"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafe559d1c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 05:47:40 GMT
vary: Accept-Encoding
server: cloudflare

GET s1-5.png
www.game-d73.com/resource/google/google-store/assets/image/ 0
0

GET
H3 200 indonesia.png
www.game-d73.com/resource/google/google-store/assets/image// 192 B
654 B 314ms
313ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image//indonesia.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "670f5372-c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9S6j%2Bpv35SlEMzjmHyFkgcdn6AQ6TryMQq4Q3JWUNhAg78pcyonDKt8U%2FPhGWdhkvcY6vmMsZy52BQPlCAORAE99BUrt0IMjHeRCP3zqarF2f%2F82i7NI5eH3MePFm2PoB%2Fy"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafe559d4c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 05:47:30 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 117ms
116ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://google-buka.xyz
Referer: https://www.game-d73.com/

Response headers

age: 403087
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 09:29:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 09:29:32 GMT
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15552
x-xss-protection: 0
server: sffe

GET s2.png
www.game-d73.com/resource/google/google-store/assets/image/ 0
0

GET s3.png
www.game-d73.com/resource/google/google-store/assets/image/ 0
0

GET s4.png
www.game-d73.com/resource/google/google-store/assets/image/ 0
0

GET s5.png
www.game-d73.com/resource/google/google-store/assets/image/ 0
0

GET s6.png
www.game-d73.com/resource/google/google-store/assets/image/ 0
0

GET
H3 200 s7.png
www.game-d73.com/resource/google/google-store/assets/image/ 38 KB
0 560ms
559ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s7.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"6777986a-5cd17"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBJ1vAPLlIoxngD8gGOh%2Fh2IK22Yc%2BZqzyBOt5V%2BjprzcBpB7EOn5O%2Fa4GFUQJt2UDfrZO%2F9qMbdmZHi9HuMv9Ygfr5eAoj1KYhUZ1SACui%2F5erhCk2ehzrYPto%2Ff7z3bzd1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafe569d8c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 07:57:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

200

Primary Request / Show response
google-buka.xyz/
Redirect Chain

https://app.adjust.com/1jgueef2?campaign=99d73_campaign%28123%29&adgroup=99d73_adgroup%28123%29&creative=99d73_creative%28123%29&redirect=https%3A%2F%2Fgoogle-buka.xyz%2F%3Ft%3D1%26p0_android%3D1jg...
https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

540 KB
0

0ms
0ms

Document
text/html

104.21.70.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Requested by: Host: www.game-d73.com
URL: https://www.game-d73.com/resource/common/99d73-adjust-targetInstall.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.70.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75feaabeed0a57d195ab7598149e624a7363bc3b31e1e582f973c707f5fd038

Request headers

Referer: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8fcfafdd8be37da0-TLV
content-encoding: zstd
content-type: text/html
date: Sun, 05 Jan 2025 01:27:38 GMT
last-modified: Fri, 03 Jan 2025 07:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77CZVQkUCaAnZzXAWuUJGjGzE17uECuy2wuQ3%2Fy9EcwbYJbCwOcDLqIGWxEJhJHTNj9nWWifMc2Y9TyLAH6DApolkkVsvTPSMyqfB9pw3aT%2FfjE694%2FmQFY%2Bl3EcnSFRRFo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=60756&min_rtt=60463&rtt_var=355&sent=46&recv=28&lost=0&retrans=0&sent_bytes=39129&recv_bytes=5712&delivery_rate=101223&cwnd=21600&unsent_bytes=0&cid=f29f8b3cea773b75&ts=2648&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UAm, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness
content-length: 218
content-type: text/html; charset=utf-8
date: Sun, 05 Jan 2025 01:27:39 GMT
location: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noindex

GET
H2 200 style.css
www.game-d73.com/resource/google/common/ 658 KB
0 887ms
731ms Stylesheet
text/css 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/google/common/style.css
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"673ff5f9-a4995"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QBSrweBYxxCam09mFcIl%2BRD0H%2FGLJrW0CTYSylNeOGMb7ElIcRQmK3O9aU1zfj0AAUK8Wbmvgjc6R%2FeFFeFZ7qi%2BeihMxm7AW1ZUWfXxFFijA5ZaLlrrlpnce5aczIIYP%2BX"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd4cf66c21d-TLV
expires: Sun, 05 Jan 2025 13:27:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4777&min_rtt=4732&rtt_var=101&sent=28&recv=26&lost=0&retrans=0&sent_bytes=17865&recv_bytes=2851&delivery_rate=2385185&cwnd=257&unsent_bytes=0&cid=2202c7a2bd851460&ts=737&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 03:09:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clipboard.min.js Show response
www.game-d73.com/resource/common/ 18 KB
0 689ms
534ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/clipboard.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"674fca1a-4950"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BbQbsB1Sfg7vNRVIawOZZqMoFslTLzOua3LlOxuZ%2FXZPHn06P6rbi81PzHa%2FhQ2uPKNYuIn9RXRWfAgM8dxgNnlRCWijgW1ZFPF9BQAjivfS7MlaKY9VB3GnXBpN68BFpHbN"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd4cf67c21d-TLV
expires: Sun, 05 Jan 2025 13:27:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4764&min_rtt=4732&rtt_var=779&sent=12&recv=18&lost=0&retrans=0&sent_bytes=4012&recv_bytes=2851&delivery_rate=799503&cwnd=254&unsent_bytes=0&cid=2202c7a2bd851460&ts=539&x=0"
date: Sun, 05 Jan 2025 01:27:36 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 qrcode.min.js Show response
www.game-d73.com/resource/common/ 19 KB
0 733ms
578ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/qrcode.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"674fca1a-4dd7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JElLVetAzuyZPkV9CPLQNI9QESNWl7lje5UZDsNL5EZ4v0hl6EXS%2FC7vYUuQvSZ1vftBfAVTgWbAXLOepgrnnxymqBLeId8NjBoW31U4SfSeeJgj6sN6FHFdCt7SKUrcIU0m"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd4cf68c21d-TLV
expires: Sun, 05 Jan 2025 13:27:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4780&min_rtt=4732&rtt_var=283&sent=19&recv=22&lost=0&retrans=0&sent_bytes=9534&recv_bytes=2851&delivery_rate=1817741&cwnd=257&unsent_bytes=0&cid=2202c7a2bd851460&ts=585&x=0"
date: Sun, 05 Jan 2025 01:27:36 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK import-scripts.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 9 KB
0 1104ms
370ms Script
application/javascript 52.95.179.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.66 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

x-amz-id-2: arya79aE2Ofn4HVz+H9kCSz9QpuKYEblOJkripAsMSpOgpCqINDFpUYykc3aZIh+H8OeG0Jmu2Q=
ETag: "0a718bb010a4bc901c45eba9dad3b0a2"
x-amz-request-id: WDBKCKBYTWXWP0T8
Accept-Ranges: bytes
Content-Length: 8988
Date: Sun, 05 Jan 2025 01:27:38 GMT
Last-Modified: Sun, 07 Jul 2024 03:32:15 GMT
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 alpine.3.x.x.min.js Show response
www.game-d73.com/resource/google/common/ 44 KB
0 766ms
766ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/google/common/alpine.3.x.x.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d284e695a6a5d8239e58c8b6e677e4130be213d92e25ffec0f4ce640d8995f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: MISS
etag: W/"674fe2ee-aee4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bev%2BssefWBRrIq9QfD7Ca5TSDx%2F8%2BcTxwrppnE9Nqvb4MU60DHKWbEZIl1PzUhyLAiUMbQvEf8GPMboCAOlCwjNAsNgjxL3F8TvPa3T8oTN%2BX4wjSItUTNRVBbVIeiedB%2BaX"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafe009a1c227-TLV
expires: Sun, 05 Jan 2025 13:27:38 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:38 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 05:04:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 email-decode.min.js Show response
www.game-d73.com/resource/common/ 1 KB
0 577ms
576ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/email-decode.min.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"674fca1a-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eU3LPv%2BTDO0JftertPA0luhCO3JjL66p6srYJFBW4cnZJmYXuMaVYjUnK%2BXF5w7rpSPKaJ9tzfGOGz511eLSAOU38YRAoIuPUD51CsOpQPMElz3sUz19DgzvLIpW%2BemiWar%2F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c0c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4980&min_rtt=4692&rtt_var=311&sent=124&recv=53&lost=0&retrans=0&sent_bytes=122559&recv_bytes=2851&delivery_rate=12790243&cwnd=283&unsent_bytes=0&cid=2202c7a2bd851460&ts=1001&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK adtid73.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/download-appd73/ 201 B
0 951ms
369ms Script
application/javascript 52.95.179.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/download-appd73/adtid73.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.179.66 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 918942fe4ae8bf4816a6c5c234a535a4fab9e85e0a8f88d3fa70b30b2a64ce0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

x-amz-id-2: Zi8pqkh2FQzaXt4VdIPwZyLqS48S5wqFgPOieYeCKxDHErhjNwAWWg9JL8BXJoTyvw6AoVySncI=
ETag: "8e3c4c328a411a9236c0d4cfbbcd9c94"
x-amz-request-id: WDBNND1YTKG4H67N
Accept-Ranges: bytes
Content-Length: 201
Date: Sun, 05 Jan 2025 01:27:38 GMT
Last-Modified: Thu, 02 Jan 2025 16:13:22 GMT
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 99d73-adjust-targetInstall.js Show response
www.game-d73.com/resource/common/ 12 KB
0 577ms
576ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/99d73-adjust-targetInstall.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3389039eba983f3b1f35aeae04d4127572ba4a8aceb9fe684e9bf7fd832d67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"676d1bd6-31bc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilNJg7OaR89DO5X1MpvIIPfO97mDzGSD8LkuRmwzom8splYBPjFXwuCvaDUa2bjZUMLOtk7CPW%2Fa6EEOWQ0K%2FLRwL0saBPF8RPdqww6IUULFEWCR4IGfCWgbnjUqpkrYyDwH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c1c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4917&min_rtt=4692&rtt_var=221&sent=127&recv=56&lost=0&retrans=0&sent_bytes=123729&recv_bytes=2851&delivery_rate=12790243&cwnd=286&unsent_bytes=0&cid=2202c7a2bd851460&ts=1012&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Thu, 26 Dec 2024 09:03:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 adti-advertise.v1.10.3.6.js Show response
www.game-d73.com/resource/common/ 14 KB
0 0ms
0ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/adti-advertise.v1.10.3.6.js?v=2
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"674fca1a-37ba"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMFIat%2F0OEnv7rwDwTZ5YzsRAgwI%2BfQgeAoC83LXiZLcX%2BM21yVsUiCZ2KHFaod11y%2FrV4Bk%2F2FBte4rHNZOldKDL7TIaTlkWwK8COo2i1L%2BxrgfGh37970eCs5ZHizcqjvJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c2c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4777&min_rtt=4692&rtt_var=17&sent=118&recv=50&lost=0&retrans=0&sent_bytes=117159&recv_bytes=2851&delivery_rate=12790243&cwnd=277&unsent_bytes=0&cid=2202c7a2bd851460&ts=984&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 servers.js Show response
www.game-d73.com/resource/common/ 477 B
0 0ms
0ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/servers.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"674fca1a-1dd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68IRu%2BVJj9CiwlLuW5cN5T8L4vD2pBEf43RFZDnSmzkyoIPs0qRjHl%2F2RMmkOMSehdubv48zkEW8Max3c50MRqASgWOGLTo6v0n5DMTlGOkFKsHTFKhYSanGgWseIWPeO6LY"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c3c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4776&min_rtt=4692&rtt_var=20&sent=116&recv=46&lost=0&retrans=0&sent_bytes=116412&recv_bytes=2851&delivery_rate=12790243&cwnd=273&unsent_bytes=0&cid=2202c7a2bd851460&ts=962&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 03:18:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 d73-targetInstall.js Show response
www.game-d73.com/resource/common/ 463 B
0 1ms
1ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.game-d73.com/resource/common/d73-targetInstall.js
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3645239de2ef67d1735857af148ae89c4d55f5ab5bd82e4ae24eedec7b0a1099

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67768170-1cf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nti0WHNZSv3UDH65nJlWOmYmUXm%2FdpZ05fav3xlWx1vo26FkpsRwCKC22LnAAl%2FbHD8WgHgwhOOoEjRoBrCjk0ApQjH5vgpOSZOpI2z8BNhrV5whkRqS4B%2FTnWtbocy9Nt0M"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafd798c4c21d-TLV
expires: Sun, 05 Jan 2025 13:27:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4783&min_rtt=4732&rtt_var=37&sent=114&recv=33&lost=0&retrans=0&sent_bytes=115538&recv_bytes=2851&delivery_rate=7520032&cwnd=257&unsent_bytes=0&cid=2202c7a2bd851460&ts=958&x=0"
date: Sun, 05 Jan 2025 01:27:37 GMT
content-type: application/javascript
last-modified: Thu, 02 Jan 2025 12:07:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ 2 KB
0 369ms
115ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

fife /

Resource Hash

fa8124ac4fe21c49f2bb4373761e0550e03306f125522ef08a114288fb74e8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v18"
age: 10289
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:36:08 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 2384
x-xss-protection: 0
server: fife

GET
H2 200 _KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ 222 B
0 359ms
115ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1271
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 01:06:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 01:06:26 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 222
x-xss-protection: 0
server: fife

GET
H2 200 iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 200 B
0 356ms
112ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 7524
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 23:22:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 23:22:13 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 244 B
0 359ms
115ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 7524
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 23:22:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 23:22:13 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 244
x-xss-protection: 0
server: fife

GET
H2 200 W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 200 B
0 357ms
114ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 12405
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:00:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:00:52 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 200
x-xss-protection: 0
server: fife

GET
H2 200 ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 164 B
0 358ms
114ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 9082
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:56:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:56:15 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 164
x-xss-protection: 0
server: fife

GET
H2 200 ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
play-lh.googleusercontent.com/a-/ 454 B
0 326ms
116ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v69"
age: 9997
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:41:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:41:00 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 454
x-xss-protection: 0
server: fife

GET
H2 200 ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
play-lh.googleusercontent.com/a/ 302 B
0 115ms
113ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "v0"
age: 6521
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 23:38:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 23:38:57 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 302
x-xss-protection: 0
server: fife

GET
H2 200 ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
play-lh.googleusercontent.com/a-/ 1 KB
0 113ms
112ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw

Requested by

Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

fife /

Resource Hash

caeddda7eda7f1e46ca3158f3aee127ac02e60a9e414d0eaa4ba169d0173a4c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

access-control-expose-headers: Content-Length
etag: "vc"
age: 12399
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 22:00:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 22:00:59 GMT
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1124
x-xss-protection: 0
server: fife

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
0 291ms
167ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 420473
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 04:39:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 04:39:44 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
0 117ms
116ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 403087
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 09:29:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 09:29:32 GMT
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15552
x-xss-protection: 0
server: sffe

GET
H3 200 kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 159 KB
0 116ms
116ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 212265
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 02 Jan 2026 14:29:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 02 Jan 2025 14:29:53 GMT
last-modified: Thu, 25 Aug 2022 00:15:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 162924
x-xss-protection: 0
server: sffe

GET
H3 200 Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ 227 KB
0 115ms
115ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 255506
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 02 Jan 2026 02:29:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 02 Jan 2025 02:29:12 GMT
last-modified: Mon, 08 May 2023 17:53:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 232676
x-xss-protection: 0
server: sffe

GET
H3 200 4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ 24 KB
0 328ms
203ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2

Requested by

Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 314191
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 01 Jan 2026 10:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 01 Jan 2025 10:11:06 GMT
last-modified: Tue, 23 Feb 2021 01:47:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24652
x-xss-protection: 0
server: sffe

GET
H2 200 / Show response
api.ipify.org/ 22 B
251 B 198ms
198ms Fetch
application/json 104.26.13.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.game-d73.com
URL: https://www.game-d73.com/resource/common/99d73-adjust-targetInstall.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee2a62def34df2f11b66161b43c9d157fb2badb5c3a13f9c99cd05ec546e4bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8fcfafea6853d2f2-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=52536&min_rtt=52372&rtt_var=3596&sent=18&recv=18&lost=0&retrans=0&sent_bytes=4724&recv_bytes=2359&delivery_rate=73748&cwnd=257&unsent_bytes=0&cid=9096bdd8d046952f&ts=2007&x=0"
content-length: 22
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f71af8552721204ec103ce2cbd9d2429bded26caa85d5bbddeb541d06b50fc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

Content-Type: image/png

GET

https://new.cnzz.com/v1/login.php?siteid=1281399884
https://uweb.umeng.com/v1/login.php?siteid=1281399884

0
0

GET
H3 200 indonesia.png
www.game-d73.com/resource/google/google-store/assets/image// 192 B
0 314ms
313ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image//indonesia.png
Requested by: Host: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/alpine.3.x.x.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "670f5372-c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9S6j%2Bpv35SlEMzjmHyFkgcdn6AQ6TryMQq4Q3JWUNhAg78pcyonDKt8U%2FPhGWdhkvcY6vmMsZy52BQPlCAORAE99BUrt0IMjHeRCP3zqarF2f%2F82i7NI5eH3MePFm2PoB%2Fy"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafe559d4c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 05:47:30 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 s1.png
www.game-d73.com/resource/google/google-store/assets/image/ 318 KB
310 KB 72ms
71ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b86627cbfe5ff10a439cf01b850fc77cb8a6431763ce1549cdcfea817245e74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6777986e-4f879"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aoc7qwXf3QMeiXchDmzYpew5B7sMwN0NgUPFUitAf1oynEbLuunEJBslRj4Dta4UkLmm%2F%2BDxzZ81zLaGINCFke%2F2S0UMg4CAU2Hf0Sn1K5KnQo6gAnxMEAw2zAA3Nhp76Mms"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafea9a0bc227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 07:57:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s1-1.png
www.game-d73.com/resource/google/google-store/assets/image/ 69 KB
70 KB 197ms
197ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1-1.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997ab389ed5439820bf00b3f0d736e9bf9a9db29a9a98fccbb77ca6359982858

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"670f537b-114ee"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8dNc%2Bbq7f5eyD%2Bzuo739oCpN4WRjptvCuCr0EIKAjx0Fsdk%2BD8h9id1HgPVcAU6%2BdgGngHjXItOyZsYzBcPEGkJDQTc4hJGp62eVKtynhzhkNCCmkGHv0KNnZ%2FT9tDfEMHrc"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafea9a0cc227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 05:47:39 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s1-2.png
www.game-d73.com/resource/google/google-store/assets/image/ 67 KB
67 KB 72ms
71ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1-2.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08874ea0e2673693bfb50621c6b5be89766927f7ce3cc35bfb21236b27e18ae2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"670f537b-10ae2"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raoTSsoCYXkoBi9fhreLvK2YYApedpEAgdm720d%2Bmt4AK7Z4s%2B84unJCz1ADrJZzrQdUhkCf%2BDmbLpx%2Fp7JHL7LDAs7e6pPTlAk7YJMfUI39vBrxD7IQmMGA9oblBxY%2Bm02E"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafea9a0dc227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 05:47:39 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s1-3.png
www.game-d73.com/resource/google/google-store/assets/image/ 70 KB
70 KB 72ms
72ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1-3.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9050730f0b0a1b5f0a65490ad7180758535229f494b96665f959854286c407

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"670f537c-1188c"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=StRyBBGLEBWrBzltjnNZSLipXcFgIU1BPYCxJUE7LBMh7AV9nNSRM%2BVXhH7AkDwOi0Ohin%2BqLdAmFKm9POZ8JNuU%2FJCCSPKdi4GzBbp4wutw9ukW5XwJhm%2F5XZXpUh9rt0%2BE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafea9a0ec227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 05:47:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s1-4.png
www.game-d73.com/resource/google/google-store/assets/image/ 67 KB
67 KB 196ms
196ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1-4.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08874ea0e2673693bfb50621c6b5be89766927f7ce3cc35bfb21236b27e18ae2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"670f537c-10ae2"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xo45pnTFytS3ZHrKpFWoTl6kBpvIpA9sjWneoXHNpGUBa5UWPRKMSKAGfPF8pT5MjlQfkQdJR2Qadx%2FH0Oy3innd3tQuJmuF3PyoWOURTP8PwDrTQTE3PXHySWZbWNWxbvif"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafea9a0fc227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 05:47:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s1-5.png
www.game-d73.com/resource/google/google-store/assets/image/ 69 KB
69 KB 196ms
196ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1-5.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bff64167baa23ec1556b6eab989291f17d982b0c50c591f2ca2f970942647986

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"670f537c-11442"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7kxfT5i5WrxG3J51G4N5n0%2F98gCSqt1J9WVKVU63d5FomvtH0o%2B8FoaIPsky8SnHGJhCKzNjpihxY7MeUXL%2FRefhm6PhzHk%2FstNd4GVNprmt2rzrnNA9A2eAcZpCVQJAnmZ4"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafea9a10c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 05:47:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s2.png
www.game-d73.com/resource/google/google-store/assets/image/ 331 KB
323 KB 125ms
124ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s2.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8357a7b56b1e3b0fc11ba77d8c74e9e18fd48e93e02d8352d6c2d19e37249dd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67779860-52a4d"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=drlHols3%2BZrhgTk5ybEi45kDJoYYyZvpytuXFfHB91ayJG6O6fr4kO9nXEcZJSbvmAtzo5LfFW1vpAnVH%2B3ntJN1A4O3eOZMaUgEzy58O0itWhrjX4pCevY4DLUkaGt47R4f"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafeaaa11c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 07:57:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s3.png
www.game-d73.com/resource/google/google-store/assets/image/ 394 KB
386 KB 125ms
125ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s3.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b07c05608d1a3bf57218c786cc50863c95ea6031c79995d7502b5d1569b681ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6777988b-628b8"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NSHj6dbAm%2FCO2t%2F5q1hEj3ufn9yQWxHhnISQUszgUHl%2BvEaX9B9gZe6u65yC3Cgl4lqoGCsezGcGAkXRs7Ln6PiocHTpfwLMWrb3mN6Q16yZhpJijnES8GfymU3tbiUECss%2F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafeaaa13c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 07:58:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s4.png
www.game-d73.com/resource/google/google-store/assets/image/ 342 KB
334 KB 126ms
125ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s4.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86afe0ddcdc7ef393cf066e2f3462846c192f257f7ddda9ad4729fb20fb335b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67779862-558d8"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A6d%2BOrXmMko7sRhl%2FcXIsVD2ob2OtkwmUBHKHvQ9I%2FIqNlITqydML4psnhzNdR4JvsJKf4%2BVWDxCJOGkb7iCboQsAGtr0LfZeu0OAm3%2FlDTEEbfu4CPbdgC1F8W5A0Hl7%2BqT"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafeaaa14c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 07:57:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s5.png
www.game-d73.com/resource/google/google-store/assets/image/ 283 KB
275 KB 126ms
126ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s5.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134c251869cdc5cd7d3350e1032742db284c6de1c63a984719e4c5af3bab8884

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67779865-46bfb"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AahrHbNQjXwZUs5qsRLl5czDrUFjHerfemtSeq9IMLG6jmaYVaMGA7qeAyfHYJ1Wd69GZTQMPAOfyKJHj2pO%2BOTuVNkXMvUaBru7AYE3sg9AOkkoc6XdgG22Dvo2seYEILZT"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafeaaa16c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 07:57:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s6.png
www.game-d73.com/resource/google/google-store/assets/image/ 408 KB
400 KB 141ms
140ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s6.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a29eb1b64f6aab495abb284d7608a59248bde0b6b6a9210bf1d24b143044d2d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67779868-65e8c"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jH2415u63ejr7cnR4noX24jbWGI0AJLkFf6CcFYX604xWoCXCS9OHMCxw4n8PR0QCCwTe%2B6oNAx1Ukr%2FYKZTnUnS37cuGRDtkM7C%2B%2FKK5vzv3HM0hwu48%2BafBsre9QmCqk2x"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafeaaa12c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 07:57:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 s7.png
www.game-d73.com/resource/google/google-store/assets/image/ 371 KB
364 KB 186ms
185ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.game-d73.com/resource/google/google-store/assets/image/s7.png
Requested by: Host: google-buka.xyz
URL: https://google-buka.xyz/?t=1&p0_android=1jgueef2&p0_ios=1jufsfk4&p1=99d73_campaign&p2=123&p3=99d73_adgroup&p4=123&p5=99d73_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc5e6bbaa5949a33be1225713d2c6b1d6bfba4b866d01ae2f4d3360c2ef1caeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6777986a-5cd17"
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIQ9SplY1dGN%2BHPJSs160QUQAppUnfx8tMHCrTYNZO33eeqTNIsu9BnnLH7WRUQn8yF288qSd%2F0ErJckYRsh5K0fIZ7WIGiSwAxwr0XaDePllKBkr53SIGqBpUIdaYw1dMv5"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fcfafeaaa15c227-TLV
expires: Tue, 04 Feb 2025 01:27:39 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 01:27:39 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 07:57:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 favicon_v3.ico
www.gstatic.com/android/market_images/web/ 4 KB
1 KB 359ms
115ms Other
image/x-icon 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/android/market_images/web/favicon_v3.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://google-buka.xyz/

Response headers

content-encoding: br
age: 326231
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Thu, 01 Jan 2026 06:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 01 Jan 2025 06:50:31 GMT
last-modified: Thu, 23 Jun 2022 19:28:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 841
x-xss-protection: 0
server: sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.game-d73.com
URL: https://www.game-d73.com/resource/google/common/alpine.3.x.x.min.js

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Domain: new.cnzz.com
URL: https://new.cnzz.com/v1/login.php?siteid=1281399884

Domain: www.game-d73.com
URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1.png

Domain: www.game-d73.com
URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1-1.png

Domain: www.game-d73.com
URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1-3.png

Domain: www.game-d73.com
URL: https://www.game-d73.com/resource/google/google-store/assets/image/s1-5.png

Domain: www.game-d73.com
URL: https://www.game-d73.com/resource/google/google-store/assets/image/s2.png

Domain: www.game-d73.com
URL: https://www.game-d73.com/resource/google/google-store/assets/image/s3.png

Domain: www.game-d73.com
URL: https://www.game-d73.com/resource/google/google-store/assets/image/s4.png

Domain: www.game-d73.com
URL: https://www.game-d73.com/resource/google/google-store/assets/image/s5.png

Domain: www.game-d73.com
URL: https://www.game-d73.com/resource/google/google-store/assets/image/s6.png

Domain: uweb.umeng.com
URL: https://uweb.umeng.com/v1/login.php?siteid=1281399884

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-tester.feiwindevelopment.com
api.ipify.org
app.adjust.com
appdv76.s3.ap-southeast-3.amazonaws.com
fonts.gstatic.com
google-buka.xyz
lh3.googleusercontent.com
new.cnzz.com
play-lh.googleusercontent.com
uweb.umeng.com
www.game-d73.com
www.gstatic.com
api.ipify.org
fonts.gstatic.com
new.cnzz.com
uweb.umeng.com
www.game-d73.com
104.21.44.182
104.21.48.1
104.21.70.45
104.26.13.205
142.250.184.195
142.250.185.131
142.250.74.214
185.151.204.8
216.58.206.33
52.95.179.66
08874ea0e2673693bfb50621c6b5be89766927f7ce3cc35bfb21236b27e18ae2
0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1
134c251869cdc5cd7d3350e1032742db284c6de1c63a984719e4c5af3bab8884
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ee2a62def34df2f11b66161b43c9d157fb2badb5c3a13f9c99cd05ec546e4bd
329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5
3389039eba983f3b1f35aeae04d4127572ba4a8aceb9fe684e9bf7fd832d67f5
3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689
3645239de2ef67d1735857af148ae89c4d55f5ab5bd82e4ae24eedec7b0a1099
4a29eb1b64f6aab495abb284d7608a59248bde0b6b6a9210bf1d24b143044d2d
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4b86627cbfe5ff10a439cf01b850fc77cb8a6431763ce1549cdcfea817245e74
4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b9050730f0b0a1b5f0a65490ad7180758535229f494b96665f959854286c407
5f71af8552721204ec103ce2cbd9d2429bded26caa85d5bbddeb541d06b50fc9
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
6d284e695a6a5d8239e58c8b6e677e4130be213d92e25ffec0f4ce640d8995f4
7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
8357a7b56b1e3b0fc11ba77d8c74e9e18fd48e93e02d8352d6c2d19e37249dd3
857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba
86afe0ddcdc7ef393cf066e2f3462846c192f257f7ddda9ad4729fb20fb335b4
89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
918942fe4ae8bf4816a6c5c234a535a4fab9e85e0a8f88d3fa70b30b2a64ce0f
997ab389ed5439820bf00b3f0d736e9bf9a9db29a9a98fccbb77ca6359982858
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a
b07c05608d1a3bf57218c786cc50863c95ea6031c79995d7502b5d1569b681ee
bc5e6bbaa5949a33be1225713d2c6b1d6bfba4b866d01ae2f4d3360c2ef1caeb
bff64167baa23ec1556b6eab989291f17d982b0c50c591f2ca2f970942647986
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
caeddda7eda7f1e46ca3158f3aee127ac02e60a9e414d0eaa4ba169d0173a4c6
d75feaabeed0a57d195ab7598149e624a7363bc3b31e1e582f973c707f5fd038
de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec
f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1
f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875
fa8124ac4fe21c49f2bb4373761e0550e03306f125522ef08a114288fb74e8c9

google-buka.xyz Open in urlscan Pro 104.21.70.45 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

86 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

10 IPs

4 Countries

3274 kBTransfer

7740 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

google-buka.xyz Open in urlscan Pro
104.21.70.45 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

86 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

10
IPs

4
Countries

3274 kB
Transfer

7740 kB
Size

0
Cookies

110 HTTP transactions
6 data transactions