Report - evgbin.com/cr38l3k.php?key=8ec3e9b48b1b607e7e46&clickId=GMvsAzj3kgNohIgrcLPdgwHoAbnvSPEBAAAAAAAAHED5ASlcj8L1KBRAgAKmgOD_hfrc0gE&Cost=0&zoneId=1193913&ageGroup=UNKNOWN&campaignId=705540&feed=0&browserVersion=0&os=windows&osVersion=win_10&carrier=Google+user-triggered+fetchers&creativeId=2158259&browser=Other

Report Overview

Submitted URL
evgbin.com/cr38l3k.php?key=8ec3e9b48b1b607e7e46&clickId=GMvsAzj3kgNohIgrcLPdgwHoAbnvSPEBAAAAAAAAHED5ASlcj8L1KBRAgAKmgOD_hfrc0gE&Cost=0&zoneId=1193913&ageGroup=UNKNOWN&campaignId=705540&feed=0&browserVersion=0&os=windows&osVersion=win_10&carrier=Google+user-triggered+fetchers&creativeId=2158259&browser=Other
IP
157.90.94.62
ASN
#24940 Hetzner Online GmbH
Submitted
2024-05-10 08:21:47
Access
public
Website Title
Left To Survive
Final URL
domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
domagain.click	unknown	unknown	No data	No data	11 kB	507 kB	185.254.198.31
push-sdk.net	unknown	2022-10-25	2022-11-02	2024-05-09	869 B	16 kB	178.63.248.57
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-10	1.1 kB	7.3 kB	142.250.74.131
translate.googleapis.com	1005	2005-01-25	2012-05-31	2024-05-09	1.7 kB	74 kB	216.58.211.10
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	451 B	4.2 kB	142.250.74.163
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04	2024-05-09	514 B	2.2 kB	142.250.74.74
translate.google.com	1156	1997-09-15	2012-05-30	2024-05-09	448 B	90 kB	216.58.211.14
evgbin.com	unknown	unknown	No data	No data	762 B	507 B	157.90.94.62

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	evgbin.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40	0 B	2023-03-07	2024-05-20
Pretty URL domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 IP 185.254.198.31 ASN #30860 Virtual Systems LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 22:48:21 Times Seen37896482 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	domagain.click/Evg_LeftToSurvive/multilang/cookie.js	2.4 kB	2024-05-10	2024-05-12
Pretty URL domagain.click/Evg_LeftToSurvive/multilang/cookie.js IP 185.254.198.31 ASN #30860 Virtual Systems LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 05:58:30 Last Seen2024-05-12 00:09:47 Times Seen8 Hash 6c3c07f6b4fceb0275703dc8de8abcaf e356f252f803d8a712738693dec21778170582be 3bd24fff093bf801351774ac038e07c046ebc272186c99b6e45c872b74d712d1 Loading...

	domagain.click/Evg_LeftToSurvive/multilang/langs.js	1.5 kB	2024-05-10	2024-05-12
Pretty URL domagain.click/Evg_LeftToSurvive/multilang/langs.js IP 185.254.198.31 ASN #30860 Virtual Systems LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 05:58:30 Last Seen2024-05-12 00:09:47 Times Seen8 Hash caf95d09b60756faedd74ca70a4800bb bb1832d27f4a2696fba6d900332edf292369c72a 988f11d3102dfe317d89827b316b8f2f077c1cd66ac611013da6b6ace31ff3a9 Loading...

	domagain.click/Evg_LeftToSurvive/scripts/script.js	822 B	2024-05-10	2024-05-11
Pretty URL domagain.click/Evg_LeftToSurvive/scripts/script.js IP 185.254.198.31 ASN #30860 Virtual Systems LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 10:21:53 Last Seen2024-05-11 06:33:37 Times Seen4 Hash fb4b8ec18ebdc55173208fe7d476f7c0 b97e2ff70046a17f64a3b145552d3e1b84b50337 4e24bdf110e9be830a288b635a2162a36dea6af38a585247a0877df71a7fc372 Loading...

	domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40	0 B	2023-03-07	2024-05-20
Pretty URL domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 IP 185.254.198.31 ASN #30860 Virtual Systems LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 22:48:21 Times Seen37896482 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	push-sdk.net/f/sdk.js?z=1007153	53 kB	2024-02-12	2024-05-17
Pretty URL push-sdk.net/f/sdk.js?z=1007153 IP 178.63.248.57 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-12 18:54:18 Last Seen2024-05-17 09:18:28 Times Seen92 Hash df17f9793d0bbfbec3c9285f3dcc6200 12f0459f4095371bee63e6dd5f04ea9451cff933 1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7 Loading...

	domagain.click/_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=BgM/d=1/rs=AN8SPfrGKYiUpf2D4rD3e1LdSba2rkEwsw/m=el_conf	89 kB	2024-05-10	2024-05-10
Pretty URL domagain.click/_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=BgM/d=1/rs=AN8SPfrGKYiUpf2D4rD3e1LdSba2rkEwsw/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 10:07:59 Last Seen2024-05-10 10:21:54 Times Seen3 Hash 9de20623b82bc1cf3023d5c898180f37 084d83094721141cde06ca542d5c9c401f48b537 5c7857466946b28f88b1dbaa72a084ffc35ba8c978a88cac4e22a54e9d349bc8 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main	210 kB	2024-05-08	2024-05-13
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 22:33:47 Last Seen2024-05-13 19:21:17 Times Seen225 Hash bf47475b5b52d458f577a3413e6643a5 97bc58b845b8be59fb4914a52f22ab23e83e60f1 3a4153a0531933048ae28d84e5426a3d725e89b6d41e6206c03cc5965280d8a4 Loading...

HTTP Transactions (33)

URL IP Response Size

evgbin.com/cr38l3k.php?key=8ec3e9b48b1b607e7e46&clickId=GMvsAzj3kgNohIgrcLPdgwHoAbnvSPEBAAAAAAAAHED5ASlcj8L1KBRAgAKmgOD_hfrc0gE&Cost=0&zoneId=1193913&ageGroup=UNKNOWN&campaignId=705540&feed=0&browserVersion=0&os=windows&osVersion=win_10&carrier=Google+user-triggered+fetchers&creativeId=2158259&browser=Other

157.90.94.62

307 Temporary Redirect

0 B

URL User Request GET HTTP/2
evgbin.com/cr38l3k.php?key=8ec3e9b48b1b607e7e46&clickId=GMvsAzj3kgNohIgrcLPdgwHoAbnvSPEBAAAAAAAAHED5ASlcj8L1KBRAgAKmgOD_hfrc0gE&Cost=0&zoneId=1193913&ageGroup=UNKNOWN&campaignId=705540&feed=0&browserVersion=0&os=windows&osVersion=win_10&carrier=Google+user-triggered+fetchers&creativeId=2158259&browser=Other
IP
157.90.94.62:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectevgbin.com
Fingerprint90:93:79:5B:FE:E9:21:F5:D4:30:93:10:5D:19:CD:F8:13:1A:96:96
ValidityTue, 07 May 2024 12:59:35 GMT - Mon, 05 Aug 2024 12:59:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cr38l3k.php?key=8ec3e9b48b1b607e7e46&clickId=GMvsAzj3kgNohIgrcLPdgwHoAbnvSPEBAAAAAAAAHED5ASlcj8L1KBRAgAKmgOD_hfrc0gE&Cost=0&zoneId=1193913&ageGroup=UNKNOWN&campaignId=705540&feed=0&browserVersion=0&os=windows&osVersion=win_10&carrier=Google+user-triggered+fetchers&creativeId=2158259&browser=Other HTTP/1.1
Host: evgbin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Fri, 10 May 2024 08:21:18 GMT
location: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
server: Caddy
set-cookie: uclick=nruMxVsIMNo11LX8bmCY5UqENDUH0/tkKMm84q+UROZFjZEdahWNlCigHLs+tVn99MGTGZnY; Max-Age=31536000; SameSite=Lax
bcid=couthvj4mbic7393ps40; Max-Age=31536000; SameSite=Lax
cid=couthvj4mbic7393ps40; Max-Age=31536000; SameSite=Lax
x-request-id: 1c53670a-d0c7-4ec8-a28a-754616fbcc77
content-length: 0
X-Firefox-Spdy: h2

domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40

185.254.198.31

200 OK

4.0 kB

URL User Request GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
4.0 kB (4022 bytes)
Hash
0a225335916773c7c6c3c1d2b9347fa2
80d7cce35be646fb22c4508de1f77e5e88bf1e22
da20e1aac402c6a58154f387915fbb1a9c22489be9c561712d3b3cb96cfa97f6

HTTP Headers

GET /Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: text/html
Content-Length: 4022
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-fb6"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/multilang/cookie.js

185.254.198.31

200 OK

2.4 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/multilang/cookie.js
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
JavaScript source, ASCII text
Size
2.4 kB (2425 bytes)
Hash
6c3c07f6b4fceb0275703dc8de8abcaf
e356f252f803d8a712738693dec21778170582be
3bd24fff093bf801351774ac038e07c046ebc272186c99b6e45c872b74d712d1

HTTP Headers

GET /Evg_LeftToSurvive/multilang/cookie.js HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: application/javascript
Content-Length: 2425
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-979"
Accept-Ranges: bytes

push-sdk.net/f/sdk.js?z=1007153

178.63.248.57

200 OK

15 kB

URL GET HTTP/2
push-sdk.net/f/sdk.js?z=1007153
IP
178.63.248.57:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.net
FingerprintEF:07:FF:9E:FF:54:65:75:76:5D:48:DC:E3:45:59:45:0B:9A:86:95
ValiditySun, 14 Apr 2024 03:34:59 GMT - Sat, 13 Jul 2024 03:34:58 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (53344), with no line terminators
Size
15 kB (14884 bytes)
Hash
df17f9793d0bbfbec3c9285f3dcc6200
12f0459f4095371bee63e6dd5f04ea9451cff933
1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7

HTTP Headers

GET /f/sdk.js?z=1007153 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 08:21:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 14884
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2

domagain.click/Evg_LeftToSurvive/multilang/langs.js

185.254.198.31

200 OK

1.5 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/multilang/langs.js
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
JavaScript source, ASCII text
Size
1.5 kB (1481 bytes)
Hash
caf95d09b60756faedd74ca70a4800bb
bb1832d27f4a2696fba6d900332edf292369c72a
988f11d3102dfe317d89827b316b8f2f077c1cd66ac611013da6b6ace31ff3a9

HTTP Headers

GET /Evg_LeftToSurvive/multilang/langs.js HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: application/javascript
Content-Length: 1481
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-5c9"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/style/style.css

185.254.198.31

200 OK

6.5 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/style/style.css
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
ASCII text
Size
6.5 kB (6535 bytes)
Hash
0a73e4864395eb142ae72aef710f0869
76069abdffbb9978c7b9129ab4eca7d0f56dd106
b9011a4c8d263f8dfbc847058623d5ca54f1333264c3286c0b864d6c4a5f528e

HTTP Headers

GET /Evg_LeftToSurvive/style/style.css HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: text/css
Content-Length: 6535
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-1987"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/scripts/script.js

185.254.198.31

200 OK

822 B

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/scripts/script.js
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
ASCII text, with CRLF line terminators
Size
822 B (822 bytes)
Hash
fb4b8ec18ebdc55173208fe7d476f7c0
b97e2ff70046a17f64a3b145552d3e1b84b50337
4e24bdf110e9be830a288b635a2162a36dea6af38a585247a0877df71a7fc372

HTTP Headers

GET /Evg_LeftToSurvive/scripts/script.js HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: application/javascript
Content-Length: 822
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-336"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/gb1.png

185.254.198.31

200 OK

13 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/gb1.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
13 kB (13189 bytes)
Hash
02969c3b8f167fba050928541169d755
7428e6abf487d5032104c276a3f011cb7ca6506f
529fecd014023e8319be1a82d085c86997f4aa276d0f430678a43d1d5d27470e

HTTP Headers

GET /Evg_LeftToSurvive/media/gb1.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 13189
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-3385"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/pb1.png

185.254.198.31

200 OK

14 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/pb1.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
14 kB (13809 bytes)
Hash
b8fa6f41e58313127030c712256d0e20
a514365b9f12f790fa2a6503a9108d192da1aa5d
76a131ae0ae2e4fc408e547bafe576fa4b8e139588498d3aae3af11ba8bcb033

HTTP Headers

GET /Evg_LeftToSurvive/media/pb1.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 13809
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-35f1"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/arrow-top.svg

185.254.198.31

200 OK

196 B

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/arrow-top.svg
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
SVG Scalable Vector Graphics image
Size
196 B (196 bytes)
Hash
53bed279e22a966de2e5660aa94f1b36
991389dc21ce9d849d471c1b59c8787203f26739
8690b38f581cfab1bd8c34ec3ee62ab9c15a2bacdd909084656f76077f6588d4

HTTP Headers

GET /Evg_LeftToSurvive/media/arrow-top.svg HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/svg+xml
Content-Length: 196
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-c4"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/gb3.png

185.254.198.31

200 OK

10 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/gb3.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
10 kB (10506 bytes)
Hash
3655fda4985e655f7e39e9d678b2df21
a783af53529a4f1f62cd21c63e89efb388482b48
208ad0a0943fd0c149ab1a41edd6e6d1043f1f998fa9a32b3ac4b5b323bd7629

HTTP Headers

GET /Evg_LeftToSurvive/media/gb3.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 10506
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-290a"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/rb3.png

185.254.198.31

200 OK

18 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/rb3.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
18 kB (18149 bytes)
Hash
2f46c4c21c28ee3c9f403461d8305f04
c29fe152308c6692444b8dbd8b97b43bad5c1600
d257ff6bb14cb62d247e49eed9e029fa56dd98fbb38250a4702585e70dfc4290

HTTP Headers

GET /Evg_LeftToSurvive/media/rb3.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 18149
Last-Modified: Thu, 09 May 2024 16:49:31 GMT
Connection: keep-alive
ETag: "663cfe9b-46e5"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/arrow-down.svg

185.254.198.31

200 OK

194 B

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/arrow-down.svg
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
SVG Scalable Vector Graphics image
Size
194 B (194 bytes)
Hash
a3d96d6455b745024b46e5575d810e1e
e1a4c28b8418d807c83d4b1a89358187b6fb0d83
4a684a1b21f96233295e2d003a913e6aa0fe342f7dc20e2f53335a804bab4b71

HTTP Headers

GET /Evg_LeftToSurvive/media/arrow-down.svg HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/svg+xml
Content-Length: 194
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-c2"
Accept-Ranges: bytes

push-sdk.net/event?z=1007153

178.63.248.57

200 OK

0 B

URL POST HTTP/2
push-sdk.net/event?z=1007153
IP
178.63.248.57:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.net
FingerprintEF:07:FF:9E:FF:54:65:75:76:5D:48:DC:E3:45:59:45:0B:9A:86:95
ValiditySun, 14 Apr 2024 03:34:59 GMT - Sat, 13 Jul 2024 03:34:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?z=1007153 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 101
Origin: https://domagain.click
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 08:21:19 GMT
content-length: 0
access-control-allow-origin: https://domagain.click
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

domagain.click/Evg_LeftToSurvive/media/rb1.png

185.254.198.31

200 OK

21 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/rb1.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
21 kB (20767 bytes)
Hash
a205de660a0416d3281509dbb537b224
f1d9df02b9ef7f931343e8dccc0dcb6d3df3d6e8
5747943f66b4ed2c2bb748c16e17d01a23f7d3cdf1365ef1e06e3450be06195e

HTTP Headers

GET /Evg_LeftToSurvive/media/rb1.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 20767
Last-Modified: Thu, 09 May 2024 16:49:31 GMT
Connection: keep-alive
ETag: "663cfe9b-511f"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/pb2.png

185.254.198.31

200 OK

17 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/pb2.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
17 kB (16916 bytes)
Hash
4da59c000125d9e5d5949775e6b8f8a2
694c27a273ec552d29f6e65aae976471d3f42f9a
cb6ce908a01902796ba5dc4ed81d6cb332ff9a3ab90382a75bc633634b4792cc

HTTP Headers

GET /Evg_LeftToSurvive/media/pb2.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 16916
Last-Modified: Thu, 09 May 2024 16:49:31 GMT
Connection: keep-alive
ETag: "663cfe9b-4214"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/bb1.png

185.254.198.31

200 OK

12 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/bb1.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
12 kB (12178 bytes)
Hash
5c707e3bed3d24ac453381c66574cfc4
2ea4894d5d30234cc3ce92ddda468ac54d5b077c
fbaf1a07b6736fae717dac846b28fe74ed0cbf2bc767b0241afca835bd382977

HTTP Headers

GET /Evg_LeftToSurvive/media/bb1.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 12178
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-2f92"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/pb3.png

185.254.198.31

200 OK

15 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/pb3.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
15 kB (14599 bytes)
Hash
ec208ace606d480270119a54cafc4ebe
43810f2b0c6fafc7b6378bea1cade574a7782783
191d36c860d53177845a0d3b04d619884c20304f983ad101b4ad81d7d975d6bc

HTTP Headers

GET /Evg_LeftToSurvive/media/pb3.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 14599
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-3907"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/bb2.png

185.254.198.31

200 OK

15 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/bb2.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
15 kB (15288 bytes)
Hash
30c2eb15d00250eef647c013fb2ffee9
02031a135af3bb442561064239985f081fad4150
e63dad5c51b9e30185cc6864c4f6f6cdb369d182d1d7d6191d2b3a205f2df1af

HTTP Headers

GET /Evg_LeftToSurvive/media/bb2.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 15288
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-3bb8"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/gb2.png

185.254.198.31

200 OK

13 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/gb2.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
13 kB (12665 bytes)
Hash
019c207196066f6fea10b80c79400578
12dcd9173a8cb0eb26bf9dae91cbc0ef11c1ec68
4461f96eb8d8c36573d7c4292eed3743eaa692aedd923b74b66d6621862f26f9

HTTP Headers

GET /Evg_LeftToSurvive/media/gb2.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 12665
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-3179"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/gb4.png

185.254.198.31

200 OK

13 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/gb4.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
13 kB (12809 bytes)
Hash
0e5fa8d0ab79df3e0c1d8d920c5c8c10
b73c6125e150fdc049f160f309447d743d1cedb3
9b33c4462978507092feb08a847f9330edd030f8e1ab3a3460623db9ef974c8e

HTTP Headers

GET /Evg_LeftToSurvive/media/gb4.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 12809
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-3209"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/bb3.png

185.254.198.31

200 OK

14 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/bb3.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
14 kB (14273 bytes)
Hash
03ee2660c343fd3c626b7b5e1e8f053b
b953b103db983416c4bcd240124779c209961eeb
9c0c893c149d221eff9f000219f2f45c743fe2ad1357553859a631733b863ef9

HTTP Headers

GET /Evg_LeftToSurvive/media/bb3.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 14273
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-37c1"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/rb2.png

185.254.198.31

200 OK

23 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/rb2.png
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
PNG image data, 346 x 256, 8-bit colormap, non-interlaced
Size
23 kB (23046 bytes)
Hash
f2af8793265743c28389f6034caa6221
8dd5db033f83fb547957226fcf7fcf7e5ec90ade
e288953990d153643f53f22a91260a98ede7409965aad05b5b6fc17d6845c05b

HTTP Headers

GET /Evg_LeftToSurvive/media/rb2.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 23046
Last-Modified: Thu, 09 May 2024 16:49:31 GMT
Connection: keep-alive
ETag: "663cfe9b-5a06"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/bg.jpg

185.254.198.31

200 OK

284 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/bg.jpg
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=164, yresolution=172, resolutionunit=2], baseline, precision 8, 1920x1200, components 3
Size
284 kB (283730 bytes)
Hash
6b67842584abd3cb78b6ae21ae9a8847
bb9208314daed01112c090d35642d71f8fca5714
6a3f7894cf2433491bde509e230d3d107e0946179ca027a1e7468049621fb01b

HTTP Headers

GET /Evg_LeftToSurvive/media/bg.jpg HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/style/style.css
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/jpeg
Content-Length: 283730
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-45452"
Accept-Ranges: bytes

domagain.click/Evg_LeftToSurvive/media/favicon.ico

185.254.198.31

200 OK

4.3 kB

URL GET HTTP/1.1
domagain.click/Evg_LeftToSurvive/media/favicon.ico
IP
185.254.198.31:443
ASN
#30860 Virtual Systems LLC

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerLet's Encrypt
Subjectdomagain.click
Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34
ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
26127b8cf81c19439e9a42da9b6f9f95
4d99c0c0188823ec70e0ca8d7d9c50b807857d3d
66e88d1139311cdf8e39a0b8ba809f90a824eee2fb36e37c218f6b6b2e1ffba2

HTTP Headers

GET /Evg_LeftToSurvive/media/favicon.ico HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:20 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-10be"
Accept-Ranges: bytes

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css

142.250.74.131

200 OK

4.0 kB

URL GET HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 15:31:59 GMT
expires: Thu, 08 May 2025 15:31:59 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 146961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main

216.58.211.10

200 OK

73 kB

URL GET HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (2297)
Size
73 kB (72582 bytes)
Hash
bf47475b5b52d458f577a3413e6643a5
97bc58b845b8be59fb4914a52f22ab23e83e60f1
3a4153a0531933048ae28d84e5426a3d725e89b6d41e6206c03cc5965280d8a4

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 72582
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:15:50 GMT
expires: Fri, 09 May 2025 17:15:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 May 2024 17:11:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.131

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 06:54:36 GMT
expires: Wed, 07 May 2025 06:54:36 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 264404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

142.250.74.163

200 OK

3.3 kB

URL GET HTTP/2
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3340 bytes)
Hash
2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 23:45:27 GMT
expires: Fri, 09 May 2025 23:45:27 GMT
cache-control: public, max-age=31536000
age: 30953
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.74

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 10 May 2024 08:21:20 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=cKODk07FDEel_2RLAyw6XpFbddd-H6YFEK93tgVExgnedOvQIycxzvUom4OS1IlfRT5Xaowt5x3IWgBycCgIlbLMbNJwB2KZTKijWjTVt66gmQQzdPOX8I5XWYovA-YfDtkwp964vdoc5rs4UGcFybvSc__Ao66TGyn_72_wxbg; expires=Sat, 09-Nov-2024 08:21:20 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Fri, 10 May 2024 08:21:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

216.58.211.10

200 OK

0 B

URL OPTIONS HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://domagain.click/
Origin: https://domagain.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://domagain.click
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 10 May 2024 08:21:30 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

216.58.211.10

200 OK

131 B

URL OPTIONS HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domagain.click/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1190
Origin: https://domagain.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://domagain.click
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 10 May 2024 08:21:30 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

216.58.211.14

200 OK

89 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (2064)
Size
89 kB (89377 bytes)
Hash
9de20623b82bc1cf3023d5c898180f37
084d83094721141cde06ca542d5c9c401f48b537
5c7857466946b28f88b1dbaa72a084ffc35ba8c978a88cac4e22a54e9d349bc8

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 08:21:20 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML