Report - gotoadexchange.com/jump/next.php?stamat=m|,09iavojOqB1dQO0dEdHP3xP.5f9,S0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM9wj3-bEKRkWmAWjPmfHCJNVPNdZSaefj2NEAsjPRNSnQ,,&cbpage=https://onclickalgo.com/jump/next.php?r=6808846&sub2=8048103&cbur=0.7957063316474682&cbtitle=&cbiframe=0&cbWidth=1366&cbHeight=768&cbdescription=&cbkeywords=&cbref=

Report Overview

Submitted URL
gotoadexchange.com/jump/next.php?stamat=m|,09iavojOqB1dQO0dEdHP3xP.5f9,S0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM9wj3-bEKRkWmAWjPmfHCJNVPNdZSaefj2NEAsjPRNSnQ,,&cbpage=https://onclickalgo.com/jump/next.php?r=6808846&sub2=8048103&cbur=0.7957063316474682&cbtitle=&cbiframe=0&cbWidth=1366&cbHeight=768&cbdescription=&cbkeywords=&cbref=
IP
172.67.168.96
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-28 17:28:53
Access
public
Website Title
Family Cheaters
Final URL
playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
playfulcheaters.com	unknown	2024-01-26	2024-01-28	2024-03-10	11 kB	725 kB	134.209.88.167
adverster.b-cdn.net	342698	2016-04-25	2021-09-03	2024-03-28	425 B	35 kB	138.199.36.7
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-03-28	424 B	75 kB	142.250.74.72
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-03-28	535 B	18 kB	142.250.74.99
gotoadexchange.com	unknown	2023-07-27	2023-07-27	2024-03-28	2.0 kB	16 kB	172.67.168.96
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-03-28	452 B	1.1 kB	142.250.74.106
adverster.g2afse.com	200149	2019-02-26	2021-05-26	2023-11-19	567 B	672 B	34.90.14.205
track.affstreck.com	unknown	2022-11-24	2022-11-28	2024-03-10	727 B	1.2 kB	18.156.93.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed
2024-03-28	medium	playfulcheaters.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	unknown	606 B	2023-10-26	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 03:17:37 Last Seen2024-04-27 16:34:35 Times Seen16 Hash 4d22e0da11fa1f5c033a38b9e6daddc5 06729c1fdad003e5f37cb259ad1cb062d3739a2d 46a6d9108c1e9dd4837de79343cfdcf4e30b6753702373921559835825d4dd8f Loading...

	playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=	0 B	2023-03-07	2024-04-27
Pretty URL playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= IP 134.209.88.167 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 16:47:57 Times Seen37123529 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	playfulcheaters.com/pre/FamilyCheaters_v14_7/files/lang.min.js	14 kB	2023-04-07	2024-04-25
Pretty URL playfulcheaters.com/pre/FamilyCheaters_v14_7/files/lang.min.js IP 134.209.88.167 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 14:50:20 Last Seen2024-04-25 16:00:55 Times Seen16 Hash 80e16ea7a13fd2543d307a3f3a3fb1ee 25c1dda916a6ab86248693023ddabbe94203b966 124c597061f86da60ff9867752997bd483f4429309e48b6c765afe975fa9edff Loading...

	playfulcheaters.com/pre/FamilyCheaters_v14_7/files/ion.sound.min.js	13 kB	2023-03-07	2024-04-27
Pretty URL playfulcheaters.com/pre/FamilyCheaters_v14_7/files/ion.sound.min.js IP 134.209.88.167 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:17 Last Seen2024-04-27 16:34:35 Times Seen105 Hash 35a8beafec5af750706d16fdf6166dcf 0e69cc003bee77ad2ed020c68bc9182a6e53bfd3 2e06165ec5e9880465e3a3fa1e195ba655f06465031e87271aae263bf6bd24ba Loading...

	playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=	0 B	2023-03-07	2024-04-27
Pretty URL playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= IP 134.209.88.167 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 16:47:57 Times Seen37123529 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	38 B	2023-04-11	2024-04-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:09:18 Last Seen2024-04-27 16:34:35 Times Seen3886 Hash a55bc61bb8cabacdc353356d20217fb1 ecf7f3fc124c625be7890bb4536b6f89d4d76786 a4a9b568a83a7f91eeed94a7c6587bb5d3bdf73d515d40c4402460dc046ab7a6 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TGM4F8X	218 kB	2024-03-28	2024-03-28
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TGM4F8X IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 18:28:54 Last Seen2024-03-28 18:28:55 Times Seen2 Hash f684cc8a79316b7ed717e9b8f8b78e73 a2b95fa4bdbaafe06f9d720b4d612b6c651b88db 81f605cd6c126f9cbea15735f6ee98a7df9d1feba7638bda8f0c9a71e2ff4cc7 Loading...

	unknown	1.3 kB	2023-10-26	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 03:17:37 Last Seen2024-04-27 16:34:35 Times Seen16 Hash 97772728b5391be4d81e5d0d4e8d3cfd 8f71f9818b55be99d3474b0b01d2cf066cb40b44 c92b2be54ef927caea73d94bb3571946822c66ef3160818a5a9d8e299383c5f4 Loading...

	unknown	390 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:17 Last Seen2024-04-27 16:34:35 Times Seen73 Hash f8329c562480c3a875debcfbcb563c0b 8bb298f33badcb158650b09c774a16bc58fec3d0 6c9ead26f02a6da502e054fde20992c6296b2f696aa11022c74b3762260f9536 Loading...

	adverster.b-cdn.net/freedirtygame/jquery.min.js	90 kB	2023-03-07	2024-04-27
Pretty URL adverster.b-cdn.net/freedirtygame/jquery.min.js IP 138.199.36.7 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-27 16:42:22 Times Seen139740 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	unknown	3.2 kB	2023-10-26	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 03:17:37 Last Seen2024-04-27 16:34:35 Times Seen19 Hash f95c6e4478294a186976d8552ce367bb 6e60694cdc52945dcdc6d6075299073abfd0b443 5286529b14e2361af33439cdf33ca0ba5738dd5a7d5fb68ea12932f09a014b58 Loading...

	playfulcheaters.com/pre/FamilyCheaters_v14_7/files/script.min.js	1.2 kB	2023-05-08	2024-04-25
Pretty URL playfulcheaters.com/pre/FamilyCheaters_v14_7/files/script.min.js IP 134.209.88.167 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 12:18:53 Last Seen2024-04-25 16:00:55 Times Seen16 Hash 525852b7d07a6c9caef1dacc65a97a82 18135eba2cd2580d7c28dbd1b7e0adc6a2142153 b54b20f3f380f6d2b36f32b1d348c91db1ff77050631ea6f7383698c77189211 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5d5c1ad169bd93dc44e20be76521ebe9	93 B	2023-04-30	2024-04-27
Pretty Observations First Seen2023-04-30 21:21:10 Last Seen2024-04-27 16:34:35 Times Seen22 Hash 5d5c1ad169bd93dc44e20be76521ebe9 1fccdc3f3c0845bc80b0abbb59d7e47772840576 f5a1b7c37e289c806845e541cc424fb3bed9f43bb231767077a84349f4f6ff58 Loading...

	#2 Eval - 64c60deefb1e5836df22c6baa731db34	93 B	2023-03-26	2024-04-27
Pretty Observations First Seen2023-03-26 03:56:20 Last Seen2024-04-27 16:34:35 Times Seen68 Hash 64c60deefb1e5836df22c6baa731db34 a2a47f8c36d263060bdb6b7ea884b9095f09ed1d 3a77f5b7db894b13eb92a7d552f49be41ab937da01738288413b42b9322b7e02 Loading...

	#3 Eval - 9e7973dfdbe60bf804bd7b88cb56e8b5	93 B	2023-04-30	2024-04-27
Pretty Observations First Seen2023-04-30 21:21:10 Last Seen2024-04-27 16:34:35 Times Seen25 Hash 9e7973dfdbe60bf804bd7b88cb56e8b5 809775602d401ce12e367a9fe53c1ae222a9eafc 38bb8a3cd5ed0700959afd33a9929bbd56e5446c4d33c5ad64ad40e9dca7f9be Loading...

	#4 Eval - 7288732cbb1626db715aec49b138f26c	680 B	2023-10-26	2024-04-27
Pretty Observations First Seen2023-10-26 03:17:37 Last Seen2024-04-27 16:34:35 Times Seen19 Hash 7288732cbb1626db715aec49b138f26c 87d3898447deb8e33ccffd7c453f4d81e562a242 8b79d90d82aa908b7782c77d3f0f2f11c92223f3cc9f8ed68e517e6be53dba5c Loading...

	#5 Eval - e03e620e8b0adfa4b743b98527b398a2	93 B	2023-03-26	2024-04-27
Pretty Observations First Seen2023-03-26 03:56:20 Last Seen2024-04-27 16:34:35 Times Seen66 Hash e03e620e8b0adfa4b743b98527b398a2 c30935b918f4bbc2aa87657bfd2985aff0c2ec13 abeed0c0e5aef62ed43359fbe0dd000e19ed9503e6a00263f8759a707c884b4f Loading...

	#6 Eval - b295d5920a2593a652ac1ee7e163b7f2	93 B	2023-10-26	2024-04-27
Pretty Observations First Seen2023-10-26 03:17:37 Last Seen2024-04-27 16:34:35 Times Seen19 Hash b295d5920a2593a652ac1ee7e163b7f2 b58c61586cc97de9bfbed075fedefd399da9acdf 746e060cde88dc7376301a68c138a476abe9c3bf842d07c72266f3d2f35e4d17 Loading...

	#7 Eval - aad9765e8a8faf59ba098a3ab8632ba6	93 B	2023-03-26	2024-04-27
Pretty Observations First Seen2023-03-26 03:56:20 Last Seen2024-04-27 16:34:35 Times Seen67 Hash aad9765e8a8faf59ba098a3ab8632ba6 ceb56a881362b5d3123242686332c88b4a2a9442 632b0dba179023f1619678c4d4a45694062f14d89ecd5b9821159e489b01b784 Loading...

	#8 Eval - 077a86521ddea76357786878c2ab041b	93 B	2023-03-26	2024-04-27
Pretty Observations First Seen2023-03-26 03:56:20 Last Seen2024-04-27 16:34:35 Times Seen69 Hash 077a86521ddea76357786878c2ab041b e8487397f286cc8cce6bb04c9a3ee8c9db602eed d8370d41fc3f703fd4659582aa8201b6e8e766e19eaafe526cd4b4d19126f236 Loading...

	#9 Eval - 0b52e9af424c2c36b92249da81638e72	93 B	2023-03-26	2024-04-27
Pretty Observations First Seen2023-03-26 03:56:20 Last Seen2024-04-27 16:34:35 Times Seen69 Hash 0b52e9af424c2c36b92249da81638e72 67df999152c022bc572c14cb20e7792d0a638af9 232198ddcda0acc3c1af6924e77a493439bff15efac1349792a47a7474f95a56 Loading...

	#10 Eval - ca3b3e72ce53ab0c13930340c3deb230	93 B	2023-04-30	2024-04-27
Pretty Observations First Seen2023-04-30 21:21:10 Last Seen2024-04-27 16:34:35 Times Seen25 Hash ca3b3e72ce53ab0c13930340c3deb230 fdc773a67b459a94383f1f85f410eb1c2fe98dd2 f80909ebf92f99861da464a78681b11fd87cddddce6282eb7c70f628ff4411fb Loading...

	#11 Eval - 20fe27221a948087e23e113aa72d3779	93 B	2023-03-26	2024-04-27
Pretty Observations First Seen2023-03-26 03:56:20 Last Seen2024-04-27 16:34:35 Times Seen66 Hash 20fe27221a948087e23e113aa72d3779 9d544bb79719fedbdb5368afc74f8f930480719e a8dc2c50efe77ed0da03035e93a18d429d354ff9b2e30513ace818bd218a77c9 Loading...

	#12 Eval - a3466cb3d716540d49dd7b65da5fb4d8	93 B	2023-04-30	2024-04-27
Pretty Observations First Seen2023-04-30 21:21:10 Last Seen2024-04-27 16:34:35 Times Seen22 Hash a3466cb3d716540d49dd7b65da5fb4d8 0e1b2e8671464f0522f98c4bb7dd6135f1c09323 9270ffa9c76bada960756e045bd0c07e208717800a3292bf44a6217cd2e6ba5c Loading...

	#13 Eval - 3074fabd970dbcc29329b9fd20b85d51	93 B	2023-10-26	2024-04-27
Pretty Observations First Seen2023-10-26 03:17:37 Last Seen2024-04-27 16:34:35 Times Seen22 Hash 3074fabd970dbcc29329b9fd20b85d51 a3423eda7d6190b600f22d9326378ed5719c2d0a f58df74a98b493c96a7a0ea2d012095d28c106f3d7e3d017343e62fa319422cb Loading...

	#14 Eval - 2328be8d7ea1ecb27521e07bc013eba0	93 B	2023-03-13	2024-04-27
Pretty Observations First Seen2023-03-13 02:54:51 Last Seen2024-04-27 16:34:35 Times Seen59 Hash 2328be8d7ea1ecb27521e07bc013eba0 171fe8de510e8d14f21e80c3d9e0ac6311420728 0a5dd243bc24642053af02b0268b8612ec024b12934806a1c8b6f2bc1559d0c4 Loading...

	#15 Eval - fb1783b38055191771d16ff99c280208	93 B	2023-03-26	2024-04-27
Pretty Observations First Seen2023-03-26 03:56:20 Last Seen2024-04-27 16:34:35 Times Seen66 Hash fb1783b38055191771d16ff99c280208 d32f0e1c852a567f8e9cc2ccccfa118284a9b0c4 6fb93db0f5a6c7c51355012032cf888f56ca3d9e1f529bd7a58ce8cb99487873 Loading...

	#16 Eval - 5722b54da232d53576f308b7e90dc367	686 B	2023-10-26	2024-04-27
Pretty Observations First Seen2023-10-26 03:17:37 Last Seen2024-04-27 16:34:35 Times Seen16 Hash 5722b54da232d53576f308b7e90dc367 4d5cb5e475afd16c2d72ce95e3a829de0826a25e e7cdce9b68da4ad616b898236dd3768b4154a174537ef1164a06afc3de94f59b Loading...

HTTP Transactions (20)

URL IP Response Size

adverster.g2afse.com/click?pid=162&offer_id=339&sub1=171164690610000TNOTV415326358024V57&sub4=6808846-0-647701932

34.90.14.205

302 Found

0 B

URL User Request GET HTTP/2
adverster.g2afse.com/click?pid=162&offer_id=339&sub1=171164690610000TNOTV415326358024V57&sub4=6808846-0-647701932
IP
34.90.14.205:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerDigiCert Inc
Subject*.g2afse.com
Fingerprint3A:C2:12:6C:59:0C:A9:12:C1:47:C8:05:B6:0F:75:69:7A:76:D6:85
ValidityMon, 28 Aug 2023 00:00:00 GMT - Wed, 04 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=162&offer_id=339&sub1=171164690610000TNOTV415326358024V57&sub4=6808846-0-647701932 HTTP/1.1
Host: adverster.g2afse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-length: 0
location: https://track.affstreck.com/c351325b-b0eb-4719-8bcb-f5c39c00a103?tsource=affise&offer_id=339&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=ADCASH_PREPAY&partner_id=162&offer_name=FamilyGame+All+geo+CPS&filter=&clickid=6605a8bb4fb52900019b7775&aff_source=6808846-0-647701932
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6605a8bb4fb52900019b7775; expires=Fri, 28 Mar 2025 17:28:27 GMT; secure; SameSite=None
afoffers={"339":1711646907}; expires=Fri, 28 Mar 2025 17:28:27 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

track.affstreck.com/c351325b-b0eb-4719-8bcb-f5c39c00a103?tsource=affise&offer_id=339&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=ADCASH_PREPAY&partner_id=162&offer_name=FamilyGame+All+geo+CPS&filter=&clickid=6605a8bb4fb52900019b7775&aff_source=6808846-0-647701932

18.156.93.177

302 Found

0 B

URL User Request GET HTTP/2
track.affstreck.com/c351325b-b0eb-4719-8bcb-f5c39c00a103?tsource=affise&offer_id=339&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=ADCASH_PREPAY&partner_id=162&offer_name=FamilyGame+All+geo+CPS&filter=&clickid=6605a8bb4fb52900019b7775&aff_source=6808846-0-647701932
IP
18.156.93.177:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjecttrack.affstreck.com
Fingerprint98:EB:57:A4:D8:E2:4F:5B:BF:D4:A8:9D:2F:5E:5C:A7:4D:A2:BB:23
ValidityTue, 19 Mar 2024 06:48:16 GMT - Mon, 17 Jun 2024 06:48:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c351325b-b0eb-4719-8bcb-f5c39c00a103?tsource=affise&offer_id=339&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=ADCASH_PREPAY&partner_id=162&offer_name=FamilyGame+All+geo+CPS&filter=&clickid=6605a8bb4fb52900019b7775&aff_source=6808846-0-647701932 HTTP/1.1
Host: track.affstreck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
pragma: no-cache
set-cookie: c351325b-b0eb-4719-8bcb-f5c39c00a103-v4=nacXigQAQrssHlitlO9FsxashLmU1vB9Ui8BY0eROPM; Max-Age=86400; Expires=Fri, 29-Mar-2024 17:28:27 GMT; Domain=track.affstreck.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=3UKuhh9cQt5ZV0rI35S0sobnsr%2FqgDiE89hSmJWd5go7j9nx9pXR309CfaBIqBYCWnYXxvKa3u8kPJ3MAkkWk4hDIP%2BXmqMLoIVV4zsHrT6Xh4y7jPufvWPVgKnBaacReaVC7wk9%2F9vhY1221M15ow%3D%3D; Max-Age=31536000; Expires=Fri, 28-Mar-2025 17:28:27 GMT; Domain=track.affstreck.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/no-mute.png

134.209.88.167

200 OK

9.4 kB

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/no-mute.png
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced
Size
9.4 kB (9374 bytes)
Hash
c7c1df0c860dd0c415ac160f1f2003d9
ff923b752a048e2d7849ca515563fc1e57c6a8e9
3d59ff121a2f9490573c4fc3d3d459064fe106506979efd5e7d75c530fe7ea5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/no-mute.png HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: image/png
content-length: 9374
last-modified: Fri, 26 Jan 2024 12:56:35 GMT
etag: "65b3ac03-249e"
expires: Sat, 27 Apr 2024 17:28:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/Logo.png

134.209.88.167

200 OK

15 kB

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/Logo.png
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
PNG image data, 311 x 139, 8-bit/color RGBA, non-interlaced
Size
15 kB (14761 bytes)
Hash
4b4f17e447436648dfefd1695a9c7376
c1e65bcab2845e3b955ce96a19ef3c7b98074591
d7bb349ca10bed7f863d0b09803b0dd017828f67916b0c7c8dddcf17bfe78486

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/img/Logo.png HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: image/png
content-length: 14761
last-modified: Fri, 26 Jan 2024 12:58:10 GMT
etag: "65b3ac62-39a9"
expires: Sat, 27 Apr 2024 17:28:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/arrow-ll.svg

134.209.88.167

200 OK

230 B

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/arrow-ll.svg
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
SVG Scalable Vector Graphics image
Size
230 B (230 bytes)
Hash
e43a912350d148b2c936c0f22733e8bf
752b22a01f9501f4e991b828ac3710908c82eb50
266f150edf91552c04b5fde58b480db972ec139ac68e813ede1a7dda1d655926

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/img/arrow-ll.svg HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: image/svg+xml
content-length: 230
last-modified: Fri, 26 Jan 2024 12:58:09 GMT
etag: "65b3ac61-e6"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/arrow-rr.svg

134.209.88.167

200 OK

232 B

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/arrow-rr.svg
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
SVG Scalable Vector Graphics image
Size
232 B (232 bytes)
Hash
cd18c403e06b151ca4a16f25f73b04cf
360ce0230f709c4778991d30d75387c752112b3e
9687895282c00d5b8fe673dd18ce21dab59c9a1de1bda4c9d378f405f4de5cae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/img/arrow-rr.svg HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: image/svg+xml
content-length: 232
last-modified: Fri, 26 Jan 2024 12:58:10 GMT
etag: "65b3ac62-e8"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/script.min.js

134.209.88.167

200 OK

1.1 kB

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/script.min.js
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
gzip compressed data, from Unix
Size
1.1 kB (1054 bytes)
Hash
5aa86a597d6117444ed6a19a40524947
401ec1e2c29abf9840ca3cffe10e32236c730fdb
14e2419e8408500adccb392bfdd502f845bcbb478ed6e82a35805744d690f8fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/script.min.js HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: application/javascript
last-modified: Fri, 26 Jan 2024 12:56:36 GMT
vary: Accept-Encoding
etag: W/"65b3ac04-48a"
expires: Fri, 29 Mar 2024 05:28:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

adverster.b-cdn.net/freedirtygame/jquery.min.js

138.199.36.7

200 OK

34 kB

URL GET HTTP/2
adverster.b-cdn.net/freedirtygame/jquery.min.js
IP
138.199.36.7:443
ASN
#60068 Datacamp Limited

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
34 kB (33941 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /freedirtygame/jquery.min.js HTTP/1.1
Host: adverster.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: application/javascript
server: BunnyCDN-DE1-1047
cdn-pullzone: 303693
cdn-uid: f45a7a2e-6fd6-42fa-b15d-1efd29fb00dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: W/"62ae068d-15d84"
last-modified: Sat, 18 Jun 2022 17:08:29 GMT
cdn-storageserver: DE-677
cdn-fileserver: 339
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 18:59:18
cdn-edgestorageid: 1055
cdn-status: 200
cdn-requestid: 9db83a9dfc0c0cfedf9693d3f055d63a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TGM4F8X

142.250.74.72

200 OK

74 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TGM4F8X
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C
ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT

File type
JavaScript source, ASCII text, with very long lines (21659)
Size
74 kB (73954 bytes)
Hash
f684cc8a79316b7ed717e9b8f8b78e73
a2b95fa4bdbaafe06f9d720b4d612b6c651b88db
81f605cd6c126f9cbea15735f6ee98a7df9d1feba7638bda8f0c9a71e2ff4cc7

HTTP Headers

GET /gtm.js?id=GTM-TGM4F8X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 28 Mar 2024 17:28:27 GMT
expires: Thu, 28 Mar 2024 17:28:27 GMT
cache-control: private, max-age=900
last-modified: Thu, 28 Mar 2024 16:11:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2

142.250.74.99

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17360, version 1.0
Size
17 kB (17360 bytes)
Hash
70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a

HTTP Headers

GET /s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://playfulcheaters.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:54:31 GMT
expires: Fri, 28 Mar 2025 02:54:31 GMT
cache-control: public, max-age=31536000
age: 52437
last-modified: Thu, 24 Aug 2023 21:07:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/background-desktop1.jpg

134.209.88.167

200 OK

642 kB

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/img/background-desktop1.jpg
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1920x1080, components 3
Size
642 kB (642400 bytes)
Hash
14386c83a9d930312c3b9ee4bfac20f4
5d544408c44b118b7998a5eb2b9d94da5bd5bf18
b8cd058898498905224a782d017d102557ab508f282227e150755e695a250482

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/img/background-desktop1.jpg HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/files/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: image/jpeg
content-length: 642400
last-modified: Fri, 26 Jan 2024 12:58:11 GMT
etag: "65b3ac63-9cd60"
expires: Sat, 27 Apr 2024 17:28:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/apple-touch-icon.png

134.209.88.167

200 OK

9.4 kB

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/apple-touch-icon.png
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
9.4 kB (9390 bytes)
Hash
049ac8181fb1c147054e1ec9ae763d70
565397e7f0a82d7c31abccddbd9a310fddb3591d
6812893aafb0fdffa269b19ed588193637747a850b3d20ac51c38d09ccffdc95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/apple-touch-icon.png HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:28 GMT
content-type: image/png
content-length: 9390
last-modified: Fri, 26 Jan 2024 12:56:35 GMT
etag: "65b3ac03-24ae"
expires: Sat, 27 Apr 2024 17:28:28 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/favicon-16x16.png

134.209.88.167

200 OK

493 B

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/favicon-16x16.png
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
493 B (493 bytes)
Hash
a2a4b5d7c260fd7b81ea7daa0922c45c
736f12c449c0d7b8809bd0efc96a041b2dd0b377
80a2bb3256c6169c7b0784d69b3f199510a9e345bbff1f7480ac209fcd985b78

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/favicon-16x16.png HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:28 GMT
content-type: image/png
content-length: 493
last-modified: Fri, 26 Jan 2024 12:56:35 GMT
etag: "65b3ac03-1ed"
expires: Sat, 27 Apr 2024 17:28:28 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/style.min.css

134.209.88.167

200 OK

11 kB

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/style.min.css
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
gzip compressed data, from Unix
Size
11 kB (10682 bytes)
Hash
8fe434cf0ea46ed47129df279d57c8db
3b637d41c49be98a0b0ab9dd2f4accb460baff9c
26e825cf95bc5a1eca4427b701f447b97731266c636859a616e1654fb28c3917

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/style.min.css HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: text/css
last-modified: Fri, 26 Jan 2024 12:56:35 GMT
vary: Accept-Encoding
etag: W/"65b3ac03-1ee7"
expires: Fri, 29 Mar 2024 05:28:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/lang.min.js

134.209.88.167

200 OK

12 kB

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/lang.min.js
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
gzip compressed data, from Unix
Size
12 kB (12180 bytes)
Hash
944f573c9c427dd00e1a7836161cb0eb
686d2c77d11ef098ae998585828a42a6fcc371be
e952a7c114b1b7ce12ce194d1048cf1ea60144928ed63c72e6b7e7af611c673a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/lang.min.js HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: application/javascript
last-modified: Fri, 26 Jan 2024 12:56:36 GMT
vary: Accept-Encoding
etag: W/"65b3ac04-3554"
expires: Fri, 29 Mar 2024 05:28:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gotoadexchange.com/jump/next.php?stamat=m|,09iavojOqB1dQO0dEdHP3xP.5f9,S0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM9wj3-bEKRkWmAWjPmfHCJNVPNdZSaefj2NEAsjPRNSnQ,,&cbpage=https://onclickalgo.com/jump/next.php?r=6808846&sub2=8048103&cbur=0.7957063316474682&cbtitle=&cbiframe=0&cbWidth=1366&cbHeight=768&cbdescription=&cbkeywords=&cbref=

172.67.168.96

302 Found

7.1 kB

URL User Request GET HTTP/2
gotoadexchange.com/jump/next.php?stamat=m|,09iavojOqB1dQO0dEdHP3xP.5f9,S0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM9wj3-bEKRkWmAWjPmfHCJNVPNdZSaefj2NEAsjPRNSnQ,,&cbpage=https://onclickalgo.com/jump/next.php?r=6808846&sub2=8048103&cbur=0.7957063316474682&cbtitle=&cbiframe=0&cbWidth=1366&cbHeight=768&cbdescription=&cbkeywords=&cbref=
IP
172.67.168.96:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectgotoadexchange.com
Fingerprint18:99:88:5D:65:C6:02:E1:5F:94:CA:2A:9B:82:49:97:A5:37:F6:23
ValidityTue, 19 Mar 2024 13:41:39 GMT - Mon, 17 Jun 2024 13:41:38 GMT

File type

Size
7.1 kB (7094 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jump/next.php?stamat=m|,09iavojOqB1dQO0dEdHP3xP.5f9,S0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM9wj3-bEKRkWmAWjPmfHCJNVPNdZSaefj2NEAsjPRNSnQ,,&cbpage=https://onclickalgo.com/jump/next.php?r=6808846&sub2=8048103&cbur=0.7957063316474682&cbtitle=&cbiframe=0&cbWidth=1366&cbHeight=768&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: gotoadexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 17:28:26 GMT
content-type: text/html; charset=utf-8
location: https://gotoadexchange.com/script/i.php?t=1&c=23671264&stamat=m%257C%252C%252CQhdn9jMWoGU3B0-GH0dEdHP3xP.6a3%252Cb_th6Hb8erian4lm2OwGJLgmgEq_vW8stNhAQx_eSYTnFdrNSjNwK8P0B15h8pPDaYfNfUGsOdGDYCbz8nsZY1cc1790pfYw8s2R0EXPSUI4VEUaqrJxkyyJG0PWpCHsc3htBeLh4RbbCN6fT3trvFv1k9fmMVF7Ro5rZvlQXiecUA0BMXMk65lATByk90DfAl1HW9xKu-Y1YsHKeEZ7zSHtqsAahG3jcJiVPmWBAS5vwkAebWfh9gXC3m5lfJe9QDT-9K7wUeTdLInA1vm2kKmncuSiXFiR3IoprW3jf1Kt9RIlZ7sr1og4ZuD79ZMGWtazwVLlu5u5P7cq6SW6QNBI41yrKfZYkfnc5sc5obbDY09qz_rg04lE-Iuge-5YSCrw08xJqL3mrjhKTcaEsZ-xryp_3ONuwjEAgUjEt3PeSv1xSz5JGqT5rdstIhXzlT_1qZapqukiVJLPoPoV06yG3dfWaeZSOgmOIdwflmiYQ5wTObssF_7e3kbWkiXbfLTGQD44wP4b8Ajlkt6CmiUUrBlP0QtYS1UlMHdGUfgCbdRclQr_5AS1HTKlK4QWwmxpiLJ0ZIQpm-nemKQaPy5EncX2_2TPgT0Ah2kK7vg%252C
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FIHvB0wI55COaLTVR72dhmYCsfKEoQFab%2BiLHrScC6EvYXYk2amYg%2Bjws%2Fs5Fk5kqWkQek1drsueyzDxYiajQkdSOgplMLdmCiU9JuQyrqoaxSWfoRq29RIqrrmg5o1lYPnb760%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b9562e3d6b56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=

134.209.88.167

200 OK

7.1 kB

URL User Request GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
HTML document, ASCII text, with very long lines (7530), with no line terminators
Size
7.1 kB (7094 bytes)
Hash
0d241340e7f7e7c2224aabca091345a2
2792e5ad6ff9c639b20ee14a10ef5a19c185cc88
7f656317e3fd962d49143a7be7ee64f53ecfdf5274d0f3d78ef0a246726c9ebd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10= HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: text/html
last-modified: Fri, 26 Jan 2024 12:55:27 GMT
vary: Accept-Encoding
etag: W/"65b3abbf-1bb6"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

playfulcheaters.com/pre/FamilyCheaters_v14_7/files/ion.sound.min.js

134.209.88.167

200 OK

13 kB

URL GET HTTP/2
playfulcheaters.com/pre/FamilyCheaters_v14_7/files/ion.sound.min.js
IP
134.209.88.167:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerLet's Encrypt
Subjectplayfulcheaters.com
FingerprintAD:44:F6:C3:A6:7F:4D:91:A1:37:8C:DF:00:08:AA:4F:BC:A5:11:99
ValidityFri, 26 Jan 2024 11:26:11 GMT - Thu, 25 Apr 2024 11:26:10 GMT

File type
JavaScript source, ASCII text, with very long lines (535)
Size
13 kB (12832 bytes)
Hash
35a8beafec5af750706d16fdf6166dcf
0e69cc003bee77ad2ed020c68bc9182a6e53bfd3
2e06165ec5e9880465e3a3fa1e195ba655f06465031e87271aae263bf6bd24ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pre/FamilyCheaters_v14_7/files/ion.sound.min.js HTTP/1.1
Host: playfulcheaters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:28:27 GMT
content-type: application/javascript
last-modified: Fri, 26 Jan 2024 12:56:35 GMT
vary: Accept-Encoding
etag: W/"65b3ac03-3220"
expires: Fri, 29 Mar 2024 05:28:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gotoadexchange.com/script/i.php?t=1&c=23671264&stamat=m%257C%252C%252CQhdn9jMWoGU3B0-GH0dEdHP3xP.6a3%252Cb_th6Hb8erian4lm2OwGJLgmgEq_vW8stNhAQx_eSYTnFdrNSjNwK8P0B15h8pPDaYfNfUGsOdGDYCbz8nsZY1cc1790pfYw8s2R0EXPSUI4VEUaqrJxkyyJG0PWpCHsc3htBeLh4RbbCN6fT3trvFv1k9fmMVF7Ro5rZvlQXiecUA0BMXMk65lATByk90DfAl1HW9xKu-Y1YsHKeEZ7zSHtqsAahG3jcJiVPmWBAS5vwkAebWfh9gXC3m5lfJe9QDT-9K7wUeTdLInA1vm2kKmncuSiXFiR3IoprW3jf1Kt9RIlZ7sr1og4ZuD79ZMGWtazwVLlu5u5P7cq6SW6QNBI41yrKfZYkfnc5sc5obbDY09qz_rg04lE-Iuge-5YSCrw08xJqL3mrjhKTcaEsZ-xryp_3ONuwjEAgUjEt3PeSv1xSz5JGqT5rdstIhXzlT_1qZapqukiVJLPoPoV06yG3dfWaeZSOgmOIdwflmiYQ5wTObssF_7e3kbWkiXbfLTGQD44wP4b8Ajlkt6CmiUUrBlP0QtYS1UlMHdGUfgCbdRclQr_5AS1HTKlK4QWwmxpiLJ0ZIQpm-nemKQaPy5EncX2_2TPgT0Ah2kK7vg%252C

172.67.168.96

302 Found

7.1 kB

URL User Request GET HTTP/2
gotoadexchange.com/script/i.php?t=1&c=23671264&stamat=m%257C%252C%252CQhdn9jMWoGU3B0-GH0dEdHP3xP.6a3%252Cb_th6Hb8erian4lm2OwGJLgmgEq_vW8stNhAQx_eSYTnFdrNSjNwK8P0B15h8pPDaYfNfUGsOdGDYCbz8nsZY1cc1790pfYw8s2R0EXPSUI4VEUaqrJxkyyJG0PWpCHsc3htBeLh4RbbCN6fT3trvFv1k9fmMVF7Ro5rZvlQXiecUA0BMXMk65lATByk90DfAl1HW9xKu-Y1YsHKeEZ7zSHtqsAahG3jcJiVPmWBAS5vwkAebWfh9gXC3m5lfJe9QDT-9K7wUeTdLInA1vm2kKmncuSiXFiR3IoprW3jf1Kt9RIlZ7sr1og4ZuD79ZMGWtazwVLlu5u5P7cq6SW6QNBI41yrKfZYkfnc5sc5obbDY09qz_rg04lE-Iuge-5YSCrw08xJqL3mrjhKTcaEsZ-xryp_3ONuwjEAgUjEt3PeSv1xSz5JGqT5rdstIhXzlT_1qZapqukiVJLPoPoV06yG3dfWaeZSOgmOIdwflmiYQ5wTObssF_7e3kbWkiXbfLTGQD44wP4b8Ajlkt6CmiUUrBlP0QtYS1UlMHdGUfgCbdRclQr_5AS1HTKlK4QWwmxpiLJ0ZIQpm-nemKQaPy5EncX2_2TPgT0Ah2kK7vg%252C
IP
172.67.168.96:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectgotoadexchange.com
Fingerprint18:99:88:5D:65:C6:02:E1:5F:94:CA:2A:9B:82:49:97:A5:37:F6:23
ValidityTue, 19 Mar 2024 13:41:39 GMT - Mon, 17 Jun 2024 13:41:38 GMT

File type

Size
7.1 kB (7094 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/i.php?t=1&c=23671264&stamat=m%257C%252C%252CQhdn9jMWoGU3B0-GH0dEdHP3xP.6a3%252Cb_th6Hb8erian4lm2OwGJLgmgEq_vW8stNhAQx_eSYTnFdrNSjNwK8P0B15h8pPDaYfNfUGsOdGDYCbz8nsZY1cc1790pfYw8s2R0EXPSUI4VEUaqrJxkyyJG0PWpCHsc3htBeLh4RbbCN6fT3trvFv1k9fmMVF7Ro5rZvlQXiecUA0BMXMk65lATByk90DfAl1HW9xKu-Y1YsHKeEZ7zSHtqsAahG3jcJiVPmWBAS5vwkAebWfh9gXC3m5lfJe9QDT-9K7wUeTdLInA1vm2kKmncuSiXFiR3IoprW3jf1Kt9RIlZ7sr1og4ZuD79ZMGWtazwVLlu5u5P7cq6SW6QNBI41yrKfZYkfnc5sc5obbDY09qz_rg04lE-Iuge-5YSCrw08xJqL3mrjhKTcaEsZ-xryp_3ONuwjEAgUjEt3PeSv1xSz5JGqT5rdstIhXzlT_1qZapqukiVJLPoPoV06yG3dfWaeZSOgmOIdwflmiYQ5wTObssF_7e3kbWkiXbfLTGQD44wP4b8Ajlkt6CmiUUrBlP0QtYS1UlMHdGUfgCbdRclQr_5AS1HTKlK4QWwmxpiLJ0ZIQpm-nemKQaPy5EncX2_2TPgT0Ah2kK7vg%252C HTTP/1.1
Host: gotoadexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 17:28:26 GMT
content-type: text/html; charset=utf-8
location: https://adverster.g2afse.com/click?pid=162&offer_id=339&sub1=171164690610000TNOTV415326358024V57&sub4=6808846-0-647701932
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ot%2BAgXnDZpIjQ8q6BlfjRVO%2FuOG9NCX38tdpJv7lo%2FHJwDifqn%2Bu9Okg7%2F0HTvhvq8hQ43CCel9oUvJs05ew9jpfolGNIjWjZPVNreh3FgV9DMlYFLdx9qrgKOn0bAEOLBbgAEo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b9562f6e8656c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Luckiest+Guy&display=swap

142.250.74.106

200 OK

427 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Luckiest+Guy&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://playfulcheaters.com/pre/FamilyCheaters_v14_7/?partner=BC&next=FamilyCheaters_v13_2&clickid=wt3pm5kmqugrhh603o46m3b8&country=NO&tsource=162&m1=Firefox&m2=Norway&voluum_id=c351325b-b0eb-4719-8bcb-f5c39c00a103&p1=affise&p2=339&p3=adult%20game%20-%20FamilyGame%20%28339%29&p4=ADCASH_PREPAY&p5=162&p6=FamilyGame%20All%20geo%20CPS&p7=adult%20game%20-%20%28FamilyCheaters_v14_7%20%2B%20FamilyCheaters_v13_2%29%20-%20iframe%20-%20Affiliate%20-%20playfulcheaters.com&p8=&p9=&p10=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
ASCII text, with very long lines (436), with no line terminators
Size
427 B (427 bytes)
Hash
98fa0fc7d64223632857bc8d78b5a51b
9a94b3b3870391e04fdef78ad3904223e168a2fb
9a1ddbe358657e6181fe1608fd55dd54a0aee849b012f8e61b448e8a6a769d85

HTTP Headers

GET /css2?family=Luckiest+Guy&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://playfulcheaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 17:28:27 GMT
date: Thu, 28 Mar 2024 17:28:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN