| cfbhghc.afsy.ink/c/f88b98f542755?ext_click_id=1714052914100010TCATV410403933224V4&subsource=8293638-2517555085-4269441498&track=4 | 178.162.199.80 | | 0 B |
URL cfbhghc.afsy.ink/c/f88b98f542755?ext_click_id=1714052914100010TCATV410403933224V4&subsource=8293638-2517555085-4269441498&track=4 IP178.162.199.80:0 ASN#28753 Leaseweb Deutschland GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /c/f88b98f542755?ext_click_id=1714052914100010TCATV410403933224V4&subsource=8293638-2517555085-4269441498&track=4 HTTP/1.1
Host: cfbhghc.afsy.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: openresty/1.19.3.1
Date: Thu, 25 Apr 2024 14:00:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: s=C2DKBaEuHnRX%2BG4mVTvSii10%2FbnSC0M7pkSFuwIlfuIdtsD6HhjpSwpZxNXW8ks0hCnc6NINqATvxEM2W0bU8yB%2BTvaBHqNV%2FTS4Tyxjl%2BVO6wWsB88295tdgutF3wE%2FDyHn7hwyVDxp5Ae6AczEj3Pr3SbzygSB6YfiX2zuFxpxcfbpz0XOGpzLiDbtfV0Gq6rBH%2F8vN58fGo9OcZX5Xqy8arpQKi3JwDJlteXl6Xw7%2BL4TT5PLZp5EyaetwXPq7X%2FdwboEbDOsjnFjyZ3ZS7VY%2Fx0IYvt%2FOzBvIjK9aybbgjBGfvQAWLDn4O3W7kdn0S%2FStUGuEZKHvLP7cvp4v9KesZsaBXt3ZioBzVlGdh64IC7GAb%2FgyzESSQe4TeLw7L1kPRmslo54W%2BLHVgW1ySzxcAtAjh0qNrPaQ4ERQXtfmsIZAjxd0BS%2Bmda3sIzx%2FbLYZXR5TnKxUi3er9ccqiSywP0fX5RRnPYk6fjBmK6%2BtbNvPGr5600C5FBDF62yo6qXdtSN1DjWFJJjrVnopDBXDj0T0ki9JltvyYBNxsySYs0RB1Y%2B6tRP1Sla8ogt1AEluAshLnSOl1Im3KOhDEzKqACdrltxdQBXhaAXtRF2Ec25hi63KIMtTZ3Vl2xVO%2FApKAJkcAE82Eq5uyKjaJPr0zDsCpV%2BOw05xSitE93xt9BRHu9yHco0EFyXxh3HJ29fwU%2Fa0EWRVvQnjbGVm6sVgpwRnVVSY36ft9CaHeckmtowQ672soXYIFBYParZzetW20rHBQ3VsoyqrgjEuu0g%2FW8zJVl2lTDdPWxlI8o%2Ff0s1q3wmtYB%2BOIJ7JHznDhRd%2FLPJWZZglSixYrcJ2fW4qiS5h5F3himwya76r8eWXFdb817HeXiRz4AFp%2FV94GuvOp5bCYEK1%2BzNuKT2E0afNAhmw4x031k7Adr8tx2OD0g7NzErllD%2BLlwrJix28Q9cW7FY9f4%2BURwQw9g6osm4jjg7hPe4qP1MmcmpYUuTVfisjzYzQ52p5lLm1r2GCaJhG7V3Xfb8tsqXbs7qeBOpriU8567euKRr2EUOJCXV%2FKiYV%2FzqGts80Jk0qh8OoKEjWVky31lQbkDqcywh20hFyAgez%2BBiMO1F5mnTCXhx2cngiWjVnikhKcTbuYApiV2KBv27RYKkjS2Yn1IMxunDZSMLSAl6UIWBgd6Oef2YrcXRNS1EVKptVm%2F3b1T30hsuZYqTe47FSEhEFK3Day0DqsrqAsxjm%2Fs6AgUCPX4Ir5hh5BoJL8RbGkdYHNNyi07470oX4esU0j9GvNz8KxBllg0MT0QTmzEEjy%2FWlUtmnx1QGOJ7q9yURx2JrIfJleV8l68RSNe4x%2FvdyyjdMQMGKvS7M4m6Am27bsxobAexiSYXXFsf8%2BisT2wP089iFUwo2PKHAXLsgq0N8VI2dm0c808o3y6rwUDtw%2Fg521H9htDRW0a8RptObVrbSIUsdvPo%2FLPWYyXbjjx8RQXAdKLDIxRqqZVUrO1n7CPDQxSO8UfV6%2FcADBn3KBNPDNXBfGyIrfz9Wq7i1mP%2F5MgbkGpFrBUvNqv7%2FofhZXYD8sfVTCRUrloa9FUGgXUzZ5YFU8LAfvsgFTfyZdqXxaGMC6nuSBu8Bk0ejrB1ONJF2sYBn%2FshBTEXIF60vm1vh%2B0T2hYfUSoSgh9Xx%2B0vyUfdjVml8PuC9g%2FJS75%2FrlBG8536wAz0EPVDwQOtVCDcdfs9KOeJBmqVdy4hQ8jWJgiYb1p3mAZj13ZEXbfrTxri3kSYHevXOaFpEjYz; expires=Fri, 26-Apr-2024 14:00:21 GMT; Max-Age=86400; path=/; domain=afsy.ink
SID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=afsy.ink
ESID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=afsy.ink
s=%2BR2k7VPH156LPOnd%2Fz5ovhZbibGEpb20G67hQM%2BwPELf%2B9%2B9jvlO%2BAmR8tc4o%2FxFbRIzqM4Gh%2B%2BoB91%2F3tnkJiB%2BTvaXHuNb%2BRe47yBD4bjc4qEBIjUYZB1DbRNtLYm3xjEk9AQbP6vrQCBrSsvQzDo8cXX6qwsCl63iDfId%2FsAodgZ1%2FkwtjnuyaBcXTKm7RqoSV%2BI2UPNqa8Wb6MVQt9%2BEw8nEsImDSlIgGdyc69hyrHLmg6u2Dyj2PiO1eIYpWtlyCYVCF1VJVahiZbmP3enzMdnXHqUuWfqpCd1jLRQMrtpW7ToD29IivwoPe6KdIf%2FwOGDgPjDP%2BWPHmtg%2B6gnspQ5e27%2FYrL6AjuvgitE4aOfnn2Y%2BaA%2BeP92TK9O03dvgcnfkglkHqQkHYu9RvbBV1dCkZbC6S4vVS8I24uXQKzvaYa%2FV%2BjoPG5AK3QXrWsYNp2X6PZ0TSuI3jGM0Pd%2F5KPNrmfyuG60matTKbEpMQlFZDB7Tz8JlmjprDYmUH0IemaX2IrX6uNDP4cJkAoVwMmi8skRYAFSsC9k1b8uNJiyFopgQmbXI9C9T5fdTla8vfqX%2BlrFewbaxZSJ%2FB52Wm4BpeljslbqG6s2fev%2BSj4riC8lEearndJBueUWAxbxW45VyKKL8jGsBkMKao%2FzekBFLDigFOZMOGFmwaPk648QXX2QYl%2FVYcLtO4U7e9CLSmZNbG90SflyTYG3CketYvpLIL1Hvfivp8IJOaE7K5cmCPaOlEQKR4XxGB%2FtAeITYx%2BVZlK8HiPvGujFZGaGK4EtmgzicMRnhOXOXrxWHx4T4aDvWMyGg3iuomM9nDRkmieNoK4yT8Hu2%2FdLo43tAlGxIQvGzHmRZ2xebrq9JM0pR44Kz3RcDjAuASWbOa1uBhPCBtLj7jSDrCs7bjG7DGfao6%2FNnS4IHqg75e0DnJcfHIul%2BE2aknu4BjUz%2FO%2BP%2B97qGRfXCnCRf2f3xwjf8sP7pufUJjBfRlKQp58Yy%2Fw%2By4a1UKGkTxopD7uNytWFV030Tn8iRAw4%2Ff7%2BaK4u2OG96bMEERXcwSZXhkfgx85LL5QkJAFcIhWPEoHcy0XQjViHnSav971ZF7m8UPMS8Pv5vDP5UOiAVJv57CnO2umBVxYmrbDUt9Hy5J%2BJpQJmJ0z5r%2BVt%2B2BWWUQi6FK%2FTAKf%2BNny1oG76JhvFzov1HoJPTMqkX0oDhVzQzyLx5MSfwG6OePPuuHEe6rKD21zPUXOBGOBkBnKUPN47xIDFc9ovPMCS3XtI8qv%2BplgmHPLWODpwtfNGQ11BzRVRVHWOfi8w28beO3cSK4J8nXZOwrqN9luXVI3AKMqkdpoj2VEIIBEadR%2BUJFWurp3N4PCQnDQUPAuJMCJb%2BQvNsG2JBKblaBMGUoMvgmWTNTXhQKvOeaHQ8eOAgBBFm563v%2FbGNyIvMmhXiT%2FP8TFRXfnoobNUlY2Q4iTh8OE7MnYy0A2zukd8g4seAJhDqMEOdlIVbwW0MWeNnxm07VqKuNMOaWdjumamZdCG3CznVRt5uJPYdJuO3tUfcq0qJ5GzLDXld7iVrYePAqKo0NbhyM86x5wSfbcoBeCaV4ZfFxKD6TTGjZvmi8ZH5ijZDGmLPfbqZHqPEbHnTr%2Bp12pDdBIozPsGUokqJzB6D7H8fLM%2FWDPYz4dYTaeausx%2BDhT1RZ4PNKcwpiO5oSeKGSLuc8i4pRDGuArjWP3s0dm%2BvuksUbH7cKyWGDT19RkUZ7bVI4YZ172cdJISCj1TjV%2Bo%2FvRNH2DGntUpNA6QpCJ%2FWT5raA%3D%3D; expires=Fri, 26-Apr-2024 14:00:21 GMT; Max-Age=86400; path=/; domain=afsy.ink
SID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=afsy.ink
ESID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=afsy.ink
CF=O2wglTTW010%2BwMikb78BKw__; path=/; domain=afsy.ink
Location: https://track.freespicy.games/click?pid=8902&offer_id=324&ref_id=4097bd97a6bc2b9fb344f5b7d265d603&sub2=4
|
|
| track.freespicy.games/click?pid=8902&offer_id=324&ref_id=4097bd97a6bc2b9fb344f5b7d265d603&sub2=4 | 34.90.14.205 | 302 Found | 0 B |
URL User Request GET HTTP/2track.freespicy.games/click?pid=8902&offer_id=324&ref_id=4097bd97a6bc2b9fb344f5b7d265d603&sub2=4 IP34.90.14.205:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerSectigo Limited Subjecttrack.freespicy.games Fingerprint83:0C:9C:AF:D3:54:96:61:C7:F0:74:E6:29:B0:B6:E1:36:B5:7A:E9 ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=8902&offer_id=324&ref_id=4097bd97a6bc2b9fb344f5b7d265d603&sub2=4 HTTP/1.1
Host: track.freespicy.games
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 25 Apr 2024 14:00:21 GMT
content-length: 0
location: https://track.affstreck.com/ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa?tsource=affise&offer_id=324&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=AdsyTech&partner_id=8902&offer_name=Smartlink+adult+games+-+CPL&filter=&clickid=662a61f526821d0001c4e5f4&aff_source=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=662a61f526821d0001c4e5f4; expires=Fri, 25 Apr 2025 14:00:21 GMT; secure; SameSite=None
afoffers={"324":1714053621}; expires=Fri, 25 Apr 2025 14:00:21 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| track.affstreck.com/ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa?tsource=affise&offer_id=324&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=AdsyTech&partner_id=8902&offer_name=Smartlink+adult+games+-+CPL&filter=&clickid=662a61f526821d0001c4e5f4&aff_source= | 18.156.93.177 | 302 Found | 0 B |
URL User Request GET HTTP/2track.affstreck.com/ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa?tsource=affise&offer_id=324&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=AdsyTech&partner_id=8902&offer_name=Smartlink+adult+games+-+CPL&filter=&clickid=662a61f526821d0001c4e5f4&aff_source= IP18.156.93.177:443
CertificateIssuerLet's Encrypt Subjecttrack.affstreck.com Fingerprint98:EB:57:A4:D8:E2:4F:5B:BF:D4:A8:9D:2F:5E:5C:A7:4D:A2:BB:23 ValidityTue, 19 Mar 2024 06:48:16 GMT - Mon, 17 Jun 2024 06:48:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa?tsource=affise&offer_id=324&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=AdsyTech&partner_id=8902&offer_name=Smartlink+adult+games+-+CPL&filter=&clickid=662a61f526821d0001c4e5f4&aff_source= HTTP/1.1
Host: track.affstreck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 25 Apr 2024 14:00:21 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
pragma: no-cache
set-cookie: ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa-v4=HPdN24QKUQ_Sgnl-Jrv8FwE84ZQi3Y6ooNbrQ_n_KUE; Max-Age=86400; Expires=Fri, 26-Apr-2024 14:00:21 GMT; Domain=track.affstreck.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=eudL3jM%2FWm9jb0JSIhqOG%2FfuvHmvzMEef%2BSU3BtVhPwcZnMe2SXBBIGljBARoebWsnvjJXWEsg4xprmGv7NO%2Fy8uLMz%2F2UWOQieOGXdUf7k2SwHWb6%2FtAapCYXtitLMgiAbstEiaSn03MclGZcIgXQ%3D%3D; Max-Age=31536000; Expires=Fri, 25-Apr-2025 14:00:21 GMT; Domain=track.affstreck.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/files/no-mute.png | 134.209.88.167 | 200 OK | 9.4 kB |
URL GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/files/no-mute.png IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
File typePNG image data, 512 x 512, 8-bit colormap, non-interlaced Hashc7c1df0c860dd0c415ac160f1f2003d9 ff923b752a048e2d7849ca515563fc1e57c6a8e9 3d59ff121a2f9490573c4fc3d3d459064fe106506979efd5e7d75c530fe7ea5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/files/no-mute.png HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: image/png
content-length: 9374
last-modified: Fri, 26 Jan 2024 12:56:35 GMT
etag: "65b3ac03-249e"
expires: Sat, 25 May 2024 14:00:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/Logo.png | 134.209.88.167 | 200 OK | 15 kB |
URL GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/Logo.png IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
File typePNG image data, 311 x 139, 8-bit/color RGBA, non-interlaced Hash4b4f17e447436648dfefd1695a9c7376 c1e65bcab2845e3b955ce96a19ef3c7b98074591 d7bb349ca10bed7f863d0b09803b0dd017828f67916b0c7c8dddcf17bfe78486
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/files/img/Logo.png HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: image/png
content-length: 14761
last-modified: Fri, 26 Jan 2024 12:58:10 GMT
etag: "65b3ac62-39a9"
expires: Sat, 25 May 2024 14:00:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/arrow-ll.svg | 134.209.88.167 | 200 OK | 230 B |
URL GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/arrow-ll.svg IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
File typeSVG Scalable Vector Graphics image Hashe43a912350d148b2c936c0f22733e8bf 752b22a01f9501f4e991b828ac3710908c82eb50 266f150edf91552c04b5fde58b480db972ec139ac68e813ede1a7dda1d655926
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/files/img/arrow-ll.svg HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: image/svg+xml
content-length: 230
last-modified: Fri, 26 Jan 2024 12:58:09 GMT
etag: "65b3ac61-e6"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/arrow-rr.svg | 134.209.88.167 | 200 OK | 232 B |
URL GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/arrow-rr.svg IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
File typeSVG Scalable Vector Graphics image Hashcd18c403e06b151ca4a16f25f73b04cf 360ce0230f709c4778991d30d75387c752112b3e 9687895282c00d5b8fe673dd18ce21dab59c9a1de1bda4c9d378f405f4de5cae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/files/img/arrow-rr.svg HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: image/svg+xml
content-length: 232
last-modified: Fri, 26 Jan 2024 12:58:10 GMT
etag: "65b3ac62-e8"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-TGM4F8X | 142.250.74.168 | 200 OK | 72 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-TGM4F8X IP142.250.74.168:443
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (21659) Hashe4163d7e584cb1c6bb0571525f58d3e6 0377583f79bec12e42f7078e83528749c7bef235 611cd666e835cefc1669e8e3bfecad0617a38a6a7c6147cee863ca60f9e954eb
GET /gtm.js?id=GTM-TGM4F8X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 14:00:22 GMT
expires: Thu, 25 Apr 2024 14:00:22 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71863
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/background-desktop1.jpg | 134.209.88.167 | 200 OK | 642 kB |
URL GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/background-desktop1.jpg IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1920x1080, components 3 Size642 kB (642400 bytes) Hash14386c83a9d930312c3b9ee4bfac20f4 5d544408c44b118b7998a5eb2b9d94da5bd5bf18 b8cd058898498905224a782d017d102557ab508f282227e150755e695a250482
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/files/img/background-desktop1.jpg HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/files/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: image/jpeg
content-length: 642400
last-modified: Fri, 26 Jan 2024 12:58:11 GMT
etag: "65b3ac63-9cd60"
expires: Sat, 25 May 2024 14:00:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 | 142.250.74.99 | | 17 kB |
URL fonts.gstatic.com/s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 17360, version 1.0 Hash70322c317b1f4e2e17dbc6b672f95f5f f3dff7c50e1aea33814c6aeeca177ae3ff900bfc 3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a
GET /s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://playfulcheaters.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:54:44 GMT
expires: Fri, 18 Apr 2025 17:54:44 GMT
cache-control: public, max-age=31536000
age: 590738
last-modified: Thu, 24 Aug 2023 21:07:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/files/ion.sound.min.js | 134.209.88.167 | 200 OK | 4.1 kB |
URL GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/files/ion.sound.min.js IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
File typegzip compressed data, from Unix Hasha5b803187dbfeb58aa2f42329b998c7e 927168be37676ce875ca8b3a0b57f4b66455f7d2 3fbf8f11a8b68de9f81d128f5d1b6defbc6adafc284047734f880ef562a3486c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/files/ion.sound.min.js HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: application/javascript
last-modified: Fri, 26 Jan 2024 12:56:35 GMT
vary: Accept-Encoding
etag: W/"65b3ac03-3220"
expires: Fri, 26 Apr 2024 02:00:22 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Luckiest+Guy&display=swap | 142.250.74.138 | | 8.9 kB |
URL fonts.googleapis.com/css2?family=Luckiest+Guy&display=swap IP142.250.74.138:0
File typegzip compressed data, max compression Hash461068daccf2420469380c20ce6f6f8d 61c89493e7442b2625bcf8b00a3bfa616eb8ccff 5adb3044fff33130d140e8e3b9d355c6ec86af2ae19feab55f54701da39e29d5
GET /css2?family=Luckiest+Guy&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 14:00:22 GMT
date: Thu, 25 Apr 2024 14:00:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/files/apple-touch-icon.png | 134.209.88.167 | 200 OK | 9.4 kB |
URL GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/files/apple-touch-icon.png IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash049ac8181fb1c147054e1ec9ae763d70 565397e7f0a82d7c31abccddbd9a310fddb3591d 6812893aafb0fdffa269b19ed588193637747a850b3d20ac51c38d09ccffdc95
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/files/apple-touch-icon.png HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: image/png
content-length: 9390
last-modified: Fri, 26 Jan 2024 12:56:35 GMT
etag: "65b3ac03-24ae"
expires: Sat, 25 May 2024 14:00:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/files/favicon-16x16.png | 134.209.88.167 | 200 OK | 493 B |
URL GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/files/favicon-16x16.png IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hasha2a4b5d7c260fd7b81ea7daa0922c45c 736f12c449c0d7b8809bd0efc96a041b2dd0b377 80a2bb3256c6169c7b0784d69b3f199510a9e345bbff1f7480ac209fcd985b78
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/files/favicon-16x16.png HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: image/png
content-length: 493
last-modified: Fri, 26 Jan 2024 12:56:35 GMT
etag: "65b3ac03-1ed"
expires: Sat, 25 May 2024 14:00:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/files/style.min.css | 134.209.88.167 | 200 OK | 8.9 kB |
URL GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/files/style.min.css IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
File typegzip compressed data, from Unix Hash3f076dd338f0818731e8e9129d7d4c20 cc4767a1a3ff8ccb534a3ba71353f63e29f5f820 eca155519109120c915943ca8b1b0ebc52e81f101831f7ffd3051bbd7be95a89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/files/style.min.css HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: text/css
last-modified: Fri, 26 Jan 2024 12:56:35 GMT
vary: Accept-Encoding
etag: W/"65b3ac03-1ee7"
expires: Fri, 26 Apr 2024 02:00:22 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= | 134.209.88.167 | 200 OK | 7.1 kB |
URL User Request GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
File typeHTML document, ASCII text, with very long lines (7530), with no line terminators Hash0d241340e7f7e7c2224aabca091345a2 2792e5ad6ff9c639b20ee14a10ef5a19c185cc88 7f656317e3fd962d49143a7be7ee64f53ecfdf5274d0f3d78ef0a246726c9ebd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: text/html
last-modified: Fri, 26 Jan 2024 12:55:27 GMT
vary: Accept-Encoding
etag: W/"65b3abbf-1bb6"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| adverster.b-cdn.net/freedirtygame/jquery.min.js | 169.150.247.34 | 200 OK | 90 kB |
URL GET HTTP/2adverster.b-cdn.net/freedirtygame/jquery.min.js IP169.150.247.34:443 ASN#60068 Datacamp Limited
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /freedirtygame/jquery.min.js HTTP/1.1
Host: adverster.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: application/javascript
server: BunnyCDN-DE1-1077
cdn-pullzone: 303693
cdn-uid: f45a7a2e-6fd6-42fa-b15d-1efd29fb00dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: W/"62ae068d-15d84"
last-modified: Sat, 18 Jun 2022 17:08:29 GMT
cdn-storageserver: DE-677
cdn-fileserver: 339
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 18:59:18
cdn-edgestorageid: 1055
cdn-status: 200
cdn-requestid: be8312dfe71fbc626720e8fe1e746472
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| playfulcheaters.com/pre/FamilyCheaters_v14_7/files/lang.min.js | 134.209.88.167 | 200 OK | 14 kB |
URL GET HTTP/2playfulcheaters.com/pre/FamilyCheaters_v14_7/files/lang.min.js IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectplayfulcheaters.com Fingerprint94:F3:45:D0:D1:51:89:4D:2D:B5:1D:3B:DD:BA:BA:E3:7E:D2:4B:A9 ValidityThu, 28 Mar 2024 23:11:37 GMT - Wed, 26 Jun 2024 23:11:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FamilyCheaters_v14_7/files/lang.min.js HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wbltm3rakuo69er0j4ps6fo6&country=NO&tsource=8902&m1=Firefox&m2=Norway&voluum_id=ebbe02d8-90ca-4e6c-a00e-4a58cfc60caa&p1=affise&p2=324&p3=Adult_Games%20-%20Straight%20-%20Smartlink%20-%20for%20lead%20%28324%2C%20357%29&p4=AdsyTech&p5=8902&p6=Smartlink%20adult%20games%20-%20CPL&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:00:22 GMT
content-type: application/javascript
last-modified: Fri, 26 Jan 2024 12:56:36 GMT
vary: Accept-Encoding
etag: W/"65b3ac04-3554"
expires: Fri, 26 Apr 2024 02:00:22 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|