Submitted URL: http://www.sa-mp.im/
Effective URL: https://sa-mp.im/
Submission: On April 27 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 26 HTTP transactions. The main IP is 104.21.65.197, located in and belongs to CLOUDFLARENET, US. The main domain is sa-mp.im.
TLS certificate: Issued by E1 on March 17th 2024. Valid for: 3 months.
This is the only time sa-mp.im was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
14 sa-mp.im
www.sa-mp.im
sa-mp.im
136 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
21 KB
3 thacrypte.com
thacrypte.com
3 MB
2 gstatic.com
fonts.gstatic.com
91 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
187 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 767
82 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
26 7
Domain Requested by
13 sa-mp.im sa-mp.im
code.jquery.com
3 thacrypte.com sa-mp.im
2 region1.google-analytics.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com sa-mp.im
www.google-analytics.com
2 www.googletagmanager.com sa-mp.im
www.google-analytics.com
1 code.jquery.com sa-mp.im
1 fonts.googleapis.com sa-mp.im
1 www.sa-mp.im 1 redirects
26 9

This site contains links to these domains. Also see Links.

Domain
forum.sa-mp.im
Subject Issuer Validity Valid
sa-mp.im
E1
2024-03-17 -
2024-06-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-08 -
2024-07-01
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-04-08 -
2024-07-01
3 months crt.sh
thacrypte.com
R3
2024-04-02 -
2024-07-01
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-04-08 -
2024-07-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://sa-mp.im/
Frame ID: 141B467940E16640F0A6DB12D0BB8529
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Italy Mafia Roleplay - News

Page URL History Show full URLs

  1. http://www.sa-mp.im/ HTTP 307
    https://www.sa-mp.im/ HTTP 301
    http://sa-mp.im/ HTTP 307
    https://sa-mp.im/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

3794 kB
Transfer

4512 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sa-mp.im/ HTTP 307
    https://www.sa-mp.im/ HTTP 301
    http://sa-mp.im/ HTTP 307
    https://sa-mp.im/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sa-mp.im/
Redirect Chain
  • http://www.sa-mp.im/
  • https://www.sa-mp.im/
  • http://sa-mp.im/
  • https://sa-mp.im/
14 KB
6 KB
Document
General
Full URL
https://sa-mp.im/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4912c72bdcb3f63a38901aba9dc64e2bddb98efc8a51d0d7124d3231b4a010b5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87b0db0d5e904d9e-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 27 Apr 2024 18:25:31 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h70uEUs%2BhGa6WUSvu0WuW1YbKb5HmNjda8sfqOcD0maxsIKRpRRZFL4UZTRkZSts0%2FyMFjV%2BMTinP%2B1PYetvagAwSfE%2B6JeumlnOmYZejptyewZsVGo%2FIZ6APg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://sa-mp.im/
Non-Authoritative-Reason
HttpsUpgrades
mhtHbrAB-gtNJ6X6jPbzHFHvCP4.js
sa-mp.im/cdn-cgi/apps/head/
6 KB
3 KB
Script
General
Full URL
https://sa-mp.im/cdn-cgi/apps/head/mhtHbrAB-gtNJ6X6jPbzHFHvCP4.js
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f7cfc8b20798f6c74062f7b2a3a945e25f275d603c28eee6bc9e61d2dbc756

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
x-amz-version-id
vRzs4riVpvKFAwXaqs0rpew4EWFd9yu8
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1572WJ9456ZX8Y6R
age
111912
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nYmJQ8Ne4RxQFkC1H5h7nnV/24FeIRnL54x9FbhlU9Z0A0esyZf5DVaExpzkRl6Ch9DcP5KrFL0=
last-modified
Sat, 13 Apr 2024 16:28:59 GMT
server
cloudflare
etag
W/"5740d29c82928d7cd63b74f1f27307b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKNdOUIYd6Z5q78JsnlGQO5MAgXPvkglHYwxVbzVfXrOswXBQv5%2F6bunhmV7mZ7lzS4kF%2Fm0FgOmfSULCmqQczRdgW3k8X5ohKEwi47teyXAAST8Q7IRDCIZxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
87b0db0e1fc54d9e-FRA
js
www.googletagmanager.com/gtag/
295 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R01G0R4BRM
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fbf22961727fc630559e8206daf36ac0dcf952a0fed8e4f35f373daa4daf1818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100608
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Apr 2024 18:25:31 GMT
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,600|PT+Sans:400,700
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc4ed7c428a6eb6c3529108a5d5a3568eba04fd377afc6dc803690c6e17ddf9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Apr 2024 18:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Apr 2024 18:25:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Apr 2024 18:25:31 GMT
style.css
sa-mp.im/assets/css/
72 KB
11 KB
Stylesheet
General
Full URL
https://sa-mp.im/assets/css/style.css?02bb5e8a9551cb85b93521c4dc95cf2bef71aba4
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680954e8e3b7c873ff24ac7a64d3cb7061bf88f178fa53e35e2efd45254ac955

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2023 23:46:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3569
etag
W/"654191ce-12087"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4CNGXFrSHPgGGyLTXAym1de9nFTJ2XkUTPf3h7FEQUG5PRNNYRn2h4uzp0q4mtV1IAMIHAx3liNZi%2BSsSmyYKWpvpzabhiJYvMn7jJ6w3CAduOJ4sGbYG%2BBKog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
87b0db0e1fca4d9e-FRA
alt-svc
h3=":443"; ma=86400
style.dark.css
sa-mp.im/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://sa-mp.im/assets/css/style.dark.css?35ba88a8f9e01b17db0f780e1e7ce2c1a68396b3
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99bb3da402ff8024c3e1a978f9417b6999cd6330513c9b9a0d71a949c14fe097

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 07:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3569
etag
W/"62b16e3c-bd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7OkEZd37yl3a6PGLpHM5E5IF0eCvNQ3N39UJA%2BB5Rbcob%2BzBDBdXw1UWpveCi%2BLZ53cg9hlmGsllPgDcgJjNbQleiKID3A%2FPVxVEwFR8D6L%2FtV5LBo2HHD60A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
87b0db0e1fcc4d9e-FRA
alt-svc
h3=":443"; ma=86400
72a7631420a2f489723e9bba.png
thacrypte.com/
1 MB
1 MB
Image
General
Full URL
https://thacrypte.com/72a7631420a2f489723e9bba.png
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.37.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.37.12.49.clients.your-server.de.37.12.49.in-addr.arpa
Software
/ Express
Resource Hash
bf65b69facdc7da49064b0888553a58b46be6505bf4b3a0032e3094d1abf8a20

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
last-modified
Sat, 03 Feb 2024 17:03:30 GMT
etag
W/"110d3b-18d6fecdb67"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1117499
b2cd9080e2591f694930b6fa.png
thacrypte.com/
1 MB
1 MB
Image
General
Full URL
https://thacrypte.com/b2cd9080e2591f694930b6fa.png
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.37.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.37.12.49.clients.your-server.de.37.12.49.in-addr.arpa
Software
/ Express
Resource Hash
b1e8b936e1e42ff4a3dbf1db78efaf83944651cdbeb6af86878f38353ef932f6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
last-modified
Sat, 03 Feb 2024 17:12:13 GMT
etag
W/"110d33-18d6ff4d795"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1117491
eccfb5c802a28ea0236daf72.png
thacrypte.com/
1 MB
1 MB
Image
General
Full URL
https://thacrypte.com/eccfb5c802a28ea0236daf72.png
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.37.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.37.12.49.clients.your-server.de.37.12.49.in-addr.arpa
Software
/ Express
Resource Hash
e01d94aad651cb6e24c7a7c8e85ada2d0b0dd8b731fcd8a12a8379f65c8e2ecf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
last-modified
Sat, 03 Feb 2024 17:39:35 GMT
etag
W/"110d33-18d700de6fa"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1117491
email-decode.min.js
sa-mp.im/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://sa-mp.im/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 20:54:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6622d9ef-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FHko0cfsDPnZCBtjYpd95D2wkqmSk2TUdDtvpq%2Bb1Cl80ayEHNpTWnlAaFSALxGVN2D7LZf7zvgYNKHhmq%2B8%2FEJ7cSEmBZ57XLZGNR4gnD%2BEFwaOVFOcAqhAWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
87b0db0eb8e54d9e-FRA
expires
Mon, 29 Apr 2024 18:25:31 GMT
jquery.js
code.jquery.com/
276 KB
82 KB
Script
General
Full URL
https://code.jquery.com/jquery.js
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
10955582
x-cache
HIT, HIT
content-length
83875
x-served-by
cache-lga13621-LGA, cache-cph2320056-CPH
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1714242332.041062,VS0,VE0
etag
W/"28feccc0-4508e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
30, 4235
jquery.flot.min.js
sa-mp.im/assets/js/
52 KB
15 KB
Script
General
Full URL
https://sa-mp.im/assets/js/jquery.flot.min.js
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4498a5218c71658ae6433b625664cd0fcc9980d06549983ea079828159c169

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 07:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3569
etag
W/"62b16e3c-cee6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZwNJbqfb3WrHEiVfJ6L5LBKVSmahxrYcZmxT7YJ4JK%2BUUBVNBo8Lz5Zgr15Duc9GgwmXsrv3nQmcsOT2QJEgZCjVgdttS2ShaShDYq6xESxzOuIDLqlSGadIoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
87b0db0eb8ea4d9e-FRA
alt-svc
h3=":443"; ma=86400
jquery.flot.categories.min.js
sa-mp.im/assets/js/
3 KB
1 KB
Script
General
Full URL
https://sa-mp.im/assets/js/jquery.flot.categories.min.js
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5dc326686cafb4ea3c63979a7577eae0778cac43cf3db59f4e39c91f4debfef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 07:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3569
etag
W/"62b16e3c-a26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJCg2szXH0BHueObBNwgImsustBZpQnuBH6CaxtCTN%2FdIfX%2FHMQB0HJQmzbmE0Gi%2BYXj%2B7lwqt%2Fj7OcCCmLM457PVe5Fib%2FnWkLQ4lxmnx4gVPkKkAH3fDXbWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
87b0db0eb8ec4d9e-FRA
alt-svc
h3=":443"; ma=86400
mainfp.js
sa-mp.im/assets/js/
25 KB
9 KB
Script
General
Full URL
https://sa-mp.im/assets/js/mainfp.js
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92960ca192448936322bf9a7288fe0506428617660b0d61a6876965219841df3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 21 Jun 2022 07:07:40 GMT
server
cloudflare
age
3569
cf-polished
origSize=36241
etag
W/"62b16e3c-8d91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sILaH9UpczWutGxkEikFp0suNkFrN%2FqvVdrz%2B1iq17gZj8HgrMHNJdRKkShUeGbjIDF6GV9nd4DAPGvOhRAdEzobDvdElEpK6Uy6EHwE4R4VfxQVdg5FztNyPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
87b0db0eb8ed4d9e-FRA
alt-svc
h3=":443"; ma=86400
main.js
sa-mp.im/assets/js/
18 KB
6 KB
Script
General
Full URL
https://sa-mp.im/assets/js/main.js?02bb5e8a9551cb85b93521c4dc95cf2bef71aba4
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
830fac949f983fc9d0a8a4cdd0db96849816a711dff81e449314e2cca30f8620

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:31 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 Apr 2024 14:13:13 GMT
server
cloudflare
age
3569
cf-polished
origSize=22677
etag
W/"660c1279-5895"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W74LXNkVE5W1N7tVefnGlyz8nYmZhbyS4HyqVrsJB%2Fhy6nfq5tYzEc9by7ipquWnMvKLSWTMBS5drzgHId3ulgQVxkaHQV4TsPJZ0jPdeLVfA51oHEwlaa86gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
87b0db0eb8ee4d9e-FRA
alt-svc
h3=":443"; ma=86400
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/cdn-cgi/apps/head/mhtHbrAB-gtNJ6X6jPbzHFHvCP4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 27 Apr 2024 17:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2244
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 27 Apr 2024 19:48:08 GMT
logo.png
sa-mp.im/assets/images/
7 KB
8 KB
Image
General
Full URL
https://sa-mp.im/assets/images/logo.png
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/assets/css/style.dark.css?35ba88a8f9e01b17db0f780e1e7ce2c1a68396b3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f137a59de0ccc78a37ff4a9890d0140d1dc4cd6eaad781ff97e53f0dc9811b2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/assets/css/style.dark.css?35ba88a8f9e01b17db0f780e1e7ce2c1a68396b3
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
178671
alt-svc
h3=":443"; ma=86400
content-length
7607
last-modified
Tue, 21 Jun 2022 07:07:40 GMT
server
cloudflare
etag
"62b16e3c-1db7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A0QY8G0NLQ1vQbTWoIi6x20dHwhgP0TmXkZ%2B1gFEtbw7NBD867%2F4h7W3BeKH4ohrxExTTNzYDqXYICcGc95nx6u%2F59acf1KS3Mbd4Dic0U2xTv9lzENT%2BkaHBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
87b0db0f09564d9e-FRA
expires
Sat, 25 May 2024 16:47:41 GMT
header3.jpg
sa-mp.im/assets/images/
73 KB
74 KB
Image
General
Full URL
https://sa-mp.im/assets/images/header3.jpg
Requested by
Host: sa-mp.im
URL: https://sa-mp.im/assets/css/style.css?02bb5e8a9551cb85b93521c4dc95cf2bef71aba4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ffc342258af793243099b0a9912d9ac4bbc09b264ce7ca76469ede494f9d4c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/assets/css/style.css?02bb5e8a9551cb85b93521c4dc95cf2bef71aba4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
480254
alt-svc
h3=":443"; ma=86400
content-length
74969
last-modified
Tue, 21 Jun 2022 07:07:40 GMT
server
cloudflare
etag
"62b16e3c-124d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WpJW9I%2Ff5cvH%2FBGiPaWppUpLXAsbxfTt5p%2FGpCXskH3NVSPIGJtPablL2yJYmgzzSul6yy3S8x%2FRoN0rk1JnZEdH6USxjfOgCT1B0uUGyR5aKd%2FAayt3L4OnQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
87b0db0f09584d9e-FRA
expires
Wed, 22 May 2024 05:01:18 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,600|PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://sa-mp.im
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 23:20:08 GMT
x-content-type-options
nosniff
age
414324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 23:20:08 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,600|PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://sa-mp.im
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 07:51:59 GMT
x-content-type-options
nosniff
age
383613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Apr 2025 07:51:59 GMT
collect
www.google-analytics.com/j/
15 B
216 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1094187864&t=pageview&_s=1&dl=https%3A%2F%2Fsa-mp.im%2F&ul=de-de&de=UTF-8&dt=Italy%20Mafia%20Roleplay%20-%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=782609369&gjid=1120944986&cid=1789233389.1714242332&tid=UA-23387111-2&_gid=130035902.1714242332&_r=1&_slc=1&z=810452321
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0b04ea943d737c538ce41ed2e350b7a51651271205233d8181cd71eb6a422000
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 18:25:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sa-mp.im
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
240 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R01G0R4BRM&gtm=45je44o0v9173333495za200&_p=1714242331931&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1789233389.1714242332&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714242332&sct=1&seg=0&dl=https%3A%2F%2Fsa-mp.im%2F&dt=Italy%20Mafia%20Roleplay%20-%20News&en=page_view&_fv=1&_ss=1&_ee=1&tfd=585
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R01G0R4BRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 18:25:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sa-mp.im
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
246 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7P5YYKZ4Q8&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53a47769ea2ff86d4e16f1d2839ff2bad768889c5f3210dbe526fe567cdf3dbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90043
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Apr 2024 18:25:32 GMT
submit
sa-mp.im/ajax/fingerprint/
0
548 B
XHR
General
Full URL
https://sa-mp.im/ajax/fingerprint/submit
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://sa-mp.im/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 18:25:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SpITdzFrbQoxrcN8nSYFgZpVtmzHQzEMDSutwTSYQf4KALwdLb1LeFZIM6xp9FjATNVWlIyC27UEwfvPjr2jetw90hAK3s6liy16ULWIfh%2Fj24GeXBn2aUBQdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
87b0db119d1d4d9e-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7P5YYKZ4Q8&gtm=45je44o0v9120748563za200&_p=1714242331931&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=1789233389.1714242332&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fsa-mp.im%2F&dt=Italy%20Mafia%20Roleplay%20-%20News&sid=1714242332&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=937
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7P5YYKZ4Q8&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 18:25:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sa-mp.im
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
sa-mp.im/
234 B
561 B
Other
General
Full URL
https://sa-mp.im/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42f7ed7b4339415e52451378f012d158cdeb2408f2f0c8993a380ef2dfc8b1e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sa-mp.im/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 18:25:32 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zMVJOg7L4lO1Gp6ZTxoIX%2FLQJny9cDc2KPGSE%2BRlUH%2Fwbd8Fh8wlHfd4YBfSQLwnlSC%2F%2Bfl4L0jrF24gmMvHGAEY5Z7KMUI98MGWVi2AvNZVCDS3DVWmPkVkiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
87b0db122df24d9e-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CloudflareApps string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady function| $ function| jQuery function| Kkprint2 string| payment_method_chosen string| user_fingerprint function| bindPlayerReportEvents function| fetchFactionChat function| fetchTeamChat function| dataRequest function| delayRequest function| setIntroPage function| showModalHTML function| showModal function| closeModal function| initLottery function| initTopup function| bindAmountChoiceClickEvent function| insertParam object| jQuery111106741280094364432 object| $ticketAnswerTrigger string| t

6 Cookies

Domain/Path Name / Value
sa-mp.im/ Name: PHPSESSID
Value: dvp4ulumn02tg99m29pcips4nr
.sa-mp.im/ Name: _gid
Value: GA1.2.130035902.1714242332
.sa-mp.im/ Name: _gat
Value: 1
.sa-mp.im/ Name: _ga_R01G0R4BRM
Value: GS1.1.1714242332.1.0.1714242332.0.0.0
.sa-mp.im/ Name: _ga
Value: GA1.1.1789233389.1714242332
.sa-mp.im/ Name: _ga_7P5YYKZ4Q8
Value: GS1.2.1714242332.1.0.1714242332.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://sa-mp.im/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
sa-mp.im
thacrypte.com
www.google-analytics.com
www.googletagmanager.com
www.sa-mp.im
104.21.65.197
2001:4860:4802:34::36
2a00:1450:4001:806::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a04:4e42:400::649
49.12.37.165
0b04ea943d737c538ce41ed2e350b7a51651271205233d8181cd71eb6a422000
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1f137a59de0ccc78a37ff4a9890d0140d1dc4cd6eaad781ff97e53f0dc9811b2
21f7cfc8b20798f6c74062f7b2a3a945e25f275d603c28eee6bc9e61d2dbc756
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
4912c72bdcb3f63a38901aba9dc64e2bddb98efc8a51d0d7124d3231b4a010b5
53a47769ea2ff86d4e16f1d2839ff2bad768889c5f3210dbe526fe567cdf3dbe
680954e8e3b7c873ff24ac7a64d3cb7061bf88f178fa53e35e2efd45254ac955
830fac949f983fc9d0a8a4cdd0db96849816a711dff81e449314e2cca30f8620
92960ca192448936322bf9a7288fe0506428617660b0d61a6876965219841df3
95ffc342258af793243099b0a9912d9ac4bbc09b264ce7ca76469ede494f9d4c
99bb3da402ff8024c3e1a978f9417b6999cd6330513c9b9a0d71a949c14fe097
a5dc326686cafb4ea3c63979a7577eae0778cac43cf3db59f4e39c91f4debfef
b1e8b936e1e42ff4a3dbf1db78efaf83944651cdbeb6af86878f38353ef932f6
ba4498a5218c71658ae6433b625664cd0fcc9980d06549983ea079828159c169
bf65b69facdc7da49064b0888553a58b46be6505bf4b3a0032e3094d1abf8a20
cc4ed7c428a6eb6c3529108a5d5a3568eba04fd377afc6dc803690c6e17ddf9f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e01d94aad651cb6e24c7a7c8e85ada2d0b0dd8b731fcd8a12a8379f65c8e2ecf
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f42f7ed7b4339415e52451378f012d158cdeb2408f2f0c8993a380ef2dfc8b1e
fbf22961727fc630559e8206daf36ac0dcf952a0fed8e4f35f373daa4daf1818