Report - nicysurveys.com/collect?v=2024895&var=2024898&prpsrc={propagated

Report Overview

Visited public
2024-07-22 18:45:46
Tags
Submit Tags
URL
nicysurveys.com/collect?v=2024895&var=2024898&prpsrc={propagated_source}
Finishing URL
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
IP / ASN
212.117.190.201
#7979 SERVERS-COM
Title
Lust Goddes

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-21 18:21:45	2.3 kB	6.2 kB	23.36.77.32
lustgoddess.buzz	unknown	unknown	No data	No data	726 B	647 B	94.130.72.48
theeverydaygame.com	unknown	2024-03-01	2020-12-16 12:09:39	2024-06-19 17:07:27	9.4 kB	531 kB	104.21.58.193
click.hooligs.app	unknown	2022-08-17	2022-08-17 15:36:50	2024-04-29 06:03:57	610 B	8.0 kB	104.21.77.74
ln.gamesrevenue.com	117740	2014-05-30	2017-01-29 21:27:07	2024-05-02 10:41:50	404 B	88 kB	5.161.79.44
experttrafficmonitor.com	unknown	2023-11-16	2023-11-23 14:58:46	2024-07-18 17:49:05	647 B	510 B	18.184.181.242
twistconcept.com	unknown	2022-04-14	2020-08-23 16:56:06	2024-07-18 17:49:03	445 B	1.3 kB	104.21.86.46
nicysurveys.com	unknown	unknown	No data	No data	3.7 kB	11 kB	212.117.190.201
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-07-21 18:19:15	327 B	888 B	23.36.76.226
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2024-07-21 22:14:14	505 B	678 B	139.45.195.8
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-07-22 13:10:24	338 B	942 B	143.204.53.97
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-07-22 12:51:14	466 B	773 B	18.184.181.242

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-07-22	medium	experttrafficmonitor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	theeverydaygame.com/lg/lg_0324/land_lg_140324_en/libs/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-07-16
Pretty URL theeverydaygame.com/lg/lg_0324/land_lg_140324_en/libs/jquery.min.js IP 104.21.58.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 08:31 Times Seen65807 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	ln.gamesrevenue.com/px1.js	ScriptElement	15 kB	2023-12-23	2025-05-21
Pretty URL ln.gamesrevenue.com/px1.js IP 5.161.79.44 ASN #213230 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-23 09:34 Last Seen2025-05-21 06:16 Times Seen1601 Hash b01fc426cbc4f33a52a28ee9ca2e2050 577332c8c5f62167ad432c5d20b3ca285e75c91e d40fc3bebe2dc3c28f08f2f4f5a6059425ccc5541ada3f0945f7539e90374441 Loading...

	theeverydaygame.com/awpx_click.js?v=005	ScriptElement	1.5 kB	2023-03-26	2025-05-12
Pretty URL theeverydaygame.com/awpx_click.js?v=005 IP 104.21.58.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:11 Last Seen2025-05-12 23:35 Times Seen1611 Hash 7aeb87811ad3a82fde3e2783544819ee d1d9174cbcbb1abdccee6841f170ba21f899925b 7fff603702e9bea03cf47ba47947bb7f8655eb7fcb1c8f7091e9a38d8f5d949c Loading...

	theeverydaygame.com/lg/lg_0324/land_lg_140324_en/scripts/main.js	ScriptElement	521 B	2023-12-02	2025-07-04
Pretty URL theeverydaygame.com/lg/lg_0324/land_lg_140324_en/scripts/main.js IP 104.21.58.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 02:07 Last Seen2025-07-04 08:00 Times Seen861 Hash 86f0754abfb6014908e557e6e268f3e2 4efa8a0c962e30bb7e314ad37a3f2c55b91052e6 70910209572bcf5a0ba1022d53bb9fe24d82ed842370c70234994dd2b29ba1a9 Loading...

	twistconcept.com/index.min.js?pk=28407dccfb372e83ee9d49a69f097187	ScriptElement	653 B	2023-11-23	2025-01-19
Pretty URL twistconcept.com/index.min.js?pk=28407dccfb372e83ee9d49a69f097187 IP 104.21.86.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 14:59 Last Seen2025-01-19 21:32 Times Seen795 Hash 2058d53d084116ff3d36c8a630556710 8bcd226cf5ddb64be846ad645360638e82269097 6af3e3bd3016f5762e3dc3dbd8fc7bbf00f4ec9349bee71a23bbe5547dcffd1e Loading...

HTTP Transactions (34)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2f796f6340ac7eef4fa2891ac8f8aa1a
27bbc7bb6314b31dcab89f198bc258b040593aa7
778d02decabf7dff03bf5ec4c4eb0f03ac789e89bcfe58353c266c9d66c08834

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "778D02DECABF7DFF03BF5EC4C4EB0F03AC789E89BCFE58353C266C9D66C08834"
Last-Modified: Sat, 20 Jul 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11622
Expires: Mon, 22 Jul 2024 21:59:01 GMT
Date: Mon, 22 Jul 2024 18:45:19 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f58a4b489ef65eff7896802c87e363e7
e7287b89b56c66407955bf95bd03133d2e5945d1
fb270cf16706247adde7efd430fe667555cb37ee35eae763593424a17c624bcd

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "FB270CF16706247ADDE7EFD430FE667555CB37EE35EAE763593424A17C624BCD"
Last-Modified: Sat, 20 Jul 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10470
Expires: Mon, 22 Jul 2024 21:39:49 GMT
Date: Mon, 22 Jul 2024 18:45:19 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cf41dddde2cb04d4f8b233b01318bde1
f7f9259cebf98c255ea506e7d7f0170c1e6a9604
90a7510dc4acc5716c9a82e10dcbb6074af14f502e3847f8b6c43caef244ca12

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "90A7510DC4ACC5716C9A82E10DCBB6074AF14F502E3847F8B6C43CAEF244CA12"
Last-Modified: Sat, 20 Jul 2024 20:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10390
Expires: Mon, 22 Jul 2024 21:38:29 GMT
Date: Mon, 22 Jul 2024 18:45:19 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
00accea3155d7ac730285aec633670a9
fee8ca25b96d24d0c10951f7f4ea28389020e88d
9abd3b5f4de73d55417dcec4bbf72b38cc201842360ed32d763a4c65e35819d8

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9ABD3B5F4DE73D55417DCEC4BBF72B38CC201842360ED32D763A4C65E35819D8"
Last-Modified: Sat, 20 Jul 2024 20:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10457
Expires: Mon, 22 Jul 2024 21:39:37 GMT
Date: Mon, 22 Jul 2024 18:45:20 GMT
Connection: keep-alive

nicysurveys.com/dupa.gif?z=2024895&zoneid=2024895&pb=cbc8265e45a02ac80c0684cd0aa759881721681119&fn=2&ix=0&febuild=1.0.295&t=0&os=0&ls=1&cti=0&lang=en-US&var=2024898&nojs=0&cd=24&x=1280&eclog=0&prpsrc={propagated_source}&wcks=1&cnvs=1&pload=887&fdl=1&ss=1&pt=J85T7J9TG9hZGluZy4uLg&pf=Linux%20x86_64&y=1024&afid=1801681482345472&abvar=0&md=0&rlp=[0,1,154,130,3,276,52,81]&wgl=0&tz=UTC&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&psu=PGwE4sOaHR0cHM6Ly9uaWN5c3VydmV5cy5jb20vY29sbGVjdD92PTIwMjQ4OTUmdmFyPTIwMjQ4OTgmcHJwc3JjPSU3QnByb3BhZ2F0ZWRfc291cmNlJTdE&im=1&psp=ip0TxR8tz3X5qcuapM6KKMpM3j38gzNf5ScEQvY4S0oTsTv93Xoq4dvz1TYGiskHLYHGwoiBArJwp4ko3YesUIZPjOjn0ESbmpO6aAZe7wgHU3lqW_sN43tu_ao2yWo5pToKFALh7FzWVi_IvDkiussBMSTzwvPENzdQksGGqTEZRttBrpMb1hJefe3GuAcxLmvtBrhoeBDmFcdzVogseQWZ8okn-Ezl_RRiGoYWHkqeNRprV21iTZoOBzzGI0bPh01LHsuvz4nVlbf5gPMNiRYIMqNsUXldYWTxHVh8ffrDXPHDv95Xbc46zZanZgeoIPZJ0uh4uQXKVgYZ4crHaadTspgxZm6w78KXA1ALMWsvmVPC8kGsP8pvzE8BVpCRNOTIkwRXQUxm21U0DzXARp5JoykYg6VoWSnZ5rfmSWCwpcFkLg27dlpL8skq2h7SJyqqPeyOq-nd1M_d0eL9NPWD3swxSNSQR6Rp95K0fpjSJNtKSlSvlsY02oy6DjFiEZvoyhsEZXYQrfwRoSqfLyK7jqxqN8Y1Uhr5f5b758NOG5vupUhzXaH2Q_5sEOefDFsNdeUPC5M07HCZV93FhparZJFVN4z-Z24wY5Uu67rqUzbt9Wsi4KozO0ZrxLmhvQ4N2N4nCIVlYgKk-QPr99nFi3zhoUOPAm6KN3Q6JHWlOtotVYc0NnFEQqp8peBvocaC41ncyP6G6G4DAo0oIfoKMwIXwmjXOoikf-vf3Sr3TMOMEtkuQ8khAzlD6tusY_-D_CRjiyLFpbpkOZEcTjwQs6Yjw-ckwwZSwoJY2zHuLDuqWoql0A_G_VKIBlL7__RI9yLSLo-iJndgggF0kMF6kJCawNdEcUpa_Pd0CR_zQZtxeBjaF-scRuOVOuh8u2DPCqUyTIMtbNHnKaQ-M5O_lK5NpQJ_Vv7aQSJ3UgeObeW57J86uREuWP7wzkLquYLdWpT8sc-vqwK7n69ZKEHgZCeYhm4qXo3JSXPdPGxqXozmnMODeJos5HxI3W_6xE5ncGe1APJKjDNv2yHhqKIEwlAP19YeYREbXzOruYQlTlG4eI282luWtF7TUXP5eeFGjhO6hDgyj-rPhAB2BDo=&pload=183&rlp=%5B0%2C0%2C0%2C0%2C5%2C0%2C25%2C0%5D&bb=0

212.117.190.201

43 B

URL
nicysurveys.com/dupa.gif?z=2024895&zoneid=2024895&pb=cbc8265e45a02ac80c0684cd0aa759881721681119&fn=2&ix=0&febuild=1.0.295&t=0&os=0&ls=1&cti=0&lang=en-US&var=2024898&nojs=0&cd=24&x=1280&eclog=0&prpsrc={propagated_source}&wcks=1&cnvs=1&pload=887&fdl=1&ss=1&pt=J85T7J9TG9hZGluZy4uLg&pf=Linux%20x86_64&y=1024&afid=1801681482345472&abvar=0&md=0&rlp=[0,1,154,130,3,276,52,81]&wgl=0&tz=UTC&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&psu=PGwE4sOaHR0cHM6Ly9uaWN5c3VydmV5cy5jb20vY29sbGVjdD92PTIwMjQ4OTUmdmFyPTIwMjQ4OTgmcHJwc3JjPSU3QnByb3BhZ2F0ZWRfc291cmNlJTdE&im=1&psp=ip0TxR8tz3X5qcuapM6KKMpM3j38gzNf5ScEQvY4S0oTsTv93Xoq4dvz1TYGiskHLYHGwoiBArJwp4ko3YesUIZPjOjn0ESbmpO6aAZe7wgHU3lqW_sN43tu_ao2yWo5pToKFALh7FzWVi_IvDkiussBMSTzwvPENzdQksGGqTEZRttBrpMb1hJefe3GuAcxLmvtBrhoeBDmFcdzVogseQWZ8okn-Ezl_RRiGoYWHkqeNRprV21iTZoOBzzGI0bPh01LHsuvz4nVlbf5gPMNiRYIMqNsUXldYWTxHVh8ffrDXPHDv95Xbc46zZanZgeoIPZJ0uh4uQXKVgYZ4crHaadTspgxZm6w78KXA1ALMWsvmVPC8kGsP8pvzE8BVpCRNOTIkwRXQUxm21U0DzXARp5JoykYg6VoWSnZ5rfmSWCwpcFkLg27dlpL8skq2h7SJyqqPeyOq-nd1M_d0eL9NPWD3swxSNSQR6Rp95K0fpjSJNtKSlSvlsY02oy6DjFiEZvoyhsEZXYQrfwRoSqfLyK7jqxqN8Y1Uhr5f5b758NOG5vupUhzXaH2Q_5sEOefDFsNdeUPC5M07HCZV93FhparZJFVN4z-Z24wY5Uu67rqUzbt9Wsi4KozO0ZrxLmhvQ4N2N4nCIVlYgKk-QPr99nFi3zhoUOPAm6KN3Q6JHWlOtotVYc0NnFEQqp8peBvocaC41ncyP6G6G4DAo0oIfoKMwIXwmjXOoikf-vf3Sr3TMOMEtkuQ8khAzlD6tusY_-D_CRjiyLFpbpkOZEcTjwQs6Yjw-ckwwZSwoJY2zHuLDuqWoql0A_G_VKIBlL7__RI9yLSLo-iJndgggF0kMF6kJCawNdEcUpa_Pd0CR_zQZtxeBjaF-scRuOVOuh8u2DPCqUyTIMtbNHnKaQ-M5O_lK5NpQJ_Vv7aQSJ3UgeObeW57J86uREuWP7wzkLquYLdWpT8sc-vqwK7n69ZKEHgZCeYhm4qXo3JSXPdPGxqXozmnMODeJos5HxI3W_6xE5ncGe1APJKjDNv2yHhqKIEwlAP19YeYREbXzOruYQlTlG4eI282luWtF7TUXP5eeFGjhO6hDgyj-rPhAB2BDo=&pload=183&rlp=%5B0%2C0%2C0%2C0%2C5%2C0%2C25%2C0%5D&bb=0
IP
212.117.190.201:0
ASN
#7979 SERVERS-COM

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /dupa.gif?z=2024895&zoneid=2024895&pb=cbc8265e45a02ac80c0684cd0aa759881721681119&fn=2&ix=0&febuild=1.0.295&t=0&os=0&ls=1&cti=0&lang=en-US&var=2024898&nojs=0&cd=24&x=1280&eclog=0&prpsrc={propagated_source}&wcks=1&cnvs=1&pload=887&fdl=1&ss=1&pt=J85T7J9TG9hZGluZy4uLg&pf=Linux%20x86_64&y=1024&afid=1801681482345472&abvar=0&md=0&rlp=[0,1,154,130,3,276,52,81]&wgl=0&tz=UTC&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&psu=PGwE4sOaHR0cHM6Ly9uaWN5c3VydmV5cy5jb20vY29sbGVjdD92PTIwMjQ4OTUmdmFyPTIwMjQ4OTgmcHJwc3JjPSU3QnByb3BhZ2F0ZWRfc291cmNlJTdE&im=1&psp=ip0TxR8tz3X5qcuapM6KKMpM3j38gzNf5ScEQvY4S0oTsTv93Xoq4dvz1TYGiskHLYHGwoiBArJwp4ko3YesUIZPjOjn0ESbmpO6aAZe7wgHU3lqW_sN43tu_ao2yWo5pToKFALh7FzWVi_IvDkiussBMSTzwvPENzdQksGGqTEZRttBrpMb1hJefe3GuAcxLmvtBrhoeBDmFcdzVogseQWZ8okn-Ezl_RRiGoYWHkqeNRprV21iTZoOBzzGI0bPh01LHsuvz4nVlbf5gPMNiRYIMqNsUXldYWTxHVh8ffrDXPHDv95Xbc46zZanZgeoIPZJ0uh4uQXKVgYZ4crHaadTspgxZm6w78KXA1ALMWsvmVPC8kGsP8pvzE8BVpCRNOTIkwRXQUxm21U0DzXARp5JoykYg6VoWSnZ5rfmSWCwpcFkLg27dlpL8skq2h7SJyqqPeyOq-nd1M_d0eL9NPWD3swxSNSQR6Rp95K0fpjSJNtKSlSvlsY02oy6DjFiEZvoyhsEZXYQrfwRoSqfLyK7jqxqN8Y1Uhr5f5b758NOG5vupUhzXaH2Q_5sEOefDFsNdeUPC5M07HCZV93FhparZJFVN4z-Z24wY5Uu67rqUzbt9Wsi4KozO0ZrxLmhvQ4N2N4nCIVlYgKk-QPr99nFi3zhoUOPAm6KN3Q6JHWlOtotVYc0NnFEQqp8peBvocaC41ncyP6G6G4DAo0oIfoKMwIXwmjXOoikf-vf3Sr3TMOMEtkuQ8khAzlD6tusY_-D_CRjiyLFpbpkOZEcTjwQs6Yjw-ckwwZSwoJY2zHuLDuqWoql0A_G_VKIBlL7__RI9yLSLo-iJndgggF0kMF6kJCawNdEcUpa_Pd0CR_zQZtxeBjaF-scRuOVOuh8u2DPCqUyTIMtbNHnKaQ-M5O_lK5NpQJ_Vv7aQSJ3UgeObeW57J86uREuWP7wzkLquYLdWpT8sc-vqwK7n69ZKEHgZCeYhm4qXo3JSXPdPGxqXozmnMODeJos5HxI3W_6xE5ncGe1APJKjDNv2yHhqKIEwlAP19YeYREbXzOruYQlTlG4eI282luWtF7TUXP5eeFGjhO6hDgyj-rPhAB2BDo=&pload=183&rlp=%5B0%2C0%2C0%2C0%2C5%2C0%2C25%2C0%5D&bb=0 HTTP/1.1
Host: nicysurveys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=24072213456ccd2a108f6345489f215c60cb; OACCAP=AC5tmAAAAAAAAAAB; OACBLOCK=AC5tmAAAAABmnpAQ; OXCCLK=AC5tmAAAAAAAAAAB; OXPCLK=AAH5DwAAAAAAAAAB; ppucnt=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 22 Jul 2024 18:45:20 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.redirect-pixel
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

GET lustgoddess.buzz/c1sbl0k.php?key=6qqdgzsfv7yqqxf7s7ax&SUBID=2407221345137b269285e84c128addcb40f2&cost=0.0014337401&zoneid=2024895&os=linux&device=desktop&browser=firefox&campaignid=3042712&bannerid=4188691&carrier=Blix+Group+As&connection_type=other&t9=4188691&t10=2024895

94.130.72.48

302 Found

0 B

URL User Request GET HTTP/1.1
lustgoddess.buzz/c1sbl0k.php?key=6qqdgzsfv7yqqxf7s7ax&SUBID=2407221345137b269285e84c128addcb40f2&cost=0.0014337401&zoneid=2024895&os=linux&device=desktop&browser=firefox&campaignid=3042712&bannerid=4188691&carrier=Blix+Group+As&connection_type=other&t9=4188691&t10=2024895
IP
94.130.72.48:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectlustgoddess.buzz
Fingerprint2B:DE:32:4D:5A:E9:94:46:97:E1:54:A4:5A:F7:4E:21:C9:F7:F0:63
ValidityThu, 18 Jul 2024 11:00:18 GMT - Wed, 16 Oct 2024 11:00:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c1sbl0k.php?key=6qqdgzsfv7yqqxf7s7ax&SUBID=2407221345137b269285e84c128addcb40f2&cost=0.0014337401&zoneid=2024895&os=linux&device=desktop&browser=firefox&campaignid=3042712&bannerid=4188691&carrier=Blix+Group+As&connection_type=other&t9=4188691&t10=2024895 HTTP/1.1
Host: lustgoddess.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.26.1
Date: Mon, 22 Jul 2024 18:45:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=9ru35m; expires=Tue, 23 Jul 2024 18:45:21 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=9ru35m-9ru35m-2tqq-0-7vxo-2t7swj-2t7si4-6aa178; expires=Tue, 23 Jul 2024 18:45:21 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://click.hooligs.app/?pid=1237&offer_id=49&land=884&ref_id=37e799ru35ma6c&sub1=1efd73fb39e0c58d77af317f88d5c7a7&sub2=e206a54e97690cce50cc872dd70ee896&sub3=1099
Strict-Transport-Security: max-age=31536000

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn2.png

104.21.58.193

200 OK

9.8 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn2.png
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
PNG image data, 339 x 207, 8-bit colormap, non-interlaced
Size
9.8 kB (9771 bytes)
Hash
8c7c430e736c07b069cf61a2870c7254
a1b6cf722997131aa569f2214df2ce8a9e6e5630
42269355807fe5c4d7dabbccff1cc602725b5ffccae86759412219b83198a180

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/btn2.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:21 GMT
content-type: image/png
content-length: 9771
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-262b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dC6SvXQ5tfjvauo%2Fyd5WjuCv4SPeC99i3kGRWMGJTU8CrsClYTl47sVztrC08FDfAkZRYuzl%2BkX2cPRMqZNiDBVemmXXuEO2cPdWmMTV5vLOyKfWDEBMgguycDPXz2zPkK4nT3ei"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965a5a40b4f1-OSL
alt-svc: h3=":443"; ma=86400

GET click.hooligs.app/?pid=1237&offer_id=49&land=884&ref_id=37e799ru35ma6c&sub1=1efd73fb39e0c58d77af317f88d5c7a7&sub2=e206a54e97690cce50cc872dd70ee896&sub3=1099

104.21.77.74

302 Found

6.9 kB

URL User Request GET HTTP/2
click.hooligs.app/?pid=1237&offer_id=49&land=884&ref_id=37e799ru35ma6c&sub1=1efd73fb39e0c58d77af317f88d5c7a7&sub2=e206a54e97690cce50cc872dd70ee896&sub3=1099
IP
104.21.77.74:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthooligs.app
FingerprintF3:3D:54:22:B5:E5:EC:D2:DC:3C:31:DD:18:AF:76:78:13:8D:1D:5D
ValidityFri, 05 Jul 2024 06:02:20 GMT - Thu, 03 Oct 2024 06:02:19 GMT

File type
PNG image data, 339 x 207, 8-bit colormap, non-interlaced
Size
6.9 kB (6866 bytes)
Hash
a67051906425835b13dc4292c6fe2ef7
c96b01fb21c60a17fad9e89f235fdb8809ffc43d
f000409df7dd5222fc51cc35113519a133596c011f61bc5a7f65f9dcd2843a37

HTTP Headers

GET /?pid=1237&offer_id=49&land=884&ref_id=37e799ru35ma6c&sub1=1efd73fb39e0c58d77af317f88d5c7a7&sub2=e206a54e97690cce50cc872dd70ee896&sub3=1099 HTTP/1.1
Host: click.hooligs.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 22 Jul 2024 18:45:21 GMT
content-type: text/html; charset=utf-8
location: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
x-clickid: 4dd6000083174896
x-frame-options: DENY
vary: Accept-Language, Origin
content-language: en
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
set-cookie: haff_cid:1237:49=4dd6000083174896; expires=Tue, 23 Jul 2024 18:45:21 GMT; Max-Age=86400; Path=/
strict-transport-security: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1wNcUqyHMNRMs%2F5OgdanWDbEog3BnS4prDmlsk8TwnJ40%2Br8SJ6noax2LQ9hOqsHxpEo7ydkhmYh7wpH7el4bMo4rAqMqQoK1dkCBc3MN6BLBIH5CG%2FfbLLtLcKtSWb4%2FjFvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a7596576d2fb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/libs/jquery.min.js

104.21.58.193

200 OK

32 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/libs/jquery.min.js
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
32 kB (31785 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/libs/jquery.min.js HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:21 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:35:38 GMT
etag: W/"65f0845a-1538f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mj%2BsqvjoSmrhVJKFmy6w6kKNjh2ffWO1xVNge4B%2F8HgcDMC4J1OIb5P0iSDeSklzBHz0y0uuDf6wVtj2HzvHzit18%2B2KL5O30apTayAR%2BqMOZ13A8NB55RPiD4dSpQPqD3gp4iY%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965a4a2bb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_open.jpg

104.21.58.193

200 OK

80 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_open.jpg
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
80 kB (79598 bytes)
Hash
12e061b10b2c654a24ea704af3aaec43
9c506625e1fa700f0e6522cced2a53b0cde2bd54
d321fc26bb399bd642b1a3ae059a03308d286526e6b87a9cb37ba63833673372

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g2_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/jpeg
content-length: 79598
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-136ee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HJq0yIW0%2FPU%2BpHHmf8bYrSXWON0wrP01S9YgPL7Wsx5HMS%2Bn7TVA6Ix4jPnEGMUcpRspoaGvdcKaQ2ljb%2B3l3qPnjnCONcL7T%2FKaZDFixyaVMKpTQadoxoqMBZb339WVtY0zcGFj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965ccd3fb4f1-OSL
alt-svc: h3=":443"; ma=86400

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_close.jpg

104.21.58.193

200 OK

42 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g2_close.jpg
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
42 kB (41478 bytes)
Hash
955f59a0876a28b432c71c0d274727c7
789778a09f2fa8f8bd24be2bb781914f5070dd3d
40e8cd16f27d5d6a0cfd007881651ef8acd93ba95423c05741bc410454eabf40

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g2_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/jpeg
content-length: 41478
last-modified: Tue, 12 Mar 2024 16:35:34 GMT
etag: "65f08456-a206"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2BildEImSN6RX25LIS5HhTOdMsvVPC%2BjvPBVSV34TGz3LlC0qbBuePLLB6o9Glh1mT0P2fumSvb3vip%2B9c2eLWaoxIFnGWFkERvziAHnH0AworVJlPRa48HmyCmz1llKtW8c1rW7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965cdd50b4f1-OSL
alt-svc: h3=":443"; ma=86400

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_open.jpg

104.21.58.193

200 OK

63 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_open.jpg
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
63 kB (63206 bytes)
Hash
d837068776c28a251131d2c0138c5db4
bc8d3e395fa77a6b801f13d1c22ff159776cc430
a8364b19810c700ee3899c55089ca678291758ee0d62dbad821e2a6d73b08c93

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g3_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/jpeg
content-length: 63206
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-f6e6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whN06GTat4v2jaZO5vz5NCaObcu7wd4k8byI28%2FpBtJezBMUjiVF1%2FDTBfnyKHR2WrMZqWo4WVmaacU%2BMTAZEwMNb5cdSGs%2Bo08bVCstCtYc52x5hUMKuL5wZeIUWoGSOxP%2FegvS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965cdd53b4f1-OSL
alt-svc: h3=":443"; ma=86400

GET ln.gamesrevenue.com/px1.js

5.161.79.44

200 OK

88 kB

URL GET HTTP/2
ln.gamesrevenue.com/px1.js
IP
5.161.79.44:443
ASN
#213230 Hetzner Online GmbH

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerLet's Encrypt
Subject*.gamesrevenue.com
FingerprintDF:02:38:51:6A:B2:64:74:20:58:40:1D:A7:0F:81:A9:0F:5B:60:1E
ValidityWed, 10 Jul 2024 09:43:36 GMT - Tue, 08 Oct 2024 09:43:35 GMT

File type
gzip compressed data, max speed, from Unix
Size
88 kB (87931 bytes)
Hash
a88c9946a6ffcabc015f8fa19b4ab13a
90f46164eed8ce33690f657a210c885cde93ecfe
8e6bb5c718a8583d6fdfb6e049a35189568e27600c07b288c4d3c6221e9c1c85

HTTP Headers

GET /px1.js HTTP/1.1
Host: ln.gamesrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 22 Jul 2024 18:45:21 GMT
content-type: application/javascript
last-modified: Fri, 22 Dec 2023 10:12:56 GMT
etag: W/"65856128-3b88"
content-encoding: gzip
X-Firefox-Spdy: h2

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_close.jpg

104.21.58.193

200 OK

40 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_close.jpg
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
40 kB (40179 bytes)
Hash
3d830c378aa76c9caa82a73805459893
4a48546372f2ef6311cbed974d536273bcfdd711
8d88b039c0e88133bd2f53dc2fef48ea2d8bdae4eb6e3162fec9db714f97adea

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g1_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/jpeg
content-length: 40179
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-9cf3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iBUBkTbJ83DP5rooGhT2oouU1lSRmLH5oOejzC9hnQms1Nv61znmnx5qmDQp%2Bxi3wGtNvx7YQ3eBUImzh9ENpYl6f4fukD9SrZIgjnZqccmh5tMlDQdy%2BOsKH2P5HUej0EDE5%2BcA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965ccd3eb4f1-OSL
alt-svc: h3=":443"; ma=86400

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_close.jpg

104.21.58.193

200 OK

41 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g3_close.jpg
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
41 kB (40609 bytes)
Hash
aa7031c41077d720cfc935e8de98de95
47aaf9ec464983016d35bb8150928c7f96cdff8c
6a49dc8fe71fafd7db501c43d96537be26a508a2c8a932ff8f03746bc9a55a83

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g3_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/jpeg
content-length: 40609
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-9ea1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kQQtM1bve6FXrkobqhzQ2%2BbYISXeexf5ahrw%2FEN92RhCPhM9wFZgCVei3Fu3LUBgezNomboW6l%2FQZAV6Dcd%2FkDo7bQI2vzuNez%2BNC97d93jqOMrwcHR2nXoHWDpX5SgRUZTdG6qI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965ced7ab4f1-OSL
alt-svc: h3=":443"; ma=86400

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_open.jpg

104.21.58.193

200 OK

73 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_open.jpg
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
73 kB (72874 bytes)
Hash
c37fec311feadcbd0c77987b383b0596
9a8f5df2805241f6bc484151dc31f3b72bb9a196
a61a23797d6b68ed79222d950596e90da320e59f8ee23e7eb776c94ee0d6734c

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g4_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/jpeg
content-length: 72874
last-modified: Tue, 12 Mar 2024 16:35:36 GMT
etag: "65f08458-11caa"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Coe7OvS2jowguWgtweTi2%2BS1b4TGVXa95qYT7K%2BGFnptZuJjHVv0T0TMLv6Xk5UsvDBuwtkqQe7oHK533PU1vxZIF6VmNA43hLD8KGe2LQnkjaXwhic7IdAJozDxmHtxUs1jZgW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965ced7fb4f1-OSL
alt-svc: h3=":443"; ma=86400

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_close.jpg

104.21.58.193

200 OK

41 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g4_close.jpg
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
41 kB (40656 bytes)
Hash
4735a029efd2d2e8b15fab5879842219
82ac18ec8aae9a2cc311cdb3b92862e56d161f99
11c0bdd5fc2ba1dfea6ccaedded312f27fd5d5ddf21f24ee607ad05c2c0f197b

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g4_close.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/jpeg
content-length: 40656
last-modified: Tue, 12 Mar 2024 16:35:35 GMT
etag: "65f08457-9ed0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbVqZVoC%2BqIjmgHtfGJiUtV6AyreWKwRTezclHfjZbWXCUXGr2xSX5ljL81RNGr20KfkfdMAtdPxE3tOZFOtp1NWOa0qogbTro2Ajm5ZxjlW58n%2FNCp4GGUk5bUAu8GbCYcHHCK9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965ced80b4f1-OSL
alt-svc: h3=":443"; ma=86400

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e342ae6acf76e270340bd98b6540ad2b
183b457360e09a86a3cc96a21820943fbce98ecb
728a59072794dfd311322813d72055b2e9a21895218827b31fe3a742c3cc9c1e

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "728A59072794DFD311322813D72055B2E9A21895218827B31FE3A742C3CC9C1E"
Last-Modified: Sat, 20 Jul 2024 19:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15343
Expires: Mon, 22 Jul 2024 23:01:05 GMT
Date: Mon, 22 Jul 2024 18:45:22 GMT
Connection: keep-alive

GET my.rtmark.net/img.gif?f=sync&lr=1&partner=4525db4116ed1c87c5ad9a1c2cb785cedc7f7ec9dfd0157a058f115a95fabcf3

139.45.195.8

200 OK

43 B

URL GET HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=4525db4116ed1c87c5ad9a1c2cb785cedc7f7ec9dfd0157a058f115a95fabcf3
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint4B:EF:80:EB:90:B5:8C:01:82:25:B6:92:59:BE:A9:6A:C7:83:75:8E
ValidityFri, 05 Jul 2024 22:30:11 GMT - Thu, 03 Oct 2024 22:30:10 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=4525db4116ed1c87c5ad9a1c2cb785cedc7f7ec9dfd0157a058f115a95fabcf3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0880a19570fe4be3f37bc16e90bae042; expires=Tue, 22 Jul 2025 18:45:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/fav.png

104.21.58.193

200 OK

1.4 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/fav.png
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
1.4 kB (1425 bytes)
Hash
10c5dd857fd3653492ef5eeaa86cd48b
193484a907a40d7b145af2136ef83bef593d2f21
a689201508b9dc7b2cc3049c7d89947f96a19790411506ecd6eb1875374fe329

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/fav.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/png
content-length: 1425
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-591"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6324
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYjKI2BubGxhU89TH9BkZwYMpjSz1S6cH0FFjxXwBQ9pW2FaTyODNNVbp3bLQNCIZqVIms2GiMyS2c8aW0gzQCR1lZtL2fntnefNPFELbnP4Rgi98GQpuHZZfhIaEc82AHgC%2BRqn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965eaf8db4f1-OSL
alt-svc: h3=":443"; ma=86400

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
fa6439085e535fd555c57ab887773087
cb38cb09441ef5c40653618e4bce45d9d9d425c0
302eed4a638d682b6b09dfce5dad8625567d85fa370183d8f476a79ff7775d12

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 22 Jul 2024 18:45:22 GMT
Last-Modified: Mon, 22 Jul 2024 17:05:35 GMT
Server: ECAcc (amb/6AB3)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2XTKII0j_Jq4CCPLnv4Q-s1PjyPhOOqfn9NEzzFKxzugtFDNcZwy3w==
Age: 5987

GET proftrafficcounter.com/px.gif?akey=28407dccfb372e83ee9d49a69f097187

18.184.181.242

307 Temporary Redirect

0 B

URL GET HTTP/2
proftrafficcounter.com/px.gif?akey=28407dccfb372e83ee9d49a69f097187
IP
18.184.181.242:443
ASN
#16509 AMAZON-02

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px.gif?akey=28407dccfb372e83ee9d49a69f097187 HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/gif
content-length: 0
location: https://experttrafficmonitor.com/dbs?uuid=fadfd077-ed1a-471b-b5ae-9be897969d4e&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTcyMTY3MzkyMn0sImFjY2wiOnsiMjAsMCI6MTcyMTY3MzkyMn19.-r4n6dDAMRNF_WWWQn5780U-lmb8-f5-i3s6-g0KV-Y
server: nginx/1.21.6
set-cookie: uid_id2=fadfd077-ed1a-471b-b5ae-9be897969d4e:1:1; expires=Thu, 20 Jul 2034 18:45:22 GMT; secure; SameSite=None
ak=1921,1721673922; expires=Sun, 20 Oct 2024 18:45:22 GMT; secure; SameSite=None
acl=20,0,1721673922; expires=Sun, 20 Oct 2024 18:45:22 GMT; secure; SameSite=None
expires: Mon, 22 Jul 2024 18:45:22 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
92fe046ed30974fab002b18924562af5
a80246a7f4813076cea6cc1629667b43a094fa97
151d89929b8b12751f94a9dd4fab74f68f20aa29ca5135a3b95aea9f366a34e7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "151D89929B8B12751F94A9DD4FAB74F68F20AA29CA5135A3B95AEA9F366A34E7"
Last-Modified: Sat, 20 Jul 2024 20:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13037
Expires: Mon, 22 Jul 2024 22:22:39 GMT
Date: Mon, 22 Jul 2024 18:45:22 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
92fe046ed30974fab002b18924562af5
a80246a7f4813076cea6cc1629667b43a094fa97
151d89929b8b12751f94a9dd4fab74f68f20aa29ca5135a3b95aea9f366a34e7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "151D89929B8B12751F94A9DD4FAB74F68F20AA29CA5135A3B95AEA9F366A34E7"
Last-Modified: Sat, 20 Jul 2024 20:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13037
Expires: Mon, 22 Jul 2024 22:22:39 GMT
Date: Mon, 22 Jul 2024 18:45:22 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
92fe046ed30974fab002b18924562af5
a80246a7f4813076cea6cc1629667b43a094fa97
151d89929b8b12751f94a9dd4fab74f68f20aa29ca5135a3b95aea9f366a34e7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "151D89929B8B12751F94A9DD4FAB74F68F20AA29CA5135A3B95AEA9F366A34E7"
Last-Modified: Sat, 20 Jul 2024 20:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13037
Expires: Mon, 22 Jul 2024 22:22:39 GMT
Date: Mon, 22 Jul 2024 18:45:22 GMT
Connection: keep-alive

GET experttrafficmonitor.com/dbs?uuid=fadfd077-ed1a-471b-b5ae-9be897969d4e&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTcyMTY3MzkyMn0sImFjY2wiOnsiMjAsMCI6MTcyMTY3MzkyMn19.-r4n6dDAMRNF_WWWQn5780U-lmb8-f5-i3s6-g0KV-Y

18.184.181.242

200 OK

7 B

URL GET HTTP/2
experttrafficmonitor.com/dbs?uuid=fadfd077-ed1a-471b-b5ae-9be897969d4e&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTcyMTY3MzkyMn0sImFjY2wiOnsiMjAsMCI6MTcyMTY3MzkyMn19.-r4n6dDAMRNF_WWWQn5780U-lmb8-f5-i3s6-g0KV-Y
IP
18.184.181.242:443
ASN
#16509 AMAZON-02

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dbs?uuid=fadfd077-ed1a-471b-b5ae-9be897969d4e&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTcyMTY3MzkyMn0sImFjY2wiOnsiMjAsMCI6MTcyMTY3MzkyMn19.-r4n6dDAMRNF_WWWQn5780U-lmb8-f5-i3s6-g0KV-Y HTTP/1.1
Host: experttrafficmonitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theeverydaygame.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/gif
content-length: 7
server: nginx/1.21.6
set-cookie: uid_id2=fadfd077-ed1a-471b-b5ae-9be897969d4e:1:1; expires=Thu, 20 Jul 2034 18:45:22 GMT; secure; SameSite=None
ak=1921,1721673922; expires=Sun, 20 Oct 2024 18:45:22 GMT; secure; SameSite=None
acl=20,0,1721673922; expires=Sun, 20 Oct 2024 18:45:22 GMT; secure; SameSite=None
expires: Mon, 22 Jul 2024 18:45:22 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs

104.21.58.193

200 OK

2.2 kB

URL User Request GET HTTP/2
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
HTML document, ASCII text, with very long lines (2351), with no line terminators
Size
2.2 kB (2176 bytes)
Hash
f7894738b81770fc5b3a4407f7dca583
bcd49896df390650d05ff88007d0967572d4be54
f31494f053519ab36c8f567c154e0f04a84e3072de1ecdbe560fed6e24d51f76

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 Jul 2024 18:45:21 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=732mw%2FNabMAVgJOn0AYQfM8zVWxYMzwQdIe8rKydYcLLlV2ZjdtSL6GXmRvZ1VDgjcVfq5vhaBK1wTI2QGzhyqauacowhECKaUTtimzR7VjpQNHJykN3bKzpXxV804TXAUY%2F65OG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a7596583e2a56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_open.jpg

104.21.58.193

200 OK

84 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/g1_open.jpg
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x1071, components 3
Size
84 kB (84260 bytes)
Hash
a3efbcb7561dddaeb36ba22fb8fae56f
a9363a7f6b6e9a5a6dcbb37a0abfa7bb3ab3ea1d
d95424c3f3857c13ff9f6a957f805b188a568ce769b51ee9fe68c8fd3537b319

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/g1_open.jpg HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: image/jpeg
content-length: 84260
last-modified: Tue, 12 Mar 2024 16:35:34 GMT
etag: "65f08456-14924"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PtISzfYqAoH3ljLpmYLpLqsxN%2BsCPPKHD%2FS7nAZlas1zxdbvnSA2b2ow1Uw55ZvxB2gIHwibE387lhOga8Cn1Y5D5FZVhyD3wRMfJNrvo77GtjGrtEXe5VnmZL7IJEJjsVwrnzHo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965ccd3cb4f1-OSL
alt-svc: h3=":443"; ma=86400

GET nicysurveys.com/r/dir?zoneid=2024895&var=2024898&pb=cbc8265e45a02ac80c0684cd0aa759881721681119&psp=LN0aEcp_lyuQBsYllF3_V68O8D04urAr-gRi96UEgTADpo5exBmEbdgSsPtSomjmP7AXHYBDuHJJJ3AuyJ3D4Sp-k5AHyNWbAmSRhJsHWGK4-Lwh5zjeZsvnrpjQHCjr8dJCfTdcIaK0XcCU-D95xvi2jhfaAZy4K-120i_Qsuie5l7ipZVJJfeXHAjXcHhSPt9_6XAblf6Zp-TSG9R4H5oU994r1WUKtdWuS1RyBR_oEP8YT3DRz195&prpsrc={propagated_source}&fdl=1&nojs=0&abvar=0&febuild=1.0.295&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=J85T7J9TG9hZGluZy4uLg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=PGwE4sOaHR0cHM6Ly9uaWN5c3VydmV5cy5jb20vY29sbGVjdD92PTIwMjQ4OTUmdmFyPTIwMjQ4OTgmcHJwc3JjPSU3QnByb3BhZ2F0ZWRfc291cmNlJTdE&afid=1801681482345472&eclog=0&im=1&pload=887&rlp=%5B0%2C1%2C154%2C130%2C3%2C276%2C52%2C81%5D

212.117.190.201

200 OK

8.7 kB

URL User Request GET HTTP/2
nicysurveys.com/r/dir?zoneid=2024895&var=2024898&pb=cbc8265e45a02ac80c0684cd0aa759881721681119&psp=LN0aEcp_lyuQBsYllF3_V68O8D04urAr-gRi96UEgTADpo5exBmEbdgSsPtSomjmP7AXHYBDuHJJJ3AuyJ3D4Sp-k5AHyNWbAmSRhJsHWGK4-Lwh5zjeZsvnrpjQHCjr8dJCfTdcIaK0XcCU-D95xvi2jhfaAZy4K-120i_Qsuie5l7ipZVJJfeXHAjXcHhSPt9_6XAblf6Zp-TSG9R4H5oU994r1WUKtdWuS1RyBR_oEP8YT3DRz195&prpsrc={propagated_source}&fdl=1&nojs=0&abvar=0&febuild=1.0.295&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=J85T7J9TG9hZGluZy4uLg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=PGwE4sOaHR0cHM6Ly9uaWN5c3VydmV5cy5jb20vY29sbGVjdD92PTIwMjQ4OTUmdmFyPTIwMjQ4OTgmcHJwc3JjPSU3QnByb3BhZ2F0ZWRfc291cmNlJTdE&afid=1801681482345472&eclog=0&im=1&pload=887&rlp=%5B0%2C1%2C154%2C130%2C3%2C276%2C52%2C81%5D
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint88:AB:1F:1A:E0:32:7F:D8:D2:0C:E9:5B:20:43:D7:AE:D0:BA:2F:70
ValidityMon, 03 Jun 2024 10:55:06 GMT - Fri, 29 Nov 2024 22:59:00 GMT

File type
HTML document, ASCII text, with very long lines (8875), with no line terminators
Size
8.7 kB (8710 bytes)
Hash
2b94679719f1a97ce73b107ccacabf08
1cc7e4b1c0077ef4f2035202d191172725e1767c
56e108507e3054cabfdbb93a7cbcfc067da0c754d369ecabefef04070c27cd79

HTTP Headers

GET /r/dir?zoneid=2024895&var=2024898&pb=cbc8265e45a02ac80c0684cd0aa759881721681119&psp=LN0aEcp_lyuQBsYllF3_V68O8D04urAr-gRi96UEgTADpo5exBmEbdgSsPtSomjmP7AXHYBDuHJJJ3AuyJ3D4Sp-k5AHyNWbAmSRhJsHWGK4-Lwh5zjeZsvnrpjQHCjr8dJCfTdcIaK0XcCU-D95xvi2jhfaAZy4K-120i_Qsuie5l7ipZVJJfeXHAjXcHhSPt9_6XAblf6Zp-TSG9R4H5oU994r1WUKtdWuS1RyBR_oEP8YT3DRz195&prpsrc={propagated_source}&fdl=1&nojs=0&abvar=0&febuild=1.0.295&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=J85T7J9TG9hZGluZy4uLg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=PGwE4sOaHR0cHM6Ly9uaWN5c3VydmV5cy5jb20vY29sbGVjdD92PTIwMjQ4OTUmdmFyPTIwMjQ4OTgmcHJwc3JjPSU3QnByb3BhZ2F0ZWRfc291cmNlJTdE&afid=1801681482345472&eclog=0&im=1&pload=887&rlp=%5B0%2C1%2C154%2C130%2C3%2C276%2C52%2C81%5D HTTP/1.1
Host: nicysurveys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=24072213456ccd2a108f6345489f215c60cb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 22 Jul 2024 18:45:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
referrer-policy: no-referrer
x-trace: Lgj9e7Nbrc0douM43gfR5rSALBLbFVR0q2TzSPAEIK27fX9F8w1GUH-dzpa0s5oiARsKJvHC
x-route-id: redirect.dl
set-cookie: CHCK=1; Path=/; Expires=Mon, 25 Aug 2025 18:45:20 GMT; Secure; SameSite=None
OACCAP=AC5tmAAAAAAAAAAB; Path=/; Expires=Wed, 21 Aug 2024 18:45:20 GMT; Secure; SameSite=None
OACBLOCK=AC5tmAAAAABmnpAQ; Path=/; Expires=Wed, 21 Aug 2024 18:45:20 GMT; Secure; SameSite=None
OXCCLK=AC5tmAAAAAAAAAAB; Path=/; Expires=Tue, 23 Jul 2024 18:45:20 GMT; Secure; SameSite=None
OXPCLK=AAH5DwAAAAAAAAAB; Path=/; Expires=Tue, 23 Jul 2024 18:45:20 GMT; Secure; SameSite=None
ppucnt=1; Path=/; Expires=Tue, 23 Jul 2024 18:45:20 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

GET theeverydaygame.com/awpx_click.js?v=005

104.21.58.193

200 OK

1.5 kB

URL GET HTTP/3
theeverydaygame.com/awpx_click.js?v=005
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
ASCII text, with very long lines (1544), with no line terminators
Size
1.5 kB (1490 bytes)
Hash
684379265eb9f58cc45bc0d82f0db964
dcceb2eb66dd485a8df52da17210e1ea660354ee
45f7be3af362b2f0b894e51e8394ecc08066d8b9004fb095ba7665edbd8ce078

HTTP Headers

GET /awpx_click.js?v=005 HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:21 GMT
content-type: application/javascript
last-modified: Thu, 09 Mar 2023 09:49:36 GMT
etag: W/"6409abb0-5d2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6599
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CXxW1FYHzYor7AGwJEBoPJekT5JDvEDyw73b5YF6hQcASwPLhXbBdNsr2jv2c3FnH044z9Mlv%2FUZFfSBP6Nk06KbGOsgW7g5BYf3ejXaXdNxdlp4fmzYxOiHSBzsHvrzXiCZV9kb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965a4a33b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn1.png

104.21.58.193

200 OK

6.9 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/image/btn1.png
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
PNG image data, 339 x 207, 8-bit colormap, non-interlaced
Size
6.9 kB (6866 bytes)
Hash
a67051906425835b13dc4292c6fe2ef7
c96b01fb21c60a17fad9e89f235fdb8809ffc43d
f000409df7dd5222fc51cc35113519a133596c011f61bc5a7f65f9dcd2843a37

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/image/btn1.png HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:21 GMT
content-type: image/png
content-length: 6866
last-modified: Tue, 12 Mar 2024 16:35:33 GMT
etag: "65f08455-1ad2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AL8lICnoe6NLN%2FqbACySOqoTzYxSZbXW98gAWSwMyPQUcwoqA6vgzPiTdqzOl5RWTWvWUWF1IaD1KIZDO1NKdWYHaxXK1RpUz8pst%2BwHCbtBwbhhvBHVBNpspwa7%2Fg2fBlO9qulc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965a4a36b4f1-OSL
alt-svc: h3=":443"; ma=86400

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css

104.21.58.193

200 OK

3.3 kB

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/css/main.css
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
ASCII text, with very long lines (3548), with no line terminators
Size
3.3 kB (3299 bytes)
Hash
aac1493fdaa516c07b05dc277adf9047
40c8ee3e4d54dfff6dcaea969bcad3d20ec9b796
8f9a48a298195eefb30fffd1c8d458eac7ecc2503a77ba8a5bc47bad68b61c37

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/css/main.css HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:21 GMT
content-type: text/css
last-modified: Tue, 12 Mar 2024 16:35:32 GMT
etag: W/"65f08454-ce3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfvKLLPre4Ufo4eKBO%2FtLsUpGe3IrZsViiyMDr%2BIPOKf82N8JVOMymH6cyVGVvF9ypCy1BCUVaEnpNl%2Bl%2BgE7fLFsDRZOyo38c7966zBXfgC9wmAx48q%2BvRQRk5MKfJf1QCHsYJc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965a3a26b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET theeverydaygame.com/lg/lg_0324/land_lg_140324_en/scripts/main.js

104.21.58.193

200 OK

521 B

URL GET HTTP/3
theeverydaygame.com/lg/lg_0324/land_lg_140324_en/scripts/main.js
IP
104.21.58.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttheeverydaygame.com
Fingerprint9B:C0:4D:A2:C5:A3:30:91:89:34:87:E6:D4:E1:88:5B:D6:33:91:39
ValidityThu, 27 Jun 2024 16:38:53 GMT - Wed, 25 Sep 2024 16:38:52 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (567), with no line terminators
Size
521 B (521 bytes)
Hash
42a310913ab3c9f8c9241c154fd7af4a
8acd5b33349b86bb7ea9da2f609ca7230ad5761d
ac4d23ed1f3208f4515cb3561fc74ece439d34496675ae90917061a858c7b79a

HTTP Headers

GET /lg/lg_0324/land_lg_140324_en/scripts/main.js HTTP/1.1
Host: theeverydaygame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 22 Jul 2024 18:45:21 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:35:38 GMT
etag: W/"65f0845a-209"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6325
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0uiECZVYF3anmI6VgB9HSMyUpijtBYfRdFpC9JjXPaHU2YyVTtVjp08IEsiKv2AD58QsnXBZCTFc%2BxRZbxqGb%2BPw0R1Nc%2B9Dq0MOjp0cv9clFXaAesXGCWLImAcl2L9ZkBl%2BYFq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965a5a42b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET twistconcept.com/index.min.js?pk=28407dccfb372e83ee9d49a69f097187

104.21.86.46

200 OK

653 B

URL GET HTTP/2
twistconcept.com/index.min.js?pk=28407dccfb372e83ee9d49a69f097187
IP
104.21.86.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://theeverydaygame.com/lg/lg_0324/land_lg_140324_en/?haff_pid=1237&haff_oid=49&haff_cid=4dd6000083174896&haff_sub1=1efd73fb39e0c58d77af317f88d5c7a7&haff_sub2=e206a54e97690cce50cc872dd70ee896&haff_sub3=1099&haff_tag=rs
Certificate
IssuerGoogle Trust Services
Subjecttwistconcept.com
FingerprintF3:17:8A:A1:CC:76:1F:1A:EE:B4:14:51:1B:FD:F0:E3:C6:F5:F6:D8
ValidityFri, 19 Jul 2024 07:04:23 GMT - Thu, 17 Oct 2024 07:04:22 GMT

File type
JavaScript source, ASCII text, with very long lines (656), with no line terminators
Size
653 B (653 bytes)
Hash
e1b26acebd3ad2c11bf53fe6e99737ec
8676d5c0973a09d71c95b427cd453d5514e77eac
56b092f22e468081835fe837e953180a39406307c0a889e135da563bc8d60e41

HTTP Headers

GET /index.min.js?pk=28407dccfb372e83ee9d49a69f097187 HTTP/1.1
Host: twistconcept.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://theeverydaygame.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 Jul 2024 18:45:22 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 13:06:26 GMT
etag: W/"655f4e52-28d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IkvrmNfaVGZ0ssl6PFysiBuhbeEraF8i36WNMQEyJI1kQTVlqnHMHKQ2LUYnOST%2FxNcAgvjePSFr3dY11DCIz%2BfFQ75fa36IyIbAiBuXJuakj3vUNeHnWMulR84m78NbNoni"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a75965d8dfc5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (34)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN