Report - ensafim.click/hanso/rxgkzvlgla&ss=tw&rt=2024+Aristocrat+stock+must+your+-+mencsom.click&cd=KhMxMDY3NjE3MzMxMjQxNTEwNDU0AB12ABCDEFGHIJKLMNOPQ2UyOmNvbS5hdTplbjpBVQ&ssp=AMJHsmWI7FQbSXBkyN6kchdvgfED11LelQ

Report Overview

Submitted URL
ensafim.click/hanso/rxgkzvlgla&ss=tw&rt=2024+Aristocrat+stock+must+your+-+mencsom.click&cd=KhMxMDY3NjE3MzMxMjQxNTEwNDU0AB12ABCDEFGHIJKLMNOPQ2UyOmNvbS5hdTplbjpBVQ&ssp=AMJHsmWI7FQbSXBkyN6kchdvgfED11LelQ
IP
172.67.222.70
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 08:30:27
Access
public
Website Title
Lust Goddes
Final URL
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
holdhostel.space	unknown	2024-02-21	2024-02-21	2024-05-07	556 B	2.4 kB	172.67.192.172
ln.gamesrevenue.com	117740	2014-05-30	2017-01-29	2024-05-02	406 B	16 kB	5.161.79.44
agitationfourthplug.com	unknown	2023-12-06	2023-12-06	2024-03-22	2.5 kB	4.0 kB	172.240.127.234
theeverydaygame.com	unknown	2024-03-01	2020-12-16	2024-05-02	8.5 kB	521 kB	172.67.163.114

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	agitationfourthplug.com	Sinkholed
2024-05-10	medium	agitationfourthplug.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	theeverydaygame.com/lg/lg_0324/land_lg_090324_en/scripts/main.js	292 B	2023-03-08	2024-05-20
Pretty URL theeverydaygame.com/lg/lg_0324/land_lg_090324_en/scripts/main.js IP 172.67.163.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:27 Last Seen2024-05-20 20:38:44 Times Seen417 Hash 7d34f846662d075cf9776018c9168a7e f3f5f181061268bb7e4bc326dbaec7f2c84d7857 adab57bc821cebfedc845c7b18ca9f55287eff4ef3a11f7f9dd5eda572418628 Loading...

	theeverydaygame.com/lg/lg_0324/land_lg_090324_en/libs/jquery.min.js	87 kB	2023-03-07	2024-05-20
Pretty URL theeverydaygame.com/lg/lg_0324/land_lg_090324_en/libs/jquery.min.js IP 172.67.163.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-20 20:53:16 Times Seen115505 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	ln.gamesrevenue.com/px1.js	15 kB	2023-12-23	2024-05-20
Pretty URL ln.gamesrevenue.com/px1.js IP 5.161.79.44 ASN #213230 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-23 09:34:48 Last Seen2024-05-20 20:38:44 Times Seen1338 Hash b01fc426cbc4f33a52a28ee9ca2e2050 577332c8c5f62167ad432c5d20b3ca285e75c91e d40fc3bebe2dc3c28f08f2f4f5a6059425ccc5541ada3f0945f7539e90374441 Loading...

	theeverydaygame.com/awpx_click.js?v=005	1.5 kB	2023-03-26	2024-05-20
Pretty URL theeverydaygame.com/awpx_click.js?v=005 IP 172.67.163.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:11:56 Last Seen2024-05-20 20:38:44 Times Seen1386 Hash 7aeb87811ad3a82fde3e2783544819ee d1d9174cbcbb1abdccee6841f170ba21f899925b 7fff603702e9bea03cf47ba47947bb7f8655eb7fcb1c8f7091e9a38d8f5d949c Loading...

HTTP Transactions (17)

URL IP Response Size

agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZQ==

172.240.127.234

1.4 kB

URL
agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZQ==
IP
172.240.127.234:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (456)
Size
1.4 kB (1367 bytes)
Hash
8688cbf0a4d8bda0c37a4271ae25157b
0b0230c089e6745f79681a5611ea7d334f25e73b
bf94c8e2171bb5273d6fca9062675a00aa2b1148e7dcbf0d303fce7a8aaf5622

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZQ== HTTP/1.1
Host: agitationfourthplug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ensafim.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 08:30:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18974811; expires=Sat, 11 May 2024 08:30:01 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODk3NDgxMSwiayI6IjU1ZjE3YTlmZWU2OGVhMWI2ZjRjY2ZhMmQ5NmVjZjZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMzk3OTA2LCJwaWQiOjE2NDUzNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoiaWo2c2s3czEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZW5zYWZpbS5jbGljay8iLCJhciI6W119fQ.x9uNY5t7y0435lKszjl4H59MiMgxLFB78dOKQqzIfHM; expires=Fri, 10 May 2024 08:31:01 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be4c334167f83908fa069ebb440738e2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZSZwc3Q9MTcxNTMyOTg2MSZyZWZlcj1odHRwcyUzQSUyRiUyRmVuc2FmaW0uY2xpY2slMkYmcm10Yz10JnNodT1kNDA4ZTJjN2UwYzY5Njc0NTExMTliZWI2ZTk0NTMzZTQ1MjMyOGMyYjNmN2NmYjM0MWUxNWEyODQzNTU5MmNlOTAzNjQ2YzdiMGFjY2MyNDFhYzNjMjM3MjEzODFlOTY1MTU5ZmQ1MWYzYzU1ZjY2ZTY2NzljZTJmMTU0NmVkOTRjMDA4NGFmMTA1MmE1M2U0MjFhYjI5OWY0OGM0MTljNmU0NjEzNmU3MTNiYzI1NGI1NTljZTVmM2Q1ZTg2&uuid=&pii=&in=false

172.240.253.132

302 Found

0 B

URL User Request GET HTTP/1.1
agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZSZwc3Q9MTcxNTMyOTg2MSZyZWZlcj1odHRwcyUzQSUyRiUyRmVuc2FmaW0uY2xpY2slMkYmcm10Yz10JnNodT1kNDA4ZTJjN2UwYzY5Njc0NTExMTliZWI2ZTk0NTMzZTQ1MjMyOGMyYjNmN2NmYjM0MWUxNWEyODQzNTU5MmNlOTAzNjQ2YzdiMGFjY2MyNDFhYzNjMjM3MjEzODFlOTY1MTU5ZmQ1MWYzYzU1ZjY2ZTY2NzljZTJmMTU0NmVkOTRjMDA4NGFmMTA1MmE1M2U0MjFhYjI5OWY0OGM0MTljNmU0NjEzNmU3MTNiYzI1NGI1NTljZTVmM2Q1ZTg2&uuid=&pii=&in=false
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjectagitationfourthplug.com
Fingerprint8F:EA:57:BE:91:5E:09:C9:93:21:ED:7A:26:C2:DF:F3:58:17:E2:82
ValidityThu, 04 Apr 2024 15:47:55 GMT - Wed, 03 Jul 2024 15:47:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZSZwc3Q9MTcxNTMyOTg2MSZyZWZlcj1odHRwcyUzQSUyRiUyRmVuc2FmaW0uY2xpY2slMkYmcm10Yz10JnNodT1kNDA4ZTJjN2UwYzY5Njc0NTExMTliZWI2ZTk0NTMzZTQ1MjMyOGMyYjNmN2NmYjM0MWUxNWEyODQzNTU5MmNlOTAzNjQ2YzdiMGFjY2MyNDFhYzNjMjM3MjEzODFlOTY1MTU5ZmQ1MWYzYzU1ZjY2ZTY2NzljZTJmMTU0NmVkOTRjMDA4NGFmMTA1MmE1M2U0MjFhYjI5OWY0OGM0MTljNmU0NjEzNmU3MTNiYzI1NGI1NTljZTVmM2Q1ZTg2&uuid=&pii=&in=false HTTP/1.1
Host: agitationfourthplug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT05Y2E2MDFhOWY0N2M3MzVkZjc2ZDVjYTQ2ZmEyNmE2NiZzdWJtZXRyaWM9MTg5NzQ4MTE
Cookie: u_pl=18974811; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODk3NDgxMSwiayI6IjU1ZjE3YTlmZWU2OGVhMWI2ZjRjY2ZhMmQ5NmVjZjZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMzk3OTA2LCJwaWQiOjE2NDUzNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoiaWo2c2s3czEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZW5zYWZpbS5jbGljay8iLCJhciI6W119fQ.x9uNY5t7y0435lKszjl4H59MiMgxLFB78dOKQqzIfHM; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 10 May 2024 08:30:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://holdhostel.space/?6622842d7176c&ag_custom_domain=18974811
Set-Cookie: iprc382774794a4203869ae74d31d88d91e1=5188702; expires=Sat, 11 May 2024 08:30:02 GMT
pdhtkv=true; expires=Sat, 11 May 2024 08:30:02 GMT
uncs=1; expires=Sat, 11 May 2024 08:30:02 GMT
pdhtkv28=true; expires=Sat, 11 May 2024 08:30:02 GMT
uncs28=1; expires=Sat, 11 May 2024 08:30:02 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b3ea0ad9196981efe5a544a9f80084e6
Strict-Transport-Security: max-age=0; includeSubdomains

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/notice.png

172.67.163.114

200 OK

36 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/notice.png
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
PNG image data, 867 x 112, 8-bit colormap, non-interlaced
Size
36 kB (36380 bytes)
Hash
7316951b03c50f8b19d2581f000987b4
59d77ce4daafcfe93ae80690eada76cfdf31c655
06b413f4ed23c6076f4d636d99fcb1c7226caa7e78ebac86d8975b0d4ea1eaf6

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/image/notice.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: image/png
content-length: 36380
last-modified: Tue, 12 Mar 2024 16:34:58 GMT
etag: "65f08432-8e1c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0b9NKUe9hS3j0Q1XeOIbCEJvy7QuufbV0qWLBtsfQTYOhHLnTg0bJXKxf42VdGVkZe%2FLZXV1ow8wg3vVdwyT%2BlnWvkFqKq2hG42bAc5%2BLUK%2B5l%2B0RI5N2Xfl0U2Ta3E07PeEojGV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a4c8f756b5-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/1.jpg

172.67.163.114

200 OK

76 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/1.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, baseline, precision 8, 334x494, components 3
Size
76 kB (75575 bytes)
Hash
d92d5c5a1127b3bd5b6cd6999abb4b85
acf50534137d4dd43930fa080d624f7f724f0cd0
9b809dcbad6e5ad1607417163f7d8e0f2dd0a374615c2d1d8d2d91b74793822f

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/image/1.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: image/jpeg
content-length: 75575
last-modified: Tue, 12 Mar 2024 16:34:56 GMT
etag: "65f08430-12737"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fyU1KZL6VqDk1iPizAk5sjd%2FT6qLUZVyrZJOSpetIWTuUnVJD3EOOSxMsqdhmd9TQ5eMyQtepsSIo11j6Cfm%2BSlz3XX91bdDG6KG%2BXGGrpfk3r4syFQrP9kBw4J3zUdHScp7020c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a4c8fc56b5-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/2.jpg

172.67.163.114

200 OK

63 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/2.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, baseline, precision 8, 334x494, components 3
Size
63 kB (63244 bytes)
Hash
8f273547f5dedfd0f5e4874d085f909c
fee16db489d5f992c20897686c4b300dc7813c16
6a45bc1e1d44d11f8d6e340e80c0f020a9cbe9544fe7d107b022fe8534aeda30

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/image/2.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: image/jpeg
content-length: 63244
last-modified: Tue, 12 Mar 2024 16:34:56 GMT
etag: "65f08430-f70c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3551
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BQUXPQwDELE3hdeTjBSPgsETQ3x9dohWD%2BMdvvYZGzvwSfDU6VZASt1t2NyvcjQMV3YOa9O2TUx2%2Fo9hK7pcU5cCAZ%2FdAVeAEWD%2FQ6XFWMpIzpvRjcNdZ10NP6%2F%2BLR78tsQv1SP%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a4c90656b5-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/3.jpg

172.67.163.114

200 OK

68 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/3.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, baseline, precision 8, 334x494, components 3
Size
68 kB (67488 bytes)
Hash
520610908474b4b5e31b221344ef5a7c
5e6cdc0a25ae20c44e132f24b1e9dc88dbe1dad9
1e3f6bbed20302cba9858b78afb0bf0db80b26fd35c7ee314985489252221dad

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/image/3.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: image/jpeg
content-length: 67488
last-modified: Tue, 12 Mar 2024 16:34:57 GMT
etag: "65f08431-107a0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 781
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DhqltogOLlrQpfy6oTCwQFe71GM2qX3qswTJZAI1Qm6t7GMZTQl2z25rrKjo4ZUiLZlE6x%2F6RL2AWclpojlERFgMgIzzG0tsyuai0SpI%2BHZOnYX43r3omqCvbPEh0%2FAeZRUHQfEJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a4c90b56b5-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/4.jpg

172.67.163.114

200 OK

69 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/4.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, baseline, precision 8, 334x494, components 3
Size
69 kB (68842 bytes)
Hash
fae1701ccce2f3ec4d4540333662d24a
ad3a4b2ca3860f4ae4c84cb68bfd5f8360c644d1
d91303ba17e80a231cd3e32c4ce70231ac8617b4c9b0f754c734941976ee923e

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/image/4.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: image/jpeg
content-length: 68842
last-modified: Tue, 12 Mar 2024 16:34:57 GMT
etag: "65f08431-10cea"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2221
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oNW0ZnZn6rO8smTHDpaNdBMPiiP7gbGpDiGJfBgObIVAE1mkExzn4h3kU%2BYM3vMG2%2BRgxmP4ekQOfCOgqmSlVqhNKXCKmaZdQTUDLTsWcTOxEgygSBS0UbLAHijo2rtn2MD3xgW%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a4d91356b5-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/button.png

172.67.163.114

200 OK

12 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/button.png
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
PNG image data, 345 x 124, 8-bit/color RGBA, non-interlaced
Size
12 kB (11908 bytes)
Hash
72ac404291d1849aac0aa1330297e7df
9206af27feba8f502823472c7a73e8f4fe0437c5
750619c204c2d4eb7654f9f7d7a8c34c57333b95214168ec43065a2d58744135

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/image/button.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: image/png
content-length: 11908
last-modified: Tue, 12 Mar 2024 16:34:58 GMT
etag: "65f08432-2e84"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6806
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lwlJOTbg1%2BIcGYaHa%2F8E5V%2B7mHidS5dyuGTaWedrjN%2F2%2Bij2be%2FPXy6CyW%2FLZZn7Np6Zoe8vyBXaBpG3DWLxy0vFjoMwzwewcwOyh9HH6jG4QToR0pFd3bnpx84W83OSZZU5gGr8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a4d92056b5-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/css/main.css

172.67.163.114

200 OK

1.1 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/css/main.css
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
ASCII text, with very long lines (2093), with no line terminators
Size
1.1 kB (1117 bytes)
Hash
31823cbd645e0ba6fbf4dac6cf9d66c4
f15b3783e3646bcab7ec0be83cba38cd94e2802b
101fb6b4f172f145a4e7217420dcc49d9566fae074d7eaccf190fece72db2236

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/css/main.css HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: text/css
last-modified: Tue, 12 Mar 2024 16:34:55 GMT
etag: W/"65f0842f-82d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1866
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4W7lR4KYuZvMk4%2BTb90wE%2FxffPvNyG%2FmMdK%2Fj7GH5gsmQBEJ6pH6099QUjJG2NLE8oTll2nepOfgYDgg4HKIQydZetp2dF4PllCnSKam%2FZdd90Q42NPM5KI%2F9fZSRE0pXnnHkkrr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a4c8ec56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/awpx_click.js?v=005

172.67.163.114

200 OK

1.1 kB

URL GET HTTP/3
theeverydaygame.com/awpx_click.js?v=005
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
ASCII text
Size
1.1 kB (1104 bytes)
Hash
7aeb87811ad3a82fde3e2783544819ee
d1d9174cbcbb1abdccee6841f170ba21f899925b
7fff603702e9bea03cf47ba47947bb7f8655eb7fcb1c8f7091e9a38d8f5d949c

HTTP Headers

GET /awpx_click.js?v=005 HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: application/javascript
last-modified: Thu, 09 Mar 2023 09:49:36 GMT
etag: W/"6409abb0-5d2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5411
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ro1ewgXnY5GKd7MvstjehsnWV8%2F8NJe78hCJTBP35N92HzR%2B1%2FsKxnUgI7gD2jXIYOgXO3Efcl4p7NhG9KXo70B32%2Br9nMjeJiFzF1ezs%2FLZ8NIb%2FCjDsnCkMhdRnii5lHkyG675"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a4c8f056b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/libs/jquery.min.js

172.67.163.114

200 OK

32 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/libs/jquery.min.js
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
32 kB (31784 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/libs/jquery.min.js HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:35:01 GMT
etag: W/"65f08435-1538f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6807
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4SZSHoSoNn%2BebdmV%2BY2JiCWJqzv7cKJcW1oq4qqfCGfoUC75SigL0PX3g5oi9ukhPOJXoFcoTZpsGvWPNiIIRzNDSKFHDX%2FhH8a91NKY6v0LA54FpTpHj9DAY59fd7fdF5dTgzys"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a4c8ee56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169

172.67.163.114

200 OK

8.2 kB

URL User Request GET HTTP/2
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
HTML document, ASCII text
Size
8.2 kB (8233 bytes)
Hash
61a1d71a6dcae3c1d70913adfc0fe976
71e1d1ad3c787eb306271b1ac19c19f2b65a1cee
46cd0179da96d6d958b64ea21d7fe4e9c79ea9670e3695844d56788fff1ccb85

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169 HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agitationfourthplug.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 08:30:02 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2FRyM4vWxwI5PwxqL7MBrTTieYwEvLhq%2BPCzAmqwALbUL7a7dGozZ8AK6hxnqoB7EV22QexvXuVL5pzvAoDEign%2ByGd3jRBebiM%2FCTtpPz5YVk3%2FSuinJKm6Ab3xUmfJaTpx76w2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881890a2dc9456cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/bg.jpg

172.67.163.114

200 OK

145 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/bg.jpg
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3
Size
145 kB (145065 bytes)
Hash
611931bc9b4d5e585ab793f225e4f616
a141f65f4cbf210f42593cfe8508255cca9cc969
35210bab807a9ba2c348e212da0c4b44fad8dfe64735d9b8ae9f3bf3238b1c91

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/image/bg.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: image/jpeg
content-length: 145065
last-modified: Tue, 12 Mar 2024 16:34:57 GMT
etag: "65f08431-236a9"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3329
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rek9sPWIrLBaQAZtoX62Wi6ryTWJ7Ka1NMyBolNiFAczeyOVe9qfVfU2YMdjuurW13n6Neac41eZ38ojHAhBQwSSKJpxBXg0bqRytHddkjyyzr6DFg7wp5xiPqzSRPyk9fodqqWm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a6fd1c56b5-OSL
alt-svc: h3=":443"; ma=86400

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/fav.png

172.67.163.114

200 OK

1.4 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/image/fav.png
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
1.4 kB (1425 bytes)
Hash
10c5dd857fd3653492ef5eeaa86cd48b
193484a907a40d7b145af2136ef83bef593d2f21
a689201508b9dc7b2cc3049c7d89947f96a19790411506ecd6eb1875374fe329

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/image/fav.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: image/png
content-length: 1425
last-modified: Tue, 12 Mar 2024 16:34:58 GMT
etag: "65f08432-591"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2871
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZnnnulhoQULV4uof9kpuI6HcjPXvaLj5CTMuyCBGjtfYw%2BvT77pq4ygKpxrVDcfkAIA4C%2FTfRDUlGTfSoTn4ybE0iLQUupYcanmq94z0neGWJHNqinL16kPN%2BudraALVlgeZ42YO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a72d6656b5-OSL
alt-svc: h3=":443"; ma=86400

holdhostel.space/?6622842d7176c&ag_custom_domain=18974811

172.67.192.172

302 Found

1.4 kB

URL User Request GET HTTP/2
holdhostel.space/?6622842d7176c&ag_custom_domain=18974811
IP
172.67.192.172:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectholdhostel.space
Fingerprint30:62:41:BC:7C:17:FC:EE:0D:5B:5B:39:AE:06:1C:8A:08:6D:67:D6
ValiditySat, 20 Apr 2024 18:12:17 GMT - Fri, 19 Jul 2024 18:12:16 GMT

File type

Size
1.4 kB (1361 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?6622842d7176c&ag_custom_domain=18974811 HTTP/1.1
Host: holdhostel.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agitationfourthplug.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 08:30:02 GMT
content-type: text/html
location: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
set-cookie: c_2022b6829ad3bc8a5d74a4bfe5cf4db8=1; Expires=Sat, 11-May-24 08:30:02 GMT; Domain=holdhostel.space; Path=/; Secure; SameSite=None
z_dd834028817d054ef3568898fa07ee8f=1; Expires=Sat, 11-May-24 08:30:02 GMT; Domain=holdhostel.space; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNz65VMFnbUEPxbvpI32Eh%2FC3FjHPABb%2BCjpJ%2Fu0iySWi2qbqRwyFS0LeQmEcxqJz%2BWDErWNKIyVxYFz2Ouy4CVaCZXebhMqLd4mwwoT9TwSU4%2FCYerOwg38rQvKkoxBOaCx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881890a1fbf456bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

theeverydaygame.com/lg/lg_0324/land_lg_090324_en/scripts/main.js

172.67.163.114

200 OK

292 B

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_090324_en/scripts/main.js
IP
172.67.163.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subjecttheeverydaygame.com
FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39
ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT

File type
JavaScript source, ASCII text, with very long lines (312), with no line terminators
Size
292 B (292 bytes)
Hash
e0c5f909c7b1d6ecd7c0d944091d6d34
8627c5b393db081344850b627e9117a70acfdfaf
df14f7f57354b74ce353256eaa88007d605df3177a1465303fa6cd5633f4473a

HTTP Headers

GET /lg/lg_0324/land_lg_090324_en/scripts/main.js HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 08:30:03 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:35:02 GMT
etag: W/"65f08436-124"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dGbq%2BDBi3PQ1QRIK2GbeTisxgMHapmZaJU9YFh%2F1Gxcgi6cmjlRGqzoMZE3MObV%2FMkjOV3U76UaX2sO4WFK%2Fgzkc8w6J3FQwANc3I6Hg3OMaOixiJ5KG%2FqH%2FkqdF9PgDtWVm%2BY%2FC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881890a4d92156b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ln.gamesrevenue.com/px1.js

5.161.79.44

200 OK

15 kB

URL GET HTTP/2
ln.gamesrevenue.com/px1.js
IP
5.161.79.44:443
ASN
#213230 Hetzner Online GmbH

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_090324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=18974811&bnid=land_lg_090324_en&land=land_lg_090324_en&crID=2503010&zID=100169
Certificate
IssuerLet's Encrypt
Subject*.gamesrevenue.com
FingerprintB2:A3:99:AD:22:46:FC:93:41:E9:59:40:F5:09:B0:23:B7:5B:FA:67
ValidityWed, 13 Mar 2024 09:55:06 GMT - Tue, 11 Jun 2024 09:55:05 GMT

File type
ASCII text, with very long lines (15239)
Size
15 kB (15240 bytes)
Hash
b01fc426cbc4f33a52a28ee9ca2e2050
577332c8c5f62167ad432c5d20b3ca285e75c91e
d40fc3bebe2dc3c28f08f2f4f5a6059425ccc5541ada3f0945f7539e90374441

HTTP Headers

GET /px1.js HTTP/1.1
Host: ln.gamesrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:30:03 GMT
content-type: application/javascript
last-modified: Fri, 22 Dec 2023 10:12:56 GMT
etag: W/"65856128-3b88"
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (17)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash