www.xcheaters.com Open in urlscan Pro
34.250.204.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gradianlabs.com/MickeyDarlene/lilly/t92i4m17scxvqs
Effective URL:
https://www.xcheaters.com/home/index?visitId=986223398
Submission: On December 04 via manual (December 4th 2022, 8:40:39 am UTC) from IN — Scanned from US

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 15 domains to perform 67 HTTP transactions. The main IP is 34.250.204.54, located in and belongs to . The main domain is www.xcheaters.com.
TLS certificate: Issued by Amazon on September 21st 2022. Valid for: a year.

This is the only time www.xcheaters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.251.80.25 162.251.80.25	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
4 4	2606:4700:303... 2606:4700:3031::6815:2abe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:abf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:20:... 2606:4700:20::681a:bbf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::6815:523e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	108.128.136.197 108.128.136.197	16509 (AMAZON-02) (AMAZON-02)
2 31	34.250.204.54 34.250.204.54	() ()
1 1	176.34.105.207 176.34.105.207	() ()
2	2607:f8b0:400... 2607:f8b0:4006:80f::2008	() ()
3	2607:f8b0:400... 2607:f8b0:4006:823::200a	() ()
1	13.225.223.122 13.225.223.122	() ()
3	2607:f8b0:400... 2607:f8b0:4006:80c::200e	() ()
2	13.33.60.101 13.33.60.101	() ()
1	2606:4700:303... 2606:4700:3036::ac43:89d3	() ()
1	2a02:6ea0:c40... 2a02:6ea0:c400::19	() ()
67	12

1 162.251.80.25 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: cp-14.webhostbox.net

gradianlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::6815:2abe (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

wildhottiegirls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:abf (United States)

ASN13335 (CLOUDFLARENET, US)

dategen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bbf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dategen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:523e (United States)

ASN13335 (CLOUDFLARENET, US)

svntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.128.136.197 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-136-197.eu-west-1.compute.amazonaws.com

optimizertrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.optimizertrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 34.250.204.54 (None, ) 2 redirects

ASN- ()

www.xcheaters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.105.207 (None, ) 1 redirects

ASN- ()

www.optrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.223.122 (None, )

ASN- ()

cdn.rollbar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.60.101 (None, )

ASN- ()

ccp.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:89d3 (None, )

ASN- ()

a.tbepc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::19 (None, )

ASN- ()

ads.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	xcheaters.com 2 redirects www.xcheaters.com images.xcheaters.com Failed userimage.xcheaters.com Failed	1 MB
8	dategen.com 2 redirects dategen.com — Cisco Umbrella Rank: 870896	30 KB
4	wildhottiegirls.com 4 redirects wildhottiegirls.com — Cisco Umbrella Rank: 399436	5 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	googleapis.com ajax.googleapis.com	90 KB
3	optimizertrk.com 2 redirects optimizertrk.com www.optimizertrk.com	2 KB
2	ccp.media ccp.media	263 KB
2	googletagmanager.com www.googletagmanager.com	105 KB
2	svntrk.com svntrk.com — Cisco Umbrella Rank: 421879	1 KB
1	exosrv.com ads.exosrv.com	1 KB
1	tbepc.com a.tbepc.com
1	rollbar.com cdn.rollbar.com	23 KB
1	optrck.com 1 redirects www.optrck.com	570 B
1	gradianlabs.com 1 redirects gradianlabs.com	262 B
0	doubleclick.net Failed stats.g.doubleclick.net Failed
67	15

	Domain	Requested by
31	www.xcheaters.com	2 redirects www.optimizertrk.com www.xcheaters.com cdn.rollbar.com
8	dategen.com	2 redirects dategen.com
4	wildhottiegirls.com	4 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.rollbar.com
3	ajax.googleapis.com	www.xcheaters.com
2	ccp.media	www.xcheaters.com ccp.media
2	www.googletagmanager.com	www.xcheaters.com
2	www.optimizertrk.com	1 redirects dategen.com
2	svntrk.com	dategen.com
1	ads.exosrv.com	www.xcheaters.com
1	a.tbepc.com	www.xcheaters.com
1	cdn.rollbar.com	www.xcheaters.com
1	www.optrck.com	1 redirects
1	optimizertrk.com	1 redirects
1	gradianlabs.com	1 redirects
0	userimage.xcheaters.com Failed	www.xcheaters.com
0	stats.g.doubleclick.net Failed	cdn.rollbar.com
0	images.xcheaters.com Failed	www.xcheaters.com
67	18

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-27` - `2023-08-27`	a year	crt.sh
*.svntrk.com E1	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.optimizertrk.com Amazon	`2022-11-05` - `2023-12-02`	a year	crt.sh
*.xcheaters.com Amazon	`2022-09-21` - `2023-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.rollbar.com Amazon	`2022-06-11` - `2023-07-10`	a year	crt.sh
ccp.media Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
exosrv.com R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.xcheaters.com/home/index?visitId=986223398
Frame ID: F7AC1A30B1AA780BEB9C16F98D139B1A
Requests: 70 HTTP requests in this frame

Frame: https://dategen.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670140800
Frame ID: A88E44FC546E22002D3587D838C8539F
Requests: 3 HTTP requests in this frame

Frame: https://a.tbepc.com/loader?a=113&s=24&t=77&p=18&s2=1986223398&wlkw=6
Frame ID: 42D68F17AA347CE5CA88D2BDE2793FDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gradianlabs.com/MickeyDarlene/lilly/t92i4m17scxvqs HTTP 301
https://wildhottiegirls.com/profile.php?id=t92i4m17scxvqs&slog=lilly HTTP 301
http://wildhottiegirls.com/profile.php?id=t92i4m17scxvqs&slog=lilly HTTP 302
http://wildhottiegirls.com/?s1=rwrw1&s3=zzzqs&i_invite=Y3JpbXNvQG5ldHplcm8ubmV0&s4=t92i4m HTTP 302
http://wildhottiegirls.com/click?s1=rwrw1&s2=&s3=45%3Azzzqs&s4=t92i4m&email=crimso%40netzero.net&src=ur... HTTP 302
https://dategen.com/click?email=crimso@netzero.net&s1=rwrw1&s2=&s3=45:zzzqs&s4=t92i4m&l=45&src=u... Page URL
http://dategen.com/r/mt/638c5cfd5f26d HTTP 301
https://dategen.com/r/mt/638c5cfd5f26d Page URL
http://dategen.com/pg/submitform/638c5cfd5f26d HTTP 301
https://dategen.com/pg/submitform/638c5cfd5f26d Page URL
https://optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02 HTTP 302
https://www.optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02 Page URL
https://www.optimizertrk.com/?group_id=5134&email=crimso%40netzero.net&subid=638c5cfd5f26d&keyword=rwrw1&... HTTP 302
https://www.xcheaters.com/promo/affiliate/?campaign_id=270687&email=crimso%40netzero.net&keyword=rwrw1... HTTP 302
https://www.xcheaters.com/home/index?token=7b8bc52b8480a7da843656e00d07602d HTTP 302
https://www.optrck.com/default/setGlobalLogin?visitId=986223398&site=xcheaters&origin=aHR0cHM6Ly93d... HTTP 302
https://www.xcheaters.com/home/index?visitId=986223398 Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

67
Requests

76 %
HTTPS

60 %
IPv6

15
Domains

18
Subdomains

12
IPs

2
Countries

1994 kB
Transfer

4372 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gradianlabs.com/MickeyDarlene/lilly/t92i4m17scxvqs HTTP 301
https://wildhottiegirls.com/profile.php?id=t92i4m17scxvqs&slog=lilly HTTP 301
http://wildhottiegirls.com/profile.php?id=t92i4m17scxvqs&slog=lilly HTTP 302
http://wildhottiegirls.com/?s1=rwrw1&s3=zzzqs&i_invite=Y3JpbXNvQG5ldHplcm8ubmV0&s4=t92i4m HTTP 302
http://wildhottiegirls.com/click?s1=rwrw1&s2=&s3=45%3Azzzqs&s4=t92i4m&email=crimso%40netzero.net&src=url&l=45&v=dating&r=1 HTTP 302
https://dategen.com/click?email=crimso@netzero.net&s1=rwrw1&s2=&s3=45:zzzqs&s4=t92i4m&l=45&src=url&v=dating&trx_s=3e0271fce4364c50b40aa5d4ed18a88adeed26618&tz=&remember=0&ph=&vd= Page URL
http://dategen.com/r/mt/638c5cfd5f26d HTTP 301
https://dategen.com/r/mt/638c5cfd5f26d Page URL
http://dategen.com/pg/submitform/638c5cfd5f26d HTTP 301
https://dategen.com/pg/submitform/638c5cfd5f26d Page URL
https://optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02 HTTP 302
https://www.optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02 Page URL
https://www.optimizertrk.com/?group_id=5134&email=crimso%40netzero.net&subid=638c5cfd5f26d&keyword=rwrw1&live=506d75ba-73af-11ed-88da-0a58a9feac02&jsChecked=true HTTP 302
https://www.xcheaters.com/promo/affiliate/?campaign_id=270687&email=crimso%40netzero.net&keyword=rwrw1&subid=638c5cfd5f26d&fresh=1&visitId=986223398 HTTP 302
https://www.xcheaters.com/home/index?token=7b8bc52b8480a7da843656e00d07602d HTTP 302
https://www.optrck.com/default/setGlobalLogin?visitId=986223398&site=xcheaters&origin=aHR0cHM6Ly93d3cueGNoZWF0ZXJzLmNvbS9ob21lL2luZGV4 HTTP 302
https://www.xcheaters.com/home/index?visitId=986223398 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gradianlabs.com/MickeyDarlene/lilly/t92i4m17scxvqs HTTP 301
https://wildhottiegirls.com/profile.php?id=t92i4m17scxvqs&slog=lilly HTTP 301
http://wildhottiegirls.com/profile.php?id=t92i4m17scxvqs&slog=lilly HTTP 302
http://wildhottiegirls.com/?s1=rwrw1&s3=zzzqs&i_invite=Y3JpbXNvQG5ldHplcm8ubmV0&s4=t92i4m HTTP 302
http://wildhottiegirls.com/click?s1=rwrw1&s2=&s3=45%3Azzzqs&s4=t92i4m&email=crimso%40netzero.net&src=url&l=45&v=dating&r=1 HTTP 302
https://dategen.com/click?email=crimso@netzero.net&s1=rwrw1&s2=&s3=45:zzzqs&s4=t92i4m&l=45&src=url&v=dating&trx_s=3e0271fce4364c50b40aa5d4ed18a88adeed26618&tz=&remember=0&ph=&vd=

Request Chain 1

http://dategen.com/r/mt/638c5cfd5f26d HTTP 301
https://dategen.com/r/mt/638c5cfd5f26d

Request Chain 4

http://dategen.com/pg/submitform/638c5cfd5f26d HTTP 301
https://dategen.com/pg/submitform/638c5cfd5f26d

Request Chain 8

https://optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02 HTTP 302
https://www.optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02

67 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click
dategen.com/
Redirect Chain

http://gradianlabs.com/MickeyDarlene/lilly/t92i4m17scxvqs
https://wildhottiegirls.com/profile.php?id=t92i4m17scxvqs&slog=lilly
http://wildhottiegirls.com/profile.php?id=t92i4m17scxvqs&slog=lilly
http://wildhottiegirls.com/?s1=rwrw1&s3=zzzqs&i_invite=Y3JpbXNvQG5ldHplcm8ubmV0&s4=t92i4m
http://wildhottiegirls.com/click?s1=rwrw1&s2=&s3=45%3Azzzqs&s4=t92i4m&email=crimso%40netzero.net&src=url&l=45&v=dating&r=1
https://dategen.com/click?email=crimso@netzero.net&s1=rwrw1&s2=&s3=45:zzzqs&s4=t92i4m&l=45&src=url&v=dating&trx_s=3e0271fce4364c50b40aa5d4ed18a88adeed26618&tz=&remember=0&ph=&vd=

6 KB
3 KB

518ms
476ms

Document
text/html

2606:4700:20::681a:abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dategen.com/click?email=crimso@netzero.net&s1=rwrw1&s2=&s3=45:zzzqs&s4=t92i4m&l=45&src=url&v=dating&trx_s=3e0271fce4364c50b40aa5d4ed18a88adeed26618&tz=&remember=0&ph=&vd=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 77433ccdbdbec40e-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 08:40:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLTd4C%2BGfQ2DVjf%2BkUXoVzVaoDHzukqcBCFQUwu7yS9Npk9aCCq7rZC%2FgHEmHU%2BqU9pSI5%2BeNJOaWBGqXdj2WmDaZqyJE5BFnD%2FwUZfWtsK7ymvHldEEqdeQZiIexJTfwXUtcmT5Az2U"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 77433cc3dd3b1784-EWR
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 08:40:29 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2B6IlAuXQAOd1qBZgu%2FCweSf8OENWYbk11GlYe5crSoe7u965wfcEfUhR%2FmdV3Ox2hGa%2FILUP1L8qnA%2F0VKwnT4JItri0w6Bj2Mu%2B3jnC%2Fjl7Bfb52M8kUpaX08devTzDKoQwosO0MfmJH8bucz7YFcX"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
cache-control: private, must-revalidate
expires: -1
location: https://dategen.com/click?email=crimso@netzero.net&s1=rwrw1&s2=&s3=45:zzzqs&s4=t92i4m&l=45&src=url&v=dating&trx_s=3e0271fce4364c50b40aa5d4ed18a88adeed26618&tz=&remember=0&ph=&vd=
pragma: no-cache

GET
H2

200

638c5cfd5f26d Show response
dategen.com/r/mt/
Redirect Chain

http://dategen.com/r/mt/638c5cfd5f26d
https://dategen.com/r/mt/638c5cfd5f26d

2 KB
1 KB

270ms
270ms

Document
text/html

2606:4700:20::681a:abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dategen.com/r/mt/638c5cfd5f26d
Requested by: Host: dategen.com
URL: https://dategen.com/click?email=crimso@netzero.net&s1=rwrw1&s2=&s3=45:zzzqs&s4=t92i4m&l=45&src=url&v=dating&trx_s=3e0271fce4364c50b40aa5d4ed18a88adeed26618&tz=&remember=0&ph=&vd=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1f308dfbaf6a0510e3b8ac3814457b07f4700891b5fbd7a521bb1fcacccb5a

Request headers

Referer: https://dategen.com/click?email=crimso@netzero.net&s1=rwrw1&s2=&s3=45:zzzqs&s4=t92i4m&l=45&src=url&v=dating&trx_s=3e0271fce4364c50b40aa5d4ed18a88adeed26618&tz=&remember=0&ph=&vd=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 77433cd1096ec40e-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 08:40:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xf6MRqWKCHTyL0JXyiW6KZwR5ikvTg4bdOsCmEg82jsnneIF6LrFTh6%2Frw0FDQe3c%2FIaV41p7gJpfQqAw6vzXzwu1WFczUiqPiniMSFL1ZuOcPN3nXOmlNqo1wKXgBSPfQNFpyTegN6f"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 77433cd0eb92c431-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 04 Dec 2022 08:40:29 GMT
Expires: Sun, 04 Dec 2022 09:40:29 GMT
Location: https://dategen.com/r/mt/638c5cfd5f26d
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbhGe8PBjqVS6MSRhTv%2BMMKY1V2mkhf9RASQhfxK4%2BIZzlaXQbTjiWe4DXCEh%2BwgEvkZ6wa9ZCGi%2BkjSYwlaeWHt4hcJLP1w336j1S7XMUCT%2Bl6erzbtTGyYLaXOjX6oyEjREcYjhIJi"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 analytics.js Show response
svntrk.com/assets/ 148 B
668 B 168ms
137ms Script
text/javascript 2606:4700:3036::6815:523e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://svntrk.com/assets/analytics.js?r=638c5cfd5f26d&e=Y3JpbXNvQG5ldHplcm8ubmV0
Requested by: Host: dategen.com
URL: https://dategen.com/r/mt/638c5cfd5f26d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:523e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb1c05a8cfefca769f82e660821a8db6f5b30dd08ba373b2b497da9cef96d3a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 08:40:30 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpDXutj3GOgQuYFP8%2Bl0N9DppHyZW75gkgMxK9qmWKYBHADyiJfp5MGt7tx4EgTvZs2biLlB%2FLMBluVqVR0Myv6kXS3Z%2BZLqm6IZk4IM8QL7u9Z4yBA1Lf1x06u8445alF15ejwK8U8L"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-ray: 77433cd2ed8ee861-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 invisible.js
dategen.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame A88E 35 KB
15 KB 11ms
11ms Script
application/javascript 2606:4700:20::681a:abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dategen.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670140800
Requested by: Host: dategen.com
URL: https://dategen.com/click?email=crimso@netzero.net&s1=rwrw1&s2=&s3=45:zzzqs&s4=t92i4m&l=45&src=url&v=dating&trx_s=3e0271fce4364c50b40aa5d4ed18a88adeed26618&tz=&remember=0&ph=&vd=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 08:40:30 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ur%2BG9h1%2FtD8%2BreLZFa9gf8JAvjCrgpI1U1vMDWRWnW4FmcWdZfYQmhKVxINl%2FW8SgBQ%2Bou7J61M5G9x4eyeaqzdJtvYV8VSOMlebquxYW07uEBdfnZbtuO7nddBCQCcAt97ZRnToIBso"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77433cd3dc6ec40e-EWR

GET
H2

200

638c5cfd5f26d Show response
dategen.com/pg/submitform/
Redirect Chain

http://dategen.com/pg/submitform/638c5cfd5f26d
https://dategen.com/pg/submitform/638c5cfd5f26d

6 KB
2 KB

2558ms
2558ms

Document
text/html

2606:4700:20::681a:abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dategen.com/pg/submitform/638c5cfd5f26d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebbda0b1cf0cfd2f0032d428404857b5a13abe60fee2647a296b12e82573a90a

Request headers

Referer: https://dategen.com/r/mt/638c5cfd5f26d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 77433cd3fc86c40e-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 08:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAA9pXAONE0zGWpRMW8gGO6fG%2FlXjmm%2FrrfjPmeRNthmiXpp4bpImWPYMwZsoSI%2FUmTIA4uqYy0gif7vjWSaybEQqIXGuvpM9qNskIwP9rjfQ7kX8u9z3ASKp1EBwyCEpCgQOO4lqoU7"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 77433cd3ee6ec431-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 04 Dec 2022 08:40:30 GMT
Expires: Sun, 04 Dec 2022 09:40:30 GMT
Location: https://dategen.com/pg/submitform/638c5cfd5f26d
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aTmc8mwQJ2mwvOUDyDnBJ9SVnu8b4qT0Qj6JuBL0lrI1Xvco0hEJoDhEkNOtOXS3kqsPWLL0VbZcYW5l4eF2xmvGgueTjMJA0M6LfQaDobuOGHWD0rvbMDUy3WZ%2FBaILbnUT6WtmyQE"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 pica.js
dategen.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame A88E 18 KB
8 KB 14ms
13ms Other
application/javascript 2606:4700:20::681a:abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dategen.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 08:40:30 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2NycaAvdM8GS%2BxyTXfk5%2FYmqFYmF2Sqg9NjHMxVmT%2FCXJBq5sxe5qNzK%2B5E%2FXbKtHSbPG4FMlzKWycYCuZXff8OS5S%2FCaKmh8zBG9CMKnn%2Bs5XUppUrhr2BlBgHtmv19%2F5VcvjW7Sow"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77433cd40c99c40e-EWR

POST
H2 200 77433cd1096ec40e
dategen.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame A88E 2 B
543 B 32ms
32ms XHR
text/plain 2606:4700:20::681a:abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dategen.com/cdn-cgi/challenge-platform/h/g/cv/result/77433cd1096ec40e
Requested by: Host: dategen.com
URL: https://dategen.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670140800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Dec 2022 08:40:30 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77433cd60ed9c40e-EWR
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYu0xKzLh%2FKMlFS3JZb8SZrZzCKeeo45pKPuruBkL%2F9a3qQMRdRSoZLGFILcYjycIcWT%2FmD5LqPMZM9qOFDnTnwXhtauuoNEA9EYKrMWshFiy68ymNTk1GtSYNUsfN%2FGV14TijthN627"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 analytics.js
svntrk.com/assets/ 148 B
479 B 145ms
144ms Script
text/javascript 2606:4700:3036::6815:523e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://svntrk.com/assets/analytics.js?r=638c5cfd5f26d&e=Y3JpbXNvQG5ldHplcm8ubmV0
Requested by: Host: dategen.com
URL: https://dategen.com/pg/submitform/638c5cfd5f26d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:523e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 08:40:32 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FtXFRE8joLAUDU5CJOvaCteA3HGRmP%2BKVao8Uh20ushpbWFCPZwSH2Ykkgtpo%2BogO%2B3nw464HcbmDaBu6DNmoWrSkGnTdMDT8kw4kp0Ubq7r3zrlw7cVZnMDUdVOUgkWrleeoKKMgcM"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-ray: 77433ce408b0e861-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

liveApi
www.optimizertrk.com/optimiser/
Redirect Chain

https://optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02
https://www.optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02

526 B
826 B

335ms
132ms

Document
text/html

108.128.136.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02

Requested by

Host: dategen.com
URL: https://dategen.com/pg/submitform/638c5cfd5f26d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.136.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-136-197.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dategen.com/pg/submitform/638c5cfd5f26d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 08:40:33 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 08:40:33 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://www.optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

Primary Request index Show response
www.xcheaters.com/home/
Redirect Chain

https://www.optimizertrk.com/?group_id=5134&email=crimso%40netzero.net&subid=638c5cfd5f26d&keyword=rwrw1&live=506d75ba-73af-11ed-88da-0a58a9feac02&jsChecked=true
https://www.xcheaters.com/promo/affiliate/?campaign_id=270687&email=crimso%40netzero.net&keyword=rwrw1&subid=638c5cfd5f26d&fresh=1&visitId=986223398
https://www.xcheaters.com/home/index?token=7b8bc52b8480a7da843656e00d07602d
https://www.optrck.com/default/setGlobalLogin?visitId=986223398&site=xcheaters&origin=aHR0cHM6Ly93d3cueGNoZWF0ZXJzLmNvbS9ob21lL2luZGV4
https://www.xcheaters.com/home/index?visitId=986223398

165 KB
51 KB

596ms
596ms

Document
text/html

34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/home/index?visitId=986223398

Requested by

Host: www.optimizertrk.com
URL: https://www.optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

b8b43b5b29229316ad3aa73003b5809108be81524f17ff42eaa87acbe172930f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.optimizertrk.com/optimiser/liveApi?uuid=506d75ba-73af-11ed-88da-0a58a9feac02
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 08:40:38 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.21.6
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 08:40:38 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://www.xcheaters.com/home/index?visitId=986223398
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 42ms
22ms Script
application/javascript 2607:f8b0:4006:80f::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57206144-1

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9545de243014ada1b7ccbbf2f61705d0648e696b975af1c4df4659ab055f52e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 08:40:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43591
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Dec 2022 08:40:38 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/start/ 33 KB
7 KB 24ms
5ms Stylesheet
text/css 2607:f8b0:4006:823::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/start/jquery-ui.css

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c08007cf3672842fffb5145101c601777ff9e257e4cf3319feb02dafc33ceb19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 21:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6106
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 21:09:28 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 25ms
6ms Script
text/javascript 2607:f8b0:4006:823::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 00:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 00:11:13 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/ 197 KB
51 KB 29ms
10ms Script
text/javascript 2607:f8b0:4006:823::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 17:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52222
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:26:30 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
62 KB 32ms
19ms Script
application/javascript 2607:f8b0:4006:80f::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2BZMVC

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e8d1f4ab6e1339e73e3250220f8b55c9979fb64b8a89f5c892f7b4f9a83d19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 08:40:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63728
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Dec 2022 08:40:38 GMT

GET
H/1.1 200
OK rollbar.min.js Show response
cdn.rollbar.com/rollbarjs/refs/tags/v2.23.0/ 76 KB
23 KB 67ms
5ms Script
application/javascript 13.225.223.122

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.23.0/rollbar.min.js
Requested by: Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.122 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c25355cf2e7bec93c43a0ab8bd19ba779ba9cc901924cbc9312d1c6de8c04c8e

Request headers

Referer: https://www.xcheaters.com/
Origin: https://www.xcheaters.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 21 Nov 2022 02:44:41 GMT
Content-Encoding: gzip
Via: 1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK51-C1
Age: 1144558
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 24 Jun 2021 16:41:52 GMT
Server: AmazonS3
ETag: W/"fe7d90207ea344ae9d16f8cd5ba1e6ba"
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=30672000,public
X-Amz-Cf-Id: NsA78dJe4iCJhyOMIPW63hFuFNCatVpRSwhSJFBdBBYL4UnVQfg5fg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 23ms
4ms Script
text/javascript 2607:f8b0:4006:80c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57206144-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 07:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3253
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 04 Dec 2022 09:46:25 GMT

GET
H/1.1 200
OK xcheaters.css
www.xcheaters.com/themes/xcheaters/sass/stylesheets/ 2 MB
1 MB 98ms
97ms Stylesheet
text/css 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/xcheaters/sass/stylesheets/xcheaters.css?t=1670070183

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

10f686100ef291d1bd01d5e9f3d1f675c37e97191f953610de09ae28648c3e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:50 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e6-21f60f"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.fancybox.css
www.xcheaters.com/assets/9b7305f9/source/ 4 KB
2 KB 283ms
94ms Stylesheet
text/css 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/9b7305f9/source/jquery.fancybox.css?t=1670070183

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

a830d2b98084d933ddc646e0423afc1786f0b7630a4afe1cd81a9597c88b4bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-10db"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.autoresize.js Show response
www.xcheaters.com/assets/bc6b706e/ 1 KB
1 KB 283ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/bc6b706e/jquery.autoresize.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

95f4ac822f4b1c43515354f52fc49f51abe3d62e207b4ecc226d57690fe4f8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-471"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.json.js Show response
www.xcheaters.com/assets/5459e8fb/ 17 KB
6 KB 283ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/5459e8fb/jquery.json.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

5cf3c964c4117bbc5bb68bd2f58f6de973be286966af368973b71249edb0369c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-4485"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.address.js Show response
www.xcheaters.com/assets/20d1bc2e/ 26 KB
7 KB 284ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/20d1bc2e/jquery.address.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

d8dc71f29cf015d623a98539cd6ea26845e47df1427bffe6b8516ddaa3e9f33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-6848"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.storage.js Show response
www.xcheaters.com/assets/7aa0022e/ 7 KB
2 KB 286ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/7aa0022e/jquery.storage.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

e6ed3d302ae095d1b56b2f8ca1992d955e94bb6ae9ac9b2a9eb06038ec577fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-1a11"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.cookie.js Show response
www.xcheaters.com/assets/12588795/ 4 KB
2 KB 378ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/12588795/jquery.cookie.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-1096"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.template.js Show response
www.xcheaters.com/assets/434e418e/ 19 KB
8 KB 379ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/434e418e/jquery.template.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

801c7e1800bc12d942bdd14949dfab1ef22805374e673df6b2197dfb22ce8378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-4a8f"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.form.js Show response
www.xcheaters.com/assets/d2c78777/ 26 KB
10 KB 384ms
99ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/d2c78777/jquery.form.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

a5b26ab402984e008ad4549c9b5e17e122c8b20d9ddfbefe8260af8e6b711b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-6829"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.popup.js Show response
www.xcheaters.com/assets/2da241ec/ 6 KB
2 KB 384ms
98ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/2da241ec/jquery.popup.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

56e919d8627b0f8e7063c65a9f4dd072db5855632bd2c348be63b4be30eed83d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-17fd"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.tipTip.js Show response
www.xcheaters.com/assets/90a62faa/ 7 KB
3 KB 384ms
98ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/90a62faa/jquery.tipTip.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

1b25812653085f9824e52ac5aae9eda48e3edbc41909b3326937d92fdbc0f5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-1ad7"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.dropdownList.js Show response
www.xcheaters.com/assets/da0ff3f3/ 15 KB
5 KB 479ms
98ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/da0ff3f3/jquery.dropdownList.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

55bd28445189aa90122171ea00ba4ef21ffb73ddb10d4dc98929d6817b2f2d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-3c29"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.dropdownBox.js Show response
www.xcheaters.com/assets/b6bd2561/ 3 KB
1 KB 479ms
98ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/b6bd2561/jquery.dropdownBox.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

97d20b114a625ed1b35551c195b1d1ce4377b2ea016d4aebd1040be369985929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-a68"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.doomNotify.js Show response
www.xcheaters.com/assets/36b3174d/ 2 KB
1 KB 480ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/36b3174d/jquery.doomNotify.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

a02618ecbddc28718ba545c76bd2c047826e429a45765b0659da31c9e0e53751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-8ce"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.js Show response
www.xcheaters.com/themes/xcheaters/js/ 13 KB
4 KB 481ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/xcheaters/js/app.js?t=1670070183

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

3d8c45d1c97aa0a982c16ad141a234e4681e249970821dd996d45824fa637872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:49 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e5-3349"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK general.js Show response
www.xcheaters.com/themes/xcheaters/js/ 12 KB
4 KB 480ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/xcheaters/js/general.js?t=1670070183

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

1fd2bd87dd0d434af17f90d8b174306a005a8594053ba16f8c85512bfc74dfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:49 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e5-2ebf"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK object-assign.min.js Show response
www.xcheaters.com/themes/js/vendor/ 1 KB
1 KB 579ms
97ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/js/vendor/object-assign.min.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

3f62c0828bfa2043a3992bdfec8f0c7070b50ae7b0b733fd93e2c590cac3d1a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:46 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e2-50c"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 chat.js Show response
ccp.media/ccp-widget/ 21 KB
7 KB 36ms
5ms Script
application/javascript 13.33.60.101

General

Check archive.org

Show headers Download Go to

Full URL: https://ccp.media/ccp-widget/chat.js?t=1670070183
Requested by: Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.101 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf44626b23ce8752867a576c3f48638f2c1278e7f18f57c930a6721f5765bfa6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 13:53:58 GMT
content-encoding: gzip
via: 1.1 6c46ad9c24627fa8c065620a1a7a52a8.cloudfront.net (CloudFront)
last-modified: Thu, 10 Nov 2022 12:02:18 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
age: 67601
etag: W/"685012d666b870e63103e72a9be3b80d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: m72VIlsB271P9fZmlxCS9KiebSthLe6555piRPx4g_H44HTg60Pm2g==

GET
H/1.1 200
OK promise.min.js Show response
www.xcheaters.com/themes/js/vendor/ 3 KB
2 KB 580ms
98ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/js/vendor/promise.min.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

09e21c99a0c43919c27c516f32e5fc02f6f44348b313670f9aa9d2f42f55eca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:46 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e2-b40"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK front_lo.js Show response
www.xcheaters.com/themes/js/vendor/ 20 KB
7 KB 580ms
97ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/js/vendor/front_lo.js?t=1670070183

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

362b70d136463bb8fd15fbcdff389a3c6c17acf1e1e8dc984badbcddf5ebf3f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:46 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e2-5162"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET no_photo_man_60.png
images.xcheaters.com/internal/ 0
0

GET casey26.jpg
images.xcheaters.com/home/ 0
0

GET babie454.jpg
images.xcheaters.com/home/ 0
0

GET badgirl37.jpg
images.xcheaters.com/home/ 0
0

GET partyhard1x.jpg
images.xcheaters.com/home/ 0
0

GET time4fun5.jpg
images.xcheaters.com/home/ 0
0

GET
H/1.1 200
OK jquery.loadMore.js
www.xcheaters.com/assets/99ed45c1/ 2 KB
1 KB 96ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/99ed45c1/jquery.loadMore.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-730"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.counter.js
www.xcheaters.com/assets/c4edb22c/ 5 KB
2 KB 97ms
96ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/c4edb22c/jquery.counter.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-120b"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.mousewheel-3.0.6.pack.js
www.xcheaters.com/assets/9b7305f9/lib/ 1 KB
1 KB 95ms
94ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/9b7305f9/lib/jquery.mousewheel-3.0.6.pack.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-568"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.fancybox.pack.js
www.xcheaters.com/assets/9b7305f9/source/ 19 KB
9 KB 98ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/assets/9b7305f9/source/jquery.fancybox.pack.js

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:48:20 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389bbd4-4df5"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dashboard.js
www.xcheaters.com/themes/xcheaters/js/ 25 KB
6 KB 100ms
97ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/xcheaters/js/dashboard.js?t=1670070183

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:49 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e5-6349"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK activity.js
www.xcheaters.com/themes/xcheaters/js/ 682 B
764 B 96ms
94ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/xcheaters/js/activity.js?t=1670070183

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:49 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e5-2aa"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK generalScript.js
www.xcheaters.com/themes/js/ 7 KB
3 KB 95ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/js/generalScript.js?t=1670070183

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:46 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e2-1c5f"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK genericScript.js
www.xcheaters.com/themes/js/ 10 KB
3 KB 96ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/js/genericScript.js?t=1670070183

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:46 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e2-26ba"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK widgetList.js
www.xcheaters.com/themes/xcheaters/js/ 523 B
702 B 96ms
95ms Script
application/javascript 34.250.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcheaters.com/themes/xcheaters/js/widgetList.js?t=1670070183

Requested by

Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.204.54 -, , ASN (),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/home/index?visitId=986223398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 08:40:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 08:35:49 GMT
Server: nginx/1.21.6
Content-Encoding: gzip
ETag: W/"6389b8e5-20b"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H3 404 js
www.google-analytics.com/gtm/ 0
0 32ms
19ms Script
text/html 2607:f8b0:4006:80c::200e

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/gtm/js?id=GTM-K2J5ZCH&t=gtag_UA_57206144_1&cid=2006064135.1670143239
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::200e -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 widget.js Show response
ccp.media/ccp-widget/ 938 KB
256 KB 6ms
5ms Script
application/javascript 13.33.60.101

General

Check archive.org

Show headers Download Go to

Full URL: https://ccp.media/ccp-widget/widget.js?t=1668006622243
Requested by: Host: ccp.media
URL: https://ccp.media/ccp-widget/chat.js?t=1670070183
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.101 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc505ddce78b07c50d41dcfa2d60d459816afcb288d73e9d4ab5d8397460d863

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 15:52:24 GMT
content-encoding: gzip
via: 1.1 6c46ad9c24627fa8c065620a1a7a52a8.cloudfront.net (CloudFront)
last-modified: Thu, 10 Nov 2022 12:02:18 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
age: 60496
etag: W/"3797e089e1e8e5762a6bfa8fccac0d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: lRL68NekAGFfMwESMxptJvnOCeFWnxAAe3KQbjg1q_5vUxz2soTqaw==

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39409c52f324316e5c4176dcf465af691fe15810900c9e46ce365e9fa5509cdf

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 927 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba147003e51804a0e81cd2a122d70fcfb953df30fdbe705b61cb1d9ce2291868

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 979 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 020acabc7ae15897f521c9d20f959db158a69b343db12aeda5fbcd29d2867e9c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb7de1958e39944e62c3e63e4410c156f1287fe5f423fc87b7aaad37b0ef9b7a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2c56e6f75c3d71f16a44079cead2eb089ee73a2bf8a8fe259f3ba53ea73a0d6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a04d9373dd15ba6de8808e48a2953161822829e92f5001dffbfff990f488e8f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 loader
a.tbepc.com/ Frame 42D6 0
0 226ms
70ms Document
text/html 2606:4700:3036::ac43:89d3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tbepc.com/loader?a=113&s=24&t=77&p=18&s2=1986223398&wlkw=6
Requested by: Host: www.xcheaters.com
URL: https://www.xcheaters.com/home/index?visitId=986223398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:89d3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.xcheaters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77433d0f7e678c5a-EWR
content-encoding: br
content-type: text/html
date: Sun, 04 Dec 2022 08:40:39 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvvhRteZtP91%2BWGZ%2FyiIp3yC%2F%2FoEDGuNqrxM5Pa7WwwGfg53mhEx7l9wYORNemoLrztzsZ60ZUVHSoWYYVx1MXyvyYBWH7kqt%2FYQCYNgsvIqF4cKH8D%2B7gu1%2BybtFmRW0lQZDHIABb96PA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 ads.js
ads.exosrv.com/ 2 KB
1 KB 103ms
4ms Script
application/javascript 2a02:6ea0:c400::19

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.exosrv.com/ads.js
Requested by: Host: www.xcheaters.com
URL: https://www.xcheaters.com/themes/js/vendor/front_lo.js?t=1670070183
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::19 -, , ASN (),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.xcheaters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 04 Dec 2022 08:40:39 GMT
content-encoding: br
x-cache-op: HIT
x-cache: HIT
x-77-cache: HIT
x-age: 6576
x-77-nzt: AZySO/fwS7P/sBkAAA
x-accel-expires: @1670147463
server: CDN77-Turbo
etag: W/"b60fdcc211f42a1f246a8c80b56"
x-77-nzt-ray: f483842d9da3282f075d8c63582cb923
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
expires: Fri, 02 Dec 2022 12:50:41 GMT

POST
H3 200 collect
www.google-analytics.com/j/ 2 B
22 B 17ms
17ms XHR
text/plain 2607:f8b0:4006:80c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1866798709&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xcheaters.com%2Fhome%2Findex%3FvisitId%3D986223398&dr=https%3A%2F%2Fwww.optimizertrk.com%2F&ul=en-us&de=UTF-8&dt=Cheat%20with%20hot%20girls%20online%20tonight%20for%20free%20only%20at%20XCheaters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAAUADQAAAACAAI~&jid=1443532784&gjid=253515171&cid=2006064135.1670143239&tid=UA-57206144-1&_gid=571276826.1670143239&_r=1&gtm=2oubu0&z=1514519403

Requested by

Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.23.0/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xcheaters.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 08:40:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xcheaters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
stats.g.doubleclick.net/j/ 0
0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET onlineNow
www.xcheaters.com/widget/ 0
0

GET newMembers
www.xcheaters.com/widget/ 0
0

GET discover
www.xcheaters.com/widget/ 0
0

GET messages
www.xcheaters.com/widget/ 0
0

GET 47bf4bc66ee01974e4eaa1e16cf6ad4f.png
userimage.xcheaters.com/ 0
0

GET e3eb395a4cb062526873967e81cb484d.png
userimage.xcheaters.com/ 0
0

GET f111c10c47b8a68e60960085b603ebe8.png
userimage.xcheaters.com/ 0
0

GET d248cc51574ae13b36597bf38119d6d1.png
userimage.xcheaters.com/ 0
0

GET a00c5218e740893ddebe30fbfd1d0a06.png
userimage.xcheaters.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.xcheaters.com
URL: https://images.xcheaters.com/internal/no_photo_man_60.png

Domain: images.xcheaters.com
URL: https://images.xcheaters.com/home/casey26.jpg

Domain: images.xcheaters.com
URL: https://images.xcheaters.com/home/babie454.jpg

Domain: images.xcheaters.com
URL: https://images.xcheaters.com/home/badgirl37.jpg

Domain: images.xcheaters.com
URL: https://images.xcheaters.com/home/partyhard1x.jpg

Domain: images.xcheaters.com
URL: https://images.xcheaters.com/home/time4fun5.jpg

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-57206144-1&cid=2006064135.1670143239&jid=1443532784&gjid=253515171&_gid=571276826.1670143239&_u=YGBAAUACQAAAACAAI~&z=1164532792

Domain: www.xcheaters.com
URL: https://www.xcheaters.com/widget/onlineNow

Domain: www.xcheaters.com
URL: https://www.xcheaters.com/widget/newMembers

Domain: www.xcheaters.com
URL: https://www.xcheaters.com/widget/discover

Domain: www.xcheaters.com
URL: https://www.xcheaters.com/widget/messages

Domain: userimage.xcheaters.com
URL: https://userimage.xcheaters.com/47bf4bc66ee01974e4eaa1e16cf6ad4f.png

Domain: userimage.xcheaters.com
URL: https://userimage.xcheaters.com/e3eb395a4cb062526873967e81cb484d.png

Domain: userimage.xcheaters.com
URL: https://userimage.xcheaters.com/f111c10c47b8a68e60960085b603ebe8.png

Domain: userimage.xcheaters.com
URL: https://userimage.xcheaters.com/d248cc51574ae13b36597bf38119d6d1.png

Domain: userimage.xcheaters.com
URL: https://userimage.xcheaters.com/a00c5218e740893ddebe30fbfd1d0a06.png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wildhottiegirls.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: pi5q8rko4s6o1s5gi099o01p94
wildhottiegirls.com/	1969-12-31 23:59:59	Name: SRVNAME Value: w1
wildhottiegirls.com/	1970-01-20 07:55:50	Name: XSRF-TOKEN Value: eyJpdiI6IjFkankwQVhpd1JGSzNpdG53UGJJa1E9PSIsInZhbHVlIjoiZG5qc0E4REdZV0FudG1lN2NrVGlFZ1ptZVVjT0FjQ0orSTA3Vm1XY1dOOWx1VnhTemNER2s3cFk4c3RReTlpYiIsIm1hYyI6IjEwNDExODZiYzNkMjk4OWVhMzdkZGVlOGY5NDAzZGZkODlkNmIxNzdjMTM2NDE5MzAyMzkzODZkZmI4ZmY1MDQifQ%3D%3D
wildhottiegirls.com/	1970-01-20 07:55:50	Name: laravel_session Value: eyJpdiI6IkRoMWVlSDgyZnFRSDMwcGluWTBVTmc9PSIsInZhbHVlIjoiQXh3a09mRzBDdkhISTBabUJQd25iT2VGMmEzWE9nUkUwTkhNY2U0UUZHWTZxSXRiNWQ0Ny9zdE5pOU1jck9KYyIsIm1hYyI6IjgyMDg2MDdkMGI4NDBkODBmNzUxNzQ1ZmZiN2RhMGI2NGMwZDc4MmIwZGRiYTc1ZmE5ZGVjMDczZjQ1MmNiMDEifQ%3D%3D
.wildhottiegirls.com/	1970-01-20 07:57:09	Name: lp_settings Value: eyJpdiI6IkFKUGZTVmtHZ0IyMmdyUkFzZTJmQXc9PSIsInZhbHVlIjoiYXN2OWR4bzhzVlVRelkrdk4vWmRyQT09IiwibWFjIjoiZWZiNTk4YWFhZjJlOTBhYmRhZGU0MzBjODU0OGVkNGIzMTFiN2MzZmFjYmNlZjU3MjZkZTRlNzhmYWUxMDY0MiJ9
.wildhottiegirls.com/	1970-01-20 17:31:43	Name: lp_sessionid Value: eyJpdiI6IjZjOHRnWHUzN3ZUZk5kREN0V3RtUUE9PSIsInZhbHVlIjoiMkgzSGs0U1RKUVBaRDhENVIxekNDQW80NE82aGF5ZE5UUURtU21QUE53MD0iLCJtYWMiOiI0MDk2YmY4NThkYjMwMmEwY2ZlNTVjMDdlOGNhMjVmMGQ0YjVkODdkYzA3M2QyYzljZTg5N2U5Yzc1MjA2MmRlIn0%3D
dategen.com/	1970-01-20 07:55:46	Name: brm_opt_msgid_rwrw1 Value: 638c5cfd5f26d
dategen.com/	1969-12-31 23:59:59	Name: SRVNAME Value: s7
svntrk.com/	1970-01-20 17:31:43	Name: scktrk Value: 638c5cfe07ee3-8-1222
.dategen.com/	1970-01-20 07:55:45	Name: __cf_bm Value: 6ESnDGGrejyvRNt5b15Vu_hlbH8kYHEjqr3tcR92kwo-1670143230-0-Afexj0Tcz4utKfK5GKCkeqi6e6/dmc2XxIL6vbAJws/PKoRTOi5yiZqGNyVNl7gj7OMQHGsdOHrcpD3OK/3HMTinH8dpcabJWVNVaHRGAwfNUpz49qacSKdcyC7NHzer03jpDMBpKqdutIiKGw09n/s=
dategen.com/	1970-01-20 07:55:50	Name: XSRF-TOKEN Value: D2mhK5RFskXZ6r1g1jurs7cUtHkevXhJLlT9Tlm7
dategen.com/	1970-01-20 07:55:50	Name: laravel_session Value: MKNZJbnnRXc3w84ABcjo5ygHyOJdXgO6c7Wq2In1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.google-analytics.com/gtm/js?id=GTM-K2J5ZCH&t=gtag_UA_57206144_1&cid=2006064135.1670143239 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tbepc.com
ads.exosrv.com
ajax.googleapis.com
ccp.media
cdn.rollbar.com
dategen.com
gradianlabs.com
images.xcheaters.com
optimizertrk.com
stats.g.doubleclick.net
svntrk.com
userimage.xcheaters.com
wildhottiegirls.com
www.google-analytics.com
www.googletagmanager.com
www.optimizertrk.com
www.optrck.com
www.xcheaters.com
images.xcheaters.com
stats.g.doubleclick.net
userimage.xcheaters.com
www.xcheaters.com
108.128.136.197
13.225.223.122
13.33.60.101
162.251.80.25
176.34.105.207
2606:4700:20::681a:abf
2606:4700:20::681a:bbf
2606:4700:3031::6815:2abe
2606:4700:3036::6815:523e
2606:4700:3036::ac43:89d3
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2008
2607:f8b0:4006:823::200a
2a02:6ea0:c400::19
34.250.204.54
020acabc7ae15897f521c9d20f959db158a69b343db12aeda5fbcd29d2867e9c
09e21c99a0c43919c27c516f32e5fc02f6f44348b313670f9aa9d2f42f55eca9
10f686100ef291d1bd01d5e9f3d1f675c37e97191f953610de09ae28648c3e23
1b25812653085f9824e52ac5aae9eda48e3edbc41909b3326937d92fdbc0f5ea
1fd2bd87dd0d434af17f90d8b174306a005a8594053ba16f8c85512bfc74dfd6
2a04d9373dd15ba6de8808e48a2953161822829e92f5001dffbfff990f488e8f
362b70d136463bb8fd15fbcdff389a3c6c17acf1e1e8dc984badbcddf5ebf3f6
39409c52f324316e5c4176dcf465af691fe15810900c9e46ce365e9fa5509cdf
3d8c45d1c97aa0a982c16ad141a234e4681e249970821dd996d45824fa637872
3f62c0828bfa2043a3992bdfec8f0c7070b50ae7b0b733fd93e2c590cac3d1a2
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
55bd28445189aa90122171ea00ba4ef21ffb73ddb10d4dc98929d6817b2f2d7d
56e919d8627b0f8e7063c65a9f4dd072db5855632bd2c348be63b4be30eed83d
5cb1c05a8cfefca769f82e660821a8db6f5b30dd08ba373b2b497da9cef96d3a
5cf3c964c4117bbc5bb68bd2f58f6de973be286966af368973b71249edb0369c
72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c
801c7e1800bc12d942bdd14949dfab1ef22805374e673df6b2197dfb22ce8378
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8e8d1f4ab6e1339e73e3250220f8b55c9979fb64b8a89f5c892f7b4f9a83d19e
9545de243014ada1b7ccbbf2f61705d0648e696b975af1c4df4659ab055f52e4
95f4ac822f4b1c43515354f52fc49f51abe3d62e207b4ecc226d57690fe4f8a9
97d20b114a625ed1b35551c195b1d1ce4377b2ea016d4aebd1040be369985929
a02618ecbddc28718ba545c76bd2c047826e429a45765b0659da31c9e0e53751
a5b26ab402984e008ad4549c9b5e17e122c8b20d9ddfbefe8260af8e6b711b16
a830d2b98084d933ddc646e0423afc1786f0b7630a4afe1cd81a9597c88b4bcd
ac1f308dfbaf6a0510e3b8ac3814457b07f4700891b5fbd7a521bb1fcacccb5a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8b43b5b29229316ad3aa73003b5809108be81524f17ff42eaa87acbe172930f
ba147003e51804a0e81cd2a122d70fcfb953df30fdbe705b61cb1d9ce2291868
c08007cf3672842fffb5145101c601777ff9e257e4cf3319feb02dafc33ceb19
c25355cf2e7bec93c43a0ab8bd19ba779ba9cc901924cbc9312d1c6de8c04c8e
cb7de1958e39944e62c3e63e4410c156f1287fe5f423fc87b7aaad37b0ef9b7a
cc505ddce78b07c50d41dcfa2d60d459816afcb288d73e9d4ab5d8397460d863
cf44626b23ce8752867a576c3f48638f2c1278e7f18f57c930a6721f5765bfa6
d2c56e6f75c3d71f16a44079cead2eb089ee73a2bf8a8fe259f3ba53ea73a0d6
d8dc71f29cf015d623a98539cd6ea26845e47df1427bffe6b8516ddaa3e9f33c
e6ed3d302ae095d1b56b2f8ca1992d955e94bb6ae9ac9b2a9eb06038ec577fff
ebbda0b1cf0cfd2f0032d428404857b5a13abe60fee2647a296b12e82573a90a

www.xcheaters.com Open in urlscan Pro 34.250.204.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

76 %HTTPS

60 %IPv6

15 Domains

18 Subdomains

12 IPs

2 Countries

1994 kBTransfer

4372 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xcheaters.com Open in urlscan Pro
34.250.204.54 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

76 %
HTTPS

60 %
IPv6

15
Domains

18
Subdomains

12
IPs

2
Countries

1994 kB
Transfer

4372 kB
Size

12
Cookies

67 HTTP transactions
7 data transactions