Report - everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone

Report Overview

Visited public
2025-04-20 22:52:07
Tags
URL
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Finishing URL
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
IP / ASN
172.67.168.33
#13335 CLOUDFLARENET
Title
Everlusting Life

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
everlusting-games.com	unknown	unknown	No data	No data	18 kB	528 kB	188.114.96.1
analytic-client.chickgoddess.com	unknown	2023-11-29	2023-12-27	2025-04-16	1.1 kB	567 B	3.68.58.199

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed
2025-04-20	medium	everlusting-games.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644	ScriptElement	1.1 kB	2025-04-20	2025-04-20
Pretty URL everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-20 22:52 Last Seen2025-04-20 22:52 Times Seen1 Hash 649eadd72183c3c9b2ff920228dbd1a4 436e10a8f07f7c8e31bb3758383d3b1c063a9422 07abefddd6b182b1258516b3808d28ffc82286db631b48b0fad8f4ed0fc5b115 Loading...

HTTP Transactions (22)

URL IP Response Size

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/2_1.webp

188.114.96.1

200 OK

48 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/2_1.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
48 kB (48010 bytes)
Hash
0605e1ad666c9ee04ea42a565a6b9ecd
909b5bb368fa6d08ddbffb21d2e662c41d866fd8
4fab8ff3ac173ea4a0368aa185c51672fe1a9fc712cc10f8c58892c0f80e5bf9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/2_1.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 48010
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "3b39a69aada92ad18ffb035d2117e442"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fkbgoeurd5bRIsdyrdHYFeZe%2FwNh1jTCc98SQRh4w65AK%2BdJWAL9ofqPjggTN3%2Bcnri1Aa4HM67eH0PKQnRAeFqbzNKZ8JTTpf1IRHGXoCJBylSg6AsRO0bEeW8oSx59Lr%2BfgYFfwfqnigXs21Tw27AdpLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 93383547dacf56c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/3_1.webp

188.114.96.1

200 OK

88 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/3_1.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
88 kB (88424 bytes)
Hash
5aa62f2f63380d6c855928516bff192b
3000dddc3d0abe86b15e465de09102f5d6fe0119
2d2eb674a923f6e9e8c6ce18e10afc23a4811cd0070cf19b9187a6ea63028753

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/3_1.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 88424
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "86833366dc8f97124450f53dadd56e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVzBXRGlXbb6TqGphh%2BYwFJzToejCVfv7c%2BvWA98LoXI1RitRbAxkC5s2MFWxj4xnHYfaKvt8CvUwcZmd901QQ8ORfHfMkIA5AKKgVvjP%2Fehd4oORyomrBezJbAZcVWwuifisFsOiMeLrNXHI3xsYxXQjLg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 93383547fafc56c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/marker_2.webp

188.114.96.1

200 OK

4.0 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/marker_2.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.0 kB (4010 bytes)
Hash
ed70d09fa64cd3e07305cdeab27cf86e
6ed5a61f7900ec09c694a7e1bbe686e4c051fda9
f87081f2de54e31486e8d5e0bc2de24290ae7a3233d6282204278376274b9729

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/marker_2.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 4010
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "14d08b52fc30b318164ac784e6d4e008"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=db3NsbftWyVsHzJHFdrZSnxpkMv45Ag1m8U89TF7JTzepbd0Wpylu6Sk1%2FiE7%2BbtlVJfP%2BzbuZgay40kR63Y4rwzRjBVf1fsbstzfufDOZTN%2FR%2B08n8TFA5v4HpDmwL9oHVvjqID6Y4vtaKUapqyNkpA%2BrE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 933835483b3f56c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/2.webp

188.114.96.1

200 OK

38 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/2.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
38 kB (38272 bytes)
Hash
c4ee236d96d74723318e044a0065824c
fc41c091e31a0d1d9dd3b3c053811bb632f88bd7
482f004f5a85efebee4a459d071dd1f794eebbc0fa62cb011176279d29f4005c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/2.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 38272
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "e64decc61e8ea291cdf164ed58e87a13"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNUon5rrr6I53bi%2F2vKsxezfM0%2Bw72%2BHWf6xcdhz1GAbfl8AT4AtoLdwGVe95N1lIQv7GnkB0%2Bcc1JT0awi6VlPoyKAU2sWZZXanwoDcEClcPA9OYCG28wHwOoWDldIl8mn5Ed7LNr1qpJAywnFnkZUPXTI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 93383547daca56c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/hand_1.webp

188.114.96.1

200 OK

7.5 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/hand_1.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.5 kB (7458 bytes)
Hash
88fbfd32bd1e84ae31bb59a4ab633b95
a734f9ec944b885a2cc4f02419599b30e5612022
e200afb94d27880e30b3ce4bd6a91fef7e78e833eb54cfe25c6dda4b963cfc77

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/hand_1.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 7458
server: cloudflare
accept-ranges: bytes
age: 2468
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "664d9addbdde88f4f7162bd3e04a8c75"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqHwTkafAyjNwHNJzZsZkVsXeqWmMfXr2qOAE5InaCwYuJOLUf%2FS86ghVkvfaUxJHfLz1TurGFlLaeOoi6aOn%2BdU%2FIONrY3XMllrAhGWWNP60bFEc1GaAWkbLKShzQhXVx9a6gBGLi54ow0sWsCtW5PbeSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 933835480b0d56c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/hand_2.webp

188.114.96.1

200 OK

7.5 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/hand_2.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.5 kB (7516 bytes)
Hash
1ae87f55d0b1e152db1159fa200104a6
5cac497d498bc71be527bae90330dcd6c43df207
265c61bd62992e0aa77788815cf8711875305f883d8457bd5121a175be94f238

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/hand_2.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 7516
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "a986f056cf4056f51feea88ab0275c1f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MTWhpWWs3bBu%2FmuekTncHDVmulRgo4iuJgL9%2B82SW3vIb7kARzgpqOZ5cpQIB18potUbr45DTJxEytQOl9jTDAvXkYSQv6HKvmr9sxWlRhjVPd6SJSfufHS0JG0TVAAE31BNIqYgAZfXTYNyWRleJ2m9fIs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 933835481b1856c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/favicon.webp

188.114.96.1

200 OK

318 B

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/favicon.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
318 B (318 bytes)
Hash
c840e88fc31839678c0e50e960c36b4b
dcda373bf3649a6fd8b3071a6042ed57eecdf08e
e4d073b359fcefa8fe4efa793652617860b1a8f60dc9dcdbe2586e583b50bb17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/favicon.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:46 GMT
content-type: image/webp
content-length: 318
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "5f68207b68a4be10d740f9a75c7374e4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0gwt7k83oMxgV6jPCp8Hrg64RxPNeC82OsPD6x02MYQaafuOS0xchCOGQs5wj1oW45NuC5qKSp45qcX7YUetMBwBUtMCv1fG4DefoWm%2BJwgz38ZpudgRHmTUzI8093NvEL05Xn8HmShMSxEGvduT5au%2BCiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 9338354c784a56c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/marker_3_1.webp

188.114.96.1

200 OK

7.5 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/marker_3_1.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.5 kB (7516 bytes)
Hash
d54b93e5d687b18377aa1b4867ac3afe
06c0c4692e000c45db97219163dc115f8fce295a
cc9e65ded46bc65ba61e219175bdea7ede2c41f5fd69041feaed445290f0719e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/marker_3_1.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 7516
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "c71b8e3de22d6e398043f11bcbfd36b4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMPBrKwsWDi6TnByRzkmu4HBOlkk6eIn173NeWH9gLGGV0PO5pffgmJKa5LmApCgaEgr6sYOsh2S%2BMjGG9M0GhYZtvweO9NU5scs89132t0SnWlirMz2Zr20mYx96PwG5idAWWAFcuydGFK1w43EPrWfCbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 933835489bcc56c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/favicon.webp

188.114.96.1

200 OK

318 B

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/favicon.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
318 B (318 bytes)
Hash
c840e88fc31839678c0e50e960c36b4b
dcda373bf3649a6fd8b3071a6042ed57eecdf08e
e4d073b359fcefa8fe4efa793652617860b1a8f60dc9dcdbe2586e583b50bb17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/favicon.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:46 GMT
content-type: image/webp
content-length: 318
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "5f68207b68a4be10d740f9a75c7374e4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0gwt7k83oMxgV6jPCp8Hrg64RxPNeC82OsPD6x02MYQaafuOS0xchCOGQs5wj1oW45NuC5qKSp45qcX7YUetMBwBUtMCv1fG4DefoWm%2BJwgz38ZpudgRHmTUzI8093NvEL05Xn8HmShMSxEGvduT5au%2BCiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 9338354c684756c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644

188.114.96.1

200 OK

13 kB

URL User Request GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
HTML document, ASCII text
Size
13 kB (12884 bytes)
Hash
af32c1ec38ea931e756b99e86ce10274
084867949da6ce0ceebe63948c263db908eb52b3
f2ed3f548d6e6bbadbefd37047c72b050c0ed5bc6c817c7c35000968d2594c12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644 HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:43 GMT
content-type: text/html; charset=utf-8
server: cloudflare
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
link: <./bg.webp>; rel="preload"; as=image, <./cursor.webp>; rel="preload"; as=image, <./1.webp>; rel="preload"; as=image, <./1_1.webp>; rel="preload"; as=image, <./2.webp>; rel="preload"; as=image, <./2_1.webp>; rel="preload"; as=image, <./3.webp>; rel="preload"; as=image, <./3_1.webp>; rel="preload"; as=image
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkhciF7brr%2FN2gf7UEPxtJfmls8th6qEwHAFW%2BiHUXpRpnniT8aXXrUgYop%2BMjIv4fgR16iQ3VuPOrEde%2Fnrum%2ByqZououHAW4JcHbdRTWWOY3UeS99HZrgmYDd0zFNMPkbav7Zvx6w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-ray: 9338353dce5f56c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/bg.webp

188.114.96.1

200 OK

20 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/bg.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp
Size
20 kB (20414 bytes)
Hash
d2fe63484f1aa7baf7adf93e2def147e
0688158953d3b7f35d24f0dde6a356acb475eadc
cf62e8fca7f5ecde5e46bbb67d2d7dfa431e9d88028f97d3b5f8a8c3be10408d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/bg.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 20414
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "437e0a6dbf03a67177dd596f0465b2f6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZ38eYndc%2FLNY0eQbb7CWocVYun2ayO7w1AtMSPyEyzx8UF3M9XRHwzrTE%2FL7u4o33YMSOZxoJgSpJq95Myvbl5Tx3f1Eb%2BXc7JivJKHFn81Qnn8p9u5Z9PFh%2BQI5N%2BleMuajDvqTTcg%2BlTqd4mpACneKZw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 93383547cab856c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/cursor.webp

188.114.96.1

200 OK

8.0 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/cursor.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.0 kB (7982 bytes)
Hash
b265741941b305563530a6d498e2fc2b
69c1729b98177ba289a76fa1e339f56ccf9ccedf
e04bdf0098dbb0879417e4f58f880d8bfaa94a568f171a2f82637b185a859eb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/cursor.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 7982
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "2ad1ef254442c0a7dbe7a943c930e202"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FVW6e1T4onfiRu%2BuZ8xCRjZZHKa5C2wh3bJDNwN6Pfx10ytYa4P82ocmwiv%2BqXiAJa71M4owdPbDTcrvlTLN68g4Go9MbR2om8cazrUk9AUW4ZJGWmPZVgdPoOEHBLx9Aq61ydmh9BYsM7othdo9BcgC18%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 93383547cac356c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/1_1.webp

188.114.96.1

200 OK

75 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/1_1.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
75 kB (74654 bytes)
Hash
c29969bb2944ef5ad248bb73392bc630
92b3403e7273780605db70a7a73dd9ccfbb074e3
75ab2f750bcf1515838cce41ba1671d40cda66d0cf6e9919be8bfd93af3d0bf8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/1_1.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 74654
server: cloudflare
accept-ranges: bytes
age: 2468
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "2834ff92deafc5e3905248432247c22e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02UZsMUwQ8ohDmFsVTauooVlQ9%2B9Yt%2FDysMGpMgzNTaA3n1nYdNCqSToUvQETG543po7DMr2BiaNCTaG%2FwjST6lH9NQ24VA%2BKECjKJh914I1pz76T5Dc5FvP65XIpf7d%2FwtkiVKbbk7LKTBuHUN%2B95xYaTs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 93383547dac956c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/marker_1.webp

188.114.96.1

200 OK

11 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/marker_1.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (10562 bytes)
Hash
f13e5e92a6686dfb5ae46981ff00c355
c6799e0b30b29450dc3215cca95816dcbe26e26a
9f2a726d299a117bd65e61503057d22282df5768d16418fb0871b1a6d10a9824

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/marker_1.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 10562
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "6e7aeeeb405a7547202d17a35c6b0ae5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXhzcGoG%2B%2B5nhq%2FPc2Ay%2F6YDpS%2B1%2BbTyVaQFop2XbGkdoKVQw2qN425F8%2F4BTbzs6YFx6N07L2NM1kL5l3rAR4l%2FHxttrQfCeCtkcrcd%2BJyBRGKdR5NWrbtm%2BnWzSXl3IyGmw%2BitV87lYIrurSeHQ0GgpkI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 933835480b0856c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/pants_2.webp

188.114.96.1

200 OK

17 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/pants_2.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (16836 bytes)
Hash
df76668a4e513663183ef931ec858728
497dc0db6b617d29da3d285c4c40a6146005c32a
eec51bf2f851863c2a0a7892a70907429369f968d20e02580dabfbbf4576369e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/pants_2.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 16836
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "5527ab2ecb45ad05e2ec998150f21c73"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xh8UtXV8XtXow%2FZbj8ms26ygDk6PK412w6u7ejSgqToasLnE2yMZLzzcf29y1A93C3QTQ72jVRrtxppB6TkvaiStmf2dJj17wo6j0RrAGoTeqerzrVQAWXPgTImPBZ%2BPyMHHWPARhTQigZnh%2BHdOgLU1Gcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 933835480b0f56c1-OSL
X-Firefox-Spdy: h2

analytic-client.chickgoddess.com/preland_stats/ac/visits

3.68.58.199

200 OK

21 B

URL POST
analytic-client.chickgoddess.com/preland_stats/ac/visits
IP
3.68.58.199:443
ASN
#16509 AMAZON-02

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerLet's Encrypt
Subjectchickgoddess.com
Fingerprint36:46:E5:C0:13:90:E1:42:55:A2:DF:93:0A:28:B3:B5:BF:34:C3:D1
ValidityWed, 26 Feb 2025 01:46:28 GMT - Tue, 27 May 2025 01:46:27 GMT

File type
JSON text data
Size
21 B (21 bytes)
Hash
79be822f7304ffaaeb68aa8b0336848b
acc79c84f5cdcf1277d8aa905e6290b70c65e862
8e348a2876686697c17bc2784470cbebe761146f0bbfc180a67a52793117882d

HTTP Headers

POST /preland_stats/ac/visits HTTP/1.1
Host: analytic-client.chickgoddess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/
Content-Type: application/json
Content-Length: 494
Origin: https://everlusting-games.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:46 GMT
content-type: application/json; charset=utf-8
content-length: 21
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-backend-process-time: 0.002
X-Firefox-Spdy: h2

analytic-client.chickgoddess.com/preland_stats/ac/visits

3.68.58.199

204 No Content

0 B

URL OPTIONS
analytic-client.chickgoddess.com/preland_stats/ac/visits
IP
3.68.58.199:443
ASN
#16509 AMAZON-02

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerLet's Encrypt
Subjectchickgoddess.com
Fingerprint36:46:E5:C0:13:90:E1:42:55:A2:DF:93:0A:28:B3:B5:BF:34:C3:D1
ValidityWed, 26 Feb 2025 01:46:28 GMT - Tue, 27 May 2025 01:46:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /preland_stats/ac/visits HTTP/1.1
Host: analytic-client.chickgoddess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://everlusting-games.com/
Origin: https://everlusting-games.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 20 Apr 2025 22:51:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-methods: *
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/marker_3.webp

188.114.96.1

200 OK

3.5 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/marker_3.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.5 kB (3464 bytes)
Hash
91815c58341d7ef5d531665d1f07a5d0
78c2ee78e41a4b9d18a48744699a3165593f9565
bfeeae84db04cf3ac876902565b3a0e4ac50850c7fed809f736b7e6f47590b4f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/marker_3.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 3464
server: cloudflare
accept-ranges: bytes
age: 2468
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "8ae1a2408bab014f81eaa8faa84d9cc8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gl4MUl4OSia78k%2FC0XBgZZ8npBvieWjo%2F%2FIIvxKbILWpkgHmktRgbOVbQH01VrH7DCfRjaUXnExmM0mgZ9vqxsNu83k1dBKLhQUs7WgpRJJQBT1B5FwbAkxwoffg%2FBOBzXAyKeLeoMrxtIgEpzx7kIFEEPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 933835489bbd56c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/1.webp

188.114.96.1

200 OK

64 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/1.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
64 kB (64366 bytes)
Hash
b2d47bb70af213bd7f02eb766ae4da74
f0eba5cfbd734f30a29fc37d3220aeccddb94702
5eba5e54677abe1123fef0af0f6f6313f2cd740b648568feb1bc3befbf9109b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/1.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 64366
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "1cd7b4ae68a9b72c166b83ef976ef84d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBFtirraJAHwOqo7EfVDD5fZ0nRwo2yScbJKMRzwaihiXhweS3PKH6ojfRj3IK2GM3aTT6fo3a0f10qd4VG4cDWal7jdPPXkTmgEAlDfXzX2DwtmcFM%2BsJG5nGh4cg88pX0Q3nSpLg9cgmQH3uSRX1WWWQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 93383547dac556c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/3.webp

188.114.96.1

200 OK

79 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/3.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
79 kB (78626 bytes)
Hash
616eb32d5a6c444b1aa5ba09c14d8993
b40b21e1436a4671df020ac5d0d9ca69a5c398a7
f7b0e05aac9490fa4ddf94bff32ee1d8e493fd9e1ea3f248c38f8fd1700c6616

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/3.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 78626
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "cb874193396291c26cbad55fb26477ef"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k6qN9w%2BWVre9RCSp0rloDl7UVZ5u2bGqxt5GDZmS%2BUDUHaRKHTwM4CNWHNbnVP9kxzHIlaBbl4EIWLLC0wpj2%2Bddfchk%2FNqBZiKea2%2BY8OnSqK%2FhfXs9%2F5e2Tx1yuFRgPu6c5BXHqEHbLUuDgqCv2Y6C8TY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 93383547faf856c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/pants_1.webp

188.114.96.1

200 OK

11 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/pants_1.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (10860 bytes)
Hash
e87855699a72cb1eda14dc79e595a597
a78309512432f66ee967c001e6b6884aead0f1ee
63c0b0986332b6400c28d28f9fd307a77bdd58a24e422fa0fc14c4738f9b585f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/pants_1.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 10860
server: cloudflare
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "31dc776dd32f12bc21583df15fa237e6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFRdBPxqvfmXKzLpHu1Ws0%2FwGNRamjs1FE%2BBTj5rHidJH0N5jMdR3B81A7viJZz5SkpeRmiWx6G9lLpdgCchoq6QljEPAoDlDKR%2BAf%2FwSqTn2xWoR0dHfF%2Bl1j6tk6BXfLOJG6W1%2FyTxusmhej2QvjyNOnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-ray: 933835480b0456c1-OSL
X-Firefox-Spdy: h2

everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/pants_3.webp

188.114.96.1

200 OK

9.3 kB

URL GET
everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/pants_3.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
Certificate
IssuerGoogle Trust Services
Subjecteverlusting-games.com
Fingerprint87:49:D0:42:67:BF:1D:4E:16:00:55:92:75:82:E2:ED:97:ED:6B:F6
ValidityFri, 11 Apr 2025 08:24:23 GMT - Thu, 10 Jul 2025 09:24:13 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.3 kB (9264 bytes)
Hash
240f5f82fe38ab6b4eb9a987c4ed639b
82ac8ba989e0aa9a0c41ede5c4f480f3195b6616
32c374f5d1b8e8726d99c172e1135dfad0e4e5d59d0e2279a0c7e323e94868d0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing-0054/everlustinglife/6wrz3xg/pants_3.webp HTTP/1.1
Host: everlusting-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://everlusting-games.com/landing-0054/everlustinglife/6wrz3xg/?bnformat=&bnid=113952436&category=143&cid=7491364&click_id=orddNHPNTHXVHNRM7bc7qqqJq6aXTTUXVT00Vulc6amh1U7qXTVuldK6V1NdNM9E9bp7paqKJXT3T1VUUOldM6V0rpXTOmdK6V0znXbzWVU2Z70S0TUa3b6TV0W166UUT5567OldcjvYseof3OdZO6V0rpXSuldK6V0rprKapa6ZbJ3OdK6V0rpXSuldK6V0rpXTOldK4sYt_ykRHqH9znO1rll40uql2ruo41spomo2osm3zl3nq3ucH2A-&cost=0.5&country=DEU&site=9vids.com&site_id=937263&sub_id=0&tags=9vids,com&zone_id=5531644
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:51:45 GMT
content-type: image/webp
content-length: 9264
server: cloudflare
accept-ranges: bytes
age: 2468
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "f47228658460103c4d160b8131b4bbef"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4Qw%2FBmFdBYg%2B6QiDWxTfrwfKRH6Re6qZETLQY73af6Ye6BW0v2BDH%2BD35dm8%2F972UaEnAl1%2BccPPssVb29I56EcYryaDnaxuWoGRl3KfaEBE%2F6tp7xRGXFu1c3dX53xqg7COmgGJ6QCJILUfQl5z541vvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 933835484b4356c1-OSL
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (22)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers