Report - consistedlovedstimulate.com/t6315sd8c8?adb=n&dev=e&key=2c1a2de9c1e793434d07f87b6d24926a&kw=["download","jbs39","part28","rar"]&pst=&refer=https://wupfile.com/sfw9xoxxt3hv/JBS39.part28.rar.html&res=7.1055&scrHeight=720&scrWidth=1280&ship=&tnb=86&tz=2&v=20.8.v.1

Report Overview

Submitted URL
consistedlovedstimulate.com/t6315sd8c8?adb=n&dev=e&key=2c1a2de9c1e793434d07f87b6d24926a&kw=["download","jbs39","part28","rar"]&pst=&refer=https://wupfile.com/sfw9xoxxt3hv/JBS39.part28.rar.html&res=7.1055&scrHeight=720&scrWidth=1280&ship=&tnb=86&tz=2&v=20.8.v.1
IP
192.243.61.225
ASN
#39572 DataWeb Global Group B.V.
Submitted
2024-05-03 23:17:55
Access
public
Website Title
Lust Goddes
Final URL
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
consistedlovedstimulate.com	unknown	2024-04-29	2024-04-30	2024-04-30	3.2 kB	4.5 kB	192.243.59.13
theeverydaygame.com	unknown	2024-03-01	2020-12-16	2024-05-02	9.5 kB	531 kB	172.67.163.114
holdhostel.space	unknown	2024-02-21	2024-02-21	2024-05-02	560 B	3.2 kB	104.21.76.98
ln.gamesrevenue.com	117740	2014-05-30	2017-01-29	2024-05-02	406 B	16 kB	5.161.79.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-03	medium	consistedlovedstimulate.com	Sinkholed
2024-05-03	medium	consistedlovedstimulate.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	theeverydaygame.com/lg/lg_0324/land_lg_140324_en/scripts/main.js	521 B	2023-12-02	2024-05-22
Pretty URL theeverydaygame.com/lg/lg_0324/land_lg_140324_en/scripts/main.js IP 172.67.163.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 02:07:30 Last Seen2024-05-22 01:28:44 Times Seen904 Hash 86f0754abfb6014908e557e6e268f3e2 4efa8a0c962e30bb7e314ad37a3f2c55b91052e6 70910209572bcf5a0ba1022d53bb9fe24d82ed842370c70234994dd2b29ba1a9 Loading...

	theeverydaygame.com/lg/lg_0324/land_lg_140324_en/libs/jquery.min.js	87 kB	2023-03-07	2024-05-22
Pretty URL theeverydaygame.com/lg/lg_0324/land_lg_140324_en/libs/jquery.min.js IP 172.67.163.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-22 01:28:44 Times Seen115982 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	ln.gamesrevenue.com/px1.js	15 kB	2023-12-23	2024-05-22
Pretty URL ln.gamesrevenue.com/px1.js IP 5.161.79.44 ASN #213230 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-23 09:34:48 Last Seen2024-05-22 01:28:44 Times Seen1411 Hash b01fc426cbc4f33a52a28ee9ca2e2050 577332c8c5f62167ad432c5d20b3ca285e75c91e d40fc3bebe2dc3c28f08f2f4f5a6059425ccc5541ada3f0945f7539e90374441 Loading...

	theeverydaygame.com/awpx_click.js?v=005	1.5 kB	2023-03-26	2024-05-22
Pretty URL theeverydaygame.com/awpx_click.js?v=005 IP 172.67.163.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:11:56 Last Seen2024-05-22 01:28:44 Times Seen1456 Hash 7aeb87811ad3a82fde3e2783544819ee d1d9174cbcbb1abdccee6841f170ba21f899925b 7fff603702e9bea03cf47ba47947bb7f8655eb7fcb1c8f7091e9a38d8f5d949c Loading...

HTTP Transactions (20)

URL IP Response Size

consistedlovedstimulate.com/t6315sd8c8?adb=n&dev=e&key=2c1a2de9c1e793434d07f87b6d24926a&kw=[%22download%22,%22jbs39%22,%22part28%22,%22rar%22]&pst=&refer=https://wupfile.com/sfw9xoxxt3hv/JBS39.part28.rar.html&res=7.1055&scrHeight=720&scrWidth=1280&ship=&tnb=86&tz=2&v=20.8.v.1

192.243.59.13

1.6 kB

URL
consistedlovedstimulate.com/t6315sd8c8?adb=n&dev=e&key=2c1a2de9c1e793434d07f87b6d24926a&kw=[%22download%22,%22jbs39%22,%22part28%22,%22rar%22]&pst=&refer=https://wupfile.com/sfw9xoxxt3hv/JBS39.part28.rar.html&res=7.1055&scrHeight=720&scrWidth=1280&ship=&tnb=86&tz=2&v=20.8.v.1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with very long lines (698)
Size
1.6 kB (1594 bytes)
Hash
0ecfca15b7cc637cd9a7f38cd75c90e3
e2e0333df424ed22544568484476acf6f5d1a4a9
bfdec1cef272e17c53eac3e28c9eb18367c39140b0473063681a1b6cb15c249c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /t6315sd8c8?adb=n&dev=e&key=2c1a2de9c1e793434d07f87b6d24926a&kw=[%22download%22,%22jbs39%22,%22part28%22,%22rar%22]&pst=&refer=https://wupfile.com/sfw9xoxxt3hv/JBS39.part28.rar.html&res=7.1055&scrHeight=720&scrWidth=1280&ship=&tnb=86&tz=2&v=20.8.v.1 HTTP/1.1
Host: consistedlovedstimulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 May 2024 23:17:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=14944812; expires=Sat, 04 May 2024 23:17:28 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDk0NDgxMiwiayI6IjJjMWEyZGU5YzFlNzkzNDM0ZDA3Zjg3YjZkMjQ5MjZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjU4MzAsInBpZCI6MjMwNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoidDYzMTVzZDhjOCIsImNwa3MiOnsiMjkiOiIzMjAwNzVkYTM3NGJhODY4YzZiZWM1NDhlZDRkODM3ZCIsIjM0IjoiZDBkODBhOWY1ZWJkNmNlYjlhMjI0ZWRhNTNiYWFlODYifSwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vaG90LXN1cnZleS5jb20vc3VydmV5L2RhdGluZy9wcm94eTMvIiwiaWYiOmZhbHNlLCJpbiI6ZmFsc2UsInRwIjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93dXBmaWxlLmNvbS9zZnc5eG94eHQzaHYvSkJTMzkucGFydDI4LnJhci5odG1sIiwiYXIiOltdfX0.tSyF4BqFu97Eb4uFCw9SsGd-RqzLS1sfM-2IQo3Ktlw; expires=Fri, 03 May 2024 23:18:28 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 72f338ba3b8c3af0262f94dd6efeec1a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

consistedlovedstimulate.com/api/users?token=L3Q2MzE1c2Q4Yzg_YWRiPW4mZGV2PWUma2V5PTJjMWEyZGU5YzFlNzkzNDM0ZDA3Zjg3YjZkMjQ5MjZhJmt3PSU1QiUyMmRvd25sb2FkJTIyJTJDJTIyamJzMzklMjIlMkMlMjJwYXJ0MjglMjIlMkMlMjJyYXIlMjIlNUQmcHN0PTE3MTQ3NzgzMDgmcmVmZXI9aHR0cHMlM0ElMkYlMkZ3dXBmaWxlLmNvbSUyRnNmdzl4b3h4dDNodiUyRkpCUzM5LnBhcnQyOC5yYXIuaHRtbCZyZXM9Ny4xMDU1JnJtdGM9dCZzY3JIZWlnaHQ9NzIwJnNjcldpZHRoPTEyODAmc2hpcD0mc2h1PTQ4YTY4M2Q2OGVkZjIyMzYzMTdmZTJjOTEyM2RhOGUyMWE1MWE0NjVmZTZmNjEyNGQ4YmFkZjAxYTM1MTM5OWQwY2E1MmUxMmUyMmU1NTk5OTA4MjlhYmQxZmRhMzRjOTFiODlkMjUzNTU1M2Y5MzIyY2ViMWU5ZTMyMTY0YzQ4MGMxMjEwN2ZhOGFhOGI5MmY2OTJiMTA2ODUwMmNhMjlmYWMzYWFmY2JjNDJhZmRmNzBlNTlmNzc4N2MxYzcmdG5iPTg2JnR6PTImdj0yMC44LnYuMQ&uuid=&pii=&in=false

192.243.59.12

302 Found

0 B

URL User Request GET HTTP/1.1
consistedlovedstimulate.com/api/users?token=L3Q2MzE1c2Q4Yzg_YWRiPW4mZGV2PWUma2V5PTJjMWEyZGU5YzFlNzkzNDM0ZDA3Zjg3YjZkMjQ5MjZhJmt3PSU1QiUyMmRvd25sb2FkJTIyJTJDJTIyamJzMzklMjIlMkMlMjJwYXJ0MjglMjIlMkMlMjJyYXIlMjIlNUQmcHN0PTE3MTQ3NzgzMDgmcmVmZXI9aHR0cHMlM0ElMkYlMkZ3dXBmaWxlLmNvbSUyRnNmdzl4b3h4dDNodiUyRkpCUzM5LnBhcnQyOC5yYXIuaHRtbCZyZXM9Ny4xMDU1JnJtdGM9dCZzY3JIZWlnaHQ9NzIwJnNjcldpZHRoPTEyODAmc2hpcD0mc2h1PTQ4YTY4M2Q2OGVkZjIyMzYzMTdmZTJjOTEyM2RhOGUyMWE1MWE0NjVmZTZmNjEyNGQ4YmFkZjAxYTM1MTM5OWQwY2E1MmUxMmUyMmU1NTk5OTA4MjlhYmQxZmRhMzRjOTFiODlkMjUzNTU1M2Y5MzIyY2ViMWU5ZTMyMTY0YzQ4MGMxMjEwN2ZhOGFhOGI5MmY2OTJiMTA2ODUwMmNhMjlmYWMzYWFmY2JjNDJhZmRmNzBlNTlmNzc4N2MxYzcmdG5iPTg2JnR6PTImdj0yMC44LnYuMQ&uuid=&pii=&in=false
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjectconsistedlovedstimulate.com
FingerprintF2:89:DF:50:4E:64:82:FC:23:C5:9F:72:0C:73:A2:EA:95:D5:47:E9
ValidityMon, 29 Apr 2024 12:51:51 GMT - Sun, 28 Jul 2024 12:51:50 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3Q2MzE1c2Q4Yzg_YWRiPW4mZGV2PWUma2V5PTJjMWEyZGU5YzFlNzkzNDM0ZDA3Zjg3YjZkMjQ5MjZhJmt3PSU1QiUyMmRvd25sb2FkJTIyJTJDJTIyamJzMzklMjIlMkMlMjJwYXJ0MjglMjIlMkMlMjJyYXIlMjIlNUQmcHN0PTE3MTQ3NzgzMDgmcmVmZXI9aHR0cHMlM0ElMkYlMkZ3dXBmaWxlLmNvbSUyRnNmdzl4b3h4dDNodiUyRkpCUzM5LnBhcnQyOC5yYXIuaHRtbCZyZXM9Ny4xMDU1JnJtdGM9dCZzY3JIZWlnaHQ9NzIwJnNjcldpZHRoPTEyODAmc2hpcD0mc2h1PTQ4YTY4M2Q2OGVkZjIyMzYzMTdmZTJjOTEyM2RhOGUyMWE1MWE0NjVmZTZmNjEyNGQ4YmFkZjAxYTM1MTM5OWQwY2E1MmUxMmUyMmU1NTk5OTA4MjlhYmQxZmRhMzRjOTFiODlkMjUzNTU1M2Y5MzIyY2ViMWU5ZTMyMTY0YzQ4MGMxMjEwN2ZhOGFhOGI5MmY2OTJiMTA2ODUwMmNhMjlmYWMzYWFmY2JjNDJhZmRmNzBlNTlmNzc4N2MxYzcmdG5iPTg2JnR6PTImdj0yMC44LnYuMQ&uuid=&pii=&in=false HTTP/1.1
Host: consistedlovedstimulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://consistedlovedstimulate.com/api/users?token=L3Q2MzE1c2Q4Yzg_a2V5PTljYTYwMWE5ZjQ3YzczNWRmNzZkNWNhNDZmYTI2YTY2JnN1Ym1ldHJpYz0xNDk0NDgxMg
Cookie: u_pl=14944812; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDk0NDgxMiwiayI6IjJjMWEyZGU5YzFlNzkzNDM0ZDA3Zjg3YjZkMjQ5MjZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjU4MzAsInBpZCI6MjMwNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoidDYzMTVzZDhjOCIsImNwa3MiOnsiMjkiOiIzMjAwNzVkYTM3NGJhODY4YzZiZWM1NDhlZDRkODM3ZCIsIjM0IjoiZDBkODBhOWY1ZWJkNmNlYjlhMjI0ZWRhNTNiYWFlODYifSwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vaG90LXN1cnZleS5jb20vc3VydmV5L2RhdGluZy9wcm94eTMvIiwiaWYiOmZhbHNlLCJpbiI6ZmFsc2UsInRwIjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93dXBmaWxlLmNvbS9zZnc5eG94eHQzaHYvSkJTMzkucGFydDI4LnJhci5odG1sIiwiYXIiOltdfX0.tSyF4BqFu97Eb4uFCw9SsGd-RqzLS1sfM-2IQo3Ktlw; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Fri, 03 May 2024 23:17:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://holdhostel.space/?6622842d7176c&ag_custom_domain=14944812
Set-Cookie: pdhtkv=true; expires=Sat, 04 May 2024 23:17:29 GMT
uncs=1; expires=Sat, 04 May 2024 23:17:29 GMT
pdhtkv28=true; expires=Sat, 04 May 2024 23:17:29 GMT
uncs28=1; expires=Sat, 04 May 2024 23:17:29 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 01168534e87de8d0046965caf4873740
Strict-Transport-Security: max-age=0; includeSubdomains

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn1.png

172.67.163.114

200 OK

6.9 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn1.png
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
PNG image data, 339 x 207, 8-bit colormap, non-interlaced
Size
6.9 kB (6866 bytes)
Hash
a67051906425835b13dc4292c6fe2ef7
c96b01fb21c60a17fad9e89f235fdb8809ffc43d
f000409df7dd5222fc51cc35113519a133596c011f61bc5a7f65f9dcd2843a37

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/btn1.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/png
content-length: 6866
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-1ad2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1234
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CACGXgGFxZqjhvhGsdBY6CZStUYIDxxqjxrH3YhoAs0Rf4PJ%2FQZGrGHln47Eckt0RwcnJPgQ8SQxFwPj97ezFhfjn1OnZHJRkDM0uPYmapyHPZof0iRYUGatGb7mm1pyZnUMgywO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f6ff0bcd1c0e-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn2.png

172.67.163.114

200 OK

9.8 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn2.png
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
PNG image data, 339 x 207, 8-bit colormap, non-interlaced
Size
9.8 kB (9771 bytes)
Hash
8c7c430e736c07b069cf61a2870c7254
a1b6cf722997131aa569f2214df2ce8a9e6e5630
42269355807fe5c4d7dabbccff1cc602725b5ffccae86759412219b83198a180

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/btn2.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/png
content-length: 9771
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-262b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQ%2BjQpVYLwtVPdAxLBVVfl4GhLhWVCjTcScdxBrELmEgM4R%2FcgwmwGbQeKt3dkxW2PEnwRvF8sHYzq9q01Ctev%2BG4K6y0AQ1YepnIl3Ttv2dV%2B%2BZyk42HkIAAQegKpW3tKlsH0V4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f6ff1bcf1c0e-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/libs/jquery.min.js

172.67.163.114

200 OK

32 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/libs/jquery.min.js
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
32 kB (31784 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/libs/jquery.min.js HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:35:38 GMT
etag: W/"65f0845a-1538f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 654
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9giGDlCf%2FG7GQXDlEqB33KfnXELvPNc%2Br07lAiEBFOJiBtKYZyhwxv36DTz4KhePYW5YXKx1C%2FEns1vnpZ8tncLrKPv7QbpRk5G1WMUfYteKov7LreK2DNh67G5dIskchgDeMdxf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f6ff0bca1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/scripts/main.js

172.67.163.114

200 OK

634 B

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/scripts/main.js
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JavaScript source, ASCII text, with very long lines (521), with no line terminators
Size
634 B (634 bytes)
Hash
86f0754abfb6014908e557e6e268f3e2
4efa8a0c962e30bb7e314ad37a3f2c55b91052e6
70910209572bcf5a0ba1022d53bb9fe24d82ed842370c70234994dd2b29ba1a9

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/scripts/main.js HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:35:38 GMT
etag: W/"65f0845a-209"
cache-control: max-age=14400
cf-cache-status: HIT
age: 654
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MfAS8iRcx7JvcERH0LIZJB6khhWrHj6LqksFiXdtu5JOTicXLay80OLUlR15MS%2Fm%2BSujRcXvyLaU2141mQ%2FBwLv1Nigj%2BFlUNQRkrql4dLBkiyiJ1Jr7TELKvfrziVhuaQjF0ieT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f6ff1bd01c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_open.jpg

172.67.163.114

200 OK

84 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_open.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
84 kB (84260 bytes)
Hash
a3efbcb7561dddaeb36ba22fb8fae56f
a9363a7f6b6e9a5a6dcbb37a0abfa7bb3ab3ea1d
d95424c3f3857c13ff9f6a957f805b188a568ce769b51ee9fe68c8fd3537b319

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g1_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/jpeg
content-length: 84260
last-modified: Tue, 12 Mar 2024 16:35:34 GMT
etag: "65f08456-14924"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubVngN2mWu%2F58z65BVz2e5z4dHmVovEp0B6QDD3T9SqljMrJzOwA3WxKDH7vzrsf1e9jGOsM8nuGpCeQqCLi950oi225X1TIlQUschnY0S3LhWXyfO1%2FyTGdZFEiwxKTazB7suOW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f7014ca61c0e-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_close.jpg

172.67.163.114

200 OK

40 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_close.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
40 kB (40179 bytes)
Hash
3d830c378aa76c9caa82a73805459893
4a48546372f2ef6311cbed974d536273bcfdd711
8d88b039c0e88133bd2f53dc2fef48ea2d8bdae4eb6e3162fec9db714f97adea

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g1_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/jpeg
content-length: 40179
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-9cf3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2592
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGrZ5EH0s92QXuPlRXabczl3oaEFIZEZxoD2VvOfMbWoa6R%2B5khtdmuJpkxtPRacMF6MQhOYgXuFWy0g5017TXHV2hpKgFrvBLZ538XFnXioJ1x6MS9Qe9h5sW77UDfkYcdk%2Bu7u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f7014ca81c0e-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_open.jpg

172.67.163.114

200 OK

80 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_open.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
80 kB (79598 bytes)
Hash
12e061b10b2c654a24ea704af3aaec43
9c506625e1fa700f0e6522cced2a53b0cde2bd54
d321fc26bb399bd642b1a3ae059a03308d286526e6b87a9cb37ba63833673372

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g2_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/jpeg
content-length: 79598
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-136ee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0wzJ18HdqIzPFBu6ue6ygOJnpRzpczBTBSK3AoBEAR%2B67ZuBJTegh1wZeuGisrwz%2FGjTK4jxz9Dp3P83S4wIDBEql9QUSS5x2ClkE9HAWySRXH%2B5nkoa3%2FPCCSubAFSMa9uNSvU%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f7015cac1c0e-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_close.jpg

172.67.163.114

200 OK

41 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_close.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
41 kB (40609 bytes)
Hash
aa7031c41077d720cfc935e8de98de95
47aaf9ec464983016d35bb8150928c7f96cdff8c
6a49dc8fe71fafd7db501c43d96537be26a508a2c8a932ff8f03746bc9a55a83

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g3_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/jpeg
content-length: 40609
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-9ea1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rCRn9IXW9F4k7a1LZqd8IU9Cil9edqLWWT0%2F0Hq2QKvpWzlgji6a3PrJ%2FMZ4l09eQmiyApnjKYm3XNzv7bFF5vmO0ilh9IQ1V%2FwRvFhTDKQtyKy2IEsVWLRInda66EQYVhu93G9A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f7017cc11c0e-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_close.jpg

172.67.163.114

200 OK

42 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_close.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
42 kB (41478 bytes)
Hash
955f59a0876a28b432c71c0d274727c7
789778a09f2fa8f8bd24be2bb781914f5070dd3d
40e8cd16f27d5d6a0cfd007881651ef8acd93ba95423c05741bc410454eabf40

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g2_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/jpeg
content-length: 41478
last-modified: Tue, 12 Mar 2024 16:35:34 GMT
etag: "65f08456-a206"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RZEAMvlE1uTcPVzl7YZksc3KR6%2FN9aKsf16VFBy6a92ypi2RpQW1aMh%2BlebcwS9byjRsviuqZd%2BPDwwbuQE69MUOKudMzq8EdYFoK%2FmkA%2B5dl%2Bqf8g1R4bKw%2FygHhkhL2u%2BUdHAU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f7017cbe1c0e-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_open.jpg

172.67.163.114

200 OK

63 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_open.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
63 kB (63206 bytes)
Hash
d837068776c28a251131d2c0138c5db4
bc8d3e395fa77a6b801f13d1c22ff159776cc430
a8364b19810c700ee3899c55089ca678291758ee0d62dbad821e2a6d73b08c93

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g3_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/jpeg
content-length: 63206
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-f6e6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SL4mkmUchTlfqcSMTBjEzhNpKMMhw39AL2htSJUdW8k%2FhsLEKZ4NyNxLFjc5CITUIEdZd8W%2BzyE8yK3z%2F6rxlmz7SZwAuoOCAjfcg2YvQmv1NEiVa%2Bc9xsVogrvpfjdRsppNNegs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f7017cc01c0e-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_open.jpg

172.67.163.114

200 OK

73 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_open.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
73 kB (72874 bytes)
Hash
c37fec311feadcbd0c77987b383b0596
9a8f5df2805241f6bc484151dc31f3b72bb9a196
a61a23797d6b68ed79222d950596e90da320e59f8ee23e7eb776c94ee0d6734c

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g4_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/jpeg
content-length: 72874
last-modified: Tue, 12 Mar 2024 16:35:36 GMT
etag: "65f08458-11caa"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BZgNijBpk8Bp1d%2F5Bsru2hLhsG1pwLhWI64Fr0ryg%2FqvY%2Bp288N9A%2BVAYASex%2BjX1xwEysXY3E%2FLxBff1zVTk%2BP%2B1FIkSivJGJjmk5S3IpKXY%2FWX0psO1XUYzEL1asBU4FGSsOGX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f7017cc31c0e-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_close.jpg

172.67.163.114

200 OK

41 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_close.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
41 kB (40656 bytes)
Hash
4735a029efd2d2e8b15fab5879842219
82ac18ec8aae9a2cc311cdb3b92862e56d161f99
11c0bdd5fc2ba1dfea6ccaedded312f27fd5d5ddf21f24ee607ad05c2c0f197b

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g4_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/jpeg
content-length: 40656
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-9ed0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbDDL3DGJrWR4tksIfyG%2B3BkJIl79O8pFBau81AAMJtSJkX0%2FaIllpNBTtmYUlBhRCe1Gbkb9BiTmqabLl0rmGXBfZzRY3qzyqlFAxToKiHUV4Te43kNbe9nQOONoS3ul7l0Ompl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f7017cc51c0e-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/fav.png

172.67.163.114

200 OK

1.4 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/fav.png
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
1.4 kB (1425 bytes)
Hash
10c5dd857fd3653492ef5eeaa86cd48b
193484a907a40d7b145af2136ef83bef593d2f21
a689201508b9dc7b2cc3049c7d89947f96a19790411506ecd6eb1875374fe329

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/fav.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: image/png
content-length: 1425
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-591"
cache-control: max-age=14400
cf-cache-status: HIT
age: 612
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXmLHNq%2BK72F8iyLG99HhgSt%2FwgY6rKYOMEAxnTxEUwSbApfqad11VW%2BeaTa35D62su4tcLXZqE4DSvdKFWlCfGfIsca%2BNF10gImra8ulwLo5PC2aWq3%2BKSHRsGLdZDPlZo6fLco"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f701dce01c0e-OSL
alt-svc: h3=":443"; ma=86400

holdhostel.space/?6622842d7176c&ag_custom_domain=14944812

104.21.76.98

302 Found

2.2 kB

URL User Request GET HTTP/2
holdhostel.space/?6622842d7176c&ag_custom_domain=14944812
IP
104.21.76.98:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectholdhostel.space
Fingerprint30:62:41:BC:7C:17:FC:EE:0D:5B:5B:39:AE:06:1C:8A:08:6D:67:D6
ValiditySat, 20 Apr 2024 18:12:17 GMT - Fri, 19 Jul 2024 18:12:16 GMT

File type

Size
2.2 kB (2167 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?6622842d7176c&ag_custom_domain=14944812 HTTP/1.1
Host: holdhostel.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consistedlovedstimulate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 03 May 2024 23:17:29 GMT
content-type: text/html
location: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
set-cookie: c_2022b6829ad3bc8a5d74a4bfe5cf4db8=1; Expires=Sat, 04-May-24 23:17:29 GMT; Domain=holdhostel.space; Path=/; Secure; SameSite=None
z_dd834028817d054ef3568898fa07ee8f=1; Expires=Sat, 04-May-24 23:17:29 GMT; Domain=holdhostel.space; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZe5E%2BHTGUFJiXcoaUTkqxcua%2B%2BZoLsDJkf12CzFQFZjLW868fxOC7PTCV640JY7LlNyiIqD4erbxlL6HSPqtrivRLyJ6gsOtZv3yyJsFhR%2BY86FkpAJPIUNDpMb%2FU2otfBk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3f6fd2e10712f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css

172.67.163.114

200 OK

3.3 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
ASCII text, with very long lines (3548), with no line terminators
Size
3.3 kB (3299 bytes)
Hash
aac1493fdaa516c07b05dc277adf9047
40c8ee3e4d54dfff6dcaea969bcad3d20ec9b796
8f9a48a298195eefb30fffd1c8d458eac7ecc2503a77ba8a5bc47bad68b61c37

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/css/main.css HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: text/css
last-modified: Tue, 12 Mar 2024 16:35:32 GMT
etag: W/"65f08454-ce3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2841
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgxKdl8hWr50NYhbuNzo74k%2BTUx8ynRadTbw3lzh16jep0E6ExAQTuDJDTJKTQI230Cj%2BOdsEm2lggzTyGmbVylSZrqN3vBRgik9mOlyvX3qLODft2ZuBmOC9FhjLGDQqtavbNc0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f6ff0bc81c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169

172.67.163.114

200 OK

2.2 kB

URL User Request GET HTTP/2
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
HTML document, ASCII text, with very long lines (2342), with no line terminators
Size
2.2 kB (2167 bytes)
Hash
a3d0b1e499349e896d78fd0eef169ebc
803b62db9e21c70b649b8905ceb7e791a9e3b53e
2248209d9c530c7f306ac0ba1c5257b4bc6b5cba9e9bebf100d493c5fbd6f71b

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consistedlovedstimulate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:17:29 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCgflI13fvSH37c7ErI0LbeEyc7%2FN0SRN5BVqRRHxZgNT2LzeRVyDCDKNCvaisO9M1m2CTeh91k1JyW4%2Fx546dJ4Izp3V8t3L5D%2FLPOQQtu7avP6UPJpUA0XYqtPOTbxYC6hCF9U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3f6fd9883712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ln.gamesrevenue.com/px1.js

5.161.79.44

200 OK

15 kB

URL GET HTTP/2
ln.gamesrevenue.com/px1.js
IP
5.161.79.44:443
ASN
#213230 Hetzner Online GmbH

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subject*.gamesrevenue.com
FingerprintB2:A3:99:AD:22:46:FC:93:41:E9:59:40:F5:09:B0:23:B7:5B:FA:67
ValidityWed, 13 Mar 2024 09:55:06 GMT - Tue, 11 Jun 2024 09:55:05 GMT

File type
ASCII text, with very long lines (15239)
Size
15 kB (15240 bytes)
Hash
b01fc426cbc4f33a52a28ee9ca2e2050
577332c8c5f62167ad432c5d20b3ca285e75c91e
d40fc3bebe2dc3c28f08f2f4f5a6059425ccc5541ada3f0945f7539e90374441

HTTP Headers

GET /px1.js HTTP/1.1
Host: ln.gamesrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 23:17:30 GMT
content-type: application/javascript
last-modified: Fri, 22 Dec 2023 10:12:56 GMT
etag: W/"65856128-3b88"
content-encoding: gzip
X-Firefox-Spdy: h2

theeverydaygame.com/awpx_click.js?v=005

172.67.163.114

200 OK

1.5 kB

URL GET HTTP/3
theeverydaygame.com/awpx_click.js?v=005
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
ASCII text, with very long lines (1544), with no line terminators
Size
1.5 kB (1490 bytes)
Hash
684379265eb9f58cc45bc0d82f0db964
dcceb2eb66dd485a8df52da17210e1ea660354ee
45f7be3af362b2f0b894e51e8394ecc08066d8b9004fb095ba7665edbd8ce078

HTTP Headers

GET /awpx_click.js?v=005 HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=14944812&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 23:17:30 GMT
content-type: application/javascript
last-modified: Thu, 09 Mar 2023 09:49:36 GMT
etag: W/"6409abb0-5d2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6110
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkT6SmmQj6Qr0tBywlucr2IfkquI%2BfZBGcq1p8mH7q7hAhKsi1hKSKb2gFAUo24s734LNxz2f6Ck7g9HUH402VavABCh8T58hTNu47x2NvEoGzNzNTJEAG%2F3Uzi6d4mfY%2BqsutCm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e3f6ff0bcb1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (20)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash