urlscan.io logo urlscan.io
SecurityTrails logo

google-pax.xyz Open in urlscan Pro
172.67.192.244  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://google-pax.xyz/
Submission Tags: falconsandbox
Submission: On December 06 via api from US — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 7 domains to perform 41 HTTP transactions. The main IP is 172.67.192.244, located in United States and belongs to CLOUDFLARENET, US. The main domain is google-pax.xyz.
TLS certificate: Issued by WE1 on December 4th 2024. Valid for: 3 months.
This is the only time google-pax.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

IP Address AS Autonomous System
1 172.67.192.244 13335 (CLOUDFLAR...)
21 188.114.97.3 13335 (CLOUDFLAR...)
2 52.95.179.66 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
5 142.250.186.131 15169 (GOOGLE)
1 2 59.82.112.112 37963 (ALIBABA-C...)
1 142.250.186.35 15169 (GOOGLE)
41 9
1    172.67.192.244 (United States)

ASN13335 (CLOUDFLARENET, US)
google-pax.xyz
21    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.game-s80.com
2    52.95.179.66 (Jakarta, Indonesia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com
appdv76.s3.ap-southeast-3.amazonaws.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
8    2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com
5    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
fonts.gstatic.com
2    59.82.112.112 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
new.cnzz.com
uweb.umeng.com
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
Domain Requested by
21 www.game-s80.com google-pax.xyz
8 play-lh.googleusercontent.com google-pax.xyz
5 fonts.gstatic.com www.game-s80.com
2 appdv76.s3.ap-southeast-3.amazonaws.com google-pax.xyz
1 www.gstatic.com
1 uweb.umeng.com google-pax.xyz
1 new.cnzz.com 1 redirects
1 lh3.googleusercontent.com google-pax.xyz
1 google-pax.xyz
41 9

This site contains no links.

Subject Issuer Validity Valid
google-pax.xyz
WE1		 2024-12-04 -
2025-03-04		 3 months crt.sh
game-s80.com
WE1		 2024-12-03 -
2025-03-03		 3 months crt.sh
*.s3.ap-southeast-3.amazonaws.com
Amazon RSA 2048 M01		 2024-10-20 -
2025-09-30		 a year crt.sh
*.googleusercontent.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
edgestatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://google-pax.xyz/
Frame ID: 091A8E1BCA3E037EE9D1339B7382EAD9
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

s80 – Apps on Google Play

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Page Statistics

41
Requests

95 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

9
IPs

5
Countries

3404 kB
Transfer

4512 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://new.cnzz.com/v1/login.php?siteid=1281397231 HTTP 302
  • https://uweb.umeng.com/v1/login.php?siteid=1281397231

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
google-pax.xyz/ 		540 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29d4b9cccea2807d52bae92e092395d1d986a72650db06ab1d6dbfbf41f1b970

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ed9957d0e195cbd-KEF
content-encoding
zstd
content-type
text/html
date
Fri, 06 Dec 2024 04:38:00 GMT
last-modified
Thu, 05 Dec 2024 05:25:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jy9LY2wYwIDGm6jOR2Eqyiyz5NZjbEk930ktM9gjpjh8RVBBN7gH0BpFn%2FHuMzw6nxp1xGEiUJ8ep4TsTPB3NFh8gXUGtrq%2BMMH6ilz%2Fye7CEM2DliK5LTNMh%2FyV0M6ifw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=88488&min_rtt=88396&rtt_var=14080&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4124&recv_bytes=4486&delivery_rate=246&cwnd=12000&unsent_bytes=0&cid=2efaf617c173bc5f&ts=524&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
style.css
www.game-s80.com/resource/google/common/ 		658 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/google/common/style.css
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"673ff5f9-a4995"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6BruUi1uam0Hs80VAohC99iFeVCLrgbxlmGPq9vWvtdA8%2ByqV7KRFsAa4nXIEBfOVs%2B9UzSx7rypyte7yV7g86G2O7rW0ewE0Vbi1zW4TNaORB2OGeuafLgY0esbuqBHjkE3"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 16:38:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=116878&min_rtt=88294&rtt_var=34090&sent=26&recv=24&lost=0&retrans=0&sent_bytes=18377&recv_bytes=6859&delivery_rate=37707&cwnd=20400&unsent_bytes=0&cid=010319f8e290746c&ts=626&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:01 GMT
content-type
text/css
last-modified
Fri, 22 Nov 2024 03:09:45 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958109325cc6-KEF
server
cloudflare
clipboard.min.js
www.game-s80.com/resource/common/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/clipboard.min.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"674fca1a-4950"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4W%2F1vLEjKk1%2BDzHkCaKla7KYZjOXa1DHz1OLM6mI62J8s1%2BhJIuosg4JH9d%2FhTzzcoHXFylSeGEcqG3po8NwKqs6LnlWEtPL7XFASTvERueWil1aOM%2BGFmD0wvHKiUCUMnl2"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 16:38:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=88491&min_rtt=88294&rtt_var=14161&sent=21&recv=17&lost=0&retrans=0&sent_bytes=12839&recv_bytes=6557&delivery_rate=247&cwnd=12000&unsent_bytes=0&cid=010319f8e290746c&ts=448&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:01 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 03:18:50 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958109335cc6-KEF
server
cloudflare
qrcode.min.js
www.game-s80.com/resource/common/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/qrcode.min.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"674fca1a-4dd7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJYPPDN4BLKYdR4RnK9RFoB6vPdyTV%2F79J2a%2Fhr%2FtA5JKYoCQw%2B%2FZzfAng7CNXdFTddQW5liRVseaXGZNGGtfva%2F0URS3nBrn2PFwPxFhn9O7oiye2Fi%2FMYtHGDtKu1GAaAU"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 16:38:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=88491&min_rtt=88294&rtt_var=14161&sent=13&recv=17&lost=0&retrans=0&sent_bytes=4182&recv_bytes=6557&delivery_rate=247&cwnd=12000&unsent_bytes=0&cid=010319f8e290746c&ts=447&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:01 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 03:18:50 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958109345cc6-KEF
server
cloudflare
import-scripts.js
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.95.179.66 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

x-amz-id-2
GdnWkUTiHm8mHfhlSm4SM8EKm7FrFuHWvQgRFkA5Uns8zPuWqlPGfFcMfneApJUVUgON2a2y+go=
ETag
"0a718bb010a4bc901c45eba9dad3b0a2"
x-amz-request-id
83R9X548NCNBSG31
Accept-Ranges
bytes
Content-Length
8988
Date
Fri, 06 Dec 2024 04:38:03 GMT
Last-Modified
Sun, 07 Jul 2024 03:32:15 GMT
Content-Type
application/javascript; charset=utf-8
Server
AmazonS3
x-amz-server-side-encryption
AES256
alpine.3.x.x.min.js
www.game-s80.com/resource/google/common/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/google/common/alpine.3.x.x.min.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d284e695a6a5d8239e58c8b6e677e4130be213d92e25ffec0f4ce640d8995f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fe2ee-aee4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SU6FUxi9TnZc4oEMHVtCR6mKb4%2BSTZ0j0iw3wqzPf0NyeMP30R9pN%2FvHJfxww3wA6O8g1%2BGi4UdXQpMrUP7WF%2Bo2jcjY%2FE9SotFoapE5LBb08%2BweBGUBVutG2VIXj%2BKUS1SI"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 16:38:02 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=92894&min_rtt=88294&rtt_var=3536&sent=136&recv=70&lost=0&retrans=0&sent_bytes=137483&recv_bytes=9116&delivery_rate=240772&cwnd=61500&unsent_bytes=0&cid=010319f8e290746c&ts=1804&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:02 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 05:04:46 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958879ec5cc6-KEF
server
cloudflare
email-decode.min.js
www.game-s80.com/resource/common/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/email-decode.min.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fca1a-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEKhF03%2FcqVlNPSFS0OW5KbOlh2yjgsNuWfCFPfNHtU%2BN9hxrT6dDWVgviDOFyJtWfOlVdXR%2BKZRI3aoLDid4L1byc3F22EBY7jWDogTrF2wp2Nn4hsC%2F%2BCsZOWEjUL9kqPb"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 16:38:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=98394&min_rtt=88294&rtt_var=17103&sent=53&recv=32&lost=0&retrans=0&sent_bytes=50475&recv_bytes=7203&delivery_rate=216653&cwnd=27600&unsent_bytes=0&cid=010319f8e290746c&ts=738&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:01 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 03:18:50 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed99582d9685cc6-KEF
server
cloudflare
adtiS80.js
appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/ 		201 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appdv76.s3.ap-southeast-3.amazonaws.com/download-appS80/adtiS80.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.179.66 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
5d9640ff3d8426d4b43e140e036b20f1a8850e1cc60fe0a5450ae7ee4eab61e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

x-amz-id-2
eT80iqQWcnylL/ZeUyFdaBn6o3FER1VFR2IHUueVKKefZJfQWpXF4cndpbTymVUUWq3rknOJacc=
ETag
"125c186389868a86b0b46c53cca36727"
x-amz-request-id
83RDP54SJH9JFDNQ
Accept-Ranges
bytes
Content-Length
201
Date
Fri, 06 Dec 2024 04:38:03 GMT
Last-Modified
Fri, 06 Dec 2024 04:03:08 GMT
Content-Type
application/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
s80.com-adjust-targetInstall.js
www.game-s80.com/resource/common/ 		0
0
adti-advertise.v1.10.3.6.js
www.game-s80.com/resource/common/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/adti-advertise.v1.10.3.6.js?v=2
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fca1a-37ba"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sK8HcSUps2IzEZHd3guGROek3%2BRV5N4TgjRSLUVupW%2BzYZgU3RQhFymtDlkHRJSZSvWoAuQLJIO4HvFj7NL5d1MSP4TY%2BlpSkKucPvPzHsdeOehCmryr4KN7t9JRdjPx9YuD"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 16:38:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=97261&min_rtt=88294&rtt_var=15093&sent=61&recv=33&lost=0&retrans=0&sent_bytes=54760&recv_bytes=7247&delivery_rate=230194&cwnd=27600&unsent_bytes=0&cid=010319f8e290746c&ts=742&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:01 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 03:18:50 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed99582d96a5cc6-KEF
server
cloudflare
servers.js
www.game-s80.com/resource/common/ 		477 B
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/servers.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"674fca1a-1dd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxZDBaMsntT384MUO6sP8siaDiwmyyN%2B7IGYedJcXmHCjkMUS%2F4pXZVSqpfgDGNqOIMOd1hCs%2FatCjpeQ5KQ1w8I21l3AmrfG2%2BbvXgvPn6U5CK%2F%2FDKJVkjIpj3hTXuBL2oY"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 16:38:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=97261&min_rtt=88294&rtt_var=15093&sent=55&recv=33&lost=0&retrans=0&sent_bytes=51889&recv_bytes=7247&delivery_rate=230194&cwnd=27600&unsent_bytes=0&cid=010319f8e290746c&ts=741&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:01 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 03:18:50 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed99582d96b5cc6-KEF
server
cloudflare
s8-targetInstall.js
www.game-s80.com/resource/common/ 		463 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.game-s80.com/resource/common/s8-targetInstall.js
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bfbca4ff46b39f126945cffabce480e8f7d6c5da77354c62ee7e111929ac06a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"674fe137-1cf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jP%2BR6NaZJAF7WsEnJCYlmp45WNsrdKZnk%2BjlLoi7ZIXVRB4Q1Cx47idNlP299x%2FFHSAPcgfL%2BpGOOujuIcFULrHJMp8ZA80qpWrHFNebb8Kffcmavn2Ri1t3kcB7DVeSKBY1"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 16:38:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=97261&min_rtt=88294&rtt_var=15093&sent=57&recv=33&lost=0&retrans=0&sent_bytes=52896&recv_bytes=7247&delivery_rate=230194&cwnd=27600&unsent_bytes=0&cid=010319f8e290746c&ts=741&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:01 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 04:57:27 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed99582d96c5cc6-KEF
server
cloudflare
ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1899a841d86f48016031006062751e6fe16b1761b7f6a10df87c534d5e07f480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v18"
age
1951
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 04:05:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 04:05:31 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
2378
x-xss-protection
0
server
fife
_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ 		222 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
2488
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 03:56:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 03:56:34 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
222
x-xss-protection
0
server
fife
iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 		200 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
11457
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 01:27:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 01:27:05 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
200
x-xss-protection
0
server
fife
12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 		244 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
11457
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 01:27:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 01:27:05 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
244
x-xss-protection
0
server
fife
W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 		200 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10663
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 01:40:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 01:40:19 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
200
x-xss-protection
0
server
fife
ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 		164 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
5512
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 03:06:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 03:06:10 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
164
x-xss-protection
0
server
fife
4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
Requested by
Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://google-pax.xyz
Referer
https://www.game-s80.com/

Response headers

age
152816
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 10:11:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 10:11:06 GMT
last-modified
Tue, 23 Feb 2021 01:47:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24652
x-xss-protection
0
server
sffe
Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ 		227 KB
227 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
Requested by
Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://google-pax.xyz
Referer
https://www.game-s80.com/

Response headers

age
94227
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 02:27:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 02:27:35 GMT
last-modified
Mon, 08 May 2023 17:53:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
232676
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://google-pax.xyz
Referer
https://www.game-s80.com/

Response headers

age
259098
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 04:39:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 04:39:44 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
Requested by
Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://google-pax.xyz
Referer
https://www.game-s80.com/

Response headers

age
51252
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 14:23:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 14:23:50 GMT
last-modified
Thu, 25 Aug 2022 00:15:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
162924
x-xss-protection
0
server
sffe
ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
play-lh.googleusercontent.com/a-/ 		454 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/a-/ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v69"
age
11849
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 01:20:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 01:20:33 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
454
x-xss-protection
0
server
fife
ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
play-lh.googleusercontent.com/a/ 		302 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/a/ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"v0"
age
11849
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 01:20:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 01:20:33 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
302
x-xss-protection
0
server
fife
ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
play-lh.googleusercontent.com/a-/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/a-/ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
caeddda7eda7f1e46ca3158f3aee127ac02e60a9e414d0eaa4ba169d0173a4c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

access-control-expose-headers
Content-Length
etag
"vc"
age
11849
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 01:20:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 01:20:33 GMT
content-disposition
inline;filename="unnamed.webp"
content-type
image/webp
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
1124
x-xss-protection
0
server
fife
login.php
uweb.umeng.com/v1/
Redirect Chain
  • https://new.cnzz.com/v1/login.php?siteid=1281397231
  • https://uweb.umeng.com/v1/login.php?siteid=1281397231
57 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uweb.umeng.com/v1/login.php?siteid=1281397231
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H2
Server
59.82.112.112 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
b3169d4d64228398bc5c1e746b7ce270688ad1cee74ebcbc9e174701e941533e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
eagleeye-traceid
2106d9b117334598850641325e5e10
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Fri, 06 Dec 2024 04:38:05 GMT
content-type
text/html
vary
Accept-Encoding
server
Tengine

Redirect headers

strict-transport-security
max-age=31536000
location
https://uweb.umeng.com/v1/login.php?siteid=1281397231
timing-allow-origin
*
date
Fri, 06 Dec 2024 04:38:04 GMT
content-type
text/html
server
Tengine
eagleeye-traceid
2106d9b117334598843981274e5e10
s1.png
www.game-s80.com/resource/google/google-store/assets/image/ 		397 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8cdd6bbf7d39ad78b40e6fc34d827b808e698f2db056d9ade7143af2cc8cbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd167-6358f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcNTCzUXxL%2B0x6DPiJ0a2y3BZb%2F%2BvZbmvbt00PlDaOqvuHlezyIT90efWrQ9%2FdXNZezrGrsRM0JQhrenJmTCzdSv5EyrPGaW%2BomlxYxe3voeAReJT1ZGE1OnUYJhDL7s%2Fx8I"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=91984&min_rtt=88294&rtt_var=3553&sent=169&recv=84&lost=0&retrans=0&sent_bytes=172838&recv_bytes=13869&delivery_rate=30985&cwnd=61500&unsent_bytes=0&cid=010319f8e290746c&ts=2091&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:59 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a3e5cc6-KEF
server
cloudflare
s1-1.png
www.game-s80.com/resource/google/google-store/assets/image/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1-1.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa3a4fb49799cb0795d492704110dcdacf0edda8f7a85fb87e091302ec9e7aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd15e-9998"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=32ZU2YqcXZ7m5TBqyi6p7hWBi7VIMvFBEgRNNFx90WRLwB755D1P%2FD12wT3PMv%2Bpe4obsBWtfmAaO7Svhe%2Fgz9c%2FsoYUgqmB7ANTpkKUOdygkOOuPdvZo8UNjW4kVzLs%2BZ2%2F"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=90614&min_rtt=88294&rtt_var=1606&sent=299&recv=93&lost=0&retrans=0&sent_bytes=324412&recv_bytes=14270&delivery_rate=689647&cwnd=74700&unsent_bytes=0&cid=010319f8e290746c&ts=2427&x=1", cfExtPri, cfHdrFlush;dur=10
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:50 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a3f5cc6-KEF
server
cloudflare
s1-2.png
www.game-s80.com/resource/google/google-store/assets/image/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1-2.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5333da32d9b419aed5594426c8bc40f8c015eeb5dd0d65e3362b15097bbc04e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd15e-a964"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hzvgvbVtL1c4I%2F%2BpbIChxoW9cobvZ7z9HwBDc8QmOX87ixK0PWXL429Z1%2B%2BdiHD9ntq%2FKHInAIEnZSpG8ZbZ8lTnvFZfsUPv%2BfBziVyLmC%2F7M0XyncixXA51bpyv0fC0A6K5"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=91984&min_rtt=88294&rtt_var=3553&sent=156&recv=84&lost=0&retrans=0&sent_bytes=157452&recv_bytes=13869&delivery_rate=30985&cwnd=61500&unsent_bytes=0&cid=010319f8e290746c&ts=2090&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:50 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a405cc6-KEF
server
cloudflare
s1-3.png
www.game-s80.com/resource/google/google-store/assets/image/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1-3.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da90e5cf63e5f3c359f32d5394bbfe06e0f76aa827cfffdb7e586dd3de912ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd161-a336"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2B2AzwIA6n%2BWJRykwutScA8LsCKD3Lo8wImMj2y2GUPGgaskvnuCIg28wdbR%2B14rB42%2FfJbEzBjDsMWHU%2Fqc%2BiwKqNwdkFoh%2BQbWZfM1psUEx8kHujhoNgkTQleCIKPc1ASx"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=90614&min_rtt=88294&rtt_var=1606&sent=299&recv=93&lost=0&retrans=0&sent_bytes=324412&recv_bytes=14270&delivery_rate=689647&cwnd=74700&unsent_bytes=0&cid=010319f8e290746c&ts=2426&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:53 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a415cc6-KEF
server
cloudflare
s1-4.png
www.game-s80.com/resource/google/google-store/assets/image/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1-4.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b936cdd00acf6f38a000454b62b105d7e87d83cc884237ddc1e218672a9e6ce6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd164-a314"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6tG6VRLsbAlPXwSX9v%2F93jVQPz4rf8TbqrZUFfAl7rU6XceeAzQkKrVzlHx08pMTI0TVwiXv8j%2Fwq9eB8MQTpefEExcq0VgIwGSZugFuIepe6%2B5v2Mi1S4W%2FJCxWHBk%2BpQMU"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=91949&min_rtt=88294&rtt_var=1981&sent=210&recv=87&lost=0&retrans=0&sent_bytes=221673&recv_bytes=14002&delivery_rate=118084&cwnd=61500&unsent_bytes=0&cid=010319f8e290746c&ts=2258&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:56 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a425cc6-KEF
server
cloudflare
s1-5.png
www.game-s80.com/resource/google/google-store/assets/image/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s1-5.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d32e712cff91d7ea3b1b44f55bf269b0a88310d25f0fb7788c6f14a56cfd425

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd165-9ffa"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVs%2BPSnVsrhXLuzOthSzkGMXdmiWrRORikDxB2sFSiR6U9KESe9CWdPrVURNi2%2FDDmcrBOINprP%2F32lyUJTycneVPu6iDDq0OEefbE4UvQewvCJqUJl1drCCTxVLyogw%2FCcQ"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=90614&min_rtt=88294&rtt_var=1606&sent=299&recv=93&lost=0&retrans=0&sent_bytes=324412&recv_bytes=14270&delivery_rate=689647&cwnd=74700&unsent_bytes=0&cid=010319f8e290746c&ts=2429&x=1", cfExtPri, cfHdrFlush;dur=8
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:57 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a435cc6-KEF
server
cloudflare
indonesia.png
www.game-s80.com/resource/google/google-store/assets/image// 		192 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image//indonesia.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

cf-cache-status
MISS
etag
"674fd15c-c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2jQAhR0s5XZaq3EqNpffIqeOAZwpnPfNV3uj%2FSf0xF6OJtbX2M7%2Ff7BIY8T2W%2BGeQeQC5iChfXumyTs1HFK3wdvQCwJ6WBRO304RuAIixOJ5PdmsuM3oTuxMwTo0H%2BWVX2l"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=91984&min_rtt=88294&rtt_var=3553&sent=155&recv=84&lost=0&retrans=0&sent_bytes=156550&recv_bytes=13869&delivery_rate=30985&cwnd=61500&unsent_bytes=0&cid=010319f8e290746c&ts=2088&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:49:48 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a445cc6-KEF
accept-ranges
bytes
content-length
192
server
cloudflare
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.game-s80.com
URL: https://www.game-s80.com/resource/google/common/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://google-pax.xyz
Referer
https://www.game-s80.com/

Response headers

age
275565
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 00:05:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 00:05:17 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
s2.png
www.game-s80.com/resource/google/google-store/assets/image/ 		361 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s2.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83950eabc8cecf94289cb9a6980ab85ee0c8f4193b2a7326fbb161a00f72dc3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd178-5a4d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4xbpG621tJ2QtyRtykK034G15zAlLIzPfczg6V1ZXt8WLClHzSSt8BmB8Rdez3qkSKLpeCrUUrUbRRq98W4w0QxdPPC%2FZp41v0S70H%2BNkgMhFC5D3deNXufoNL%2BTt%2BA5nTl"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=90614&min_rtt=88294&rtt_var=1606&sent=299&recv=93&lost=0&retrans=0&sent_bytes=324412&recv_bytes=14270&delivery_rate=689647&cwnd=74700&unsent_bytes=0&cid=010319f8e290746c&ts=2432&x=1", cfExtPri, cfHdrFlush;dur=5
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:50:16 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a455cc6-KEF
server
cloudflare
s3.png
www.game-s80.com/resource/google/google-store/assets/image/ 		393 KB
394 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s3.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1abc5a4c235d0d75f9c3d59394ac3d3e20a053597498724c1dc677d343ba29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd17f-625fc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rXYX6rDanboOLQlny2BqkXw%2FR9v%2BtpCw4sehVkVLBKoAvR8AhfPpMnwWi9ysCzl2MtkeeR%2Brqw4s3RwoRZa8M15BePK5ECR8EYAlzRS2U8VMNt%2BHbtP8MGvP%2BOoFAHyRlSBm"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=90614&min_rtt=88294&rtt_var=1606&sent=299&recv=93&lost=0&retrans=0&sent_bytes=324412&recv_bytes=14270&delivery_rate=689647&cwnd=74700&unsent_bytes=0&cid=010319f8e290746c&ts=2437&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:50:23 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a465cc6-KEF
server
cloudflare
s4.png
www.game-s80.com/resource/google/google-store/assets/image/ 		335 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s4.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df64210b09856bee73cd3619b65a7cebc06e3c1b069191f61da56eb9e588e75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd18c-53a33"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2Fbc%2BgkdThvDAmY3hN1COYylczbLaTBxLhso5W6%2Fdkx1zMIMCiGfLf%2F07XtED539oOJodwZjtYVCX4jCDwhtWfpbCRBlLErAmlcQRRnK9hJmaKGl9ogkBh5riT%2BMnaS4UgIJ"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=90614&min_rtt=88294&rtt_var=1606&sent=299&recv=93&lost=0&retrans=0&sent_bytes=324412&recv_bytes=14270&delivery_rate=689647&cwnd=74700&unsent_bytes=0&cid=010319f8e290746c&ts=2435&x=1", cfExtPri, cfHdrFlush;dur=2
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:50:36 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a485cc6-KEF
server
cloudflare
s5.png
www.game-s80.com/resource/google/google-store/assets/image/ 		321 KB
322 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s5.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e82303a87da5e17a15d76495d64009b3142f6da67885ab861b9f88de0dae625d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd195-5030b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bwjBV%2FmRjL4bygI1H0nryI%2BVo6QmBFinPbYUUBezIS0hiKP%2FZrGudR66ym9a6IeiPYgfmYcciEzlDz6LgeQLKnG1Ay%2FJL%2FXpIzMgmWgW5mexCQKG6B0CTLNljaOlOQy5m7Eg"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=90518&min_rtt=88294&rtt_var=504&sent=387&recv=99&lost=0&retrans=0&sent_bytes=429810&recv_bytes=14540&delivery_rate=806547&cwnd=109500&unsent_bytes=0&cid=010319f8e290746c&ts=2448&x=1", cfExtPri, cfHdrFlush;dur=12
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:50:45 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a495cc6-KEF
server
cloudflare
s6.png
www.game-s80.com/resource/google/google-store/assets/image/ 		407 KB
408 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s6.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad67b8fe552cf64c2c61b653e497ba4a41e96e16eb77845fc287034fde7222fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd1a4-65dc7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xrRCMCdvxWp298%2BmQPvSmhEm%2F7Z4iP4Uf0P1L6Bp5FYetcusiUsuOZ3YEj8N9Yl0qlQfiUIK4%2BerpU7qoukBcSpIPL9X2AWTN%2Bdfmwh5AGy%2BerVOh6CIb5IvR5jCiZZFk38E"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=91949&min_rtt=88294&rtt_var=1981&sent=234&recv=87&lost=0&retrans=0&sent_bytes=249712&recv_bytes=14002&delivery_rate=118084&cwnd=61500&unsent_bytes=0&cid=010319f8e290746c&ts=2268&x=1", cfExtPri, cfHdrFlush;dur=79
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:51:00 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a4a5cc6-KEF
server
cloudflare
s7.png
www.game-s80.com/resource/google/google-store/assets/image/ 		341 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.game-s80.com/resource/google/google-store/assets/image/s7.png
Requested by
Host: google-pax.xyz
URL: https://google-pax.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df938ea3887aaedd1731b93a33cb2fa66a195bc0e90b686ce019893e74571e34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"674fd1ab-552dc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TFe0%2F8TbAbIhzGfn2tMu8LMXL%2FkeBhBz1h%2FdZ81JTDjXyshv%2BJrB8%2FObvhxzGME5QeRZbV1wXtSQ0KLgead4eoh1xMgGPmYiKPBxNXJwMo%2BxSPS2mHYze5MpTV8OP0e2IFHd"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 04:38:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=90614&min_rtt=88294&rtt_var=1606&sent=299&recv=93&lost=0&retrans=0&sent_bytes=324412&recv_bytes=14270&delivery_rate=689647&cwnd=74700&unsent_bytes=0&cid=010319f8e290746c&ts=2435&x=1", cfExtPri, cfHdrFlush;dur=2
date
Fri, 06 Dec 2024 04:38:03 GMT
content-type
image/png
last-modified
Wed, 04 Dec 2024 03:51:07 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed9958c6a4b5cc6-KEF
server
cloudflare
favicon_v3.ico
www.gstatic.com/android/market_images/web/ 		4 KB
866 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/android/market_images/web/favicon_v3.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://google-pax.xyz/

Response headers

content-encoding
br
age
134240
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 15:20:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 15:20:45 GMT
last-modified
Thu, 23 Jun 2022 19:28:00 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
841
x-xss-protection
0
server
sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.game-s80.com
URL
https://www.game-s80.com/resource/common/s80.com-adjust-targetInstall.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ClipboardJS function| QRCode object| urlParams object| downloadLink function| copyText object| servers string| apklink string| ioslink object| data object| _czc object| Alpine

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appdv76.s3.ap-southeast-3.amazonaws.com
fonts.gstatic.com
google-pax.xyz
lh3.googleusercontent.com
new.cnzz.com
play-lh.googleusercontent.com
uweb.umeng.com
www.game-s80.com
www.gstatic.com
www.game-s80.com
142.250.186.131
142.250.186.35
172.67.192.244
188.114.97.3
2a00:1450:4001:803::2001
2a00:1450:4001:827::2016
52.95.179.66
59.82.112.112
0d6c0f25b9c430100e7803868cf85c71bc2891d1d0ca66254404b9fb0eaa46e1
1899a841d86f48016031006062751e6fe16b1761b7f6a10df87c534d5e07f480
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29d4b9cccea2807d52bae92e092395d1d986a72650db06ab1d6dbfbf41f1b970
329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5
3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689
3bfbca4ff46b39f126945cffabce480e8f7d6c5da77354c62ee7e111929ac06a
3df64210b09856bee73cd3619b65a7cebc06e3c1b069191f61da56eb9e588e75
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6
5333da32d9b419aed5594426c8bc40f8c015eeb5dd0d65e3362b15097bbc04e3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d9640ff3d8426d4b43e140e036b20f1a8850e1cc60fe0a5450ae7ee4eab61e6
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
6d284e695a6a5d8239e58c8b6e677e4130be213d92e25ffec0f4ce640d8995f4
7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118
7c8cdd6bbf7d39ad78b40e6fc34d827b808e698f2db056d9ade7143af2cc8cbe
7da90e5cf63e5f3c359f32d5394bbfe06e0f76aa827cfffdb7e586dd3de912ee
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
83950eabc8cecf94289cb9a6980ab85ee0c8f4193b2a7326fbb161a00f72dc3d
857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba
89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94
8aa3a4fb49799cb0795d492704110dcdacf0edda8f7a85fb87e091302ec9e7aa
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
8d32e712cff91d7ea3b1b44f55bf269b0a88310d25f0fb7788c6f14a56cfd425
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
a4ceb917e6fd8bff1a6e90fb001c5feea2f1b6a386f821431af448eb64f2209a
ad67b8fe552cf64c2c61b653e497ba4a41e96e16eb77845fc287034fde7222fc
b3169d4d64228398bc5c1e746b7ce270688ad1cee74ebcbc9e174701e941533e
b936cdd00acf6f38a000454b62b105d7e87d83cc884237ddc1e218672a9e6ce6
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
caeddda7eda7f1e46ca3158f3aee127ac02e60a9e414d0eaa4ba169d0173a4c6
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
dd1abc5a4c235d0d75f9c3d59394ac3d3e20a053597498724c1dc677d343ba29
de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec
df938ea3887aaedd1731b93a33cb2fa66a195bc0e90b686ce019893e74571e34
e82303a87da5e17a15d76495d64009b3142f6da67885ab861b9f88de0dae625d
f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1
f33963e44b8be2585e71361f16d21f86379407175b248cab2b1f5fda9aefb0b2
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875