Report - x19.oupknjar.info/

Report Overview

Visited public
2025-06-17 13:29:58
Tags
URL
x19.oupknjar.info/
Finishing URL
treeofgames.com/lp/index1.html
IP / ASN
162.210.195.122
#30633 LEASEWEB-USA-WDC
Title
Best Free MMO Game!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-11	856 B	13 kB	142.250.74.10
treeofgames.com	unknown	unknown	No data	No data	7.4 kB	680 kB	104.21.35.96
x19.oupknjar.info	unknown	2024-08-04	2025-06-17	2025-06-17	1.9 kB	8.6 kB	77.247.179.82
rtbbhub.com	unknown	2024-06-26	2024-06-26	2025-06-16	3.1 kB	15 kB	172.67.148.212
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-11	1.1 kB	38 kB	142.250.178.35
click-v4.exoclkneu.com	unknown	2024-11-29	2025-06-16	2025-06-16	512 B	7.3 kB	198.134.116.17
pectationselea.info	unknown	2023-07-11	2023-07-13	2025-06-17	508 B	9.1 kB	3.167.2.18

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-06-17 13:29:36	low	172.67.148.212	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
2025-06-17 13:29:36	low	172.67.148.212	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
2025-06-17 13:29:36	low	172.67.148.212	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (32)

	URL	From	Size	First Seen	Last Seen
	treeofgames.com/lp/index1.html	ScriptElement	3.7 kB	2025-06-11	2025-06-18
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-18 20:20 Times Seen6 Hash 06dce7aa69b8bf71ff70ba7c5fd41338 9d7cb6bad53d33f089b9a04978d337b4f76a6657 ec69f55058e65611ef85781d230e24552959adf956124b6ff940bd48b6ff86b2 Loading...

	treeofgames.com/lp/text/text.min.js	ScriptElement	1.0 kB	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/text/text.min.js IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 05f895e2f3dd9287f39ad89ff5def04e 0b8988d08d788cc4b587bc57646069b059682135 6dad8cb15ab25a338b8cf94c31934fbc2f01aa993eb30f1aeb44510f7ab1c0a4 Loading...

	treeofgames.com/lp/text/text.min.js	ScriptElement	1.0 kB	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/text/text.min.js IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 05f895e2f3dd9287f39ad89ff5def04e 0b8988d08d788cc4b587bc57646069b059682135 6dad8cb15ab25a338b8cf94c31934fbc2f01aa993eb30f1aeb44510f7ab1c0a4 Loading...

	treeofgames.com/lp/index.html	ScriptElement	3.7 kB	2025-06-11	2025-06-18
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-18 20:20 Times Seen6 Hash b5bdc9a86c787c3106d9f7fb78305c44 cd7573e808a15de39fc0f442041a4c6f3aca73bf c330aee01ecbe54fc46c689e7d5945ecffe8d34d086b1429050b2d1e2d791df6 Loading...

	treeofgames.com/lp/index.html	ScriptElement	121 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 2cbaf8cf604856f1a3dcfd5dd31319af 0a230992dacb162655e0b7b5e06232b59e243c5a c1762e78808827754610281fb2fc223eef1f38363ec2374c9da663ee92ac60de Loading...

	treeofgames.com/lp/code/jquery-2.1.4.min.js	ScriptElement	84 kB	2023-03-07	2025-06-23
Pretty URL treeofgames.com/lp/code/jquery-2.1.4.min.js IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-06-23 01:53 Times Seen6035 Hash f9c7afd05729f10f55b689f36bb20172 43dc554608df885a59ddeece1598c6ace434d747 f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c Loading...

	treeofgames.com/lp/index1.html	ScriptElement	121 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 2cbaf8cf604856f1a3dcfd5dd31319af 0a230992dacb162655e0b7b5e06232b59e243c5a c1762e78808827754610281fb2fc223eef1f38363ec2374c9da663ee92ac60de Loading...

	treeofgames.com/lp/index1.html	ScriptElement	106 B	2025-06-11	2025-06-18
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-18 20:20 Times Seen6 Hash 2396bcff076c85f8e204052f6a47f2f5 a864e9e4b16a16f28f80c0da85266fa95b888c86 4e98b29c79e1b7b9bb1c8ef1e82627a8dea4771b3ed35dc50f87686f9e269009 Loading...

	treeofgames.com/lp/index1.html	ScriptElement	31 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 93b79d338d54c7691214f0e0eacca74f 1f8d8bf1a307dbd5c0112ea0a2ab12ebec9d3985 205a4962bceeac1ab97221da9f8e820a125e6bc397256a2bd466d5bbb26bff88 Loading...

	treeofgames.com/lp/index1.html	ScriptElement	31 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 9011c231ead45527ef13de9a8ad7072d b79c5ce0200c59da57401bd3ba50f836169d218b 3defdf47ca3f94a40d9cfa53118b6dbf4c7c83ebe112db094c5afe39ac93d4f9 Loading...

	treeofgames.com/lp/index.html	ScriptElement	106 B	2025-06-11	2025-06-18
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-18 20:20 Times Seen6 Hash 2396bcff076c85f8e204052f6a47f2f5 a864e9e4b16a16f28f80c0da85266fa95b888c86 4e98b29c79e1b7b9bb1c8ef1e82627a8dea4771b3ed35dc50f87686f9e269009 Loading...

	treeofgames.com/lp/index.html	ScriptElement	31 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 93b79d338d54c7691214f0e0eacca74f 1f8d8bf1a307dbd5c0112ea0a2ab12ebec9d3985 205a4962bceeac1ab97221da9f8e820a125e6bc397256a2bd466d5bbb26bff88 Loading...

	treeofgames.com/lp/index.html	ScriptElement	31 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 9011c231ead45527ef13de9a8ad7072d b79c5ce0200c59da57401bd3ba50f836169d218b 3defdf47ca3f94a40d9cfa53118b6dbf4c7c83ebe112db094c5afe39ac93d4f9 Loading...

	treeofgames.com/lp/index.html	ScriptElement	31 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 0884d567152326dfffaa2924206d7967 aee88ea1073f491d503aa6f9dcd298027741bbbe 6b194bd0658a056929d7e31b22dc3f71ba3b70e877ace1d1676368ce0fcd4dcd Loading...

	treeofgames.com/lp/index.html	ScriptElement	31 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 6268852eed0f814570fbd476d7869d99 f6cfa91be5367fd8c3924744234a1699eff8d123 8322857f8e8018c9ce904d7538d1bf1dcb9f258cf8d5f6c45d426b7d2a129e11 Loading...

	treeofgames.com/lp/index.html	ScriptElement	122 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 6fccde6f4e5bd444c82a0de51f00dce0 3433b7c4ddb6f776e9cb23e65e040b1f27f14bf0 b31418e65f19d3c37bb6be1043e9b48f97aa19b6dc09034772e4e47e30a2d00f Loading...

	treeofgames.com/lp/index1.html	ScriptElement	31 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 0884d567152326dfffaa2924206d7967 aee88ea1073f491d503aa6f9dcd298027741bbbe 6b194bd0658a056929d7e31b22dc3f71ba3b70e877ace1d1676368ce0fcd4dcd Loading...

	treeofgames.com/lp/code/jquery-2.1.4.min.js	ScriptElement	84 kB	2023-03-07	2025-06-23
Pretty URL treeofgames.com/lp/code/jquery-2.1.4.min.js IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-06-23 01:53 Times Seen6035 Hash f9c7afd05729f10f55b689f36bb20172 43dc554608df885a59ddeece1598c6ace434d747 f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c Loading...

	treeofgames.com/lp/index.html	ScriptElement	126 B	2025-06-11	2025-06-18
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-18 20:20 Times Seen6 Hash 5d35359976f029c7807a0e7a6df8ab3a b1077f0e7aa1b3e041b06147f98a8918d28f792e ce324bfb31c4210cff50b19e9e8689361d3ee3fa5102de08cda1207b6057153b Loading...

	treeofgames.com/lp/index1.html	ScriptElement	31 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 6268852eed0f814570fbd476d7869d99 f6cfa91be5367fd8c3924744234a1699eff8d123 8322857f8e8018c9ce904d7538d1bf1dcb9f258cf8d5f6c45d426b7d2a129e11 Loading...

	treeofgames.com/lp/index1.html	ScriptElement	122 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 6fccde6f4e5bd444c82a0de51f00dce0 3433b7c4ddb6f776e9cb23e65e040b1f27f14bf0 b31418e65f19d3c37bb6be1043e9b48f97aa19b6dc09034772e4e47e30a2d00f Loading...

	treeofgames.com/lp/index.html	ScriptElement	160 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 9456fe8905af8ae4b97f1b8f793ef7f9 e1a62a2b2c98f01443c8453063721087beaea204 1ac8f49947837087fec221bf72dd09463d09976a063793900548a5659ed3e7e8 Loading...

	treeofgames.com/lp/index.html	ScriptElement	166 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash d7e55d3f23197d3d68493c85605d491c 13862e5715565cfa5e01fc65b3362f408cf54cb1 9b3a5281f3f0040fa10b292b08be145ec5c6319499ea53ead429b3359eb104b6 Loading...

	treeofgames.com/lp/index1.html	ScriptElement	126 B	2025-06-11	2025-06-18
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-18 20:20 Times Seen6 Hash 5d35359976f029c7807a0e7a6df8ab3a b1077f0e7aa1b3e041b06147f98a8918d28f792e ce324bfb31c4210cff50b19e9e8689361d3ee3fa5102de08cda1207b6057153b Loading...

	treeofgames.com/lp/index1.html	ScriptElement	160 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 9456fe8905af8ae4b97f1b8f793ef7f9 e1a62a2b2c98f01443c8453063721087beaea204 1ac8f49947837087fec221bf72dd09463d09976a063793900548a5659ed3e7e8 Loading...

	treeofgames.com/lp/index1.html	ScriptElement	166 B	2025-06-11	2025-06-20
Pretty URL treeofgames.com/lp/index1.html IP 104.21.35.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash d7e55d3f23197d3d68493c85605d491c 13862e5715565cfa5e01fc65b3362f408cf54cb1 9b3a5281f3f0040fa10b292b08be145ec5c6319499ea53ead429b3359eb104b6 Loading...

		Size	First Seen	Last Seen
	#1 Write - 25c7afe72e33cc7fe04a1ea054fbb91f	68 B	2025-06-11 19:23	2025-06-18 20:20
Pretty Observations First Seen2025-06-11 19:23 Last Seen2025-06-18 20:20 Times Seen6 Hash 25c7afe72e33cc7fe04a1ea054fbb91f 2536a0564c88e2c385fdaa7f656ec5f52c4928f0 9f22dd4eb4bed06b6af33b9aac69af94957609c2dc5ab9c970a17a294ec45ce2 Loading...

	#2 Write - 1b0793fab33f3fe17a1da6c6f085b123	10 B	2025-06-11 19:23	2025-06-20 07:32
Pretty Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 1b0793fab33f3fe17a1da6c6f085b123 365f992a0a10615ba2ae06d707bb66c9e6c66bbe 62e0df134d7e80abb976d863e3602a9a240fe509ac17654521ac4ac6bffda44d Loading...

	#3 Write - 901a7320e77e54c4794bd577399eb0a6	11 B	2025-06-11 19:23	2025-06-20 07:32
Pretty Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash 901a7320e77e54c4794bd577399eb0a6 21bd0337ae7922983486f37b7c1fea1c1a9c14eb 563370a7b0ef8fea32b1e01b441b507bcd6bae0b924205512c30c54ac1beca62 Loading...

	#4 Write - f4f70727dc34561dfde1a3c529b6205c	8 B	2025-05-10 01:32	2025-06-20 07:32
Pretty Observations First Seen2025-05-10 01:32 Last Seen2025-06-20 07:32 Times Seen9 Hash f4f70727dc34561dfde1a3c529b6205c c7f73bb54d928922c3838bb789ee9fb8a5b1eb37 74a883a037bc227f91891ab654a753d3a99f31ab06ae5b5d2b6e594a692b41f8 Loading...

	#5 Write - fef46e5063ce3dc78b8ae64fa474241d	4 B	2025-06-11 19:23	2025-06-20 07:32
Pretty Observations First Seen2025-06-11 19:23 Last Seen2025-06-20 07:32 Times Seen7 Hash fef46e5063ce3dc78b8ae64fa474241d f83b6fe3aebf13744e866019556d9129cd7a55be d17d84a604994b722db37b35860b1ac7e8d9e43e725d0eb50702a9f7228a2999 Loading...

	#6 Write - ce9b7a03575843c822875d1423d1bb28	46 B	2025-06-11 19:23	2025-06-18 20:20
Pretty Observations First Seen2025-06-11 19:23 Last Seen2025-06-18 20:20 Times Seen6 Hash ce9b7a03575843c822875d1423d1bb28 ec5bc019fc408c05dff75cb56373d4bfd5813269 2e1978c5e3d46c66833c6ad7f6b42a5ef158b65af20793021dbc9abfa2a71a9d Loading...

HTTP Transactions (30)

URL IP Response Size

GET treeofgames.com/lp/img/bg/hw.avif

104.21.35.96

200 OK

113 kB

URL GET
treeofgames.com/lp/img/bg/hw.avif
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index1.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
ISO Media, AVIF Image
Size
113 kB (112750 bytes)
Hash
be070f25f1b3610cffd4ba07e7e050ec
7b5cd7a78f8cfe92680c3e6e6eb1ba2938462894
e8f791c491cd4b2be22e7448a50f9f6edb6d28ea9564c14754ed649ca37e4bab

HTTP Headers

GET /lp/img/bg/hw.avif HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:47 GMT
content-type: image/avif
content-length: 112750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sbO%2FUw7Io8sXTDvGgkaqnpRG82AXSHdqvdb6CReHI0yrK9jK%2FdySDjcNwlNdXVey4OPP1hO47%2FemhVYw7iPtbmmwNbwunq%2BFuemZaDA%2Bv9bpNBA2iWFVaExbSW0aTxaCKcc%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "1dbce32c5d19a6e"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3755
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 9512e5d99ef456b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3744&min_rtt=862&rtt_var=3500&sent=324&recv=72&lost=0&retrans=0&sent_bytes=324607&recv_bytes=7538&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=ea4266beb85c2831&ts=11064&inflight_dur=111&x=80"

GET treeofgames.com/lp/img/btn/red.avif

104.21.35.96

200 OK

2.2 kB

URL GET
treeofgames.com/lp/img/btn/red.avif
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index1.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
ISO Media, AVIF Image
Size
2.2 kB (2199 bytes)
Hash
0d813385e260b54f1fd50d4d1bc05671
4c0dfbccae85f19ca420ecb1374f312acaa8558d
545330685e052fa9fca48a87af1d62bbf5426247f568f996e1fdf49dc81f8436

HTTP Headers

GET /lp/img/btn/red.avif HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:47 GMT
content-type: image/avif
content-length: 2199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2FfjMpNL597aXXXudNgL2DXFPt6bpeo5M0muA3HgYE4jnDEfPNpPz8taqG3HZOuSmvhFAoipbvnA%2F9m9WTc6084FOECeDlW1mb2g6N4Vyr%2Bg9mcfaLU8AimAH5TMZENHZiA%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "1dbce32c5d02a97"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3755
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 9512e5d9bef856b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3373&min_rtt=862&rtt_var=2637&sent=529&recv=74&lost=0&retrans=0&sent_bytes=566922&recv_bytes=7630&delivery_rate=14820345&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=240000&unsent_bytes=0&cid=ea4266beb85c2831&ts=11076&inflight_dur=123&x=80"

GET treeofgames.com/favicon.ico

104.21.35.96

200 OK

198 B

URL GET
treeofgames.com/favicon.ico
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index1.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 2 colors
Size
198 B (198 bytes)
Hash
c6acedaff906029fc5455d9ec52c7f42
92cbd806ca421aa2c9ff5e1ff76bbc20913a2f81
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:47 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVETjALwRLm5MI3EWoa2tuC1jUc%2ByPffzeFlHOLOCaIZDBknc40WC1ocrhOh7LPzQoL3ZWujI0fEYopvlp64KRg5pf2uuXygmz7ei2GXsyhJDmVJBwmMQaoz%2FJuwD85r8b0%3D"}],"group":"cf-nel","max_age":604800}
etag: W/"1dbce32c5d022c6"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3333
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9512e5dacefb56b4-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3729&min_rtt=862&rtt_var=2689&sent=533&recv=76&lost=0&retrans=0&sent_bytes=569891&recv_bytes=7940&delivery_rate=14820345&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=240000&unsent_bytes=0&cid=ea4266beb85c2831&ts=11240&inflight_dur=135&x=80"

GET treeofgames.com/lp/img/bg/hw.avif

104.21.35.96

200 OK

113 kB

URL GET
treeofgames.com/lp/img/bg/hw.avif
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
ISO Media, AVIF Image
Size
113 kB (112750 bytes)
Hash
be070f25f1b3610cffd4ba07e7e050ec
7b5cd7a78f8cfe92680c3e6e6eb1ba2938462894
e8f791c491cd4b2be22e7448a50f9f6edb6d28ea9564c14754ed649ca37e4bab

HTTP Headers

GET /lp/img/bg/hw.avif HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:37 GMT
content-type: image/avif
content-length: 112750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDCEx1VZM9xSRDWmaiRSw%2FyMtGyeXvinJYqsUlyLigEnAX%2B%2F%2Bbt5fqr8kvwrKG93oh5Kts%2FhTPCQbKU59KladJBw7JDNkHtYZpv3u5r1dJTqy6REZxovSVn9MKqxp3V%2FOaA%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "1dbce32c5d19a6e"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3744
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 9512e5968bfb56b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5084&min_rtt=2303&rtt_var=4251&sent=65&recv=45&lost=0&retrans=0&sent_bytes=40223&recv_bytes=3661&delivery_rate=8762485&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=24000&unsent_bytes=0&cid=ea4266beb85c2831&ts=326&inflight_dur=42&x=80"

GET treeofgames.com/lp/index1.html

104.21.35.96

200 OK

6.1 kB

URL User Request GET
treeofgames.com/lp/index1.html
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
6.1 kB (6124 bytes)
Hash
60807c2818d206a7d11bd2fd12ac1bac
ebd0859966abf0948014273a63d453d229d0b1f3
f08db88ae80836c7ec32efdc70362a6cb5937b93558b893d2c5bd79769f5ac65

HTTP Headers

GET /lp/index1.html HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:47 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4HghjYkXFJtNKjmg1l7dZWlK6Jhy5w3O%2BZkWRjFkQgTtyRXV%2BtkL%2BEUgmgSeJvtuFE99VYvm%2FxKjvyRiDrljacMywlOBu%2BhpAn6tMxcxLm%2BCbfDyD0hTqPQAEeo4UDvG5MY%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 26 May 2025 11:39:00 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9512e5d86ec256b4-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6952&min_rtt=2303&rtt_var=6473&sent=279&recv=58&lost=0&retrans=0&sent_bytes=286347&recv_bytes=5404&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=ea4266beb85c2831&ts=10904&inflight_dur=103&x=80"

GET treeofgames.com/lp/code/jquery-2.1.4.min.js

104.21.35.96

200 OK

84 kB

URL GET
treeofgames.com/lp/code/jquery-2.1.4.min.js
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
JavaScript source, ASCII text, with very long lines (32025)
Size
84 kB (84345 bytes)
Hash
f9c7afd05729f10f55b689f36bb20172
43dc554608df885a59ddeece1598c6ace434d747
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

HTTP Headers

GET /lp/code/jquery-2.1.4.min.js HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:36 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6Wu08pRtiyzwmeTAcTIj55VTG%2BVGm63wXyoVAfvMA1g0DuupDMFqYg5tX%2Fq4Oxk%2F5ETC4oXAKBDt4Y5cR8A2FyEGWgcnQ0E7CdDpFru3cgKXEqJqG%2BVYwxVgN62EG5LiUI%3D"}],"group":"cf-nel","max_age":604800}
etag: W/"1dbce32c5d16b79"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3744
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9512e595abf456b4-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5911&min_rtt=2461&rtt_var=4999&sent=37&recv=42&lost=0&retrans=0&sent_bytes=8014&recv_bytes=3307&delivery_rate=797109&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=ea4266beb85c2831&ts=210&inflight_dur=37&x=80"

GET treeofgames.com/lp/img/btn/red.avif

104.21.35.96

200 OK

2.2 kB

URL GET
treeofgames.com/lp/img/btn/red.avif
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
ISO Media, AVIF Image
Size
2.2 kB (2199 bytes)
Hash
0d813385e260b54f1fd50d4d1bc05671
4c0dfbccae85f19ca420ecb1374f312acaa8558d
545330685e052fa9fca48a87af1d62bbf5426247f568f996e1fdf49dc81f8436

HTTP Headers

GET /lp/img/btn/red.avif HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:37 GMT
content-type: image/avif
content-length: 2199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJmb%2B3BhisauCSj%2BvAkiOlKW%2FEhtgBme870wdLoJbZ0PwtEW7zKQYeVh%2BZy5EHLpdpPHkDEo5D%2BkNdU%2FeZZj3DylZmnBVnCVFlWml9zeVeE0d8C7h9F6nUK3gA2YN7z9eoI%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "1dbce32c5d02a97"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3744
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 9512e5970c0056b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5269&min_rtt=2303&rtt_var=3301&sent=273&recv=54&lost=0&retrans=0&sent_bytes=282612&recv_bytes=4740&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=ea4266beb85c2831&ts=406&inflight_dur=79&x=80"

GET treeofgames.com/lp/img/fg/hw.avif

104.21.35.96

200 OK

95 kB

URL GET
treeofgames.com/lp/img/fg/hw.avif
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
ISO Media, AVIF Image
Size
95 kB (95118 bytes)
Hash
1c0b0d07a68b053fb47322523004f398
1a3da099f0f9bec15a290d0ebb54b072dc4146a5
a796f903d8eaa149ef204cb4cc69ab3f457041b2099a8b9b30751c547d7d0672

HTTP Headers

GET /lp/img/fg/hw.avif HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:37 GMT
content-type: image/avif
content-length: 95118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FaFYiXCgUn2yIvLievfwTs4moJT0pGvHjFdQgskADPDmuFmIg%2Bqb2gVT0LjDhq8BTghQiRYrDXXzQYrfUtak7lIx2v9c5ZPQ0p%2BLPSguQC3tTiKdqZYUth%2F6cM1SKBGMezY%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "1dbce32c5d1518e"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3744
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 9512e596dbfe56b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4731&min_rtt=2303&rtt_var=2980&sent=189&recv=51&lost=0&retrans=0&sent_bytes=184411&recv_bytes=4376&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=96000&unsent_bytes=0&cid=ea4266beb85c2831&ts=370&inflight_dur=58&x=80"

GET x19.oupknjar.info/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc1MDE3NDE3NCwiaWF0IjoxNzUwMTY2OTc0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMTR0ZjVwMDFnZWxxb3I0ZDQwYzQyY2QiLCJuYmYiOjE3NTAxNjY5NzQsInRzIjoxNzUwMTY2OTc0Mjg3Nzc3fQ.M0IjIqiFDAM_UZDUVLph4xu3KFvBNCEGMet6xsVxpaU&sid=1b813957-4b7f-11f0-bb94-eace9a35d076

77.247.179.82

302 Found

7.1 kB

URL User Request GET
x19.oupknjar.info/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc1MDE3NDE3NCwiaWF0IjoxNzUwMTY2OTc0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMTR0ZjVwMDFnZWxxb3I0ZDQwYzQyY2QiLCJuYmYiOjE3NTAxNjY5NzQsInRzIjoxNzUwMTY2OTc0Mjg3Nzc3fQ.M0IjIqiFDAM_UZDUVLph4xu3KFvBNCEGMet6xsVxpaU&sid=1b813957-4b7f-11f0-bb94-eace9a35d076
IP
77.247.179.82:443
ASN
#43350 NForce Entertainment B.V.

Certificate
IssuerLet's Encrypt
Subjectoupknjar.info
Fingerprint8F:55:4A:8E:DE:61:36:9D:0C:62:8E:65:FF:5A:40:88:B1:1F:F4:0E
ValiditySun, 11 May 2025 11:11:55 GMT - Sat, 09 Aug 2025 11:11:54 GMT

File type

Size
7.1 kB (7136 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc1MDE3NDE3NCwiaWF0IjoxNzUwMTY2OTc0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMTR0ZjVwMDFnZWxxb3I0ZDQwYzQyY2QiLCJuYmYiOjE3NTAxNjY5NzQsInRzIjoxNzUwMTY2OTc0Mjg3Nzc3fQ.M0IjIqiFDAM_UZDUVLph4xu3KFvBNCEGMet6xsVxpaU&sid=1b813957-4b7f-11f0-bb94-eace9a35d076 HTTP/1.1
Host: x19.oupknjar.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x19.oupknjar.info/
Cookie: sid=1b813957-4b7f-11f0-bb94-eace9a35d076
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Tue, 17 Jun 2025 13:29:34 GMT
location: http://click-v4.exoclkneu.com/click?i=3PRcANxp3J4_0
server: Cowboy
set-cookie: sid=1b813957-4b7f-11f0-bb94-eace9a35d076; path=/; domain=.oupknjar.info; expires=Sun, 05 Jul 2093 16:43:41 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

GET rtbbhub.com/favicon.ico

172.67.148.212

200 OK

0 B

URL GET
rtbbhub.com/favicon.ico
IP
172.67.148.212:80
ASN
#13335 CLOUDFLARENET

Requested by
http://rtbbhub.com/script/s2iurl.php?stamat=m%7C%2C%2Cg2LSYidToGU3Bp_GH0dEdHP3xP.571%2CldeAJ7gk17Zy7VTrxSNWkVB0NcaqnwK3kj87h3vfGHmCjUK9WEESyFeKH_Pl-7diFHRBFUd1CcnabuZix1X5EONwnxmD7cvYPqBe94Gb3-E3pgEfy0Nzf8iVI2kAdJ58JJt1lSlUnZjJNg5oaBbYw_CJJ5MWesQVtoyEQUttE0uuNoEYFYwMn-CMo1U5knE1C8gqcSgWPsM6DzkzjEDr0CgWmOp0zI2VieyeoIGgmqm_jY83wC6ISCFEbcwBwiCyJvlGOVvNN0KB5dpYpGlNRoOMZewgfotu6WdpQ37JD_-VnWl-Ew13kUsVPKZxLBMS_bEaid0aVKj4-ErJel2zflV2RGkmwRkwPfp3pKKaIwQNniwIVugzlJA0iUvIpAluOQEPVipvqoRLA0w4ekBJu48wmqhFhB-XaOT1N8DxKcEzqRrFvfMOjGOwPRvzcW-MzHauu1GsR-3trRkmqHRPZQMNlmLf_0hYugGcUjWXV4HnG0_B3MHK6BppKnbsINlWjXM8cGrufKhqkLwy9dyXF9Jr4kVYf8Zu3B47HsRzR-SGcT4cXvHvldzj6jdoSLMShb-i5jL96g1RkK-JrgGLmVG1WR-OGeRB1I-Z-7kqaABsFUJRoJgOs0DAYavYQLpEFeBLaq_sbf4BspFkyVn1cuRBYmsddWX6HXRch1Tw1AcjMuK6XbVvdd27VuRloO76xyEOvNdL5TY_qSv-j63P_5G66gzfTRbhqTJYfGIf0P1PXsAdUjE9t5e0kk3sbtOEN0h0gvRAGxst5tJ-MP2Prg%2C%2C&csid=5841470&s1=1062468&md=0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rtbbhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

GET treeofgames.com/lp/index.html

104.21.35.96

200 OK

6.1 kB

URL User Request GET
treeofgames.com/lp/index.html
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
6.1 kB (6126 bytes)
Hash
e477c4980036c4901bdb6f2f84b34fd6
02d155fb41cf3cce8f5beda331ac7dfd240c8636
c65c4f55a937ad3117cc7ea607027bdbacebcc08e3ffd1970e250e16e807aa08

HTTP Headers

GET /lp/index.html HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Jun 2025 13:29:36 GMT
content-type: text/html
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EEk1q4dpcqqUXjLZwO%2F2ZTN9WWW1ok28NlFaRaLVSuy1TTJlmZj%2Fy%2Be7SKFiwHQcA2bYoABN4fo8wPRjhyl7ORW5rP6RBQLWYB%2B8unQ%3D"}]}
last-modified: Mon, 26 May 2025 11:39:00 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9512e593a97eb500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET x19.oupknjar.info/

77.247.179.82

200 OK

479 B

URL User Request GET
x19.oupknjar.info/
IP
77.247.179.82:443
ASN
#43350 NForce Entertainment B.V.

Certificate
IssuerLet's Encrypt
Subjectoupknjar.info
Fingerprint8F:55:4A:8E:DE:61:36:9D:0C:62:8E:65:FF:5A:40:88:B1:1F:F4:0E
ValiditySun, 11 May 2025 11:11:55 GMT - Sat, 09 Aug 2025 11:11:54 GMT

File type
HTML document, ASCII text, with very long lines (479), with no line terminators
Size
479 B (479 bytes)
Hash
0f958997ccafa443331623ab1897e3c7
20db9b1a5d3a93adbfc116adb7b7f571807ea798
cb2bef8813140e87ceafd12ee1ad3b26c8966eb0693bd5aaa54a8535938a51ab

HTTP Headers

GET / HTTP/1.1
Host: x19.oupknjar.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
content-length: 479
content-type: text/html; charset=utf-8
date: Tue, 17 Jun 2025 13:29:34 GMT
server: Cowboy
set-cookie: sid=1b813957-4b7f-11f0-bb94-eace9a35d076; path=/; domain=.oupknjar.info; expires=Sun, 05 Jul 2093 16:43:41 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

GET rtbbhub.com/script/s2iurl.php?stamat=m%7C%2C%2Cg2LSYidToGU3Bp_GH0dEdHP3xP.571%2CldeAJ7gk17Zy7VTrxSNWkVB0NcaqnwK3kj87h3vfGHmCjUK9WEESyFeKH_Pl-7diFHRBFUd1CcnabuZix1X5EONwnxmD7cvYPqBe94Gb3-E3pgEfy0Nzf8iVI2kAdJ58JJt1lSlUnZjJNg5oaBbYw_CJJ5MWesQVtoyEQUttE0uuNoEYFYwMn-CMo1U5knE1C8gqcSgWPsM6DzkzjEDr0CgWmOp0zI2VieyeoIGgmqm_jY83wC6ISCFEbcwBwiCyJvlGOVvNN0KB5dpYpGlNRoOMZewgfotu6WdpQ37JD_-VnWl-Ew13kUsVPKZxLBMS_bEaid0aVKj4-ErJel2zflV2RGkmwRkwPfp3pKKaIwQNniwIVugzlJA0iUvIpAluOQEPVipvqoRLA0w4ekBJu48wmqhFhB-XaOT1N8DxKcEzqRrFvfMOjGOwPRvzcW-MzHauu1GsR-3trRkmqHRPZQMNlmLf_0hYugGcUjWXV4HnG0_B3MHK6BppKnbsINlWjXM8cGrufKhqkLwy9dyXF9Jr4kVYf8Zu3B47HsRzR-SGcT4cXvHvldzj6jdoSLMShb-i5jL96g1RkK-JrgGLmVG1WR-OGeRB1I-Z-7kqaABsFUJRoJgOs0DAYavYQLpEFeBLaq_sbf4BspFkyVn1cuRBYmsddWX6HXRch1Tw1AcjMuK6XbVvdd27VuRloO76xyEOvNdL5TY_qSv-j63P_5G66gzfTRbhqTJYfGIf0P1PXsAdUjE9t5e0kk3sbtOEN0h0gvRAGxst5tJ-MP2Prg%2C%2C&csid=5841470&s1=1062468&md=0

172.67.148.212

200 OK

7.1 kB

URL User Request GET
rtbbhub.com/script/s2iurl.php?stamat=m%7C%2C%2Cg2LSYidToGU3Bp_GH0dEdHP3xP.571%2CldeAJ7gk17Zy7VTrxSNWkVB0NcaqnwK3kj87h3vfGHmCjUK9WEESyFeKH_Pl-7diFHRBFUd1CcnabuZix1X5EONwnxmD7cvYPqBe94Gb3-E3pgEfy0Nzf8iVI2kAdJ58JJt1lSlUnZjJNg5oaBbYw_CJJ5MWesQVtoyEQUttE0uuNoEYFYwMn-CMo1U5knE1C8gqcSgWPsM6DzkzjEDr0CgWmOp0zI2VieyeoIGgmqm_jY83wC6ISCFEbcwBwiCyJvlGOVvNN0KB5dpYpGlNRoOMZewgfotu6WdpQ37JD_-VnWl-Ew13kUsVPKZxLBMS_bEaid0aVKj4-ErJel2zflV2RGkmwRkwPfp3pKKaIwQNniwIVugzlJA0iUvIpAluOQEPVipvqoRLA0w4ekBJu48wmqhFhB-XaOT1N8DxKcEzqRrFvfMOjGOwPRvzcW-MzHauu1GsR-3trRkmqHRPZQMNlmLf_0hYugGcUjWXV4HnG0_B3MHK6BppKnbsINlWjXM8cGrufKhqkLwy9dyXF9Jr4kVYf8Zu3B47HsRzR-SGcT4cXvHvldzj6jdoSLMShb-i5jL96g1RkK-JrgGLmVG1WR-OGeRB1I-Z-7kqaABsFUJRoJgOs0DAYavYQLpEFeBLaq_sbf4BspFkyVn1cuRBYmsddWX6HXRch1Tw1AcjMuK6XbVvdd27VuRloO76xyEOvNdL5TY_qSv-j63P_5G66gzfTRbhqTJYfGIf0P1PXsAdUjE9t5e0kk3sbtOEN0h0gvRAGxst5tJ-MP2Prg%2C%2C&csid=5841470&s1=1062468&md=0
IP
172.67.148.212:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (4576)
Size
7.1 kB (7136 bytes)
Hash
93f20f793c441b5b73e33a60ad5f2e01
bf6bc3fa3960ca80cfa132129a2a756bbaafd686
959c72deb9ed11cdf445f86241535fb645357a603f53f7109abacb28e656d613

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

HTTP Headers

GET /script/s2iurl.php?stamat=m%7C%2C%2Cg2LSYidToGU3Bp_GH0dEdHP3xP.571%2CldeAJ7gk17Zy7VTrxSNWkVB0NcaqnwK3kj87h3vfGHmCjUK9WEESyFeKH_Pl-7diFHRBFUd1CcnabuZix1X5EONwnxmD7cvYPqBe94Gb3-E3pgEfy0Nzf8iVI2kAdJ58JJt1lSlUnZjJNg5oaBbYw_CJJ5MWesQVtoyEQUttE0uuNoEYFYwMn-CMo1U5knE1C8gqcSgWPsM6DzkzjEDr0CgWmOp0zI2VieyeoIGgmqm_jY83wC6ISCFEbcwBwiCyJvlGOVvNN0KB5dpYpGlNRoOMZewgfotu6WdpQ37JD_-VnWl-Ew13kUsVPKZxLBMS_bEaid0aVKj4-ErJel2zflV2RGkmwRkwPfp3pKKaIwQNniwIVugzlJA0iUvIpAluOQEPVipvqoRLA0w4ekBJu48wmqhFhB-XaOT1N8DxKcEzqRrFvfMOjGOwPRvzcW-MzHauu1GsR-3trRkmqHRPZQMNlmLf_0hYugGcUjWXV4HnG0_B3MHK6BppKnbsINlWjXM8cGrufKhqkLwy9dyXF9Jr4kVYf8Zu3B47HsRzR-SGcT4cXvHvldzj6jdoSLMShb-i5jL96g1RkK-JrgGLmVG1WR-OGeRB1I-Z-7kqaABsFUJRoJgOs0DAYavYQLpEFeBLaq_sbf4BspFkyVn1cuRBYmsddWX6HXRch1Tw1AcjMuK6XbVvdd27VuRloO76xyEOvNdL5TY_qSv-j63P_5G66gzfTRbhqTJYfGIf0P1PXsAdUjE9t5e0kk3sbtOEN0h0gvRAGxst5tJ-MP2Prg%2C%2C&csid=5841470&s1=1062468&md=0 HTTP/1.1
Host: rtbbhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 17 Jun 2025 13:29:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eT0ns3HH9WH64V6JGUh6VQO2zCVUz%2FI%2F4u1qkU1VrdAW3ZXxIAtbFyZXFfa5izq%2BoLSBBy4Aj5kZ%2FeWzS7exli2dhHz5s8FmgDDqSSf8d5fKXe7tI6ygyEekZwW87Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 9512e58f9cc7569b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=424&min_rtt=424&rtt_var=212&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=1289&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

GET treeofgames.com/lp/img/logo/hw.avif

104.21.35.96

200 OK

26 kB

URL GET
treeofgames.com/lp/img/logo/hw.avif
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index1.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
ISO Media, AVIF Image
Size
26 kB (26544 bytes)
Hash
421ea8f78a683f7735b1a9a4cc3aab10
39cc6a661a7aca9e3b991741cc36a28eac59c39a
51f1d6ce167c42aecaf5d729eae09ed967800d05fe5c26fea08b46cd7751eee2

HTTP Headers

GET /lp/img/logo/hw.avif HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:47 GMT
content-type: image/avif
content-length: 26544
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0aiamMnE7W%2BEsj1%2BLoRXaBAKIjMC08b2dA8R3%2B8vCiiORyk85D%2FwGzRXJKf8G5lLS2mcRC8H50UtEvoMwkZb9m47rA%2F6rD1Se%2BwsWKibL%2FvdqL92d%2FvjK9DEyB1lCsdHHM%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "1dbce32c5d045b0"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3755
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 9512e5d9aef556b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3744&min_rtt=862&rtt_var=3500&sent=422&recv=72&lost=0&retrans=0&sent_bytes=440854&recv_bytes=7538&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=ea4266beb85c2831&ts=11070&inflight_dur=112&x=80"

GET fonts.gstatic.com/s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

142.250.178.35

200 OK

18 kB

URL GET
fonts.gstatic.com/s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
IP
142.250.178.35:443
ASN
#15169 GOOGLE

Requested by
https://treeofgames.com/lp/index1.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18244, version 1.0
Size
18 kB (18244 bytes)
Hash
60910f83d690eecf6b7895f6c42f8666
b69baed7ac92de0d5ea4960eeccb35ab149dd117
d9aa9ce25c714499092dbbd5a6bbb5f41606c634e15e548d98a047adba331000

HTTP Headers

GET /s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://treeofgames.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 17:17:34 GMT
expires: Fri, 12 Jun 2026 17:17:34 GMT
cache-control: public, max-age=31536000
age: 418333
last-modified: Wed, 28 May 2025 17:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET x19.oupknjar.info/favicon.ico

77.247.179.82

404 Not Found

9 B

URL GET
x19.oupknjar.info/favicon.ico
IP
77.247.179.82:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://x19.oupknjar.info/
Certificate
IssuerLet's Encrypt
Subjectoupknjar.info
Fingerprint8F:55:4A:8E:DE:61:36:9D:0C:62:8E:65:FF:5A:40:88:B1:1F:F4:0E
ValiditySun, 11 May 2025 11:11:55 GMT - Sat, 09 Aug 2025 11:11:54 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: x19.oupknjar.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x19.oupknjar.info/
Cookie: sid=1b813957-4b7f-11f0-bb94-eace9a35d076
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Tue, 17 Jun 2025 13:29:34 GMT
server: Cowboy
X-Firefox-Spdy: h2

GET treeofgames.com/lp/img/logo/hw.avif

104.21.35.96

200 OK

26 kB

URL GET
treeofgames.com/lp/img/logo/hw.avif
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
ISO Media, AVIF Image
Size
26 kB (26544 bytes)
Hash
421ea8f78a683f7735b1a9a4cc3aab10
39cc6a661a7aca9e3b991741cc36a28eac59c39a
51f1d6ce167c42aecaf5d729eae09ed967800d05fe5c26fea08b46cd7751eee2

HTTP Headers

GET /lp/img/logo/hw.avif HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:37 GMT
content-type: image/avif
content-length: 26544
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=odwYNjsVjeTFe5Japk3pCBDp8ePxJi0SYjH6N%2Bl2%2F9azSqH%2F9Hu0u7JCiDmvsLxImTkRC%2B1Ou9nNKyNvPC2%2BfSqcmnIygv2NJCwOQhqkMjoMdXqpKPqgFqaM3vteKtR%2BJ8Y%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "1dbce32c5d045b0"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3744
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 9512e596cbfd56b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4989&min_rtt=2303&rtt_var=3285&sent=165&recv=50&lost=0&retrans=0&sent_bytes=156523&recv_bytes=4330&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=96000&unsent_bytes=0&cid=ea4266beb85c2831&ts=365&inflight_dur=56&x=80"

GET treeofgames.com/favicon.ico

104.21.35.96

200 OK

198 B

URL GET
treeofgames.com/favicon.ico
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 2 colors
Size
198 B (198 bytes)
Hash
c6acedaff906029fc5455d9ec52c7f42
92cbd806ca421aa2c9ff5e1ff76bbc20913a2f81
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:37 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IO5US6m0jWN1qXB0gDyoC4jR93X9KsBT5BEWhPNSU4sGPHw4LnPSAHKglMazu5NMUhMj4JzwDb7NtVtJUHaNo7R%2Bz8Zyfh%2F2gY5Oo0gfxk6i4WxwMJJPqLCfPlTTjgiosgg%3D"}],"group":"cf-nel","max_age":604800}
etag: W/"1dbce32c5d022c6"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3322
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9512e5985c0856b4-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4912&min_rtt=2303&rtt_var=3190&sent=277&recv=56&lost=0&retrans=0&sent_bytes=285584&recv_bytes=5046&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=ea4266beb85c2831&ts=611&inflight_dur=82&x=80"

GET fonts.gstatic.com/s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

142.250.178.35

200 OK

18 kB

URL GET
fonts.gstatic.com/s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
IP
142.250.178.35:443
ASN
#15169 GOOGLE

Requested by
https://treeofgames.com/lp/index.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18244, version 1.0
Size
18 kB (18244 bytes)
Hash
60910f83d690eecf6b7895f6c42f8666
b69baed7ac92de0d5ea4960eeccb35ab149dd117
d9aa9ce25c714499092dbbd5a6bbb5f41606c634e15e548d98a047adba331000

HTTP Headers

GET /s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://treeofgames.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 17:17:34 GMT
expires: Fri, 12 Jun 2026 17:17:34 GMT
cache-control: public, max-age=31536000
age: 418323
last-modified: Wed, 28 May 2025 17:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET treeofgames.com/lp/text/text.min.js

104.21.35.96

200 OK

1.0 kB

URL GET
treeofgames.com/lp/text/text.min.js
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index1.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
Unicode text, UTF-8 text
Size
1.0 kB (1040 bytes)
Hash
05f895e2f3dd9287f39ad89ff5def04e
0b8988d08d788cc4b587bc57646069b059682135
6dad8cb15ab25a338b8cf94c31934fbc2f01aa993eb30f1aeb44510f7ab1c0a4

HTTP Headers

GET /lp/text/text.min.js HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:47 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1jJr6rH7gPXy3TVX6tCI%2Fs70kzi%2F9gAW5ocE8ADXVjMHux5gQ2fE5XGeCVqp%2BJC%2F8L4Zf6sEPtNAfPxuruwG8Hn1OmnUeMtHv7GkldI7rQSBbuqQXSzMYL3aVosjesGpCM%3D"}],"group":"cf-nel","max_age":604800}
etag: W/"1dbce32c5d02610"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3755
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9512e5d92ec956b4-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6316&min_rtt=1862&rtt_var=6127&sent=289&recv=62&lost=0&retrans=0&sent_bytes=291560&recv_bytes=6204&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=ea4266beb85c2831&ts=10979&inflight_dur=106&x=80"

GET treeofgames.com/lp/img/fg/hw.avif

104.21.35.96

200 OK

95 kB

URL GET
treeofgames.com/lp/img/fg/hw.avif
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index1.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
ISO Media, AVIF Image
Size
95 kB (95118 bytes)
Hash
1c0b0d07a68b053fb47322523004f398
1a3da099f0f9bec15a290d0ebb54b072dc4146a5
a796f903d8eaa149ef204cb4cc69ab3f457041b2099a8b9b30751c547d7d0672

HTTP Headers

GET /lp/img/fg/hw.avif HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:47 GMT
content-type: image/avif
content-length: 95118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=svi%2BWVTm0Q6xJDC1C4YReUk92CwFBCig8LrO7SGjYFQadUwZWzfSx1O0FfCT0cyKHdFiDF7BC6gIDULx80a%2B73PAFA3ekPJ73PUwBaGFq0irMys04RBgUmWArQFHWSCq9y8%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "1dbce32c5d1518e"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3755
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 9512e5d9aef656b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3744&min_rtt=862&rtt_var=3500&sent=422&recv=72&lost=0&retrans=0&sent_bytes=440854&recv_bytes=7538&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=ea4266beb85c2831&ts=11070&inflight_dur=112&x=80"

GET click-v4.exoclkneu.com/click?i=3PRcANxp3J4_0

198.134.116.17

302 Found

7.1 kB

URL User Request GET
click-v4.exoclkneu.com/click?i=3PRcANxp3J4_0
IP
198.134.116.17:443
ASN
#27257 WEBAIR-INTERNET

Certificate
IssuerLet's Encrypt
Subjectexoclkneu.com
FingerprintEB:AA:C5:5A:9F:6F:4C:2E:18:5B:61:DA:00:9F:A1:6B:7B:30:24:88
ValidityTue, 27 May 2025 06:42:14 GMT - Mon, 25 Aug 2025 06:42:13 GMT

File type

Size
7.1 kB (7136 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=3PRcANxp3J4_0 HTTP/1.1
Host: click-v4.exoclkneu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Tue, 17 Jun 2025 13:29:35 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://pectationselea.info/redirect?tid=1062468

GET treeofgames.com/lp/code/style.css

104.21.35.96

200 OK

3.4 kB

URL GET
treeofgames.com/lp/code/style.css
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
CSV ASCII text
Size
3.4 kB (3432 bytes)
Hash
6f43711a1d2da638538ba84ca57ef865
bd5983744559696b00925480f07b73d8034124f4
adf36a8e932fcbaf7092c7dcaa019c19f466b94bcaaf48ad27ed45b17b6bfe46

HTTP Headers

GET /lp/code/style.css HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:36 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJvdnldU0ssX5NlLtmscSCnariWJmJ5e9xXfg2cLVLiuLul%2BD6d2ftrKyCv3znl6nmx33mNUCS8pUulDNJfdy0s7GNdhuIYGCSiDa57pxLt18vzUCAp5XqOp4tvGhVVqDAo%3D"}],"group":"cf-nel","max_age":604800}
etag: W/"1dbce32c5d02f68"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3744
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9512e595abf356b4-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6799&min_rtt=4245&rtt_var=6210&sent=32&recv=40&lost=0&retrans=0&sent_bytes=4781&recv_bytes=3219&delivery_rate=509529&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=ea4266beb85c2831&ts=197&inflight_dur=33&x=80"

GET pectationselea.info/redirect?tid=1062468

3.167.2.18

302 Found

7.1 kB

URL User Request GET
pectationselea.info/redirect?tid=1062468
IP
3.167.2.18:443
ASN
#0

Certificate
IssuerAmazon
Subjectpectationselea.info
Fingerprint3D:A6:65:CC:FE:4D:09:E6:2D:D8:CB:AE:0E:12:9F:43:0A:17:B2:B3
ValidityWed, 14 May 2025 00:00:00 GMT - Fri, 12 Jun 2026 23:59:59 GMT

File type

Size
7.1 kB (7136 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?tid=1062468 HTTP/1.1
Host: pectationselea.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: http://rtbbhub.com/script/s2iurl.php?stamat=m%7C%2C%2Cg2LSYidToGU3Bp_GH0dEdHP3xP.571%2CldeAJ7gk17Zy7VTrxSNWkVB0NcaqnwK3kj87h3vfGHmCjUK9WEESyFeKH_Pl-7diFHRBFUd1CcnabuZix1X5EONwnxmD7cvYPqBe94Gb3-E3pgEfy0Nzf8iVI2kAdJ58JJt1lSlUnZjJNg5oaBbYw_CJJ5MWesQVtoyEQUttE0uuNoEYFYwMn-CMo1U5knE1C8gqcSgWPsM6DzkzjEDr0CgWmOp0zI2VieyeoIGgmqm_jY83wC6ISCFEbcwBwiCyJvlGOVvNN0KB5dpYpGlNRoOMZewgfotu6WdpQ37JD_-VnWl-Ew13kUsVPKZxLBMS_bEaid0aVKj4-ErJel2zflV2RGkmwRkwPfp3pKKaIwQNniwIVugzlJA0iUvIpAluOQEPVipvqoRLA0w4ekBJu48wmqhFhB-XaOT1N8DxKcEzqRrFvfMOjGOwPRvzcW-MzHauu1GsR-3trRkmqHRPZQMNlmLf_0hYugGcUjWXV4HnG0_B3MHK6BppKnbsINlWjXM8cGrufKhqkLwy9dyXF9Jr4kVYf8Zu3B47HsRzR-SGcT4cXvHvldzj6jdoSLMShb-i5jL96g1RkK-JrgGLmVG1WR-OGeRB1I-Z-7kqaABsFUJRoJgOs0DAYavYQLpEFeBLaq_sbf4BspFkyVn1cuRBYmsddWX6HXRch1Tw1AcjMuK6XbVvdd27VuRloO76xyEOvNdL5TY_qSv-j63P_5G66gzfTRbhqTJYfGIf0P1PXsAdUjE9t5e0kk3sbtOEN0h0gvRAGxst5tJ-MP2Prg%2C%2C&csid=5841470&s1=1062468&md=0
date: Tue, 17 Jun 2025 13:29:35 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=MTBJuTgkT4E223WtspcdOawK8aF1KEWMiVz4WGVGOgG9O7LFztBivGRm0NfsI/VP/7UnBZfj4P4zrD9AXnsc4SKTDu0aLqIGQnU44f4GEAZ78X8N190Zjg4FEycX; Expires=Tue, 24 Jun 2025 13:29:35 GMT; Path=/
AWSALBCORS=MTBJuTgkT4E223WtspcdOawK8aF1KEWMiVz4WGVGOgG9O7LFztBivGRm0NfsI/VP/7UnBZfj4P4zrD9AXnsc4SKTDu0aLqIGQnU44f4GEAZ78X8N190Zjg4FEycX; Expires=Tue, 24 Jun 2025 13:29:35 GMT; Path=/; SameSite=None
csu=c62f05cc-7546-423d-b15f-046f710edcce
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
x-cache: Miss from cloudfront
via: 1.1 3ecfca26003921b3f6dfb1a287300c24.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: Iafr_AG8ZGbxXTInRkgfReoT-JSq1no33yrDNo8uGltsCDKXezMJyw==
X-Firefox-Spdy: h2

GET treeofgames.com/lp/code/style.css

104.21.35.96

200 OK

3.4 kB

URL GET
treeofgames.com/lp/code/style.css
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index1.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
CSV ASCII text
Size
3.4 kB (3432 bytes)
Hash
6f43711a1d2da638538ba84ca57ef865
bd5983744559696b00925480f07b73d8034124f4
adf36a8e932fcbaf7092c7dcaa019c19f466b94bcaaf48ad27ed45b17b6bfe46

HTTP Headers

GET /lp/code/style.css HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:47 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWy4%2Bm5EIUA4a9017B7%2BK72hd9Z884j4CahVnu9MPAdq1f5nbLBXgZyNe0fzZFIKktI8nF1W96qfoFkvl8BAR0RXo9YLUIrVLYRz8KVmQz1ZOB8feIFnXl5CalElYr8pqAw%3D"}],"group":"cf-nel","max_age":604800}
etag: W/"1dbce32c5d02f68"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3755
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9512e5d91ec756b4-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6316&min_rtt=1862&rtt_var=6127&sent=286&recv=62&lost=0&retrans=0&sent_bytes=289050&recv_bytes=6204&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=ea4266beb85c2831&ts=10978&inflight_dur=105&x=80"

GET treeofgames.com/lp/code/jquery-2.1.4.min.js

104.21.35.96

200 OK

84 kB

URL GET
treeofgames.com/lp/code/jquery-2.1.4.min.js
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index1.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
JavaScript source, ASCII text, with very long lines (32025)
Size
84 kB (84345 bytes)
Hash
f9c7afd05729f10f55b689f36bb20172
43dc554608df885a59ddeece1598c6ace434d747
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

HTTP Headers

GET /lp/code/jquery-2.1.4.min.js HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:47 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2FQh8l0H6YXI187ngw0bBAQEGkm2OzBCTo0OhVgP5GaYm8sUOUcOMK3niQyF9AtaAJ6UPTT%2FR5bgkcmOCjuoFBgmJtgHh%2FpspMXgQNiTAge7akjh%2FbyskX8lDhzDws10odE%3D"}],"group":"cf-nel","max_age":604800}
etag: W/"1dbce32c5d16b79"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3755
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9512e5d92ec856b4-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6316&min_rtt=1862&rtt_var=6127&sent=288&recv=62&lost=0&retrans=0&sent_bytes=290869&recv_bytes=6204&delivery_rate=13850159&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=ea4266beb85c2831&ts=10978&inflight_dur=105&x=80"

GET fonts.googleapis.com/css?family=Open+Sans:700&subset=cyrillic

142.250.74.10

200 OK

6.0 kB

URL GET
fonts.googleapis.com/css?family=Open+Sans:700&subset=cyrillic
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://treeofgames.com/lp/index1.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
ASCII text, with very long lines (1572)
Size
6.0 kB (5973 bytes)
Hash
d0b4afce1aa8ad95468f2d4175aa436a
97b9e9d5ccc34afdeca67b1598c7e3ece5728143
13b9764e9169fc012ea54caf401c5898ba873654d72109662a4c7d67cc41066b

HTTP Headers

GET /css?family=Open+Sans:700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 17 Jun 2025 13:29:47 GMT
date: Tue, 17 Jun 2025 13:29:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET treeofgames.com/lp/text/text.min.js

104.21.35.96

200 OK

1.0 kB

URL GET
treeofgames.com/lp/text/text.min.js
IP
104.21.35.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treeofgames.com/lp/index.html
Certificate
IssuerGoogle Trust Services
Subjecttreeofgames.com
Fingerprint35:95:47:32:35:AF:51:52:0F:F8:44:EC:57:D4:66:19:FF:BA:29:07
ValidityMon, 12 May 2025 02:51:23 GMT - Sun, 10 Aug 2025 03:48:21 GMT

File type
Unicode text, UTF-8 text
Size
1.0 kB (1040 bytes)
Hash
05f895e2f3dd9287f39ad89ff5def04e
0b8988d08d788cc4b587bc57646069b059682135
6dad8cb15ab25a338b8cf94c31934fbc2f01aa993eb30f1aeb44510f7ab1c0a4

HTTP Headers

GET /lp/text/text.min.js HTTP/1.1
Host: treeofgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 17 Jun 2025 13:29:36 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCplVuBlES28cgY2uJiZJ1O5XLhMQUoSUWr8rwqQ5VwrVVUBLoS4Rx4YMUme5r02fx%2FKqTMMgFmJErN%2B4koH0%2FVy4E9SiiovU0HLj74UqrfFrBJlHsEpxTfeR1mxFGqpL7Y%3D"}],"group":"cf-nel","max_age":604800}
etag: W/"1dbce32c5d02610"
last-modified: Mon, 26 May 2025 11:39:00 GMT
age: 3744
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9512e595bbf556b4-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6799&min_rtt=4245&rtt_var=6210&sent=35&recv=40&lost=0&retrans=0&sent_bytes=6657&recv_bytes=3219&delivery_rate=509529&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=ea4266beb85c2831&ts=199&inflight_dur=33&x=80"

GET fonts.googleapis.com/css?family=Open+Sans:700&subset=cyrillic

142.250.74.10

200 OK

6.0 kB

URL GET
fonts.googleapis.com/css?family=Open+Sans:700&subset=cyrillic
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://treeofgames.com/lp/index.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
ASCII text, with very long lines (1572)
Size
6.0 kB (5973 bytes)
Hash
d0b4afce1aa8ad95468f2d4175aa436a
97b9e9d5ccc34afdeca67b1598c7e3ece5728143
13b9764e9169fc012ea54caf401c5898ba873654d72109662a4c7d67cc41066b

HTTP Headers

GET /css?family=Open+Sans:700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 17 Jun 2025 13:29:37 GMT
date: Tue, 17 Jun 2025 13:29:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

104.21.63.172

302 Found

6.1 kB

URL User Request GET
rtbbhub.com/script/s2iurl.php?stamat=m%7C%2C%2Cg2LSYidToGU3Bp_GH0dEdHP3xP.571%2CldeAJ7gk17Zy7VTrxSNWkVB0NcaqnwK3kj87h3vfGHmCjUK9WEESyFeKH_Pl-7diFHRBFUd1CcnabuZix1X5EONwnxmD7cvYPqBe94Gb3-E3pgEfy0Nzf8iVI2kAdJ58JJt1lSlUnZjJNg5oaBbYw_CJJ5MWesQVtoyEQUttE0uuNoEYFYwMn-CMo1U5knE1C8gqcSgWPsM6DzkzjEDr0CgWmOp0zI2VieyeoIGgmqm_jY83wC6ISCFEbcwBwiCyJvlGOVvNN0KB5dpYpGlNRoOMZewgfotu6WdpQ37JD_-VnWl-Ew13kUsVPKZxLBMS_bEaid0aVKj4-ErJel2zflV2RGkmwRkwPfp3pKKaIwQNniwIVugzlJA0iUvIpAluOQEPVipvqoRLA0w4ekBJu48wmqhFhB-XaOT1N8DxKcEzqRrFvfMOjGOwPRvzcW-MzHauu1GsR-3trRkmqHRPZQMNlmLf_0hYugGcUjWXV4HnG0_B3MHK6BppKnbsINlWjXM8cGrufKhqkLwy9dyXF9Jr4kVYf8Zu3B47HsRzR-SGcT4cXvHvldzj6jdoSLMShb-i5jL96g1RkK-JrgGLmVG1WR-OGeRB1I-Z-7kqaABsFUJRoJgOs0DAYavYQLpEFeBLaq_sbf4BspFkyVn1cuRBYmsddWX6HXRch1Tw1AcjMuK6XbVvdd27VuRloO76xyEOvNdL5TY_qSv-j63P_5G66gzfTRbhqTJYfGIf0P1PXsAdUjE9t5e0kk3sbtOEN0h0gvRAGxst5tJ-MP2Prg%2C%2C&csid=5841470&s1=1062468&md=0&treqn=42346345&rpn=1&cbrandom=0.05111716164257685&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref=
IP
104.21.63.172:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectrtbbhub.com
FingerprintBD:35:C4:28:24:66:77:04:18:21:DA:03:EB:22:6B:DA:D2:EB:29:F3
ValiditySun, 15 Jun 2025 14:20:12 GMT - Sat, 13 Sep 2025 15:17:37 GMT

File type

Size
6.1 kB (6126 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/s2iurl.php?stamat=m%7C%2C%2Cg2LSYidToGU3Bp_GH0dEdHP3xP.571%2CldeAJ7gk17Zy7VTrxSNWkVB0NcaqnwK3kj87h3vfGHmCjUK9WEESyFeKH_Pl-7diFHRBFUd1CcnabuZix1X5EONwnxmD7cvYPqBe94Gb3-E3pgEfy0Nzf8iVI2kAdJ58JJt1lSlUnZjJNg5oaBbYw_CJJ5MWesQVtoyEQUttE0uuNoEYFYwMn-CMo1U5knE1C8gqcSgWPsM6DzkzjEDr0CgWmOp0zI2VieyeoIGgmqm_jY83wC6ISCFEbcwBwiCyJvlGOVvNN0KB5dpYpGlNRoOMZewgfotu6WdpQ37JD_-VnWl-Ew13kUsVPKZxLBMS_bEaid0aVKj4-ErJel2zflV2RGkmwRkwPfp3pKKaIwQNniwIVugzlJA0iUvIpAluOQEPVipvqoRLA0w4ekBJu48wmqhFhB-XaOT1N8DxKcEzqRrFvfMOjGOwPRvzcW-MzHauu1GsR-3trRkmqHRPZQMNlmLf_0hYugGcUjWXV4HnG0_B3MHK6BppKnbsINlWjXM8cGrufKhqkLwy9dyXF9Jr4kVYf8Zu3B47HsRzR-SGcT4cXvHvldzj6jdoSLMShb-i5jL96g1RkK-JrgGLmVG1WR-OGeRB1I-Z-7kqaABsFUJRoJgOs0DAYavYQLpEFeBLaq_sbf4BspFkyVn1cuRBYmsddWX6HXRch1Tw1AcjMuK6XbVvdd27VuRloO76xyEOvNdL5TY_qSv-j63P_5G66gzfTRbhqTJYfGIf0P1PXsAdUjE9t5e0kk3sbtOEN0h0gvRAGxst5tJ-MP2Prg%2C%2C&csid=5841470&s1=1062468&md=0&treqn=42346345&rpn=1&cbrandom=0.05111716164257685&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: rtbbhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 17 Jun 2025 13:29:36 GMT
content-type: text/html; charset=utf-8
location: https://treeofgames.com/lp/index.html
server: cloudflare
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6A53Iof6Mpe6gt7jw41LuqmISGs%2FWC%2F89KTrQsdRWP%2FVfYPCtq%2Bls%2F3PZKTc1%2BjDsvUQyDnXatI7idQxCCLSSZKOr%2FSpTgXfDQ%3D%3D"}]}
cf-ray: 9512e5922e7656c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML