urlscan.io logo urlscan.io
SecurityTrails logo

gamehata.net Open in urlscan Pro
104.168.234.39  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tinyurl.com/2p8b7pe3
Effective URL: https://gamehata.net/kinks/
Submission: On May 06 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 25 HTTP transactions. The main IP is 104.168.234.39, located in United States and belongs to HOSTWINDS, US. The main domain is gamehata.net.
TLS certificate: Issued by R3 on March 16th 2022. Valid for: 3 months.
This is the only time gamehata.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

1    2606:4700:10::ac43:1e1 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
1    104.168.234.39 (United States)

ASN54290 (HOSTWINDS, US)
PTR: hwsrv-652601.hostwindsdns.com
gamehata.net
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
2    2607:f8b0:4006:80d::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    2600:9000:21a2:7a00:1c:b3e3:eb40:21 (United States)

ASN16509 (AMAZON-02, US)
d13pxqgp3ixdbh.cloudfront.net
1    2607:f8b0:4006:809::2016 (Staten Island, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    146.75.32.193 (Ashburn, United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    2607:f8b0:4006:81d::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2600:9000:21a2:9a00:3:b5aa:ad80:21 (United States)

ASN16509 (AMAZON-02, US)
d13nu0oomnx5ti.cloudfront.net
5    2607:f8b0:4006:824::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2600:9000:21a2:5800:13:652b:c180:21 (United States)

ASN16509 (AMAZON-02, US)
dgu9g3a2kzqx2.cloudfront.net
Apex Domain
Subdomains		 Transfer
9 cloudfront.net
d13pxqgp3ixdbh.cloudfront.net
d13nu0oomnx5ti.cloudfront.net
dgu9g3a2kzqx2.cloudfront.net
237 KB
5 gstatic.com
fonts.gstatic.com Failed
239 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
ajax.googleapis.com — Cisco Umbrella Rank: 432
32 KB
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 4686
14 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1448
75 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
17 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4447
21 KB
1 gamehata.net
gamehata.net
16 KB
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 22833
416 B
25 9
Domain Requested by
5 dgu9g3a2kzqx2.cloudfront.net d13nu0oomnx5ti.cloudfront.net
5 fonts.gstatic.com gamehata.net
fonts.googleapis.com
3 d13pxqgp3ixdbh.cloudfront.net gamehata.net
2 i.imgur.com gamehata.net
2 use.fontawesome.com gamehata.net
use.fontawesome.com
2 fonts.googleapis.com gamehata.net
1 d13nu0oomnx5ti.cloudfront.net gamehata.net
1 ajax.googleapis.com gamehata.net
1 i.ytimg.com gamehata.net
1 browser.sentry-cdn.com gamehata.net
1 gamehata.net
1 tinyurl.com 1 redirects
25 12

This site contains no links.

Subject Issuer Validity Valid
gamehata.net
R3		 2022-03-16 -
2022-06-14		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gamehata.net/kinks/
Frame ID: C0D0942F7C255E296747B08155FF6F1C
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

King of Kinks Generator

Page URL History Show full URLs

  1. http://tinyurl.com/2p8b7pe3 HTTP 307
    https://tinyurl.com/2p8b7pe3 HTTP 301
    https://gamehata.net/kinks/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

96 %
HTTPS

83 %
IPv6

9
Domains

12
Subdomains

12
IPs

1
Countries

652 kB
Transfer

836 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tinyurl.com/2p8b7pe3 HTTP 307
    https://tinyurl.com/2p8b7pe3 HTTP 301
    https://gamehata.net/kinks/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gamehata.net/kinks/
Redirect Chain
  • http://tinyurl.com/2p8b7pe3
  • https://tinyurl.com/2p8b7pe3
  • https://gamehata.net/kinks/
67 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gamehata.net/kinks/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.168.234.39 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-652601.hostwindsdns.com
Software
nginx /
Resource Hash
dc01cb6d525ec77fed202252c9983af603664986198b8ebd45c1a2b94e4331ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 06 May 2022 19:57:41 GMT
ETag
W/"6231e157-10c8c"
Last-Modified
Wed, 16 Mar 2022 13:08:39 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
cf-cache-status
DYNAMIC
cf-ray
707449492d86ecea-YUL
content-type
text/html; charset=UTF-8
date
Fri, 06 May 2022 19:57:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://gamehata.net/kinks/
referrer-policy
unsafe-url
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-powered-by
PHP/7.4.28
x-xss-protection
1; mode=block
bundle.min.js
browser.sentry-cdn.com/6.4.1/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Origin
https://gamehata.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:41 GMT
content-encoding
gzip
last-modified
Wed, 19 May 2021 16:36:38 GMT
server
Fastly
age
2726488
etag
"42639cce5db857005b8285dedd67553d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
20972
expires
Wed, 05 Apr 2023 06:36:12 GMT
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;700;900&display=swap
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e484d06143828d00699ea9d0656f513cbac30f72a212c79562434d8e54c1d368
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 May 2022 19:57:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 06 May 2022 19:57:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 May 2022 19:57:41 GMT
icon
fonts.googleapis.com/ 		1 KB
495 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Two+Tone|
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b487e691f36ea1e53481e90a526d69170f7e34e5bc8be93cdc08d794871ebc54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 May 2022 19:57:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 06 May 2022 19:57:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 May 2022 19:57:41 GMT
all.css
use.fontawesome.com/releases/v5.3.1/css/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer
Origin
https://gamehata.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:41 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KV86GCV37ZSK585M
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
HQlHOAhRyiDpiQmSTqc2CP3+HRw6byjs7bbS15nQ4ER3G3F6RfPptzf8yVxQyNlH8Rm4OKhGCUM=
last-modified
Wed, 30 Jun 2021 15:42:14 GMT
server
cloudflare
etag
W/"10519cfd3206802f58315b877a9beab5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2fm9w5gzSVzx%2Fl75k2so7kh8O6Cj%2BHIWW1jgEEjGuY4ClxIjL6t755kdw5XO6M2aKLz64cIBpIRVwWW%2Fh3Cp8GEYbk895cjJtWrTstuADNVFqjpZ7JT7j5FZS8N0xNodzF5Xypj1chV602t7o%2B7%2B86C"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7074494cfa394bcb-YUL
1563298961d7e11a0c316ea6a189a4b4e2bd1ad627.css
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ 		138 KB
138 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/uploads/assets/1563298961d7e11a0c316ea6a189a4b4e2bd1ad627.css
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:7a00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5447334feff96823ccccac69954d0000815dd1975207aa36d242b32e64a4b38

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
0cmW3iZa3TxV_WInfGIhhAF82nyQ1lde
via
1.1 0ff11d01f4414a1e45550bed248de108.cloudfront.net (CloudFront)
last-modified
Tue, 16 Jul 2019 17:42:42 GMT
server
AmazonS3
age
80798
etag
"3aa54f77c8f54e1bde211da2033c82e7"
x-cache
Hit from cloudfront
content-type
text/css
date
Thu, 05 May 2022 21:31:04 GMT
x-amz-cf-pop
YUL62-C1
accept-ranges
bytes
content-length
140944
x-amz-cf-id
CUhCKoyVNyh2YJsS6Cme-Y4iE9QrGC57qXk7sJPIkm6M9T0HDSoAkg==
15632989585b40da5bd6314d160701458ac2c4a7d1.css
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ 		51 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/uploads/assets/15632989585b40da5bd6314d160701458ac2c4a7d1.css
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:7a00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de44e46a52f596b1a08a689d9a800810384271e344bb9edde622bfeb3b52b010

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 02:00:26 GMT
via
1.1 0ff11d01f4414a1e45550bed248de108.cloudfront.net (CloudFront)
last-modified
Tue, 16 Jul 2019 17:42:39 GMT
server
AmazonS3
age
64636
etag
"4e91bc413e67147f89e10a04c7383d2a"
x-cache
Hit from cloudfront
x-amz-version-id
Cl6Z0vpb15dGpGUoZ9TAtBgmFzmnUc7U
x-amz-cf-pop
YUL62-C1
accept-ranges
bytes
content-type
text/css
content-length
52611
x-amz-cf-id
na6NGWaIZaflS47WfZnjxCtO8AB7zAtFpvTqbwWxs2XVLIAwL-Bqyg==
mqdefault.jpg
i.ytimg.com/vi/vdfMdA24g3M/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/vdfMdA24g3M/mqdefault.jpg
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2016 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1382bb94cd395504c548109457dfcf059ab9c621988629ed39df3b6aafe1510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:41 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17026
x-xss-protection
0
server
sffe
etag
"1633884148"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 06 May 2022 21:57:41 GMT
8l1cL62.png
i.imgur.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/8l1cL62.png
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f7f99fd57fb66e1a8d694922a1bd57fe33b5cbe049eaf2e4c5539f41ae92e450
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:41 GMT
x-content-type-options
nosniff
age
225495
x-cache
HIT
content-length
7053
x-served-by
cache-iad-kjyo7100152-IAD
last-modified
Wed, 09 Feb 2022 00:03:12 GMT
server
cat factory 1.0
x-timer
S1651867061.371154,VS0,VE1
etag
"379955e20fae0f522efa17afb24b82b0"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
kZetz72.png
i.imgur.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/kZetz72.png
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5e019680950c6b3cab463e1435e99af28c3f48e14d87de03aa6be5d00e8f1f83
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:41 GMT
x-content-type-options
nosniff
age
2106701
x-cache
HIT
content-length
6973
x-served-by
cache-iad-kjyo7100152-IAD
last-modified
Wed, 09 Feb 2022 00:03:13 GMT
server
cat factory 1.0
x-timer
S1651867061.371149,VS0,VE2
etag
"5969ba26217516c9d2061619726a1463"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 15:55:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 15:55:36 GMT
3e7a446.js
d13nu0oomnx5ti.cloudfront.net/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d13nu0oomnx5ti.cloudfront.net/3e7a446.js
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:9a00:3:b5aa:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 08:04:03 GMT
via
1.1 3aa87db4ada59e0f9698dcd8ce9e9728.cloudfront.net (CloudFront)
last-modified
Mon, 03 May 2021 01:43:32 GMT
server
AmazonS3
age
42854
etag
"6863f6e390060c097da580136d1dcaf2"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
YUL62-C1
content-length
23438
x-amz-cf-id
tlaTOYfwmLu3IxQchUrzIPc20lyZsrEiKNHNSzh6rXGah5RKVa55qw==
15607272053787c9f516c16e5a1a9288d97413bdb2.js
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/uploads/assets/15607272053787c9f516c16e5a1a9288d97413bdb2.js
Requested by
Host: gamehata.net
URL: https://gamehata.net/kinks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:7a00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00619814b3b256720a9ffd9408397d0ffe5559ff301d608eb66f585343fd83a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 21:32:46 GMT
via
1.1 0ff11d01f4414a1e45550bed248de108.cloudfront.net (CloudFront)
last-modified
Sun, 16 Jun 2019 23:20:06 GMT
server
AmazonS3
age
80696
etag
"acad36d38da9f68c52bb074b2c478d0f"
x-cache
Hit from cloudfront
x-amz-version-id
s9hqYpVr65Z1tyCVaMPC212__6gV6ac7
x-amz-cf-pop
YUL62-C1
accept-ranges
bytes
content-type
application/x-javascript
content-length
3761
x-amz-cf-id
DNn4RsIhDO_pmEizPn63n7kr7TW3-rH7d23GIk-XWRnHKsiarS4I_w==
Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2
fonts.gstatic.com/s/roboto/v15/ 		0
0
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gamehata.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 07:12:27 GMT
x-content-type-options
nosniff
age
305114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 07:12:27 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gamehata.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 10:20:49 GMT
x-content-type-options
nosniff
age
293812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 10:20:49 GMT
hESh6WRmNCxEqUmNyh3JDeGxjVVyMg4tHGctNCu0.woff2
fonts.gstatic.com/s/materialiconstwotone/v106/ 		207 KB
208 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconstwotone/v106/hESh6WRmNCxEqUmNyh3JDeGxjVVyMg4tHGctNCu0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Two+Tone|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
040e28f87fd186f1700f7e2013c756a2b22e6fa3de95a2f444a390be8084deeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gamehata.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 05:12:43 GMT
x-content-type-options
nosniff
age
312298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
212356
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:02:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 05:12:43 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

Request headers

Referer
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin
https://gamehata.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:41 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KV82A7YJ7CFQZ7WQ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65316
x-amz-id-2
ugXti56EOH4r7Fea7YZ/IzpphUoLl1QpqqjQTuxmxoI6YfNcH30JKOA0W050jT/nSrFkNAM8QqE=
last-modified
Wed, 30 Jun 2021 15:42:33 GMT
server
cloudflare
etag
"48461ea4e797c9774dabb4a0440d2f56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqFOJ5IDaY8d9c7%2FJeUSfg4u%2B0UnitVqkODoqYMpWw3AYospE79FBxuRog7KLDnnrEHHbePlo6SrgeafzGYIy2JJpkvH0mAEbHhiDfQrdTRAtSMcU2A9Ucz87lcdnGw8cCa7Kfouw0uIbOBIGwPdNZD1"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7074494dfbe04bcb-YUL
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gamehata.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 02:55:31 GMT
x-content-type-options
nosniff
age
320530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7632
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:09:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 02:55:31 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gamehata.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 05:50:56 GMT
x-content-type-options
nosniff
age
310005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 05:50:56 GMT
html.2291980.87bed.0.js
dgu9g3a2kzqx2.cloudfront.net/public/external/v2/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/v2/html.2291980.87bed.0.js
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/3e7a446.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5800:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
1762d06d3b37829fc9532962c4f306bb52fe9c972b94323d591f8bc2264d4131

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:41 GMT
via
1.1 c895b3711944bd74895c678884a6e914.cloudfront.net (CloudFront)
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
YUL62-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
TUxllrzk7uMYe-UuQHQky0blMc-FNDY_xjNWDti4tU7UdE1358H2AQ==
css_front.css
dgu9g3a2kzqx2.cloudfront.net/public/external/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/css_front.css
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/3e7a446.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5800:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:41 GMT
via
1.1 c895b3711944bd74895c678884a6e914.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 20:06:47 GMT
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
YUL62-C1
etag
"19c4-5a8c5e62e9d0a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6596
x-amz-cf-id
mCX1W4d-cuVjdys-9VNy9aL1719nGW2WGRX7j8aOFYBXpQFqlt5dtA==
css.css
dgu9g3a2kzqx2.cloudfront.net/public/clockers/PrimeApps/ 		1010 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/clockers/PrimeApps/css.css
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/3e7a446.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5800:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:41 GMT
via
1.1 c895b3711944bd74895c678884a6e914.cloudfront.net (CloudFront)
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
YUL62-C1
etag
"3f2-5a2f7428ae907"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1010
x-amz-cf-id
zZ_VsZiz7ly034EZfoEKXo_-P295BjZF9gURGNu67p5vzkP7wVbG4w==
guid
dgu9g3a2kzqx2.cloudfront.net/public/ 		0
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/guid?cpguid=dvd88nsgi&e=ll&t=1651867062551
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/3e7a446.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5800:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:42 GMT
via
1.1 c895b3711944bd74895c678884a6e914.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
YUL62-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
8ODLL15ujDY7OLIE2HmLiIypbHSVgdVOw9bmYVGe-EhuuGpyw0yS_w==
check.php
dgu9g3a2kzqx2.cloudfront.net/public/external/ 		78 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/check.php?it=2291980&time=1651867063840
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/3e7a446.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5800:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:57:43 GMT
via
1.1 c895b3711944bd74895c678884a6e914.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
YUL62-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
78
x-amz-cf-id
TASPFAMrPvFGaMxmQo85dyAYuH0DptXHsIJOPM2f_1dqyas-0_J7ag==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.gstatic.com
URL
http://fonts.gstatic.com/s/roboto/v15/Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| Sentry object| __SENTRY__ function| $ function| jQuery object| CPABUILDSETTINGS string| forward object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| rng function| Random function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS string| message function| defeatIE function| defeatNS object| shortcut string| cstm_1 string| cstm_2 string| cstm_3 string| cstm_4 string| cstm_5 string| cstm_6 string| cstm_7 string| rv1_1 string| rv1_2 string| rv1_3 string| rv1_4 string| rn1 string| rv2_1 string| rv2_2 string| rv2_3 string| rv2_4 string| rn2

1 Cookies

Domain/Path Name / Value
gamehata.net/ Name: _cpguid
Value: dvd88nsgi

1 Console Messages

Source Level URL
Text
security error URL: https://gamehata.net/kinks/(Line 1572)
Message:
Mixed Content: The page at 'https://gamehata.net/kinks/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/roboto/v15/Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
browser.sentry-cdn.com
d13nu0oomnx5ti.cloudfront.net
d13pxqgp3ixdbh.cloudfront.net
dgu9g3a2kzqx2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gamehata.net
i.imgur.com
i.ytimg.com
tinyurl.com
use.fontawesome.com
fonts.gstatic.com
104.168.234.39
146.75.32.193
2600:9000:21a2:5800:13:652b:c180:21
2600:9000:21a2:7a00:1c:b3e3:eb40:21
2600:9000:21a2:9a00:3:b5aa:ad80:21
2606:4700:10::ac43:1e1
2606:4700:3033::6815:3f36
2607:f8b0:4006:809::2016
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81d::200a
2607:f8b0:4006:824::2003
2a04:4e42:400::729
00619814b3b256720a9ffd9408397d0ffe5559ff301d608eb66f585343fd83a2
040e28f87fd186f1700f7e2013c756a2b22e6fa3de95a2f444a390be8084deeb
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1762d06d3b37829fc9532962c4f306bb52fe9c972b94323d591f8bc2264d4131
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
5e019680950c6b3cab463e1435e99af28c3f48e14d87de03aa6be5d00e8f1f83
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a1382bb94cd395504c548109457dfcf059ab9c621988629ed39df3b6aafe1510
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
b487e691f36ea1e53481e90a526d69170f7e34e5bc8be93cdc08d794871ebc54
d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268
dc01cb6d525ec77fed202252c9983af603664986198b8ebd45c1a2b94e4331ff
de44e46a52f596b1a08a689d9a800810384271e344bb9edde622bfeb3b52b010
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e484d06143828d00699ea9d0656f513cbac30f72a212c79562434d8e54c1d368
f5447334feff96823ccccac69954d0000815dd1975207aa36d242b32e64a4b38
f7f99fd57fb66e1a8d694922a1bd57fe33b5cbe049eaf2e4c5539f41ae92e450