Report - vpn.nicknow.net/

Report Overview

Visited public
2023-12-05 12:46:25
Tags
URL
vpn.nicknow.net/
Finishing URL
eatcells.com/
IP / ASN
167.99.150.241
#14061 DIGITALOCEAN-ASN
Title
IO online multiplayer action game. Survive and grow eating other players cells.

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.afilmywap.org.im	unknown	unknown	No data	No data	4.9 kB	100 kB	104.21.35.99
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-04 18:39:56	443 B	422 B	18.157.140.81
explosivegleameddesigner.com	unknown	2023-11-28	2023-11-28 12:48:47	2023-12-03 08:29:41	1.2 kB	3.4 kB	173.233.137.52
eatcells.com	438054	2018-08-16	2018-08-23 02:04:03	2023-12-05 05:41:56	9.7 kB	680 kB	94.130.177.84
www.icone-png.com	unknown	2013-09-26	2017-01-31 14:45:07	2023-12-05 08:44:59	438 B	44 kB	194.150.236.240
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-12-05 05:18:59	1.0 kB	137 kB	104.18.11.207
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-05 06:24:59	1.8 kB	303 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-05 06:14:20	1.1 kB	50 kB	216.58.207.227
conqueredallrightswell.com	unknown	2023-11-14	2023-11-16 20:49:45	2023-12-04 15:51:10	2.5 kB	16 kB	192.243.59.13
unfortunatecatch.com	unknown	2023-04-27	2023-04-27 14:06:17	2023-12-02 22:31:09	657 B	605 B	88.85.94.240
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-05 07:37:50	441 B	2.4 kB	142.250.74.106
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-05 11:45:58	350 B	940 B	54.230.218.11
sillinesslibraryflip.com	unknown	2023-08-30	2023-08-30 08:26:17	2023-11-24 07:42:32	453 B	12 kB	192.243.59.12
saycaptain.com	unknown	unknown	No data	No data	2.7 kB	26 kB	192.243.59.12
vpn.nicknow.net	unknown	unknown	No data	No data	2.3 kB	22 kB	167.99.150.241

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	sillinesslibraryflip.com	Sinkholed
2023-12-05	medium	saycaptain.com	Sinkholed
2023-12-05	medium	saycaptain.com	Sinkholed
2023-12-05	medium	explosivegleameddesigner.com	Sinkholed
2023-12-05	medium	conqueredallrightswell.com	Sinkholed
2023-12-05	medium	conqueredallrightswell.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	eatcells.com/	ScriptElement	661 B	2023-03-13	2025-03-14
Pretty URL eatcells.com/ IP 94.130.177.84 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 10:24 Last Seen2025-03-14 02:28 Times Seen367 Hash 6658153b9972a62f00c72c3f02d5d151 01371da660c1055c93cc325096f0d3037dd7171f 2d27c8d667be0a7aa6c1fc102702771c3f2d35c6029ae98947d9f9a3e3f06cab Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 06:00 Times Seen340564 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	eatcells.com/assets/js/new_quadtree.js	ScriptElement	3.6 kB	2023-03-13	2025-03-14
Pretty URL eatcells.com/assets/js/new_quadtree.js IP 94.130.177.84 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:24 Last Seen2025-03-14 02:28 Times Seen371 Hash 97535307fed0d8618244e4d8c19ee53f a58c1a5deed12f5c7898262e74c380377cdd95ba 51faf127356027d068fa984e84e4fe2dcbe3d748f73fc3fb7944310c08b8187e Loading...

	www.googletagmanager.com/gtag/js?id=UA-136886237-1	ScriptElement	191 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=UA-136886237-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 13:46 Last Seen2023-12-05 13:46 Times Seen1 Hash c35d81fdc3d77487836cc21e3cd5d3a2 e61143c4a4c8da6af56441386ffaff6f932f10b2 bf5a12a355d10ac20b07c938cbaf03dc5765dcb2c2f47db2125fe38d020ccc9f Loading...

	www.googletagmanager.com/gtag/js?id=G-7KY1EBYBZS&l=dataLayer&cx=c	ScriptElement	229 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-7KY1EBYBZS&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 13:46 Last Seen2023-12-05 13:46 Times Seen1 Hash 6eb50c42bc1ca95033fbdb269f84f201 7c961d4cc8a5d127ea8e3471eea1af657e414a22 2d491c5f8836428f19e297e59d6f0fd27c29fd465a4e820e6f8909ab63c6d52e Loading...

	eatcells.com/assets/js/new_main_out4.js?3512341123	ScriptElement	66 kB	2023-03-13	2025-03-14
Pretty URL eatcells.com/assets/js/new_main_out4.js?3512341123 IP 94.130.177.84 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:24 Last Seen2025-03-14 02:28 Times Seen371 Hash a09324e4f90b9d6437ded27984bfd1c9 654f526654aa638af0c7cfb378139b8bc0e9b25c 3fe37eefb8e3c4306bb7614aa524baba49a90960a7598053fee3f1d14af05fc7 Loading...

	eatcells.com/	ScriptElement	203 B	2023-03-13	2025-03-14
Pretty URL eatcells.com/ IP 94.130.177.84 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 10:24 Last Seen2025-03-14 02:28 Times Seen367 Hash 2a828610eb10e6505d75b9b6d0bcc7bb 6718a16fbb1ac4d27e1b883cb7f8928d435cabb4 f9ebd1b1ec1c92605c287ae9332c0e67576310e40bc9b0c313f4f549f5f1c78b Loading...

	eatcells.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL eatcells.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 06:00 Times Seen341364 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

		Size	First Seen	Last Seen
	#1 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08 14:23	2025-05-06 08:36
Pretty Observations First Seen2023-03-08 14:23 Last Seen2025-05-06 08:36 Times Seen675 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	#2 Eval - a547c0e44f4626333eb6e5e617640f7b	471 B	2023-12-05 13:46	2024-08-20 16:41
Pretty Observations First Seen2023-12-05 13:46 Last Seen2024-08-20 16:41 Times Seen2 Hash a547c0e44f4626333eb6e5e617640f7b 5f3a4f428ac91db47b13d0feaa05cfb27e32f344 40f874c9ee06b9b57e692b9ed8439e6296a5f20e0e1ac9a5ae7e1b66f1585881 Loading...

		Size	First Seen	Last Seen
	#1 Write - 68c110930e3e6dbb9436c5f83528974c	116 B	2023-12-05 13:46	2024-08-20 16:41
Pretty Observations First Seen2023-12-05 13:46 Last Seen2024-08-20 16:41 Times Seen2 Hash 68c110930e3e6dbb9436c5f83528974c 6e7ca603460db3d313b5baf592a5052193cfe9e4 dc42bb90d2009ce7049f45e0dbeb4ce755e9cbab6ff26c7df357e2fa0cdfa6c3 Loading...

HTTP Transactions (54)

URL IP Response Size

vpn.nicknow.net/

167.99.150.241

5.5 kB

URL
vpn.nicknow.net/
IP
167.99.150.241:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24978)
Size
5.5 kB (5499 bytes)
Hash
67467b3543b5218546f26088fd0578b8
a8dd25c71614076914a792640555c4cee797051e
5513d0875271f9b43066ea505344a683689df82570f0a9d3e9f7065105d48015

HTTP Headers

GET / HTTP/1.1
Host: vpn.nicknow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 12:46:05 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5499
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

vpn.nicknow.net/assets/ads/abehnew/floating.js

167.99.150.241

3.6 kB

URL
vpn.nicknow.net/assets/ads/abehnew/floating.js
IP
167.99.150.241:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text, with very long lines (4214)
Size
3.6 kB (3636 bytes)
Hash
083b4d1076021baf0ff391b5065f5e2d
3c8da74a6f15b6e5e3708c0f67282898f95ed238
42479fd54852ec4aa3be2ea3444dfd60104ea4cc77725f68c2e6271481bd3020

HTTP Headers

GET /assets/ads/abehnew/floating.js HTTP/1.1
Host: vpn.nicknow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 12:46:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 28 Nov 2023 13:27:06 GMT
ETag: "24d5-60b365ff07e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3636
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

vpn.nicknow.net/templates/images/hot.gif

167.99.150.241

152 B

URL
vpn.nicknow.net/templates/images/hot.gif
IP
167.99.150.241:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 22 x 11\012- data
Size
152 B (152 bytes)
Hash
1c3d68c688c79d6c078f1cb0bb5c7d10
f145d056e277041aa4129fe7d9dce44736785349
9733310b3f270734c03f091d49c23fc7061a336de394c321a2ffea826332564c

HTTP Headers

GET /templates/images/hot.gif HTTP/1.1
Host: vpn.nicknow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 12:46:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 07 Dec 2023 12:46:06 GMT
Content-Length: 152
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

vpn.nicknow.net/templates/images/arrow.png

167.99.150.241

2.9 kB

URL
vpn.nicknow.net/templates/images/arrow.png
IP
167.99.150.241:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2851 bytes)
Hash
e882c48b92224ceff2ae285c946b3332
86781de9874acd014b3fd0a32e9ae1914c04a64a
3839e1ea58f1104a315e41c0a7bc2ab712e3304a3198096d0132dd003fe7fe8a

HTTP Headers

GET /templates/images/arrow.png HTTP/1.1
Host: vpn.nicknow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 12:46:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 07 Dec 2023 12:46:06 GMT
Content-Length: 2851
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

vpn.nicknow.net/templates/images/Telegram-Channel.png

167.99.150.241

8.4 kB

URL
vpn.nicknow.net/templates/images/Telegram-Channel.png
IP
167.99.150.241:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 500 x 88, 8-bit colormap, non-interlaced\012- data
Size
8.4 kB (8435 bytes)
Hash
1ed644ab2b07d3d9b1d9da8908cf0fc7
a85d8e241154db0f2eb1a3dae3ad47978f1310b4
e765c8068c3e196feb80e7366a22762e7d583ae84cf209d7bcfb376350b27e5e

HTTP Headers

GET /templates/images/Telegram-Channel.png HTTP/1.1
Host: vpn.nicknow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 12:46:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 07 Dec 2023 12:46:06 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/png

www.googletagmanager.com/gtag/js?id=UA-237442725-1

142.250.74.168

69 kB

URL
www.googletagmanager.com/gtag/js?id=UA-237442725-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4179)
Size
69 kB (69022 bytes)
Hash
c87403932c04beaf5150b159f645dc6f
e75613498319b525b6b98b11bc853d30179ccd12
8edba38921bd9951831cf22512cd314130784d6f88255cdd7c79b7fbc5494c5d

HTTP Headers

GET /gtag/js?id=UA-237442725-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 12:46:07 GMT
expires: Tue, 05 Dec 2023 12:46:07 GMT
cache-control: private, max-age=900
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69022
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-EWJ3EXZJP4&l=dataLayer&cx=c

142.250.74.168

81 kB

URL
www.googletagmanager.com/gtag/js?id=G-EWJ3EXZJP4&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5955)
Size
81 kB (81235 bytes)
Hash
757692777001a10e0882c7a47ebd2e9d
40a94eb6c9ad9173741845a5c81a3f740df52391
829b7a27c87d3ab8e10b0e91ea2aa0f3b1198be85a4b15dcc21ab78f0182931e

HTTP Headers

GET /gtag/js?id=G-EWJ3EXZJP4&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 12:46:07 GMT
expires: Tue, 05 Dec 2023 12:46:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81235
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sillinesslibraryflip.com/8438b16ee31e72c66f3abda855a57488/invoke.js

192.243.59.12

11 kB

URL
sillinesslibraryflip.com/8438b16ee31e72c66f3abda855a57488/invoke.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (29620), with no line terminators
Size
11 kB (10938 bytes)
Hash
2c98ce35b91ef888573d687fd70a459b
e464f90b5f159a24fa744ede40d7fcf8478f2cc5
01c83e023c3c2bac00d8085bf8bd85deb63adf1f5528ffd7940d104ea3c2bcfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8438b16ee31e72c66f3abda855a57488/invoke.js HTTP/1.1
Host: sillinesslibraryflip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 05 Dec 2023 12:46:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9df0bacb38886298a40f05f83411d6b3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.afilmywap.org.im/files/images/poster/Mehbooba_(2023)_HotX_Hindi_Short_Film.jpg

104.21.35.99

2.2 kB

URL
www.afilmywap.org.im/files/images/poster/Mehbooba_(2023)_HotX_Hindi_Short_Film.jpg
IP
104.21.35.99:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
2.2 kB (2171 bytes)
Hash
7179e7713a45147cc611d69e0e8069e5
270b7c7722333f533aab08f6ad445f1eeff44f96
b71a5236f87cfbec3f1fc0a3930aff68b6ba3172e62f1f188b7939d5a29565b8

HTTP Headers

GET /files/images/poster/Mehbooba_(2023)_HotX_Hindi_Short_Film.jpg HTTP/1.1
Host: www.afilmywap.org.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Tue, 05 Dec 2023 12:46:08 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niiI%2FrrZVQs2Kuk31MUheAzdS%2BlLgxTd4gRa4Eg2OJB4L2WRAduGKq%2FjJD3%2Ftoe5WUjrl7LxlrSGyIX7wVeiMMLVqJmqH7%2BdX91h0sCHq1TTCgfhjuCm5a2V9Yo5DwPc1Ra3J5kHSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c63e5be93b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
24a776b1f2e9d3fff472472cff5e9b16
38a6b9ce7b18c9204f5ace875325ca74c863d1a9
108f3caa2c7db8c122fcea5f02f4f0f1e058d4da8e913dc2b4e8ace4e5a50e81

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 05 Dec 2023 12:46:08 GMT
Last-Modified: Tue, 05 Dec 2023 12:45:15 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oChayzM2FXLmjLjbFuEk8VJ-kcZRYPL1uL6klisP1FPc-QlnE6UN4g==
Age: 53

www.afilmywap.org.im/templates/css/lite.min.css

104.21.35.99

3.7 kB

URL
www.afilmywap.org.im/templates/css/lite.min.css
IP
104.21.35.99:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (12605)
Size
3.7 kB (3703 bytes)
Hash
530b09f379e3f0444a4e1e10e9b7f6c4
4aded571ec76fca01c8fe0a8d29bf96f8342102c
2e883434a4a40783d39983eb942441735272adb824196911ca8ea2c10decda5a

HTTP Headers

GET /templates/css/lite.min.css HTTP/1.1
Host: www.afilmywap.org.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:46:06 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Oct 2023 07:07:17 GMT
expires: Fri, 29 Dec 2023 18:34:34 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 497492
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjqleJ13b2cmAhDKvCSWX92SHEfdLfa8MPqwk95bkHkb1eKfiLYTyaN8wi9HylmahrcE2AT%2FM2%2F9F9GeEMDbxlOPJkNU1W7%2B7%2BjogKNvQrKgbkOY6kUufIXXYT2tsjtAFg7vK7MR%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c63d9ff88712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.140.81

40 B

URL
proftrafficcounter.com/stats
IP
18.157.140.81:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
957de34ee153fb094600e9bf3407dc2b
11465c9b4e3ab6f0ac3283234e88d4eb72d305d2
50cc6c36cf65a2f3956b91da2b7f51d5692d3a0b858a352eb5ac3e1c46117bcc

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vpn.nicknow.net
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:46:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vpn.nicknow.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=0dba31b6-dec7-4440-a0a3-0d80f3cc3ba1:3:1; expires=Fri, 02 Dec 2033 12:46:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.afilmywap.org.im/templates/images/afilmywap.png

104.21.35.99

17 kB

URL
www.afilmywap.org.im/templates/images/afilmywap.png
IP
104.21.35.99:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
17 kB (16598 bytes)
Hash
9c9480806e489040622cf4682f34d33b
8623b944620865b1fdd7cbd94944146760c4f007
650ceb1402b48ab3264d2c6e13adf3a41131e6c6bb6bc64e83715a6f1cb326db

HTTP Headers

GET /templates/images/afilmywap.png HTTP/1.1
Host: www.afilmywap.org.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Tue, 05 Dec 2023 12:46:08 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eICydecTX7uaWjH4ttziEXYL0HPBI%2B6643KCb7mD9718jfhQu0r8itrUHx1HaSXgpGOC457E5z9%2BOSZ5G30OxNMbJVCfioU7lqRgIM4ylUgXdg8ksCH6smeWIWCTqM2WBo6JX62LBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c63e54e1cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

saycaptain.com/41/62/33/416233760c91888ce7d67e94a749c8b6.js

192.243.59.12

23 kB

URL
saycaptain.com/41/62/33/416233760c91888ce7d67e94a749c8b6.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59565)
Size
23 kB (23433 bytes)
Hash
f7cae06c3146ed443511a118ba386779
401e9af506677c394dc37720c2d67df377027cb1
f43badcee91172176f73fe255877d4a7ea44fb5691611e8f47f3b2f1d6774ed2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /41/62/33/416233760c91888ce7d67e94a749c8b6.js HTTP/1.1
Host: saycaptain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 05 Dec 2023 12:46:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_AN-1159_new=0; expires=Sat, 09 Dec 2023 16:46:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f0e922d7fa5e29da95b5021b37997ca2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.afilmywap.org.im/files/images/poster/Aitraaz_(2023)_Part_2_Jalva_Hindi_Web_Series.jpg

104.21.35.99

3.8 kB

URL
www.afilmywap.org.im/files/images/poster/Aitraaz_(2023)_Part_2_Jalva_Hindi_Web_Series.jpg
IP
104.21.35.99:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
3.8 kB (3776 bytes)
Hash
d661dd18557c311c8d79edf79fea5a18
7a8ded36b476c64a067b8d0252d1e82b96fa1a3f
513868db96ddca911ef47c16f13d3b62ea2d4574b29d258738b590907345a52d

HTTP Headers

GET /files/images/poster/Aitraaz_(2023)_Part_2_Jalva_Hindi_Web_Series.jpg HTTP/1.1
Host: www.afilmywap.org.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Tue, 05 Dec 2023 12:46:08 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BpSuwAuuNApm5icegCU6ilPGnd%2B5obkTjnFT01DdEdjS%2FKyFFae%2Fl%2B%2B16D8G3xjk2YHlg2zw20TAvZ65578Yr36yNL0ZxlvGEYA2Sps1YuDWzkyjfRwcX7mwtH9MgSrTyv0NWya%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c63e59e69b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

saycaptain.com/watch.741052185982.js?key=8438b16ee31e72c66f3abda855a57488&kw=%5B%22afilmywap%22%2C%22-%22%2C%22new%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22latest%22%2C%22bollywood%22%2C%22movies%22%2C%22full%22%2C%22movies%22%2C%22hollywood%22%2C%22hindi%22%2C%22movies%22%2C%22malayalam%22%2C%22movies%22%2C%22download%22%2C%22south%22%2C%22indian%22%2C%22hindi%22%2C%22dubbed%22%2C%22movies%22%2C%22dual%22%2C%22audio%22%2C%22movies%22%2C%22punjabi%22%2C%22movies%22%2C%22bengali%22%2C%22movies%22%2C%22download%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22download%22%5D&refer=https%3A%2F%2Fvpn.nicknow.net%2F&tz=0&dev=e&res=14.3095&uuid=0dba31b6-dec7-4440-a0a3-0d80f3cc3ba1%3A3%3A1&shu=5d9310f893000686786cd1ce65a152e9b6fd23fd19c0261ea4365727095e5d27c66f5b9c21ff9056c92d471b3a17ec1bcbd4912e7dca02790786ea310a2457e0753b99f1f9bc37655929a022b834fcc081a6e8890f1f380783f27f9be5f7b4&pst=1701780428&rmtc=t

192.243.59.12

641 B

URL
saycaptain.com/watch.741052185982.js?key=8438b16ee31e72c66f3abda855a57488&kw=%5B%22afilmywap%22%2C%22-%22%2C%22new%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22latest%22%2C%22bollywood%22%2C%22movies%22%2C%22full%22%2C%22movies%22%2C%22hollywood%22%2C%22hindi%22%2C%22movies%22%2C%22malayalam%22%2C%22movies%22%2C%22download%22%2C%22south%22%2C%22indian%22%2C%22hindi%22%2C%22dubbed%22%2C%22movies%22%2C%22dual%22%2C%22audio%22%2C%22movies%22%2C%22punjabi%22%2C%22movies%22%2C%22bengali%22%2C%22movies%22%2C%22download%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22download%22%5D&refer=https%3A%2F%2Fvpn.nicknow.net%2F&tz=0&dev=e&res=14.3095&uuid=0dba31b6-dec7-4440-a0a3-0d80f3cc3ba1%3A3%3A1&shu=5d9310f893000686786cd1ce65a152e9b6fd23fd19c0261ea4365727095e5d27c66f5b9c21ff9056c92d471b3a17ec1bcbd4912e7dca02790786ea310a2457e0753b99f1f9bc37655929a022b834fcc081a6e8890f1f380783f27f9be5f7b4&pst=1701780428&rmtc=t
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (603)
Size
641 B (641 bytes)
Hash
d9974c3d14df2c99d9f065789c70fae7
87a0e7142ccee2eac85eb641b59a025c6ddd70a2
746a6819f5515e6b8b1a8af7748aa8812333f97a314affc4ed289ccca73b7df2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.741052185982.js?key=8438b16ee31e72c66f3abda855a57488&kw=%5B%22afilmywap%22%2C%22-%22%2C%22new%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22latest%22%2C%22bollywood%22%2C%22movies%22%2C%22full%22%2C%22movies%22%2C%22hollywood%22%2C%22hindi%22%2C%22movies%22%2C%22malayalam%22%2C%22movies%22%2C%22download%22%2C%22south%22%2C%22indian%22%2C%22hindi%22%2C%22dubbed%22%2C%22movies%22%2C%22dual%22%2C%22audio%22%2C%22movies%22%2C%22punjabi%22%2C%22movies%22%2C%22bengali%22%2C%22movies%22%2C%22download%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22download%22%5D&refer=https%3A%2F%2Fvpn.nicknow.net%2F&tz=0&dev=e&res=14.3095&uuid=0dba31b6-dec7-4440-a0a3-0d80f3cc3ba1%3A3%3A1&shu=5d9310f893000686786cd1ce65a152e9b6fd23fd19c0261ea4365727095e5d27c66f5b9c21ff9056c92d471b3a17ec1bcbd4912e7dca02790786ea310a2457e0753b99f1f9bc37655929a022b834fcc081a6e8890f1f380783f27f9be5f7b4&pst=1701780428&rmtc=t HTTP/1.1
Host: saycaptain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vpn.nicknow.net
Referer: https://vpn.nicknow.net/
DNT: 1
Connection: keep-alive
Cookie: u_pl=20050023; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDA1MDAyMywiayI6Ijg0MzhiMTZlZTMxZTcyYzY2ZjNhYmRhODU1YTU3NDg4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzkyNzMzLCJwaWQiOjI0OTczLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJkczQ2M3hhNW5jIiwiY3BrcyI6eyIyOCI6IjQxNjIzMzc2MGM5MTg4OGNlN2Q2N2U5NGE3NDljOGI2In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3Zwbi5uaWNrbm93Lm5ldC8iLCJhciI6W119fQ.Yu7BDM2HqI-2RAF68TMLqwBLJc2LfdubzfSv7kPZwvk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 05 Dec 2023 12:46:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://vpn.nicknow.net
Access-Control-Allow-Origin: https://vpn.nicknow.net
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0dba31b6-dec7-4440-a0a3-0d80f3cc3ba1:3:1; expires=Tue, 12 Dec 2023 12:46:09 GMT; secure; SameSite=None
iprcee5c52035b4119544d2a40a04e595562=2004370; expires=Wed, 06 Dec 2023 14:46:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 06 Dec 2023 12:46:09 GMT; secure; SameSite=None
uncs=1; expires=Wed, 06 Dec 2023 12:46:09 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 06 Dec 2023 12:46:09 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 06 Dec 2023 12:46:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d82bd78618b411fe94734e302044a9b4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

explosivegleameddesigner.com/watch.828860656175?key=f34a2b077d81aadd3ffab44af1d61e17&kw=%5B%22afilmywap%22%2C%22-%22%2C%22new%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22latest%22%2C%22bollywood%22%2C%22movies%22%2C%22full%22%2C%22movies%22%2C%22hollywood%22%2C%22hindi%22%2C%22movies%22%2C%22malayalam%22%2C%22movies%22%2C%22download%22%2C%22south%22%2C%22indian%22%2C%22hindi%22%2C%22dubbed%22%2C%22movies%22%2C%22dual%22%2C%22audio%22%2C%22movies%22%2C%22punjabi%22%2C%22movies%22%2C%22bengali%22%2C%22movies%22%2C%22download%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22download%22%5D&refer=https%3A%2F%2Fvpn.nicknow.net%2F&tz=0&dev=e&res=14.3095&uuid=0dba31b6-dec7-4440-a0a3-0d80f3cc3ba1%3A3%3A1

173.233.137.52

1.6 kB

URL
explosivegleameddesigner.com/watch.828860656175?key=f34a2b077d81aadd3ffab44af1d61e17&kw=%5B%22afilmywap%22%2C%22-%22%2C%22new%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22latest%22%2C%22bollywood%22%2C%22movies%22%2C%22full%22%2C%22movies%22%2C%22hollywood%22%2C%22hindi%22%2C%22movies%22%2C%22malayalam%22%2C%22movies%22%2C%22download%22%2C%22south%22%2C%22indian%22%2C%22hindi%22%2C%22dubbed%22%2C%22movies%22%2C%22dual%22%2C%22audio%22%2C%22movies%22%2C%22punjabi%22%2C%22movies%22%2C%22bengali%22%2C%22movies%22%2C%22download%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22download%22%5D&refer=https%3A%2F%2Fvpn.nicknow.net%2F&tz=0&dev=e&res=14.3095&uuid=0dba31b6-dec7-4440-a0a3-0d80f3cc3ba1%3A3%3A1
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1880)
Size
1.6 kB (1609 bytes)
Hash
a1d26b8f19ba65fa8c6fd1feea7b0fdd
2791a847f527ff7b035dd2404439de6e7baaae6c
b29880e9f2ecb161202ee4919d62c98ea235c080bf4e7a2ff3400d1641b05b54

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.828860656175?key=f34a2b077d81aadd3ffab44af1d61e17&kw=%5B%22afilmywap%22%2C%22-%22%2C%22new%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22latest%22%2C%22bollywood%22%2C%22movies%22%2C%22full%22%2C%22movies%22%2C%22hollywood%22%2C%22hindi%22%2C%22movies%22%2C%22malayalam%22%2C%22movies%22%2C%22download%22%2C%22south%22%2C%22indian%22%2C%22hindi%22%2C%22dubbed%22%2C%22movies%22%2C%22dual%22%2C%22audio%22%2C%22movies%22%2C%22punjabi%22%2C%22movies%22%2C%22bengali%22%2C%22movies%22%2C%22download%22%2C%22hd%22%2C%22mp4%22%2C%22movies%22%2C%22download%22%5D&refer=https%3A%2F%2Fvpn.nicknow.net%2F&tz=0&dev=e&res=14.3095&uuid=0dba31b6-dec7-4440-a0a3-0d80f3cc3ba1%3A3%3A1 HTTP/1.1
Host: explosivegleameddesigner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 05 Dec 2023 12:46:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=20050017; expires=Wed, 06 Dec 2023 12:46:09 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDA1MDAxNywiayI6ImYzNGEyYjA3N2Q4MWFhZGQzZmZhYjQ0YWYxZDYxZTE3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzkyNzMzLCJwaWQiOjI0OTczLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjUsInB0Ijo0LCJwayI6Im10eGFxdDhubTYiLCJjcGtzIjp7IjI5IjoiOTk1NWUyNGI5ZmM4ZmU2MWFjMzNhOGVhMTFmNTc2MWYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdnBuLm5pY2tub3cubmV0LyIsImFyIjpbXX19.nnIpppzPa06458NVFwugiaeRQsmiQvld2RQBe2pE9BA; expires=Tue, 05 Dec 2023 12:47:09 GMT; secure; SameSite=None
uid_id2=0dba31b6-dec7-4440-a0a3-0d80f3cc3ba1:3:1; expires=Tue, 12 Dec 2023 12:46:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 816b1a0c795db489627b5bf37b91083a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

conqueredallrightswell.com/pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=20050023

192.243.59.13

1.4 kB

URL
conqueredallrightswell.com/pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=20050023
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (480)
Size
1.4 kB (1387 bytes)
Hash
fd0a312f9f076c0770361baf3dc529d7
41079b415ea055883e9d77cd97db57dbe9eaa2c8
ae30b860b947b5e3c048dc6d1eda6a04828b0f1bd3ac65b98846ec6acfbe9efe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=20050023 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 05 Dec 2023 12:46:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15077602; expires=Wed, 06 Dec 2023 12:46:09 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTA3NzYwMiwiayI6IjdhN2MzNzc5ODg5ODA1ZTIwNThhZGRlY2I3ZTEzNDI0Iiwic2lkIjoiMjAwNTAwMjMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoicHBoMWFlZWoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdnBuLm5pY2tub3cubmV0LyIsImFyIjpbXX19.uIm6-LFuYRiq6sVM0fClsbe3IH2Ybf47otQQibvIXzQ; expires=Tue, 05 Dec 2023 12:47:09 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dd65dc1550343bb96f92ad7fdd19ef52
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.afilmywap.org.im/files/images/poster/Mukhiyaa_(2023)_S01_Part_1_Hulchul_Hindi_Web_Series.jpg

104.21.35.99

3.8 kB

URL
www.afilmywap.org.im/files/images/poster/Mukhiyaa_(2023)_S01_Part_1_Hulchul_Hindi_Web_Series.jpg
IP
104.21.35.99:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
3.8 kB (3793 bytes)
Hash
889ea1da0bdf2aab02401a4b7378ccb1
72a8e5214a0e19bf862e7f724c58739d28de9d93
dd772f26abb35fa8852421d9ea882ef390cfe74da5b47ab2bfe40a675ade3187

HTTP Headers

GET /files/images/poster/Mukhiyaa_(2023)_S01_Part_1_Hulchul_Hindi_Web_Series.jpg HTTP/1.1
Host: www.afilmywap.org.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Tue, 05 Dec 2023 12:46:08 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6woiO2MLVbWHS46g3IpdzMGgoqK5tKUW7n3%2B33YqHlzv2TqJWxvsYxf7Fa5ZZBAz2K3Z1gqFb2ub95cCefzVVvgr%2FFax5JF7C3WZtkUtjyoRpJtC7I4dmKQNCh3Cd3cMvAZDPnGAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c63e59e62b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unfortunatecatch.com/ba3.Vp0/PX3dpbvzbnmfV/JaZjDQ0s0/OpDWcEzIMIThk/1pLATHQu4INbzmM/xyOqT_Y-?clickId=302a91927dd6145e14f02935e884908f&sId=15077602

88.85.94.240

302 Found

0 B

URL User Request GET HTTP/2
unfortunatecatch.com/ba3.Vp0/PX3dpbvzbnmfV/JaZjDQ0s0/OpDWcEzIMIThk/1pLATHQu4INbzmM/xyOqT_Y-?clickId=302a91927dd6145e14f02935e884908f&sId=15077602
IP
88.85.94.240:443
ASN
#35415 Webzilla B.V.

Certificate
IssuerLet's Encrypt
Subjectunfortunatecatch.com
Fingerprint31:10:EB:14:8C:D6:F7:D0:A7:DD:2F:71:96:77:13:5D:75:6A:2A:E2
ValiditySun, 05 Nov 2023 00:25:00 GMT - Sat, 03 Feb 2024 00:24:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ba3.Vp0/PX3dpbvzbnmfV/JaZjDQ0s0/OpDWcEzIMIThk/1pLATHQu4INbzmM/xyOqT_Y-?clickId=302a91927dd6145e14f02935e884908f&sId=15077602 HTTP/1.1
Host: unfortunatecatch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 05 Dec 2023 12:46:10 GMT
content-type: text/html;charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
location: https://eatcells.com/
referrer-policy: no-referrer
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.afilmywap.org.im/files/images/poster/Ghost_(2023)_Telugu_Movies.jpg

104.21.35.99

5.8 kB

URL
www.afilmywap.org.im/files/images/poster/Ghost_(2023)_Telugu_Movies.jpg
IP
104.21.35.99:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
5.8 kB (5805 bytes)
Hash
a836efd5af0b605032f31f3f34ce0e64
f9f3ae8cff1149d7c3e1ec6a2f4212b6bd007f8b
b56534db1cc8f09d98cd650260a3ae7e9168b1a1ac4c9163cda25e28e897e202

HTTP Headers

GET /files/images/poster/Ghost_(2023)_Telugu_Movies.jpg HTTP/1.1
Host: www.afilmywap.org.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Tue, 05 Dec 2023 12:46:08 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNDv86lQYiKU%2Fz50J4J2N68qOkv1kZIUJwm0tsZ6n6QNEIO5AynRZgeYDrlZxPHAbA230ulgzjrvn6l5w%2BKLspdPQzOGWiZ%2Fw9bIGJVt0sytoyvJEf4f%2BMhqddVAnvWUiUY5dEMP7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c63e64f62b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

eatcells.com/assets/css/new_gallery.css

94.130.177.84

200 OK

1.8 kB

URL GET HTTP/2
eatcells.com/assets/css/new_gallery.css
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
ASCII text
Size
1.8 kB (1791 bytes)
Hash
7fe0557524dbf60d5b7d589d11f72fd6
ebbce6c0589f46dc0f8959e49a1778ab01c6b0f5
a374fd62e3d4aa19adba05d455c79bc3352b24e744d455156dcc275947079f9e

HTTP Headers

GET /assets/css/new_gallery.css HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:15 GMT
content-type: text/css
content-length: 1791
last-modified: Wed, 04 Sep 2019 20:36:34 GMT
etag: "5d702052-6ff"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/assets/js/new_quadtree.js

94.130.177.84

200 OK

3.6 kB

URL GET HTTP/2
eatcells.com/assets/js/new_quadtree.js
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
ASCII text
Size
3.6 kB (3639 bytes)
Hash
97535307fed0d8618244e4d8c19ee53f
a58c1a5deed12f5c7898262e74c380377cdd95ba
51faf127356027d068fa984e84e4fe2dcbe3d748f73fc3fb7944310c08b8187e

HTTP Headers

GET /assets/js/new_quadtree.js HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:15 GMT
content-type: application/javascript
content-length: 3639
last-modified: Wed, 04 Sep 2019 20:36:33 GMT
etag: "5d702051-e37"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.afilmywap.org.im/templates/images/afilmywap.png

104.21.35.99

6.1 kB

URL
www.afilmywap.org.im/templates/images/afilmywap.png
IP
104.21.35.99:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
6.1 kB (6148 bytes)
Hash
2a586d78cdfc328b1ab2444f2f657c04
104d26ed6510ff917ea299ee50361a9a7e715b4e
4ae80e0f70d04aaa1cedc39175af6fe5083fed8966b5b2a61ab33318768a86d3

HTTP Headers

GET /templates/images/afilmywap.png HTTP/1.1
Host: www.afilmywap.org.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
date: Tue, 05 Dec 2023 12:46:06 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmH07HV%2Bavc4ejlXi9EK5Cjx9MR1TwvSFR0KVZl8lcvmJVzYyXcTg80HMHzDtiCmEcdHGezTHgrzkoX4yR8BO%2FC0%2BifPbeRtppWyvJbwRjTwSp5hNOT0PK1jKOnkxRapzUra1vhpiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c63da0f97712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-136886237-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-136886237-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (69000 bytes)
Hash
c35d81fdc3d77487836cc21e3cd5d3a2
e61143c4a4c8da6af56441386ffaff6f932f10b2
bf5a12a355d10ac20b07c938cbaf03dc5765dcb2c2f47db2125fe38d020ccc9f

HTTP Headers

GET /gtag/js?id=UA-136886237-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 12:46:11 GMT
expires: Tue, 05 Dec 2023 12:46:11 GMT
cache-control: private, max-age=900
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69000
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.afilmywap.org.im/files/images/poster/Animal_(2023)_Bollywood_Hindi_Full_Moviezzz.JPG

104.21.35.99

2.9 kB

URL
www.afilmywap.org.im/files/images/poster/Animal_(2023)_Bollywood_Hindi_Full_Moviezzz.JPG
IP
104.21.35.99:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
2.9 kB (2869 bytes)
Hash
89144567e5cea3d17c0ce9f661703a3b
0592a536ebb71209f84995ebf52f0f308b10c231
f3c0bb986270cb5dd165f56c00ee44d0fed5565c34c06adeffa9ab2292a47091

HTTP Headers

GET /files/images/poster/Animal_(2023)_Bollywood_Hindi_Full_Moviezzz.JPG HTTP/1.1
Host: www.afilmywap.org.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Tue, 05 Dec 2023 12:46:08 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmvUibmO0idMpkI14iyB1eY0sKDuKo8hRyLP%2Fk9TKp7Sg0Gj7kj960eIK5lHfRKzCuRmrDhohidJ%2F8n%2BElJrysghVSVyDJFaklfAcKt08cs6O9jvjRXeM6nqTQuJLRIg62rOS39%2FBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c63e5fee2b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

eatcells.com/assets/js/new_main_out4.js?3512341123

94.130.177.84

200 OK

66 kB

URL GET HTTP/2
eatcells.com/assets/js/new_main_out4.js?3512341123
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
ASCII text
Size
66 kB (66367 bytes)
Hash
a09324e4f90b9d6437ded27984bfd1c9
654f526654aa638af0c7cfb378139b8bc0e9b25c
3fe37eefb8e3c4306bb7614aa524baba49a90960a7598053fee3f1d14af05fc7

HTTP Headers

GET /assets/js/new_main_out4.js?3512341123 HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:15 GMT
content-type: application/javascript
content-length: 66367
last-modified: Wed, 17 Mar 2021 11:17:47 GMT
etag: "6051e55b-1033f"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.afilmywap.org.im/files/images/poster/Animal_(2023)_Tamil_Moviezzz.jpg

104.21.35.99

37 kB

URL
www.afilmywap.org.im/files/images/poster/Animal_(2023)_Tamil_Moviezzz.jpg
IP
104.21.35.99:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
37 kB (37111 bytes)
Hash
071b603c25f8547934b5f77fdf6d6d3c
f53e03006970f03294eb7f0ebefd9a8533e382d5
e4bb4128d7bed6952b49f66ca884cd9dc02f7c3021cbb68fd91a40bade3fe06c

HTTP Headers

GET /files/images/poster/Animal_(2023)_Tamil_Moviezzz.jpg HTTP/1.1
Host: www.afilmywap.org.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Tue, 05 Dec 2023 12:46:08 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbvXmJS0NizqYC8SlL2HTyYfmwAjrbVMjmcm%2F%2FuunXidkumeEa6%2FpU7tv1YLPgmrDSAeM6eihxKpfXnUrRkCMtE4dlQBLJEx5eHeU2zhSEUSh2CGInhT9Rqfgn3cdXPAgTdjp4nkNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c63e62f2cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

eatcells.com/assets/img/game-floppy.jpg

94.130.177.84

200 OK

22 kB

URL GET HTTP/2
eatcells.com/assets/img/game-floppy.jpg
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
22 kB (21816 bytes)
Hash
5ad1eea8c383ba8227fc0202cd53328b
555dced4831f55755a8b94b272be77963c7f243d
df91f7b73203d9477560338afd906fdaea7be4359efd8b4f5c710ea040236f88

HTTP Headers

GET /assets/img/game-floppy.jpg HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:15 GMT
content-type: image/jpeg
content-length: 21816
last-modified: Wed, 04 Sep 2019 20:36:35 GMT
etag: "5d702053-5538"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/assets/img/split.png?4

94.130.177.84

200 OK

8.4 kB

URL GET HTTP/2
eatcells.com/assets/img/split.png?4
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
8.4 kB (8351 bytes)
Hash
a750c895db286aad876dd4d0d921489f
9702489ca7bf3da73c794bc7b08ebde1af41251f
561d10034a0809c36d7d24c7f3aee2b061a9a5dad63ad28d75f4fbc434406d1b

HTTP Headers

GET /assets/img/split.png?4 HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:15 GMT
content-type: image/png
content-length: 8351
last-modified: Wed, 04 Sep 2019 20:36:36 GMT
etag: "5d702054-209f"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.afilmywap.org.im/files/images/poster/Aitraaz_(2023)_Part_2_Jalva_Hindi_Web_Series.jpg

104.21.35.99

10 kB

URL
www.afilmywap.org.im/files/images/poster/Aitraaz_(2023)_Part_2_Jalva_Hindi_Web_Series.jpg
IP
104.21.35.99:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
10 kB (10143 bytes)
Hash
36dbccce37e5bf19241306b895eeea1b
57fb87ece2b2adcb044120a1e0eba13a48adf083
842c7c9e5a16e49e83f90707f79c56f5d135f48072343e69c9c8e0f56d1ea127

HTTP Headers

GET /files/images/poster/Aitraaz_(2023)_Part_2_Jalva_Hindi_Web_Series.jpg HTTP/1.1
Host: www.afilmywap.org.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vpn.nicknow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
date: Tue, 05 Dec 2023 12:46:06 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbhMbQmGWAWn9DCc2JBSNpdSZ7J3uAWF9uNv7NEBNTLWMDr4c2sxgmQz9idohdaW%2FQFpoT4AXJWQRT1%2FwWFHVxsbGm%2BQKeyBdkg4pmPC2YM3m3F22URUcZfX%2BQ0ACTKVHRfmvWE2Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c63da0fb9712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

eatcells.com/assets/img/game-tap.jpg

94.130.177.84

200 OK

188 kB

URL GET HTTP/2
eatcells.com/assets/img/game-tap.jpg
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x1200, components 3\012- data
Size
188 kB (188023 bytes)
Hash
f10541f07881ca3f61b1adeff57c62b8
c12fbce7d19d66e5fb7c769d1f3f1e75d750d9f7
b92f76d1bdafaafe084228cfda473a714e64f24d816f90d5bf7e2ae59ad65421

HTTP Headers

GET /assets/img/game-tap.jpg HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:15 GMT
content-type: image/jpeg
content-length: 188023
last-modified: Wed, 04 Sep 2019 20:36:36 GMT
etag: "5d702054-2de77"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/skinList.txt

94.130.177.84

200 OK

4.7 kB

URL GET HTTP/2
eatcells.com/skinList.txt
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
ASCII text, with very long lines (4653), with no line terminators
Size
4.7 kB (4653 bytes)
Hash
fc25f7574d752ded929cb1dac5cfd6dc
25214cdc98340d44f8152951370a8dc6ef858f38
c0b0c1999cab2333546e0233aed66ee13ba7ac3fc21b68bd378e8a7dc114a197

HTTP Headers

GET /skinList.txt HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:16 GMT
content-type: text/plain
content-length: 4653
last-modified: Wed, 04 Sep 2019 20:36:32 GMT
etag: "5d702050-122d"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.icone-png.com/png/22/22430.png

194.150.236.240

44 kB

URL GET
www.icone-png.com/png/22/22430.png
IP
194.150.236.240:0
ASN
#44976 AZNET s.a.r.l.

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecticone-png.com
FingerprintF8:AB:FA:46:BD:65:7A:64:F0:8A:F9:5E:75:EF:A0:C0:65:3A:DD:32
ValidityWed, 18 Oct 2023 06:13:39 GMT - Tue, 16 Jan 2024 06:13:38 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
44 kB (44103 bytes)
Hash
e3f3995eee92ffbd800489ea80bcf4b1
09b579124f0cff2b416274fd9dc1533971cedc65
72e00f5849a0359da527b77f1f1063d1476d00aefc93c347b78b96c960bd994a

HTTP Headers

GET /png/22/22430.png HTTP/1.1
Host: www.icone-png.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 12:46:11 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000
Last-Modified: Sun, 06 Jan 2019 22:18:39 GMT
ETag: "324f27-ac75-57ed17e8caf03"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 44103
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/png

maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2

104.18.11.207

200 OK

18 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

HTTP Headers

GET /bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eatcells.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:46:11 GMT
content-type: font/woff2
content-length: 18028
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "448c34a56d699c29117adc64c43affeb"
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 11/12/2022 05:25:23
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1049
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 65fad5cfc5af482c7c821eefc6a6a87c
cdn-cache: HIT
cf-cache-status: HIT
age: 1065870
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 830c63fa181eb4f1-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

216.58.207.227

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Size
30 kB (29752 bytes)
Hash
ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eatcells.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 02:31:32 GMT
expires: Wed, 04 Dec 2024 02:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
age: 36879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

eatcells.com/assets/img/favicon.ico?4

94.130.177.84

200 OK

32 kB

URL GET HTTP/2
eatcells.com/assets/img/favicon.ico?4
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32347 bytes)
Hash
86a61de6ab87b83d46a4873affaa717a
8863fa661cf2a1561a7ea19261f0980010d20eac
04e2c050285112bcd703f8765b5104c8dcf2c5b7b463f47802ccbd1933b57adf

HTTP Headers

GET /assets/img/favicon.ico?4 HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:16 GMT
content-type: image/x-icon
content-length: 32347
last-modified: Wed, 04 Sep 2019 20:36:35 GMT
etag: "5d702053-7e5b"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7KY1EBYBZS&l=dataLayer&cx=c

142.250.74.168

200 OK

81 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-7KY1EBYBZS&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
81 kB (81217 bytes)
Hash
6eb50c42bc1ca95033fbdb269f84f201
7c961d4cc8a5d127ea8e3471eea1af657e414a22
2d491c5f8836428f19e297e59d6f0fd27c29fd465a4e820e6f8909ab63c6d52e

HTTP Headers

GET /gtag/js?id=G-7KY1EBYBZS&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 12:46:11 GMT
expires: Tue, 05 Dec 2023 12:46:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81217
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

eatcells.com/api/

94.130.177.84

0 B

URL
eatcells.com/api/
IP
94.130.177.84:0
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/ HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://eatcells.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VoxyGO84pyLfwcv688Hx+Q==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 05 Dec 2023 12:32:16 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6i9woHDxbIwedm+X1jXlE2mQBXg=

eatcells.com/skins/arachno-kid.png

94.130.177.84

200 OK

62 kB

URL GET HTTP/2
eatcells.com/skins/arachno-kid.png
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
62 kB (62092 bytes)
Hash
df7ceeee99321132e26773a18136e809
f27859d00c2492e3accde1b71af03d719c9e7f3b
c72a8b7c7c5b0832038bd9ee11401e28198a6e8419192f88ec9aca3784d31fa1

HTTP Headers

GET /skins/arachno-kid.png HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701780377.1.0.1701780377.0.0.0; _ga=GA1.1.423988169.1701780378
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:16 GMT
content-type: image/png
content-length: 62092
last-modified: Sun, 17 Feb 2019 12:59:34 GMT
etag: "5c695ab6-f28c"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/skins/wicked.png

94.130.177.84

200 OK

31 kB

URL GET HTTP/2
eatcells.com/skins/wicked.png
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
31 kB (30609 bytes)
Hash
cac60d0be85c35e3de8af9f039b7585d
f937484ff3dda48d852c9a90f86f4904e1804225
c1f0e8e5d066b6899a687a30aa0dd9d3da33dba2632d59db9175ea627ce280cb

HTTP Headers

GET /skins/wicked.png HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701780377.1.0.1701780377.0.0.0; _ga=GA1.1.423988169.1701780378
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:16 GMT
content-type: image/png
content-length: 30609
last-modified: Sun, 17 Feb 2019 13:00:15 GMT
etag: "5c695adf-7791"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/skins/viper.png

94.130.177.84

200 OK

50 kB

URL GET HTTP/2
eatcells.com/skins/viper.png
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
50 kB (49644 bytes)
Hash
50ff28bed5ae7a7d4c0eb71d0909a1dd
086cf4edb4f4ee2f1546def45ec48deb411a2478
e8169e502fe91556acf668683a4e766187f14162065bfb160e1ab3a194eda5d4

HTTP Headers

GET /skins/viper.png HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701780377.1.0.1701780377.0.0.0; _ga=GA1.1.423988169.1701780378
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:16 GMT
content-type: image/png
content-length: 49644
last-modified: Sun, 17 Feb 2019 13:00:13 GMT
etag: "5c695add-c1ec"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/skins/behemoth.png

94.130.177.84

200 OK

59 kB

URL GET HTTP/2
eatcells.com/skins/behemoth.png
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
59 kB (59181 bytes)
Hash
6f45d59a4bb8774473a133f2fcae23aa
aec857d372a525e11ebca99f91113e747820d5aa
38d228dd965ab6cbdaf44032c1cc725e3eb893eaf8fc525bfc31f8b29c69f384

HTTP Headers

GET /skins/behemoth.png HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701780377.1.0.1701780377.0.0.0; _ga=GA1.1.423988169.1701780378
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:16 GMT
content-type: image/png
content-length: 59181
last-modified: Sun, 17 Feb 2019 12:59:35 GMT
etag: "5c695ab7-e72d"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/skins/mega-power.png

94.130.177.84

200 OK

78 kB

URL GET HTTP/2
eatcells.com/skins/mega-power.png
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
78 kB (77712 bytes)
Hash
912a92fc630c5dd208fe5b45cbf26d60
d39d4e114fc74dda407a508770ef8d2ef501409f
1805bc4bc38631d1f309f347275390782b7d036e4bdfad1fc4bf12d57ce6184b

HTTP Headers

GET /skins/mega-power.png HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701780377.1.0.1701780377.0.0.0; _ga=GA1.1.423988169.1701780378
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:16 GMT
content-type: image/png
content-length: 77712
last-modified: Sun, 17 Feb 2019 12:59:55 GMT
etag: "5c695acb-12f90"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/skins/army.png

94.130.177.84

200 OK

11 kB

URL GET HTTP/2
eatcells.com/skins/army.png
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10980 bytes)
Hash
7c5be45da1fa14123dad4514d20388a2
b428dd7216e09e2cfd8bb996c58a2ff4f848f389
fffcd631f0a7aa10245484e16021c1167b57dd4dc3c086b1955202179306516f

HTTP Headers

GET /skins/army.png HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701780377.1.0.1701780377.0.0.0; _ga=GA1.1.423988169.1701780378
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:16 GMT
content-type: image/png
content-length: 10980
last-modified: Sun, 17 Feb 2019 12:59:34 GMT
etag: "5c695ab6-2ae4"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18200, version 1.0\012- data
Size
18 kB (18200 bytes)
Hash
8c7519686a5ddf20a3981e660a5f2610
3e0d73d14e4892b36fb5c6a9854c7d2e6bec005a
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eatcells.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 20:40:59 GMT
expires: Tue, 03 Dec 2024 20:40:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:10:53 GMT
content-type: font/woff2
age: 57914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

eatcells.com/assets/css/new_index.css

94.130.177.84

200 OK

3.9 kB

URL GET HTTP/2
eatcells.com/assets/css/new_index.css
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
ASCII text, with very long lines (4141), with no line terminators
Size
3.9 kB (3923 bytes)
Hash
0f981c9d15f82742f4ddc919d3b004cd
058d6dbcd112a95f1e1840a4165a352389a82cb8
965416355d873b8fea6deb9603639acd3b45f4537d32f914de0688198c0a227c

HTTP Headers

GET /assets/css/new_index.css HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:15 GMT
content-type: text/css
content-length: 3923
last-modified: Wed, 04 Sep 2019 20:36:34 GMT
etag: "5d702052-f53"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/assets/img/game-2048.jpg

94.130.177.84

200 OK

35 kB

URL GET HTTP/2
eatcells.com/assets/img/game-2048.jpg
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 1200x1200, components 3\012- data
Size
35 kB (35226 bytes)
Hash
83c6bcd32c7e90ab34e5a8f02e642e8d
97db55b7b37fc4d477057d0e35509af231f770fa
8eb5894f89bf0e0c90e32872557f0ed0bdc95e15518c4cd7eab98a629e17c65e

HTTP Headers

GET /assets/img/game-2048.jpg HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:15 GMT
content-type: image/jpeg
content-length: 35226
last-modified: Wed, 04 Sep 2019 20:36:34 GMT
etag: "5d702052-899a"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Ubuntu:700

142.250.74.106

200 OK

1.8 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Ubuntu:700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1806), with no line terminators
Size
1.8 kB (1758 bytes)
Hash
40f0ff0239b4b3892a4660ee6c373805
f2211e124e80febc4a51c394f4d93f454c678a5c
220e6b62bcaf8867414f43602d64ace4f420ef289d165d3851a630f5901b7b8b

HTTP Headers

GET /css?family=Ubuntu:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 05 Dec 2023 12:46:11 GMT
date: Tue, 05 Dec 2023 12:46:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

eatcells.com/

94.130.177.84

200 OK

12 kB

URL User Request GET HTTP/2
eatcells.com/
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (327)
Size
12 kB (11509 bytes)
Hash
82e93da9b03c14619a4b08abc3a288dc
bb3a76dd7905a121f686b20e049cdbb1b317f781
7f82741691522dd5cfb56bd639bb2a25ef1549f724f47b90cbb744e8990d6cdf

HTTP Headers

GET / HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:15 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

104.18.11.207

200 OK

117 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (65371)
Size
117 kB (117305 bytes)
Hash
eedf9ee80c2faa4e1b9ab9017cdfcb88
ed29315e0ffb3f14382431f2724235bf67f44eb3
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

HTTP Headers

GET /bootstrap/3.3.4/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:46:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"eedf9ee80c2faa4e1b9ab9017cdfcb88"
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 08/04/2023 12:50:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7e74c5fea2151758aaf7c8cf1f839c4a
cdn-cache: HIT
cf-cache-status: HIT
age: 882391
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 830c63f82a280afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

eatcells.com/assets/img/eject.png?4

94.130.177.84

200 OK

8.3 kB

URL GET HTTP/2
eatcells.com/assets/img/eject.png?4
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
8.3 kB (8253 bytes)
Hash
cdbc5150d163614cf9278cb6f4796fb1
80d9f03f734e95a89f39f2dd076d4466ed99b1bf
0efc772d5985fdb5a8b8bdb62af4732de2ec1ebc8af7f4a6b6039ef1623f5c63

HTTP Headers

GET /assets/img/eject.png?4 HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:32:15 GMT
content-type: image/png
content-length: 8253
last-modified: Wed, 04 Sep 2019 20:36:35 GMT
etag: "5d702053-203d"
accept-ranges: bytes
X-Firefox-Spdy: h2

conqueredallrightswell.com/api/users?token=L3BwaDFhZWVqP2tleT03YTdjMzc3OTg4OTgwNWUyMDU4YWRkZWNiN2UxMzQyNCZwc2lkPTIwMDUwMDIzJnBzdD0xNzAxNzgwNDI5JnJlZmVyPWh0dHBzJTNBJTJGJTJGdnBuLm5pY2tub3cubmV0JTJGJnJtdGM9dCZzaHU9ZTY3ZDViYTk4MmNlYmE0MmFiM2NiMzQ0ZTliMjY2YzViN2RkZjgzNjBmMDEyZGMxYzA2NDY2YTExNmQ4NDQ5NzZiODIxNzNjMDA1YjJkZGMzZGYzMDA0ZDVjNmVkYTk3ZTViMWI1NzYxOGMwN2Q0ZThkZjA0YjdhM2UwNGI3MmM3MWU2Mzc5N2M2ZGJiODZlNDZhM2RkZjFlNzFjOTQyOTRjMjc3MDUxMTU2OWQ3ZDczZjc1ZTQ4ODE3N2RmZg%3D%3D&uuid=&pii=&in=false

192.243.61.227

302 Found

12 kB

URL User Request GET HTTP/1.1
conqueredallrightswell.com/api/users?token=L3BwaDFhZWVqP2tleT03YTdjMzc3OTg4OTgwNWUyMDU4YWRkZWNiN2UxMzQyNCZwc2lkPTIwMDUwMDIzJnBzdD0xNzAxNzgwNDI5JnJlZmVyPWh0dHBzJTNBJTJGJTJGdnBuLm5pY2tub3cubmV0JTJGJnJtdGM9dCZzaHU9ZTY3ZDViYTk4MmNlYmE0MmFiM2NiMzQ0ZTliMjY2YzViN2RkZjgzNjBmMDEyZGMxYzA2NDY2YTExNmQ4NDQ5NzZiODIxNzNjMDA1YjJkZGMzZGYzMDA0ZDVjNmVkYTk3ZTViMWI1NzYxOGMwN2Q0ZThkZjA0YjdhM2UwNGI3MmM3MWU2Mzc5N2M2ZGJiODZlNDZhM2RkZjFlNzFjOTQyOTRjMjc3MDUxMTU2OWQ3ZDczZjc1ZTQ4ODE3N2RmZg%3D%3D&uuid=&pii=&in=false
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjectconqueredallrightswell.com
Fingerprint9E:C2:75:0A:08:52:CB:97:0C:C6:54:67:5E:6F:7F:C9:D8:00:28:1C
ValidityTue, 14 Nov 2023 16:14:39 GMT - Mon, 12 Feb 2024 16:14:38 GMT

File type

Size
12 kB (11509 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3BwaDFhZWVqP2tleT03YTdjMzc3OTg4OTgwNWUyMDU4YWRkZWNiN2UxMzQyNCZwc2lkPTIwMDUwMDIzJnBzdD0xNzAxNzgwNDI5JnJlZmVyPWh0dHBzJTNBJTJGJTJGdnBuLm5pY2tub3cubmV0JTJGJnJtdGM9dCZzaHU9ZTY3ZDViYTk4MmNlYmE0MmFiM2NiMzQ0ZTliMjY2YzViN2RkZjgzNjBmMDEyZGMxYzA2NDY2YTExNmQ4NDQ5NzZiODIxNzNjMDA1YjJkZGMzZGYzMDA0ZDVjNmVkYTk3ZTViMWI1NzYxOGMwN2Q0ZThkZjA0YjdhM2UwNGI3MmM3MWU2Mzc5N2M2ZGJiODZlNDZhM2RkZjFlNzFjOTQyOTRjMjc3MDUxMTU2OWQ3ZDczZjc1ZTQ4ODE3N2RmZg%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/pph1aeej?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=15077602
Cookie: u_pl=15077602; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTA3NzYwMiwiayI6IjdhN2MzNzc5ODg5ODA1ZTIwNThhZGRlY2I3ZTEzNDI0Iiwic2lkIjoiMjAwNTAwMjMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoicHBoMWFlZWoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdnBuLm5pY2tub3cubmV0LyIsImFyIjpbXX19.uIm6-LFuYRiq6sVM0fClsbe3IH2Ybf47otQQibvIXzQ; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Tue, 05 Dec 2023 12:46:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://unfortunatecatch.com/ba3.Vp0/PX3dpbvzbnmfV/JaZjDQ0s0/OpDWcEzIMIThk/1pLATHQu4INbzmM/xyOqT_Y-?clickId=302a91927dd6145e14f02935e884908f&sId=15077602
Set-Cookie: iprcf6de09e0060ebfcda7d0fb105e225656=4599413; expires=Wed, 06 Dec 2023 12:46:10 GMT
pdhtkv=true; expires=Wed, 06 Dec 2023 12:46:10 GMT
uncs=1; expires=Wed, 06 Dec 2023 12:46:10 GMT
pdhtkv28=true; expires=Wed, 06 Dec 2023 12:46:10 GMT
uncs28=1; expires=Wed, 06 Dec 2023 12:46:10 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 062eadaed6fec82474d912e00328393e
Strict-Transport-Security: max-age=0; includeSubdomains

eatcells.com/api/

94.130.177.84

101 Switching Protocols

0 B

URL GET HTTP/1.1
eatcells.com/api/
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/ HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://eatcells.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VoxyGO84pyLfwcv688Hx+Q==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 05 Dec 2023 12:32:16 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6i9woHDxbIwedm+X1jXlE2mQBXg=

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (54)

URL

IP

ASN

File type