| grinbettyreserve.com/zhnac2fmt?adb=n&dev=r&epbelue=83&key=8458e50aa6abc75ae27e9f9b68b1442f&kw=[%22demandes%22,%22-%22,%22enaolf%22,%22page%22,%222%22,%22leakimedia%22]&psid=leakimedia.com,leakimedia.com&refer=https://leakimedia.com/threads/enaolf.4513/page-2&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=2&uuid=bc4be3a2-3353-4dd8-ace0-1cae8f820505:2:1&v=24.4.2204 | 172.240.108.76 | | 1.7 kB |
URL grinbettyreserve.com/zhnac2fmt?adb=n&dev=r&epbelue=83&key=8458e50aa6abc75ae27e9f9b68b1442f&kw=[%22demandes%22,%22-%22,%22enaolf%22,%22page%22,%222%22,%22leakimedia%22]&psid=leakimedia.com,leakimedia.com&refer=https://leakimedia.com/threads/enaolf.4513/page-2&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=2&uuid=bc4be3a2-3353-4dd8-ace0-1cae8f820505:2:1&v=24.4.2204 IP172.240.108.76:0
File typeHTML document, ASCII text, with very long lines (874) Hash6f3e002433799edc47c02e910ff01da7 1029fbfe8bf46fd4717ac07a6c2fe5dba2d4f0fa cb55971cb8d22ca5587483f55d578e69e7d238748e44e0b13c6ef89ce9337a4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /zhnac2fmt?adb=n&dev=r&epbelue=83&key=8458e50aa6abc75ae27e9f9b68b1442f&kw=[%22demandes%22,%22-%22,%22enaolf%22,%22page%22,%222%22,%22leakimedia%22]&psid=leakimedia.com,leakimedia.com&refer=https://leakimedia.com/threads/enaolf.4513/page-2&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=2&uuid=bc4be3a2-3353-4dd8-ace0-1cae8f820505:2:1&v=24.4.2204 HTTP/1.1
Host: grinbettyreserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 01:46:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=21543921; expires=Sat, 20 Apr 2024 01:46:43 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTU0MzkyMSwiayI6Ijg0NThlNTBhYTZhYmM3NWFlMjdlOWY5YjY4YjE0NDJmIiwic2lkIjoibGVha2ltZWRpYS5jb20sbGVha2ltZWRpYS5jb20iLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE4MjAzMjMsInBpZCI6NDQ5MTA1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ6aG5hYzJmbXQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGVha2ltZWRpYS5jb20vdGhyZWFkcy9lbmFvbGYuNDUxMy9wYWdlLTIiLCJhciI6W119fQ.exqJglvDDybInt_gQssO2WsZCe2GSXp40sYGFIP0BPg; expires=Fri, 19 Apr 2024 01:47:43 GMT
uid_id2=bc4be3a2-3353-4dd8-ace0-1cae8f820505:2:1; expires=Fri, 26 Apr 2024 01:46:43 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20c4ea115db32e99cfe0e67e12fc4ccd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| grinbettyreserve.com/api/users?token=L3pobmFjMmZtdD9hZGI9biZkZXY9ciZlcGJlbHVlPTgzJmtleT04NDU4ZTUwYWE2YWJjNzVhZTI3ZTlmOWI2OGIxNDQyZiZrdz0lNUIlMjJkZW1hbmRlcyUyMiUyQyUyMi0lMjIlMkMlMjJlbmFvbGYlMjIlMkMlMjJwYWdlJTIyJTJDJTIyMiUyMiUyQyUyMmxlYWtpbWVkaWElMjIlNUQmcHNpZD1sZWFraW1lZGlhLmNvbSUyQ2xlYWtpbWVkaWEuY29tJnBzdD0xNzEzNDkxMjYzJnJlZmVyPWh0dHBzJTNBJTJGJTJGbGVha2ltZWRpYS5jb20lMkZ0aHJlYWRzJTJGZW5hb2xmLjQ1MTMlMkZwYWdlLTImcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9JnNodT0wNWE4ZTc1NjQxOTIwYWFkMzk3MzhiNWVlNmE4ZTZjMjNlZWY3MTE2YTYxNzRkOWU0ZTcxODUyNDc5ZGQ1OGYwMGU0OTgwODQzYmUzMDdiZDYzMTMxZGYwNzU2ZWNjZmY1NTgyODQ5N2EzNGE2MDk3MjMwYTFjNzZmMDU4NjBiNjUxZDQ4YTkwOWIwZjNmMGRlZDY4ZmM5NDkzM2I1NjY3YmUyM2Q1NzkyNDY2YTc4OWVjMjkwMWEyN2JkNTA1JnN1YjM9aW52b2tlX2xheWVyJnR6PTImdXVpZD1iYzRiZTNhMi0zMzUzLTRkZDgtYWNlMC0xY2FlOGY4MjA1MDUlM0EyJTNBMSZ2PTI0LjQuMjIwNA&uuid=bc4be3a2-3353-4dd8-ace0-1cae8f820505%3A2%3A1&pii=&in=false | 172.240.108.76 | 302 Found | 0 B |
URL User Request GET HTTP/1.1grinbettyreserve.com/api/users?token=L3pobmFjMmZtdD9hZGI9biZkZXY9ciZlcGJlbHVlPTgzJmtleT04NDU4ZTUwYWE2YWJjNzVhZTI3ZTlmOWI2OGIxNDQyZiZrdz0lNUIlMjJkZW1hbmRlcyUyMiUyQyUyMi0lMjIlMkMlMjJlbmFvbGYlMjIlMkMlMjJwYWdlJTIyJTJDJTIyMiUyMiUyQyUyMmxlYWtpbWVkaWElMjIlNUQmcHNpZD1sZWFraW1lZGlhLmNvbSUyQ2xlYWtpbWVkaWEuY29tJnBzdD0xNzEzNDkxMjYzJnJlZmVyPWh0dHBzJTNBJTJGJTJGbGVha2ltZWRpYS5jb20lMkZ0aHJlYWRzJTJGZW5hb2xmLjQ1MTMlMkZwYWdlLTImcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9JnNodT0wNWE4ZTc1NjQxOTIwYWFkMzk3MzhiNWVlNmE4ZTZjMjNlZWY3MTE2YTYxNzRkOWU0ZTcxODUyNDc5ZGQ1OGYwMGU0OTgwODQzYmUzMDdiZDYzMTMxZGYwNzU2ZWNjZmY1NTgyODQ5N2EzNGE2MDk3MjMwYTFjNzZmMDU4NjBiNjUxZDQ4YTkwOWIwZjNmMGRlZDY4ZmM5NDkzM2I1NjY3YmUyM2Q1NzkyNDY2YTc4OWVjMjkwMWEyN2JkNTA1JnN1YjM9aW52b2tlX2xheWVyJnR6PTImdXVpZD1iYzRiZTNhMi0zMzUzLTRkZDgtYWNlMC0xY2FlOGY4MjA1MDUlM0EyJTNBMSZ2PTI0LjQuMjIwNA&uuid=bc4be3a2-3353-4dd8-ace0-1cae8f820505%3A2%3A1&pii=&in=false IP172.240.108.76:443
CertificateIssuerLet's Encrypt Subjectgrinbettyreserve.com FingerprintC3:91:98:36:11:9B:98:C5:4E:71:62:A2:E4:23:3F:8E:6E:B1:8C:6C ValidityTue, 16 Apr 2024 14:07:48 GMT - Mon, 15 Jul 2024 14:07:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L3pobmFjMmZtdD9hZGI9biZkZXY9ciZlcGJlbHVlPTgzJmtleT04NDU4ZTUwYWE2YWJjNzVhZTI3ZTlmOWI2OGIxNDQyZiZrdz0lNUIlMjJkZW1hbmRlcyUyMiUyQyUyMi0lMjIlMkMlMjJlbmFvbGYlMjIlMkMlMjJwYWdlJTIyJTJDJTIyMiUyMiUyQyUyMmxlYWtpbWVkaWElMjIlNUQmcHNpZD1sZWFraW1lZGlhLmNvbSUyQ2xlYWtpbWVkaWEuY29tJnBzdD0xNzEzNDkxMjYzJnJlZmVyPWh0dHBzJTNBJTJGJTJGbGVha2ltZWRpYS5jb20lMkZ0aHJlYWRzJTJGZW5hb2xmLjQ1MTMlMkZwYWdlLTImcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9JnNodT0wNWE4ZTc1NjQxOTIwYWFkMzk3MzhiNWVlNmE4ZTZjMjNlZWY3MTE2YTYxNzRkOWU0ZTcxODUyNDc5ZGQ1OGYwMGU0OTgwODQzYmUzMDdiZDYzMTMxZGYwNzU2ZWNjZmY1NTgyODQ5N2EzNGE2MDk3MjMwYTFjNzZmMDU4NjBiNjUxZDQ4YTkwOWIwZjNmMGRlZDY4ZmM5NDkzM2I1NjY3YmUyM2Q1NzkyNDY2YTc4OWVjMjkwMWEyN2JkNTA1JnN1YjM9aW52b2tlX2xheWVyJnR6PTImdXVpZD1iYzRiZTNhMi0zMzUzLTRkZDgtYWNlMC0xY2FlOGY4MjA1MDUlM0EyJTNBMSZ2PTI0LjQuMjIwNA&uuid=bc4be3a2-3353-4dd8-ace0-1cae8f820505%3A2%3A1&pii=&in=false HTTP/1.1
Host: grinbettyreserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grinbettyreserve.com/api/users?token=L3pobmFjMmZtdD9rZXk9OWNhNjAxYTlmNDdjNzM1ZGY3NmQ1Y2E0NmZhMjZhNjYmc3VibWV0cmljPTIxNTQzOTIx
Cookie: u_pl=21543921; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTU0MzkyMSwiayI6Ijg0NThlNTBhYTZhYmM3NWFlMjdlOWY5YjY4YjE0NDJmIiwic2lkIjoibGVha2ltZWRpYS5jb20sbGVha2ltZWRpYS5jb20iLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE4MjAzMjMsInBpZCI6NDQ5MTA1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ6aG5hYzJmbXQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGVha2ltZWRpYS5jb20vdGhyZWFkcy9lbmFvbGYuNDUxMy9wYWdlLTIiLCJhciI6W119fQ.exqJglvDDybInt_gQssO2WsZCe2GSXp40sYGFIP0BPg; uid_id2=bc4be3a2-3353-4dd8-ace0-1cae8f820505:2:1; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 01:46:43 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://gammradiation.space/?660a8d9d188ea&ag_custom_domain=21543921
Set-Cookie: uid_id2=bc4be3a2-3353-4dd8-ace0-1cae8f820505:2:1; expires=Fri, 26 Apr 2024 01:46:43 GMT
iprc6eaedd5a7754fc5ac27e0a966680a63a=5130239; expires=Sat, 20 Apr 2024 01:46:43 GMT
pdhtkv=true; expires=Sat, 20 Apr 2024 01:46:43 GMT
uncs=1; expires=Sat, 20 Apr 2024 01:46:43 GMT
pdhtkv28=true; expires=Sat, 20 Apr 2024 01:46:43 GMT
uncs28=1; expires=Sat, 20 Apr 2024 01:46:43 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4682389c6eece95d45d090302272e0e9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| grinbettyreserve.com/favicon.ico | 172.240.253.132 | | 0 B |
URL grinbettyreserve.com/favicon.ico IP172.240.253.132:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: grinbettyreserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grinbettyreserve.com/api/users?token=L3pobmFjMmZtdD9rZXk9OWNhNjAxYTlmNDdjNzM1ZGY3NmQ1Y2E0NmZhMjZhNjYmc3VibWV0cmljPTIxNTQzOTIx
Cookie: u_pl=21543921; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTU0MzkyMSwiayI6Ijg0NThlNTBhYTZhYmM3NWFlMjdlOWY5YjY4YjE0NDJmIiwic2lkIjoibGVha2ltZWRpYS5jb20sbGVha2ltZWRpYS5jb20iLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE4MjAzMjMsInBpZCI6NDQ5MTA1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ6aG5hYzJmbXQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGVha2ltZWRpYS5jb20vdGhyZWFkcy9lbmFvbGYuNDUxMy9wYWdlLTIiLCJhciI6W119fQ.exqJglvDDybInt_gQssO2WsZCe2GSXp40sYGFIP0BPg; uid_id2=bc4be3a2-3353-4dd8-ace0-1cae8f820505:2:1; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 01:46:44 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94f0f23e52fd2be5b2de35c337fb3d9c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/notice.png | 172.67.163.114 | 200 OK | 4.0 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/notice.png IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typePNG image data, 482 x 45, 8-bit/color RGBA, non-interlaced Hashe0e971b6969a5939530b9e3e735afc8b 73b405934f2bb9adc4e16b97e56e6192d402b873 6b4832fd467e872eb94ba1d9e7412bf510407ca2646e64b69317682d2d532407
GET /lg/lg_0324/land_lg_120324_en/image/notice.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: image/png
content-length: 4047
last-modified: Tue, 12 Mar 2024 16:35:27 GMT
etag: "65f0844f-fcf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4928
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bd%2BhXroxdJX6Hz7R9S8r9RX8s26IF%2FH%2FFoAmACiSmHo4VmMfa1kiZJnaoYRSiGDAn8ybwmBt1NehRxWbYZVVvGr93nPw6lSyYFv6pHx3RxTr%2FamEM2SC21PDoVRd5oSYA0A4xSNw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938fc987f712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/1.jpg | 172.67.163.114 | 200 OK | 107 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/1.jpg IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typeJPEG image data, baseline, precision 8, 280x449, components 3 Size107 kB (106632 bytes) Hash3e522fb14449eb689d1921758a4a4b39 7c15dc49e373e81a899f57d851c30d18627ce98a 2cc1937058fc1f91b4dd4173e2f8d94254a9df041499c18e5a488d72b92c9bc1
GET /lg/lg_0324/land_lg_120324_en/image/1.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: image/jpeg
content-length: 106632
last-modified: Tue, 12 Mar 2024 16:35:25 GMT
etag: "65f0844d-1a088"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4928
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSGWLkM8gveF%2B8J8IUK3oR9VqluNtVe745bbnpYccyWnCttoAlWEB2WOfYI6KqW4iecc1YuRizTCDuolC%2Fmf3PIx7%2B16dvttvumDA8g5pkzRNsnXYeVmMhuvdi5qs97ZTmrhLSEG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938fc9880712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/2.jpg | 172.67.163.114 | 200 OK | 116 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/2.jpg IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typeJPEG image data, baseline, precision 8, 280x449, components 3 Size116 kB (116147 bytes) Hash6bba02016dc4e9891ebec68e52cc98a8 0a683e61fd28fe72b383eda3004162df48357a79 73cfe9d9a6962c59a363b86cf7ef6bc9b6686407030c04433b62c6ea6ca0ced2
GET /lg/lg_0324/land_lg_120324_en/image/2.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: image/jpeg
content-length: 116147
last-modified: Tue, 12 Mar 2024 16:35:25 GMT
etag: "65f0844d-1c5b3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5122
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OyI74LStLc9XIszfCtQ288HAwofYQbfJ0TIFqbgBK3coWHBQ54JrTeE4FbotYCYIc93i%2FKL07dakZaOT4AyBufqlfHNiBLNcXuJ2lQEwwAv8WeY%2BIcKPm%2FA4aNGn1hIyNhWRUIZU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938fca881712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/3.jpg | 172.67.163.114 | 200 OK | 98 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/3.jpg IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typeJPEG image data, baseline, precision 8, 280x449, components 3 Hash43547b7d30757e3fa8649a979392578e 4c9942aed9d53547a8d758a734333523dfcb54a3 62b80966d375660e6084a3d15aa97630e78659b4751ec036d8d926fc21c25266
GET /lg/lg_0324/land_lg_120324_en/image/3.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: image/jpeg
content-length: 98214
last-modified: Tue, 12 Mar 2024 16:35:26 GMT
etag: "65f0844e-17fa6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5122
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PH8N8hWmvO3qU3Q4ytzqLt6BYj8dHQrDVVjJwwkBMGjlvWqwQdi%2BikUSfInEQOjiQDftYu7F13oMd5XHvhk5k06kOQiN6Zbw7Iwjtm7DynYya2sHRbnXYN9iIEbq%2FLXlXzohQf8C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938fcb885712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/4.jpg | 172.67.163.114 | 200 OK | 113 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/4.jpg IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typeJPEG image data, baseline, precision 8, 280x449, components 3 Size113 kB (112586 bytes) Hash77f2b61942f92d1c1e251b58cfc16678 7405a16b99718689017435a55a11f31bc8466ca4 92968176e1ce641729bb99e05c2f581c0e7d41009624298758e893bcd274c6f5
GET /lg/lg_0324/land_lg_120324_en/image/4.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: image/jpeg
content-length: 112586
last-modified: Tue, 12 Mar 2024 16:35:26 GMT
etag: "65f0844e-1b7ca"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5122
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZVb13oh9QULNK7fzofS1NolmKw1IxxMd0lg36q2PVDZYk3Izghjf%2BwV7UEdvCEjymFx%2FG3vR0pOumWS%2BQKC1VtA9b3svUNEEZjftvxCd7xsHAHK%2B%2F9e0TyIONVfCnMorf2QPKAu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938fcb886712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/button.png | 172.67.163.114 | 200 OK | 3.7 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/button.png IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typePNG image data, 315 x 88, 8-bit/color RGBA, non-interlaced Hash6642fd93ef8a7961ba0dd956b443bac3 b7819f1138d183439d8318d4e474481f0d0f009f f783c9ea576432b935a5fb7ff4ab13b136dfe7998c01b142cb5c6b47ba95f59c
GET /lg/lg_0324/land_lg_120324_en/image/button.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: image/png
content-length: 3733
last-modified: Tue, 12 Mar 2024 16:35:26 GMT
etag: "65f0844e-e95"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5122
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JPeb9P0wC5pokJE%2FZXdpI1OPS25aeb6teIU6tPQkuGPgErOwCfpkZYuGD5pgFjtVR%2Fan9O4C2o%2BYwZRaSqn9oANmyhEZrrwQRBlG1ftxpVf6iqKbtKQT9XcVfyBEhIq7c5sEgWW5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938fcb888712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/bg1.jpg | 172.67.163.114 | 200 OK | 113 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/bg1.jpg IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3 Size113 kB (112855 bytes) Hash944baef65b2ddce34b729ff6ee40989d c0c89c08d95e9f6a5e86a3e69766ff2e01cb9917 a7bcd7b9a5c2388fce5c5b20d7ac27429e4f5c1920d2e3bc5de63f2291f64f9c
GET /lg/lg_0324/land_lg_120324_en/image/bg1.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/css/main.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:45 GMT
content-type: image/jpeg
content-length: 112855
last-modified: Wed, 13 Mar 2024 12:47:16 GMT
etag: "65f1a054-1b8d7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4928
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pWIApbPF5Q5C2ID7PExtPsU2HvZsUJK2mgyARS7p4YCJfTDcHE9xzvuNtprk1sAZfxgmJYEaC9sYunWj6YRg0oiV7i40di1Ka7yxkXuHaCV1NQMKTPbM3k%2FBeVdjXznsClW0VOjK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938ff7997712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/fav.png | 172.67.163.114 | 200 OK | 1.4 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/image/fav.png IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash10c5dd857fd3653492ef5eeaa86cd48b 193484a907a40d7b145af2136ef83bef593d2f21 a689201508b9dc7b2cc3049c7d89947f96a19790411506ecd6eb1875374fe329
GET /lg/lg_0324/land_lg_120324_en/image/fav.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:45 GMT
content-type: image/png
content-length: 1425
last-modified: Tue, 12 Mar 2024 16:35:27 GMT
etag: "65f0844f-591"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3649
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXrBF%2FkaQ1kw18HiqPLJ6Hbw5lCynmaw049BkDE060dcpEs7pNK6LyY0UtlViJz%2FQWwfh1vbH%2FfvzsPjZ7jVh7wUfvb7bLPB%2Bfs9cRdgUpr2%2F56bXnpI3EQU8w1QpzVx2T9n5R2H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938ffb9a6712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/libs/jquery.min.js | 172.67.163.114 | 200 OK | 40 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/libs/jquery.min.js IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /lg/lg_0324/land_lg_120324_en/libs/jquery.min.js HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:35:29 GMT
etag: W/"65f08451-1538f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OID09B%2Bff8G9kyyP%2B7ltCONtQ1YFXmQuwTLf7GaDocS40x4Ie6YR8YIqlE5ZIFh7Pu0rkL1vA0u4AQnkq6it%2FGrSpFPj9mTl%2FNp0fh5LlfPrBDFYeZH5yFhCCRu5PttG0B49%2Ffbw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938fc9879712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/scripts/main.js | 172.67.163.114 | 200 OK | 9.2 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/scripts/main.js IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typeJavaScript source, ASCII text, with no line terminators Hash7d34f846662d075cf9776018c9168a7e f3f5f181061268bb7e4bc326dbaec7f2c84d7857 adab57bc821cebfedc845c7b18ca9f55287eff4ef3a11f7f9dd5eda572418628
GET /lg/lg_0324/land_lg_120324_en/scripts/main.js HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:35:30 GMT
etag: W/"65f08452-124"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5122
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WvOJEUlFlVnBBuswzAoS8NSpj%2FVt70podtG%2BKsgI8V%2FTGGIdO6AP47xHnxy4MWx3%2FZpyeZGEwcAjqleGvzpVm6rZplrAga6FPnmBHekmWKzN6zC4tfM1Ur9eM9PWWfO7tRc%2BdhjB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938fcb889712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ln.gamesrevenue.com/px1.js | 5.161.79.44 | 200 OK | 15 kB |
URL GET HTTP/2ln.gamesrevenue.com/px1.js IP5.161.79.44:443 ASN#213230 Hetzner Online GmbH
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subject*.gamesrevenue.com FingerprintB2:A3:99:AD:22:46:FC:93:41:E9:59:40:F5:09:B0:23:B7:5B:FA:67 ValidityWed, 13 Mar 2024 09:55:06 GMT - Tue, 11 Jun 2024 09:55:05 GMT
File typeASCII text, with very long lines (15239) Hashb01fc426cbc4f33a52a28ee9ca2e2050 577332c8c5f62167ad432c5d20b3ca285e75c91e d40fc3bebe2dc3c28f08f2f4f5a6059425ccc5541ada3f0945f7539e90374441
GET /px1.js HTTP/1.1
Host: ln.gamesrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: application/javascript
last-modified: Fri, 22 Dec 2023 10:12:56 GMT
etag: W/"65856128-3b88"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gammradiation.space/?660a8d9d188ea&ag_custom_domain=21543921 | 172.67.169.184 | 302 Found | 1.4 kB |
URL User Request GET HTTP/2gammradiation.space/?660a8d9d188ea&ag_custom_domain=21543921 IP172.67.169.184:443
CertificateIssuerLet's Encrypt Subjectgammradiation.space Fingerprint5A:A6:33:E9:BB:D0:FF:22:5A:C9:14:7C:D9:D9:83:99:9C:12:74:8E ValidityWed, 21 Feb 2024 16:47:38 GMT - Tue, 21 May 2024 16:47:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?660a8d9d188ea&ag_custom_domain=21543921 HTTP/1.1
Host: gammradiation.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grinbettyreserve.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: text/html
location: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
set-cookie: c_2022b6829ad3bc8a5d74a4bfe5cf4db8=1; Expires=Sat, 20-Apr-24 01:46:44 GMT; Domain=gammradiation.space; Path=/; Secure; SameSite=None
z_a1657e4a6e9423e844ffe11f85a5afb8=1; Expires=Sat, 20-Apr-24 01:46:44 GMT; Domain=gammradiation.space; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDa%2FfwmKOFkKf6iBZVksbrKjLaf59nvtLxp%2BQZw9lawh7yZqgcelyF6s5MopokkwqoP04PN6OdAjDfED5Fgx2Ba8KXaDlchOu4byANNZdnlb0U76iNTeO04xqo3VYtg0fnO%2BWtxw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876938f95d575691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 | 172.67.163.114 | 200 OK | 1.4 kB |
URL User Request GET HTTP/2theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 IP172.67.163.114:443
CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typeHTML document, ASCII text, with very long lines (1475), with no line terminators Hashf8bee364bf8862cf2e2734cb50bbddc2 f3d0fa45eadd37cd5a8b6a5929077c368e932767 3bf73892631e1e315605a93730cfa536be8651488708cccdede5dd4527f0cc12
GET /lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grinbettyreserve.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2BEW1b6g4SMEeKaztXemXOvNBi%2Bm1Kz4wEg2LFNmflmBn3yR1JYOz1n1GF5lUi5YcxvqfFPvoNtjhoqJZm8ZwwTkwP%2BlznaKrlJBKYGmk9FmffyDbA98sbvdVeIDtiTTeS1sebWz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876938fa498356b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| theeverydaygame.com/awpx_click.js?v=005 | 172.67.163.114 | 200 OK | 1.5 kB |
URL GET HTTP/3theeverydaygame.com/awpx_click.js?v=005 IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typeASCII text, with very long lines (1544), with no line terminators Hash684379265eb9f58cc45bc0d82f0db964 dcceb2eb66dd485a8df52da17210e1ea660354ee 45f7be3af362b2f0b894e51e8394ecc08066d8b9004fb095ba7665edbd8ce078
GET /awpx_click.js?v=005 HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: application/javascript
last-modified: Thu, 09 Mar 2023 09:49:36 GMT
etag: W/"6409abb0-5d2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAV8IMmE5Af1N8c%2FUi7gK4ZADzKSpHOO9TjV1bMjZJrH5AaFT9P%2FmJ7nECW02Wb3tTYxgFOmCmHbdw6qreh2ejn0c%2BwzPfXgnWmLvAm16a2gh1ooEjaNk0JfKtvD49MF%2BKoA%2BbUK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938fc987d712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_120324_en/css/main.css?v=1 | 172.67.163.114 | 200 OK | 2.1 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_120324_en/css/main.css?v=1 IP172.67.163.114:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com Fingerprint1C:2A:70:BB:0D:8A:A7:07:B6:01:2D:71:87:2E:C4:07:3D:FF:45:57 ValidityFri, 01 Mar 2024 17:23:46 GMT - Thu, 30 May 2024 17:23:45 GMT
File typeASCII text, with very long lines (2094), with no line terminators Hash080cac71e37fda467d1d2a8f736b66fb 1cf0600afd870d9c8f469c03cb42459f4c02432e 9e1da4cde3a842a3edb8b2e567dbce844753ffd2fd1ef03c1649e0620f5f4ab3
GET /lg/lg_0324/land_lg_120324_en/css/main.css?v=1 HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_120324_en/index.html?utm_campaign=pu_lg_terra_ww_adult&utm_medium=click&utm_source=pu&utm_content=21543921&bnid=land_lg_120324_en&land=land_lg_120324_en&crID=2503013&zID=100076
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:44 GMT
content-type: text/css
last-modified: Wed, 13 Mar 2024 12:47:26 GMT
etag: W/"65f1a05e-82e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3oR1H1gKr0SkKzIx%2FlwvxWEQ2NRrz3yjZEIGFNhJUxvgItF2efprmCNJHIx8mNcetqvlyw%2FFS5d9vp92hPvUFAy4ppzcSJRRT6SJazWPOoTDT31MDeVV0%2FxXrNXEbrWFV4iNtBeD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938fc8872712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|