| rivalbuffetdifferently.com/di83u4fvuk?key=25998a60c2848cded6f5b722d51121fa | 192.243.59.13 | | 1.3 kB |
URL rivalbuffetdifferently.com/di83u4fvuk?key=25998a60c2848cded6f5b722d51121fa IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document, ASCII text, with very long lines (410) Hash7004ad9ec318d4dab236c8a68c642b67 4c32c5e1750aad1f543f36aa16016388600987a3 04990eac43b892fd9b54d551eecf0bc4bc2c23cf0f4cfea038e380bf04dbe2ac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /di83u4fvuk?key=25998a60c2848cded6f5b722d51121fa HTTP/1.1
Host: rivalbuffetdifferently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 13:03:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=22508926; expires=Mon, 06 May 2024 13:03:10 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjUwODkyNiwiayI6IjI1OTk4YTYwYzI4NDhjZGVkNmY1YjcyMmQ1MTEyMWZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjAzNTAzLCJwaWQiOjEwMzg5OTIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzgsImFpZCI6MjgsInB0Ijo0LCJwayI6ImRpODN1NGZ2dWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.4-oSvsLhuz7gYQ4-4QyikNH3J_IGo85JRzDTmX3TwiQ; expires=Sun, 05 May 2024 13:04:10 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8adbe78429009d1149736d735b47670
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| rivalbuffetdifferently.com/api/users?token=L2RpODN1NGZ2dWs_a2V5PTI1OTk4YTYwYzI4NDhjZGVkNmY1YjcyMmQ1MTEyMWZhJnBzdD0xNzE0OTE0MjUwJnJtdGM9dCZzaHU9Y2NjNWMzODM2ZjRjYmNmMmIzZjU0ZTViN2ZkOWJiMjU1NTc1NDZjMzk4MTc0MWE0ODE2Y2UxYTFkNWMyNDRmMGQyYzMxZTM5NWM1YWI5MDAwOWQ0NzExMTMzZGMwMjMwN2IzNTk4NGQwODk1NWM5ZjJjZmQxZGIzMmQwM2ZkNzRmOGY2N2M3YTliMTE0ZjA3YTE5NmJjMTliMWVkNDQ3MTc1NTEwODUyNWI2MGFkNTdlNGZiYzM3MWYwZTZiYg&uuid=&pii=&in=false | 172.240.108.84 | 302 Found | 0 B |
URL User Request GET HTTP/1.1rivalbuffetdifferently.com/api/users?token=L2RpODN1NGZ2dWs_a2V5PTI1OTk4YTYwYzI4NDhjZGVkNmY1YjcyMmQ1MTEyMWZhJnBzdD0xNzE0OTE0MjUwJnJtdGM9dCZzaHU9Y2NjNWMzODM2ZjRjYmNmMmIzZjU0ZTViN2ZkOWJiMjU1NTc1NDZjMzk4MTc0MWE0ODE2Y2UxYTFkNWMyNDRmMGQyYzMxZTM5NWM1YWI5MDAwOWQ0NzExMTMzZGMwMjMwN2IzNTk4NGQwODk1NWM5ZjJjZmQxZGIzMmQwM2ZkNzRmOGY2N2M3YTliMTE0ZjA3YTE5NmJjMTliMWVkNDQ3MTc1NTEwODUyNWI2MGFkNTdlNGZiYzM3MWYwZTZiYg&uuid=&pii=&in=false IP172.240.108.84:443
CertificateIssuerLet's Encrypt Subjectrivalbuffetdifferently.com FingerprintB1:7E:41:4A:34:81:91:85:71:F8:6A:E8:59:9F:9F:FE:D5:CE:9E:56 ValidityFri, 29 Mar 2024 16:09:48 GMT - Thu, 27 Jun 2024 16:09:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L2RpODN1NGZ2dWs_a2V5PTI1OTk4YTYwYzI4NDhjZGVkNmY1YjcyMmQ1MTEyMWZhJnBzdD0xNzE0OTE0MjUwJnJtdGM9dCZzaHU9Y2NjNWMzODM2ZjRjYmNmMmIzZjU0ZTViN2ZkOWJiMjU1NTc1NDZjMzk4MTc0MWE0ODE2Y2UxYTFkNWMyNDRmMGQyYzMxZTM5NWM1YWI5MDAwOWQ0NzExMTMzZGMwMjMwN2IzNTk4NGQwODk1NWM5ZjJjZmQxZGIzMmQwM2ZkNzRmOGY2N2M3YTliMTE0ZjA3YTE5NmJjMTliMWVkNDQ3MTc1NTEwODUyNWI2MGFkNTdlNGZiYzM3MWYwZTZiYg&uuid=&pii=&in=false HTTP/1.1
Host: rivalbuffetdifferently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rivalbuffetdifferently.com/api/users?token=L2RpODN1NGZ2dWs_a2V5PTljYTYwMWE5ZjQ3YzczNWRmNzZkNWNhNDZmYTI2YTY2JnN1Ym1ldHJpYz0yMjUwODkyNg
Cookie: u_pl=22508926; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjUwODkyNiwiayI6IjI1OTk4YTYwYzI4NDhjZGVkNmY1YjcyMmQ1MTEyMWZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjAzNTAzLCJwaWQiOjEwMzg5OTIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzgsImFpZCI6MjgsInB0Ijo0LCJwayI6ImRpODN1NGZ2dWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.4-oSvsLhuz7gYQ4-4QyikNH3J_IGo85JRzDTmX3TwiQ; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sun, 05 May 2024 13:03:11 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://holdhostel.space/?6622842d7176c&ag_custom_domain=22508926
Set-Cookie: pdhtkv=true; expires=Mon, 06 May 2024 13:03:11 GMT
uncs=1; expires=Mon, 06 May 2024 13:03:11 GMT
pdhtkv28=true; expires=Mon, 06 May 2024 13:03:11 GMT
uncs28=1; expires=Mon, 06 May 2024 13:03:11 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9ce43df291ee06888f4610046b9e8ed
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn1.png | 104.21.58.193 | 200 OK | 6.9 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn1.png IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typePNG image data, 339 x 207, 8-bit colormap, non-interlaced Hasha67051906425835b13dc4292c6fe2ef7 c96b01fb21c60a17fad9e89f235fdb8809ffc43d f000409df7dd5222fc51cc35113519a133596c011f61bc5a7f65f9dcd2843a37
GET /lg/lg_0324/land_lg_140324_en/image/btn1.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/png
content-length: 6866
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-1ad2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 7149
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bsHfavxU%2Fk8V3tssqc5jguSvtD7PRF2jl%2FrCQGE2zVEsXgnALo5OatM4K5J279R6eZXX2qUVxzlRRCaaCFbeZdilxTivx9wffVdoSZL37nhJvjYVT1acAqGxBsY9migoKuR1%2FGiD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede4083a56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn2.png | 104.21.58.193 | 200 OK | 9.8 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn2.png IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typePNG image data, 339 x 207, 8-bit colormap, non-interlaced Hash8c7c430e736c07b069cf61a2870c7254 a1b6cf722997131aa569f2214df2ce8a9e6e5630 42269355807fe5c4d7dabbccff1cc602725b5ffccae86759412219b83198a180
GET /lg/lg_0324/land_lg_140324_en/image/btn2.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/png
content-length: 9771
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-262b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1441
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9OmUgae3yBSQ64EZAS1dwyGnJLNh42tCQQ5eMy8j9MuaXdW3bVFvyGWfjxksGaymgKREWeIySvQtYb8pdM%2B8GOO7jOOh4odFcO7ja5s7fo0aKbv6xCq8OcUKuI2t2jG4XvML68c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede4083b56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_close.jpg | 104.21.58.193 | 200 OK | 40 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_close.jpg IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3 Hash3d830c378aa76c9caa82a73805459893 4a48546372f2ef6311cbed974d536273bcfdd711 8d88b039c0e88133bd2f53dc2fef48ea2d8bdae4eb6e3162fec9db714f97adea
GET /lg/lg_0324/land_lg_140324_en/image/g1_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/jpeg
content-length: 40179
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-9cf3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 723
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Il1Sq9rBQh%2BxoweUfkLluWaFuzr%2BD01DmGX0ROQWqOOWLruw%2Bi4lbsdiRMI7T3NxMYsSxF17ooCWzTN46uBwVbbUo5NM%2FMua3WZyG%2BsyHmAI2J3HqNpkOnxgFB0QNqx8ziZcBYZ3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede67a9156a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_open.jpg | 104.21.58.193 | 200 OK | 84 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_open.jpg IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3 Hasha3efbcb7561dddaeb36ba22fb8fae56f a9363a7f6b6e9a5a6dcbb37a0abfa7bb3ab3ea1d d95424c3f3857c13ff9f6a957f805b188a568ce769b51ee9fe68c8fd3537b319
GET /lg/lg_0324/land_lg_140324_en/image/g1_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/jpeg
content-length: 84260
last-modified: Tue, 12 Mar 2024 16:35:34 GMT
etag: "65f08456-14924"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3570
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BHYm7UQcW3LuFD2gYW%2F2dHjRrmPvi9XdRfSBGitZqKw97ywqy8xvw1frMym38p%2Fmgx4rIdf4hO3%2B%2FCExOgLFkoinge2Yi1zuKNucrC%2BKz72HT%2BWq6jvwFrN5rF4WKOficMZrP2m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede67a8c56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ln.gamesrevenue.com/px1.js | 5.161.79.44 | 200 OK | 83 kB |
URL GET HTTP/2ln.gamesrevenue.com/px1.js IP5.161.79.44:443 ASN#213230 Hetzner Online GmbH
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subject*.gamesrevenue.com FingerprintB2:A3:99:AD:22:46:FC:93:41:E9:59:40:F5:09:B0:23:B7:5B:FA:67 ValidityWed, 13 Mar 2024 09:55:06 GMT - Tue, 11 Jun 2024 09:55:05 GMT
File typegzip compressed data, max speed, from Unix Hash27254bce10f8fab2003dd9925c7e71e0 3e5fb749f086b8fdd05e8308096c870b7019944c fb5b1e57c482d13c4dce2fb914a5a256fd1c1fd8bb34875835a6eda392fbb4f9
GET /px1.js HTTP/1.1
Host: ln.gamesrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:03:12 GMT
content-type: application/javascript
last-modified: Fri, 22 Dec 2023 10:12:56 GMT
etag: W/"65856128-3b88"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/scripts/main.js | 104.21.58.193 | 200 OK | 42 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/scripts/main.js IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeJavaScript source, ASCII text, with very long lines (521), with no line terminators Hash86f0754abfb6014908e557e6e268f3e2 4efa8a0c962e30bb7e314ad37a3f2c55b91052e6 70910209572bcf5a0ba1022d53bb9fe24d82ed842370c70234994dd2b29ba1a9
GET /lg/lg_0324/land_lg_140324_en/scripts/main.js HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:35:38 GMT
etag: W/"65f0845a-209"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2B8rIdrLysxAM2u0eM7jfL6l%2B7LBb%2BWfMI%2BHobH0eqeFlzMtLv5H%2BNVUqkbydk94nyJdQF24x5BaQS2AAIpw7%2FzUO9oTQC21FFuy3KO7innrluHFDGgAkEaGjYjpCD%2Bz%2FACvO%2Bj0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede4083d56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_open.jpg | 104.21.58.193 | 200 OK | 63 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_open.jpg IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3 Hashd837068776c28a251131d2c0138c5db4 bc8d3e395fa77a6b801f13d1c22ff159776cc430 a8364b19810c700ee3899c55089ca678291758ee0d62dbad821e2a6d73b08c93
GET /lg/lg_0324/land_lg_140324_en/image/g3_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/jpeg
content-length: 63206
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-f6e6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3570
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gRSnF%2FMo7jeG8SW4cDKIvad3rA1W0nRiCPpCFZtMCIvNbQIQJLTBUz1gEqEUkvsBlbDDfnipwQBmqdybpehiUZ5rMjL3JJl0AazlB3k8y9XkwkjSD%2FJsdZNRG5f1rxFJihExjnri"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede68aa556a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_close.jpg | 104.21.58.193 | 200 OK | 41 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_close.jpg IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3 Hashaa7031c41077d720cfc935e8de98de95 47aaf9ec464983016d35bb8150928c7f96cdff8c 6a49dc8fe71fafd7db501c43d96537be26a508a2c8a932ff8f03746bc9a55a83
GET /lg/lg_0324/land_lg_140324_en/image/g3_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/jpeg
content-length: 40609
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-9ea1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kF2dk%2FDNj2d1oaFwmGz9NMDQShMVcCfu9DLX0YF9TcyMxs8%2BGrMMgoD9VTlh8EdGIkDXApRnPrsNA4tNLVv2Ou9SqYU9jqFzf5WCBycKA714LDq3IzfYFsBPLAZWUA4SjlO%2BLJl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede68aad56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_open.jpg | 104.21.58.193 | 200 OK | 73 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_open.jpg IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3 Hashc37fec311feadcbd0c77987b383b0596 9a8f5df2805241f6bc484151dc31f3b72bb9a196 a61a23797d6b68ed79222d950596e90da320e59f8ee23e7eb776c94ee0d6734c
GET /lg/lg_0324/land_lg_140324_en/image/g4_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/jpeg
content-length: 72874
last-modified: Tue, 12 Mar 2024 16:35:36 GMT
etag: "65f08458-11caa"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tP3fHHHmrGZlmEq6wpHqiyRcNUJg8XCD%2B6L2OfAmrrwNQ6Y%2FdB8vRaDd6wPS%2Bh8prRFNXI3879agODjuIcJNovmuEswLyUchtP1QZq5n%2FuanMyDVKRywj0SCuUH%2Bva348VLx5q%2Fg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede69ab056a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_close.jpg | 104.21.58.193 | 200 OK | 41 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_close.jpg IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3 Hash4735a029efd2d2e8b15fab5879842219 82ac18ec8aae9a2cc311cdb3b92862e56d161f99 11c0bdd5fc2ba1dfea6ccaedded312f27fd5d5ddf21f24ee607ad05c2c0f197b
GET /lg/lg_0324/land_lg_140324_en/image/g4_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/jpeg
content-length: 40656
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-9ed0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5MGpZSgsuf%2BncM3VtNm0bjYO0mpwdc9FEEIy6EJHzN3wKUlbMRk%2FJHqfQclwzwKX8TFR1HLrPi9%2F%2FgN0w7POipq7JmOdwrzbAtsj4O3YyhqbbUTWPDhjKZdPuOqCBzUOZd6FdaF%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede69ab256a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/fav.png | 104.21.58.193 | 200 OK | 1.4 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/fav.png IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash10c5dd857fd3653492ef5eeaa86cd48b 193484a907a40d7b145af2136ef83bef593d2f21 a689201508b9dc7b2cc3049c7d89947f96a19790411506ecd6eb1875374fe329
GET /lg/lg_0324/land_lg_140324_en/image/fav.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/png
content-length: 1425
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-591"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6323
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TH4OgIkooZfdL2ZErq2sCwyRS6LfaRJqglHdDwkObYRSMSv3fCqJy16V6bO%2F9OUJtgOAxOT0F0ZNwRECStutO1lYtr9sSnbxcOqlA63Vj76hkWlinXYPnku1ggZdCNmBff%2BvJSzT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede72b4f56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 5.8 kB |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typegzip compressed data, max speed, from Unix Hashaa33725c2d0a3d1c2f9c878d64914807 6e83d13ec860384a977738b04ff0891a01ab519a fe412eadb3dc9820ec6cab7cb62349be057c509e34f7e2de6d23b28eacc98bfd
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:03:29 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=Bhf5P09XgT66V-EL1lm-R0YNEKdZn2yiuzU--JN7tk70XrML-bn2-e_BQkL8OTJ3JjKJUoj47g892FxhAQIUWUF49AOgOShK9wEQPzjU4A387vUiH7iMKGIBfI_Yh6Nk
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_open.jpg | 104.21.58.193 | 200 OK | 80 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_open.jpg IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3 Hash12e061b10b2c654a24ea704af3aaec43 9c506625e1fa700f0e6522cced2a53b0cde2bd54 d321fc26bb399bd642b1a3ae059a03308d286526e6b87a9cb37ba63833673372
GET /lg/lg_0324/land_lg_140324_en/image/g2_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/jpeg
content-length: 79598
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-136ee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSMILiW9F39J9AiTDq8sdPpFsSnQge6rTTHz%2BtfXFXx9gi0BDFOo5%2F%2FqGW1ht2%2Ftzs2MFQpYnPSZXpANhRP%2BbgbG9oYrKDamB9Gw%2BonYZxJ5cz9pSlV0VbDCg8JsIjWrYa9aE96H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede68aa356a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_close.jpg | 104.21.58.193 | 200 OK | 42 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_close.jpg IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3 Hash955f59a0876a28b432c71c0d274727c7 789778a09f2fa8f8bd24be2bb781914f5070dd3d 40e8cd16f27d5d6a0cfd007881651ef8acd93ba95423c05741bc410454eabf40
GET /lg/lg_0324/land_lg_140324_en/image/g2_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: image/jpeg
content-length: 41478
last-modified: Tue, 12 Mar 2024 16:35:34 GMT
etag: "65f08456-a206"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3570
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJ%2BLlFUBg1MBNgKhFXGvm6H71%2FO9QqenaTJqXPVTAZrljW3piHPVUyhmrCSS46YDlWCWQzpcwUqtoqLJKuFlrbRNttrkVXpvZa7UYYbtlLbCVIcHXXdCV%2B8tDu5yvDxyjoXSrVDC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede68aa456a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css | 104.21.58.193 | 200 OK | 3.3 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeASCII text, with very long lines (3548), with no line terminators Hashaac1493fdaa516c07b05dc277adf9047 40c8ee3e4d54dfff6dcaea969bcad3d20ec9b796 8f9a48a298195eefb30fffd1c8d458eac7ecc2503a77ba8a5bc47bad68b61c37
GET /lg/lg_0324/land_lg_140324_en/css/main.css HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: text/css
last-modified: Tue, 12 Mar 2024 16:35:32 GMT
etag: W/"65f08454-ce3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1441
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LE5vAC2sOMQzChKMokupSw9n7NUPwtu0n7bUu3Ar9U%2BWEJQSyph0PVq5KGOmvk2Y7bmbfbT0xmPjRZ0nKJMmwA5BkwbphEcozUj9rOOuThdVpBWC49eWzULXELJWOR69%2FCp1WrPX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede4083656a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/libs/jquery.min.js | 104.21.58.193 | 200 OK | 87 kB |
URL GET HTTP/3theeverydaygame.com/lg/lg_0324/land_lg_140324_en/libs/jquery.min.js IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /lg/lg_0324/land_lg_140324_en/libs/jquery.min.js HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:35:38 GMT
etag: W/"65f0845a-1538f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkF%2BC%2F9MChYBrDElNx1GXItnSKSpK2yFPovjzFxR2%2F2sLYtIqZdf38goHJWkMaQ2KSU19pSAiuUaaKH133NpZG0LZ0mEqGxe%2BVfa9ih%2FVnUf9RBaQAjjuK%2BwxBJlUvdxr0XPmik9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede4083856a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 | 104.21.58.193 | 200 OK | 2.2 kB |
URL User Request GET HTTP/2theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 IP104.21.58.193:443
CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeHTML document, ASCII text, with very long lines (2342), with no line terminators Hashe56849a0e4bef722575de5e91acce339 0284ec5f58f86360b4e3ce6faea0bccd68f8f567 07ed1121b6dd0e04dc79ee23caee510e1cdec6e3be2104aea98bddf82f7f7dc5
GET /lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivalbuffetdifferently.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:03:11 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5MfGqef6cI1wn9HBwJt8HRowvINjfwJoKPqd2A5gSRfenQfx8iOtvFivda3BV%2BAD%2F1d8NqL8%2FAt4Wgne8LpftEBf9ks2hTBCImHn3FEwKgqWhho2mfhIh13aHHBS1s4V%2B0vtFcvU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f0ede22dfb56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| holdhostel.space/?6622842d7176c&ag_custom_domain=22508926 | 172.67.192.172 | 302 Found | 2.2 kB |
URL User Request GET HTTP/2holdhostel.space/?6622842d7176c&ag_custom_domain=22508926 IP172.67.192.172:443
CertificateIssuerGoogle Trust Services LLC Subjectholdhostel.space Fingerprint30:62:41:BC:7C:17:FC:EE:0D:5B:5B:39:AE:06:1C:8A:08:6D:67:D6 ValiditySat, 20 Apr 2024 18:12:17 GMT - Fri, 19 Jul 2024 18:12:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?6622842d7176c&ag_custom_domain=22508926 HTTP/1.1
Host: holdhostel.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivalbuffetdifferently.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 05 May 2024 13:03:11 GMT
content-type: text/html
location: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
set-cookie: c_2022b6829ad3bc8a5d74a4bfe5cf4db8=1; Expires=Mon, 06-May-24 13:03:11 GMT; Domain=holdhostel.space; Path=/; Secure; SameSite=None
z_dd834028817d054ef3568898fa07ee8f=1; Expires=Mon, 06-May-24 13:03:11 GMT; Domain=holdhostel.space; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c6lKFdvW8cd726o8Ox90TFPyWHLOTNYa5VHxiB7gf0MkTpwE%2BGlJc0GUhT3rZ95H7hrwiu3mONu%2FRciMAtsPuuQldkXw6na%2BCpX1FrlXnSxOALWc5l0X659LrZ304N%2BmxBZc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f0ede15d4b0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| theeverydaygame.com/awpx_click.js?v=005 | 104.21.58.193 | 200 OK | 1.5 kB |
URL GET HTTP/3theeverydaygame.com/awpx_click.js?v=005 IP104.21.58.193:443
Requested byhttps://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169 CertificateIssuerLet's Encrypt Subjecttheeverydaygame.com FingerprintE1:71:71:8C:28:0C:89:C4:6F:BD:61:EF:AB:FE:37:B3:65:12:2B:39 ValidityMon, 29 Apr 2024 16:57:53 GMT - Sun, 28 Jul 2024 16:57:52 GMT
File typeASCII text, with very long lines (1544), with no line terminators Hash684379265eb9f58cc45bc0d82f0db964 dcceb2eb66dd485a8df52da17210e1ea660354ee 45f7be3af362b2f0b894e51e8394ecc08066d8b9004fb095ba7665edbd8ce078
GET /awpx_click.js?v=005 HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/index.html?utm_campaign=pu_lg_terra_no_adult&utm_medium=click&utm_source=pu&utm_content=22508926&bnid=land_lg_140324_en&land=land_lg_140324_en&crID=2503015&zID=100169
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:03:12 GMT
content-type: application/javascript
last-modified: Thu, 09 Mar 2023 09:49:36 GMT
etag: W/"6409abb0-5d2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4941
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHUut%2FbJlROUwi8vC8TfnH6DNwuFyR28uU18A2g0UsoYUpONqXuQqiF0sTHhJljroCYgD%2BWgzGVSB54e81wEKNsaQQ6JyB%2F5%2BemiZhXAjPkPuhn1sCs3gqmlQcr8%2BgxA7XYTldT0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0ede4083956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|