gamea4vy9s.com Open in urlscan Pro
2606:4700:3035::ac43:dda9  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gamea4vy9s.com/	33 KB 9 KB	365ms 308ms	Document text/html	2606:4700:3035::ac43:dda9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gamea4vy9s.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:dda9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85d277dcdc2ef9e135f70ff419afb4e3fe15029631c54884009a77abf41e39d9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f7d4020ad5e4d76-FRA content-encoding zstd content-type text/html date Thu, 26 Dec 2024 01:20:49 GMT last-modified Wed, 25 Dec 2024 11:25:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ywtRjHjAr4Up7kq%2F5GDJplAXGy%2Fd2H5TmTI3Py3GuCKgPOWULEnEZn7X9o%2BM1JliP8UNJv99%2FrVywldN4GBDG83zLm9TvhH2McZbRYgq4ZaaLblbUQNXxfGThHBGkAAlJEFsnqHUsWBYQYqiJg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=6463&min_rtt=6296&rtt_var=1092&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4332&recv_bytes=2315&delivery_rate=599630&cwnd=247&unsent_bytes=0&cid=bbe420e1b19ba1fa&ts=313&x=0" vary Accept-Encoding
GET H2	200	jquery.min.js Show response gamea4vy9s.com/resources/js/	95 KB 38 KB	316ms 315ms	Script application/javascript	2606:4700:3035::ac43:dda9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gamea4vy9s.com/resources/js/jquery.min.js Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:dda9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"676bea12-17b90" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFcShrlTfoBw7bo%2BgaRNVD4%2FqpgGQ8zvfXHSiSs7ecwDojyL9lpQ5FWE29sdN3RLUkg0LTzFMywaSqqg2tUJHNOeRiIud6gVLA0A200NkTVuv3uCRS%2Fs3tJyrdkyTiQqF2aUkSDiZmDoLFPRAQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f7d4022ae384d76-FRA expires Thu, 26 Dec 2024 13:20:49 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7873&min_rtt=6174&rtt_var=414&sent=169&recv=77&lost=0&retrans=0&sent_bytes=191234&recv_bytes=2705&delivery_rate=12958064&cwnd=303&unsent_bytes=0&cid=bbe420e1b19ba1fa&ts=633&x=0" date Thu, 26 Dec 2024 01:20:49 GMT content-type application/javascript last-modified Wed, 25 Dec 2024 11:18:42 GMT vary Accept-Encoding server cloudflare
GET H2	200	ua-parser.min.js Show response gamea4vy9s.com/resources/js/	21 KB 9 KB	310ms 310ms	Script application/javascript	2606:4700:3035::ac43:dda9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gamea4vy9s.com/resources/js/ua-parser.min.js Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:dda9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d074ab06ce689c41db4f14b06b28cc511a179bf951c3ee1b1d7ef123446ae29e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"676bea13-5587" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbRgRIPTSy%2BP8opN8WnVgEYn35hOxjicFl5TxAxbP%2BrUyngMMV0OnOzuRdPMkN09woS2BE2EtMt7SVkcyLi3BWnlRvVpXPZKOvayM3SNPuZgdgWY5pLTgzHNSTe8yFhtUbn7%2BiZST1TeRb6AVQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f7d4022ae394d76-FRA expires Thu, 26 Dec 2024 13:20:49 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7873&min_rtt=6174&rtt_var=414&sent=159&recv=77&lost=0&retrans=0&sent_bytes=181705&recv_bytes=2705&delivery_rate=12958064&cwnd=303&unsent_bytes=0&cid=bbe420e1b19ba1fa&ts=628&x=0" date Thu, 26 Dec 2024 01:20:49 GMT content-type application/javascript last-modified Wed, 25 Dec 2024 11:18:43 GMT vary Accept-Encoding server cloudflare
GET H2	200	theme_1.jpg gamea4vy9s.com/resources/img/	119 KB 120 KB	19ms 19ms	Image image/jpeg	2606:4700:3035::ac43:dda9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gamea4vy9s.com/resources/img/theme_1.jpg Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:dda9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dccf3b3b5741d13fbdb572edb29fcc8ca378a7b3d84a58cf25b1686b80605cf9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cf-cache-status HIT etag "676bea11-1dd61" age 50022 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2BY0h%2BTd2T8hlfY%2FQXdNVTeWvr%2BMB17b%2BeR%2BT6%2FXfxSdJOdS0jIyq15vvauuLY%2Buz2XA3%2Fu4dOxPLKjrY6RQPFcwOQAVRXvANDl4oIjzsr%2FiXKtq5yp%2FNH4rvoIB0XgYH7k9hqywRljHaSTeZw%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 24 Jan 2025 11:27:07 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=6411&min_rtt=6296&rtt_var=315&sent=19&recv=20&lost=0&retrans=0&sent_bytes=13633&recv_bytes=2705&delivery_rate=2008983&cwnd=251&unsent_bytes=0&cid=bbe420e1b19ba1fa&ts=337&x=0" date Thu, 26 Dec 2024 01:20:49 GMT content-type image/jpeg last-modified Wed, 25 Dec 2024 11:18:41 GMT vary Accept-Encoding cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f7d4022ae3a4d76-FRA accept-ranges bytes content-length 122209 server cloudflare
GET H2	200	nav.jpg gamea4vy9s.com/resources/img/	42 KB 43 KB	28ms 28ms	Image image/jpeg	2606:4700:3035::ac43:dda9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gamea4vy9s.com/resources/img/nav.jpg Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:dda9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3921696a59cf30a2dcc65e31bd1c166e811fef39670cb46ee0deea7d4c5cc19 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cf-cache-status HIT etag "676bea12-a8eb" age 50022 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AHSa4Bxn%2FJIsAz3QMgkISlLQmNDMmXi8gsBll5JdDw2aaW6uVRupkP3XBDUjleKlM62bDNk7wNZldmz3w7wpXyvaLVBkSrnsEKY8ym8JQpLI%2BOm4aSruYAUdEUwQNtXTmZI2vtXHrkc0z8KYaA%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 24 Jan 2025 11:27:07 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=6411&min_rtt=6296&rtt_var=315&sent=73&recv=20&lost=0&retrans=0&sent_bytes=77761&recv_bytes=2705&delivery_rate=2008983&cwnd=251&unsent_bytes=32425&cid=bbe420e1b19ba1fa&ts=340&x=0" date Thu, 26 Dec 2024 01:20:49 GMT content-type image/jpeg last-modified Wed, 25 Dec 2024 11:18:42 GMT vary Accept-Encoding cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f7d4022ae3b4d76-FRA accept-ranges bytes content-length 43243 server cloudflare
GET H3	200	middle.png gamea4vy9s.com/resources/img/	51 KB 52 KB	24ms 24ms	Image image/png	172.67.221.169 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gamea4vy9s.com/resources/img/middle.png Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.221.169 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eaca1771dc21e293a94110070e0179119f161b9579824f5cd7fdc85c9e3e1069 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cf-cache-status HIT etag "676bea11-cccd" age 50021 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e87%2FvKHB%2BMurgRfJApJ3ZvKKgFp%2F9d1wnDi0jsFnxp4q7xNUQZ8nKLmB1BF6yGG5yyOHa1W%2BV4fDfTK9IU4qUzCTVizuJMJDWKSpdM2yAJw2BDZ7FBozBGdYZQxXOdtVEg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 24 Jan 2025 11:27:08 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7479&min_rtt=6865&rtt_var=1837&sent=23&recv=10&lost=0&retrans=0&sent_bytes=16269&recv_bytes=4771&delivery_rate=1587&cwnd=12000&unsent_bytes=0&cid=8445ed2c7a940f34&ts=47&x=1", cfExtPri, cfHdrFlush;dur=7 date Thu, 26 Dec 2024 01:20:49 GMT content-type image/png last-modified Wed, 25 Dec 2024 11:18:41 GMT vary Accept-Encoding priority u=2,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f7d4022df182bba-FRA accept-ranges bytes content-length 52429 server cloudflare
GET H3	200	comment_1.png gamea4vy9s.com/resources/img/	19 KB 19 KB	16ms 16ms	Image image/png	172.67.221.169 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gamea4vy9s.com/resources/img/comment_1.png Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.221.169 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7031d644b4b45530aaeb256114f21b1a9ff916bae45b8bce689ad56d5de62842 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cf-cache-status HIT etag "676bea11-4a0d" age 50021 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTKFtMdFqYS%2F%2BvgfPfqFAYeAorw4KK3KDGu9xAbULPlqwbdid2qEcc7eO2ZH0R%2FjbrfpbIuMYPzxekl7gzyenvbmgPjhQw4hzIgHcrtiezZA571miVlbe09gRJictbixTw%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 24 Jan 2025 11:27:08 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7479&min_rtt=6865&rtt_var=1837&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4269&recv_bytes=4771&delivery_rate=1587&cwnd=12000&unsent_bytes=0&cid=8445ed2c7a940f34&ts=46&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 26 Dec 2024 01:20:49 GMT content-type image/png last-modified Wed, 25 Dec 2024 11:18:41 GMT vary Accept-Encoding priority u=2,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f7d4022df192bba-FRA accept-ranges bytes content-length 18957 server cloudflare
GET H3	200	comment_2.png gamea4vy9s.com/resources/img/	16 KB 17 KB	17ms 16ms	Image image/png	172.67.221.169 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gamea4vy9s.com/resources/img/comment_2.png Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.221.169 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f00cba68506659bf054f6fdd8b6dbc0d94a8cb966ba97da8b2c79524748dd9f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cf-cache-status HIT etag "676bea0f-3f76" age 50021 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDTyo6iJTETwF%2FYkdXxJ%2FZrk7KELxs9QCTHFnz99g%2B4jwprhitu7qevLGT77PlTFZT2gNrRDB%2F7domxkb2L5n2F0iKFwCHWCjipPSGu3iO3J%2Ff1XTlvAjZ4FXnDlMySJXg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 24 Jan 2025 11:27:08 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7429&min_rtt=6401&rtt_var=420&sent=80&recv=44&lost=0&retrans=0&sent_bytes=78768&recv_bytes=6848&delivery_rate=5656633&cwnd=46800&unsent_bytes=0&cid=8445ed2c7a940f34&ts=323&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 26 Dec 2024 01:20:49 GMT content-type image/png last-modified Wed, 25 Dec 2024 11:18:39 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f7d40249f9c2bba-FRA accept-ranges bytes content-length 16246 server cloudflare
GET H3	200	comment_3.png gamea4vy9s.com/resources/img/	16 KB 16 KB	15ms 15ms	Image image/png	172.67.221.169 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gamea4vy9s.com/resources/img/comment_3.png Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.221.169 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4aa1b900ecac87f33138b57517d7e4aa9ebc2dfad9c6c58d7df419f1d9e87cbb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cf-cache-status HIT etag "676bea0d-3e19" age 50020 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vAndXAZ2PAgYvokFTkpcNqS3NxrAaXPXlz58V1CTvLWrocXujZs7iQVRkjv17SbW%2BDOyuHFWBkR%2Bm5FquItvf6fqYAxZKuCwzlxWBh%2Fns3bMiXWMgd8Bomv3OLjwmweA0A%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 24 Jan 2025 11:27:09 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7429&min_rtt=6401&rtt_var=420&sent=95&recv=44&lost=0&retrans=0&sent_bytes=96074&recv_bytes=6848&delivery_rate=5656633&cwnd=46800&unsent_bytes=0&cid=8445ed2c7a940f34&ts=329&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 26 Dec 2024 01:20:49 GMT content-type image/png last-modified Wed, 25 Dec 2024 11:18:37 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f7d4024af9e2bba-FRA accept-ranges bytes content-length 15897 server cloudflare
GET H3	200	icon.png gamea4vy9s.com/resources/img/	102 KB 103 KB	18ms 18ms	Image image/png	172.67.221.169 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gamea4vy9s.com/resources/img/icon.png Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.221.169 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b721b10bff1f600e4a196f70a33587ab82eb6cb96c934819dbdba844eaa8e67 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cf-cache-status HIT etag "676bea0f-199e4" age 50020 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5I79djglugf6WleUUuedPPxok8A6ZgYyjwfXwPMf8uynplTMV6CWhvyTGa531Pw0Cfmm7WlnCqc6dYQff4jW46T1yWne7RBdo%2FM6mziOrcsCR1guMzzbwMJqMA9sW6X%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 24 Jan 2025 11:27:09 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7206&min_rtt=6356&rtt_var=625&sent=121&recv=60&lost=0&retrans=0&sent_bytes=125051&recv_bytes=8452&delivery_rate=1246890&cwnd=46800&unsent_bytes=0&cid=8445ed2c7a940f34&ts=340&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 26 Dec 2024 01:20:49 GMT content-type image/png last-modified Wed, 25 Dec 2024 11:18:39 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f7d4024bfa12bba-FRA accept-ranges bytes content-length 104932 server cloudflare
GET H3	200	btn.png gamea4vy9s.com/resources/img/	13 KB 14 KB	16ms 16ms	Image image/png	172.67.221.169 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gamea4vy9s.com/resources/img/btn.png Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.221.169 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e278327a4db1358b0e9d3508c7f2ceb8d690c49939c782dcd3b5d8c6d2a60e9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cf-cache-status HIT etag "676bea0f-3366" age 50020 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XrKViiAfahEkcrm3qqy1nZIqvvuIt3tepj7%2FhDrRGeC1CexCu8Lxt7Mk%2FaunFQ%2BtPCFnQOZq9SwsUTC04eP3VhU0Z5YVQaEzgJsUsUNFq7bjJgHSe53FquccQg5kSfPOWw%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 24 Jan 2025 11:27:09 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7206&min_rtt=6356&rtt_var=625&sent=111&recv=60&lost=0&retrans=0&sent_bytes=113051&recv_bytes=8452&delivery_rate=1246890&cwnd=46800&unsent_bytes=0&cid=8445ed2c7a940f34&ts=340&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 26 Dec 2024 01:20:49 GMT content-type image/png last-modified Wed, 25 Dec 2024 11:18:39 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f7d4024bfa22bba-FRA accept-ranges bytes content-length 13158 server cloudflare
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	25ms 8ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FU9waYK2' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Thu, 26 Dec 2024 01:20:49 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FU9waYK2' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4525, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug kBFKd3A04hcKdFub3n8fPiWJNs//c6UUYliAJk+CD5yTBDoy0vcuL4ekM2Qy7JSn/MqbZ+VelUcnt2nC253yow== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62282 x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	bt_bg.png gamea4vy9s.com/resources/img/	157 B 856 B	23ms 22ms	Image image/png	172.67.221.169 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gamea4vy9s.com/resources/img/bt_bg.png Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.221.169 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 208baf88edf6a2c93aca7bcfd8fcddd2f3ea97a404ac3da1b16a009a68e15395 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers cf-cache-status HIT etag "676bea10-9d" age 50021 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zqfSZ6YySo%2FzZ4L8JWq9KNyfREKl4azwDnHtaHrfCvGvCS0Qr%2F9Ib5b40FMsG%2B8wykRG%2B%2BsFWG%2B0EWrU5NGkNcROTFKnFAkUxRkc0LYtsLkkM83gxrzDMKNMfgjV52cVUw%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 24 Jan 2025 11:27:08 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7206&min_rtt=6356&rtt_var=625&sent=124&recv=60&lost=0&retrans=0&sent_bytes=128390&recv_bytes=8452&delivery_rate=1246890&cwnd=46800&unsent_bytes=0&cid=8445ed2c7a940f34&ts=341&x=1", cfExtPri, cfHdrFlush;dur=6 date Thu, 26 Dec 2024 01:20:49 GMT content-type image/png last-modified Wed, 25 Dec 2024 11:18:40 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f7d4024bfa32bba-FRA accept-ranges bytes content-length 157 server cloudflare
POST H/1.1	200 OK	GetIP Show response game1.awtps.com/ADPage/	10 B 223 B	181ms 181ms	XHR text/plain	3.108.169.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://game1.awtps.com:8121/ADPage/GetIP Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/resources/js/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.108.169.157 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-108-169-157.ap-south-1.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash c167fb135967791605f767f151d6e7c38828b0f9e27cb2b0b80ec5b5c7f8028e Request headers Referer https://gamea4vy9s.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept */* Content-Type application/json; charset=utf-8 Response headers Transfer-Encoding chunked Access-Control-Allow-Origin * Date Thu, 26 Dec 2024 01:20:50 GMT Content-Type text/plain; charset=utf-8 Server nginx/1.24.0 Connection keep-alive
OPTIONS H/1.1	204 No Content	GetIP game1.awtps.com/ADPage/	0 0	556ms 180ms	Preflight	3.108.169.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://game1.awtps.com:8121/ADPage/GetIP Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.108.169.157 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-108-169-157.ap-south-1.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://gamea4vy9s.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods POST Access-Control-Allow-Origin * Connection keep-alive Date Thu, 26 Dec 2024 01:20:49 GMT Server nginx/1.24.0
OPTIONS H/1.1	204 No Content	ADPageDataCollectRequest game1.awtps.com/ADPage/	0 0	180ms 180ms	Preflight	3.108.169.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://game1.awtps.com:8121/ADPage/ADPageDataCollectRequest Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.108.169.157 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-108-169-157.ap-south-1.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://gamea4vy9s.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods POST Access-Control-Allow-Origin * Connection keep-alive Date Thu, 26 Dec 2024 01:20:50 GMT Server nginx/1.24.0
POST H/1.1	200 OK	ADPageDataCollectRequest Show response game1.awtps.com/ADPage/	0 194 B	182ms 181ms	XHR text/plain	3.108.169.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://game1.awtps.com:8121/ADPage/ADPageDataCollectRequest Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/resources/js/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.108.169.157 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-108-169-157.ap-south-1.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gamea4vy9s.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept */* Content-Type application/json; charset=UTF-8 Response headers Access-Control-Allow-Origin * Content-Length 0 Date Thu, 26 Dec 2024 01:20:50 GMT Content-Type text/plain; charset=utf-8 Server nginx/1.24.0 Connection keep-alive
GET H3	200	2015433888870167 Show response connect.facebook.net/signals/config/	69 KB 14 KB	152ms 152ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2015433888870167?v=2.9.179&r=stable&domain=gamea4vy9s.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash f9eab27e98efef5ee41dff1f094acd201a665ca9f6f2845bf716d605c0653227 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-PjlqvtuO' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Thu, 26 Dec 2024 01:20:50 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-PjlqvtuO' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=75, mss=1232, tbw=70571, tp=66, tpl=0, uplat=144, ullat=0 pragma public x-fb-debug f28zXGBf2Mh8Z1b7HBgVYysekG1t70Hi69NAWwzITduwCdY8vYXo9NA3z/Zj4CaVqPw79kkbUuFJGTxNg7NGcQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 19 B	23ms 8ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2015433888870167&ev=PageView&dl=https%3A%2F%2Fgamea4vy9s.com%2F&rl=&if=false&ts=1735176050314&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735176050314.880889421235778840&ler=empty&cdl=API_unavailable&it=1735176050149&coo=false&rqm=GET Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4541, tp=10, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Thu, 26 Dec 2024 01:20:50 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 199 B	188ms 173ms	Image image/png	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2015433888870167&ev=PageView&dl=https%3A%2F%2Fgamea4vy9s.com%2F&rl=&if=false&ts=1735176050314&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735176050314.880889421235778840&ler=empty&cdl=API_unavailable&it=1735176050149&coo=false&rqm=FGET Requested by Host: gamea4vy9s.com URL: https://gamea4vy9s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7452524388363026494"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Thu, 26 Dec 2024 01:20:50 GMT content-type image/png vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7452524388363026494", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-debug rZGFEmlzE+qcClW6IaiMcLE/njYuEMVMaDS2NSJX2FtRX/9UWCKC5VezQzy87gWKFZbSi/U4YA+YxEyqXhql2g== cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4909, tp=13, tpl=0, uplat=166, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	favicon.ico gamea4vy9s.com/resources/img/	4 KB 4 KB	311ms 311ms	Other image/x-icon	172.67.221.169 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gamea4vy9s.com/resources/img/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.221.169 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 220fd2fa8d5884002654825e61ca4e32c0c666a319bbb075b7c1fe831d78f4b4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gamea4vy9s.com/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"676bea12-10be" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CfrL56othqoyzpSiI5u7ns6YlcvPDBNroptcwkQU1prbnkZOILGsVbFsaWej71VRoobQj%2F6BNEudx%2FTzyNqKewStMSNezhT%2FXn4LkbvJN0lh%2BJ67Ti%2BfvJljWQPwf8IQxw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f7d402ba9222bba-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7148&min_rtt=6356&rtt_var=290&sent=217&recv=72&lost=0&retrans=0&sent_bytes=236107&recv_bytes=9329&delivery_rate=9569042&cwnd=93600&unsent_bytes=0&cid=8445ed2c7a940f34&ts=1752&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 26 Dec 2024 01:20:50 GMT content-type image/x-icon last-modified Wed, 25 Dec 2024 11:18:42 GMT vary Accept-Encoding priority u=1,i

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| UAParser function| fbq function| _fbq number| scale function| setHtmlFontSize function| resize function| asyncRequest function| getScrollTop function| getScrollHeight function| getWindowHeight object| scaleMap object| wrapper object| imgs object| dots object| dotss number| len number| width number| rate number| times number| gap number| timer number| imgSub number| dotSub number| width2 function| Roll function| chooseImg function| autoRun number| asdf1 function| clearImgAnimation string| whereIsShare number| agentID string| collectUrl number| webNo number| timestamp string| uniqueID string| clientIP function| copyText2 function| getCookieValue function| PlayerDataCollect function| DataCollect function| GetIP

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gamea4vy9s.com/	1970-01-21 04:09:12	Name: _fbp Value: fb.1.1735176050314.880889421235778840

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
game1.awtps.com
gamea4vy9s.com
www.facebook.com
157.240.0.35
157.240.0.6
172.67.221.169
2606:4700:3035::ac43:dda9
3.108.169.157
1b721b10bff1f600e4a196f70a33587ab82eb6cb96c934819dbdba844eaa8e67
208baf88edf6a2c93aca7bcfd8fcddd2f3ea97a404ac3da1b16a009a68e15395
220fd2fa8d5884002654825e61ca4e32c0c666a319bbb075b7c1fe831d78f4b4
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
3f00cba68506659bf054f6fdd8b6dbc0d94a8cb966ba97da8b2c79524748dd9f
4aa1b900ecac87f33138b57517d7e4aa9ebc2dfad9c6c58d7df419f1d9e87cbb
5e278327a4db1358b0e9d3508c7f2ceb8d690c49939c782dcd3b5d8c6d2a60e9
7031d644b4b45530aaeb256114f21b1a9ff916bae45b8bce689ad56d5de62842
85d277dcdc2ef9e135f70ff419afb4e3fe15029631c54884009a77abf41e39d9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b3921696a59cf30a2dcc65e31bd1c166e811fef39670cb46ee0deea7d4c5cc19
c167fb135967791605f767f151d6e7c38828b0f9e27cb2b0b80ec5b5c7f8028e
d074ab06ce689c41db4f14b06b28cc511a179bf951c3ee1b1d7ef123446ae29e
dccf3b3b5741d13fbdb572edb29fcc8ca378a7b3d84a58cf25b1686b80605cf9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaca1771dc21e293a94110070e0179119f161b9579824f5cd7fdc85c9e3e1069
f9eab27e98efef5ee41dff1f094acd201a665ca9f6f2845bf716d605c0653227