Report - ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441

Report Overview

Visited public
2023-12-06 18:05:43
Tags
URL
ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441
Finishing URL
eatcells.com/
IP / ASN
185.162.87.220
#39572 DataWeb Global Group B.V.
Title
IO online multiplayer action game. Survive and grow eating other players cells.

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ecrwqu.com	577459	2021-11-09	2021-11-09 21:59:02	2023-12-04 05:35:27	554 B	1.8 kB	185.162.85.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-06 07:50:48	2.2 kB	102 kB	216.58.207.227
www.icone-png.com	unknown	2013-09-26	2017-01-31 14:45:07	2023-12-05 08:44:59	438 B	44 kB	194.150.236.240
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-12-06 07:59:50	1.0 kB	137 kB	104.18.11.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-06 07:08:39	439 B	51 kB	216.58.211.10
ryymie.com	unknown	2023-11-22	2023-11-22 13:09:35	2023-12-05 05:41:17	7.9 kB	39 kB	185.162.87.220
dec0617.funsoups.com	unknown	unknown	No data	No data	4.0 kB	5.9 kB	213.174.151.98
eatcells.com	438054	2018-08-16	2018-08-23 02:04:03	2023-12-06 06:08:20	8.8 kB	720 kB	94.130.177.84
unfortunatecatch.com	unknown	2023-04-27	2023-04-27 14:06:17	2023-12-02 22:31:09	651 B	605 B	88.85.94.240
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-06 07:40:41	883 B	300 kB	142.250.74.168
mdakky.com	unknown	2023-10-12	2023-10-13 10:25:55	2023-12-05 20:27:33	573 B	184 B	185.162.85.19
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-06 11:33:58	350 B	942 B	143.204.53.97
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-05 18:33:38	453 B	427 B	18.184.210.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-06	medium	ryymie.com	Sinkholed
2023-12-06	medium	ryymie.com	Sinkholed
2023-12-06	medium	ryymie.com	Sinkholed
2023-12-06	medium	ryymie.com	Sinkholed
2023-12-06	medium	ryymie.com	Sinkholed
2023-12-06	medium	ryymie.com	Sinkholed
2023-12-06	medium	ryymie.com	Sinkholed
2023-12-06	medium	mdakky.com	Sinkholed
2023-12-06	medium	ecrwqu.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 16:23 Times Seen341152 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	eatcells.com/assets/js/new_main_out4.js?3512341123	ScriptElement	66 kB	2023-03-13	2025-03-14
Pretty URL eatcells.com/assets/js/new_main_out4.js?3512341123 IP 94.130.177.84 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:24 Last Seen2025-03-14 02:28 Times Seen371 Hash a09324e4f90b9d6437ded27984bfd1c9 654f526654aa638af0c7cfb378139b8bc0e9b25c 3fe37eefb8e3c4306bb7614aa524baba49a90960a7598053fee3f1d14af05fc7 Loading...

	eatcells.com/	ScriptElement	661 B	2023-03-13	2025-03-14
Pretty URL eatcells.com/ IP 94.130.177.84 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 10:24 Last Seen2025-03-14 02:28 Times Seen367 Hash 6658153b9972a62f00c72c3f02d5d151 01371da660c1055c93cc325096f0d3037dd7171f 2d27c8d667be0a7aa6c1fc102702771c3f2d35c6029ae98947d9f9a3e3f06cab Loading...

	eatcells.com/	ScriptElement	203 B	2023-03-13	2025-03-14
Pretty URL eatcells.com/ IP 94.130.177.84 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 10:24 Last Seen2025-03-14 02:28 Times Seen367 Hash 2a828610eb10e6505d75b9b6d0bcc7bb 6718a16fbb1ac4d27e1b883cb7f8928d435cabb4 f9ebd1b1ec1c92605c287ae9332c0e67576310e40bc9b0c313f4f549f5f1c78b Loading...

	eatcells.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL eatcells.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 16:23 Times Seen341953 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=G-7KY1EBYBZS&l=dataLayer&cx=c	ScriptElement	229 kB	2023-12-06	2023-12-06
Pretty URL www.googletagmanager.com/gtag/js?id=G-7KY1EBYBZS&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 19:05 Last Seen2023-12-06 19:05 Times Seen1 Hash 7ee83228191157cd12197a1e94ab8f15 3b38fca244ac622d281099ea6ba56df00232840a d5b9fdea65bc41f0c5b93eb97b76a0d7d5d34f7f08b2af41317c265f44c94843 Loading...

	eatcells.com/assets/js/new_quadtree.js	ScriptElement	3.6 kB	2023-03-13	2025-03-14
Pretty URL eatcells.com/assets/js/new_quadtree.js IP 94.130.177.84 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:24 Last Seen2025-03-14 02:28 Times Seen371 Hash 97535307fed0d8618244e4d8c19ee53f a58c1a5deed12f5c7898262e74c380377cdd95ba 51faf127356027d068fa984e84e4fe2dcbe3d748f73fc3fb7944310c08b8187e Loading...

	www.googletagmanager.com/gtag/js?id=UA-136886237-1	ScriptElement	191 kB	2023-12-06	2023-12-06
Pretty URL www.googletagmanager.com/gtag/js?id=UA-136886237-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 19:05 Last Seen2023-12-06 23:57 Times Seen3 Hash e66bbb9be32c00de8210c2efffee340b 94f4bd8bbb605cd107fa5e73d82ea367de066773 a048fa5670387edd99968653a9e47d5d6d8a6747f9c2f592728c0260bcdef93a Loading...

HTTP Transactions (42)

URL IP Response Size

ryymie.com/images/play-2/icon1.png

185.162.87.220

7.3 kB

URL
ryymie.com/images/play-2/icon1.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon1.png HTTP/1.1
Host: ryymie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 06 Dec 2023 18:05:23 GMT
content-type: image/png
content-length: 7252
last-modified: Fri, 01 Dec 2023 15:16:56 GMT
etag: "6569f8e8-1c54"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2

ryymie.com/images/play-2/icon2.png

185.162.87.220

4.6 kB

URL
ryymie.com/images/play-2/icon2.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon2.png HTTP/1.1
Host: ryymie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 06 Dec 2023 18:05:23 GMT
content-type: image/png
content-length: 4576
last-modified: Fri, 01 Dec 2023 15:16:56 GMT
etag: "6569f8e8-11e0"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2

ryymie.com/images/play-2/icon3.png

185.162.87.220

7.8 kB

URL
ryymie.com/images/play-2/icon3.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon3.png HTTP/1.1
Host: ryymie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 06 Dec 2023 18:05:23 GMT
content-type: image/png
content-length: 7847
last-modified: Fri, 01 Dec 2023 15:16:56 GMT
etag: "6569f8e8-1ea7"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2

ryymie.com/images/play-2/icon4.png

185.162.87.220

7.0 kB

URL
ryymie.com/images/play-2/icon4.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon4.png HTTP/1.1
Host: ryymie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 06 Dec 2023 18:05:23 GMT
content-type: image/png
content-length: 7032
last-modified: Fri, 01 Dec 2023 15:16:56 GMT
etag: "6569f8e8-1b78"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2

ryymie.com/images/play-2/icon5.png

185.162.87.220

3.3 kB

URL
ryymie.com/images/play-2/icon5.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon5.png HTTP/1.1
Host: ryymie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 06 Dec 2023 18:05:23 GMT
content-type: image/png
content-length: 3264
last-modified: Fri, 01 Dec 2023 15:16:56 GMT
etag: "6569f8e8-cc0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2

ryymie.com/images/play-2/icon7.png

185.162.87.220

3.3 kB

URL
ryymie.com/images/play-2/icon7.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon7.png HTTP/1.1
Host: ryymie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 06 Dec 2023 18:05:23 GMT
content-type: image/png
content-length: 3283
last-modified: Fri, 01 Dec 2023 15:16:56 GMT
etag: "6569f8e8-cd3"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2

ryymie.com/images/play-2/icon8.png

185.162.87.220

4.1 kB

URL
ryymie.com/images/play-2/icon8.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon8.png HTTP/1.1
Host: ryymie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441intent://ryymie.com/play-2_1?h=waWQiOjEwMTM2ODQsInNpZCI6MTIwODc0NSwid2lkIjo0ODAwNzIsInNyYyI6Mn0=eyJ&click_id=2312061304fcfc200bbebf4caab6a7d3f6ad&si1=2693095&si2=1801441
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 06 Dec 2023 18:05:23 GMT
content-type: image/png
content-length: 4064
last-modified: Fri, 01 Dec 2023 15:16:56 GMT
etag: "6569f8e8-fe0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2

mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1013684&st=1208745&wd=480072&d=ryymie.com&tpl=78&rnd=0.593877226903144&sbid=2693095&sbid2=1801441intent%3A%2F%2Fryymie.com%2Fplay-

185.162.85.19

0 B

URL
mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1013684&st=1208745&wd=480072&d=ryymie.com&tpl=78&rnd=0.593877226903144&sbid=2693095&sbid2=1801441intent%3A%2F%2Fryymie.com%2Fplay-
IP
185.162.85.19:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rpe?a=1&s=1&act=18&src=2&p=1013684&st=1208745&wd=480072&d=ryymie.com&tpl=78&rnd=0.593877226903144&sbid=2693095&sbid2=1801441intent%3A%2F%2Fryymie.com%2Fplay- HTTP/1.1
Host: mdakky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ryymie.com
DNT: 1
Connection: keep-alive
Referer: https://ryymie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 06 Dec 2023 18:05:23 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2

ecrwqu.com/cuclc?aid=6494955953975085077&t=1701885924&s=94

185.162.85.1

886 B

URL
ecrwqu.com/cuclc?aid=6494955953975085077&t=1701885924&s=94
IP
185.162.85.1:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (886), with no line terminators
Size
886 B (886 bytes)
Hash
db06e06a3532844fb2e7ddb94e622908
b8ea2562c4d0314c979051ebb4d8524d66008ad8
e7a30531afe8575eeaa22f3286d85687c7d4cd5fbe10bbbdc0c716a6b8a030d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cuclc?aid=6494955953975085077&t=1701885924&s=94 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ryymie.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 06 Dec 2023 18:05:24 GMT
content-type: text/html; charset=utf-8
content-length: 886
location: https://dec0617.funsoups.com/wujq5t0x?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjEyMDg3NDUiLCJhaSI6IjNhNzdlYTE0YTRiNzljNWY3YjYxZjIzNzdhZDg5NThkIiwiYmlkIjowLjAwMDYzLCJjIjowLjksImwiOjQzNzU3MTUsImVhbiI6LTEsInMiOiI4ZTkwNzU3NzgwNDljZDkxZmIwODYwMmMxM2JiYzI2YWExNDYyNjMwYzMxN2JkYjdmMWE0MDE1YTUyOTc0NTNjZDdmMWEyN2E4OGFkMTJhZTE3NTIxNDRhM2Q4MmVlYTEyMmRmOTI1OTA3OGRkNzlhZWIiLCJucmkiOiI3MjI4Mzc2MDI4NjY1NDMzNzcyIiwiZXQiOiIxNzAxODg2NTI0In0.CGRQMH0Wu7Qp5sM6I2cDGFfZW2Y3hb0ezpjprsof8o0&key=04aba6386442cd167638f681b6badf82&ap=${AUCTION_PRICE}&l=4375715&sub3=1701885924&pid=103196&auid=3a77ea14a4b79c5f7b61f2377ad8958d&sub2=to3000&dc8c66=3000&
X-Firefox-Spdy: h2

dec0617.funsoups.com/wujq5t0x?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjEyMDg3NDUiLCJhaSI6IjNhNzdlYTE0YTRiNzljNWY3YjYxZjIzNzdhZDg5NThkIiwiYmlkIjowLjAwMDYzLCJjIjowLjksImwiOjQzNzU3MTUsImVhbiI6LTEsInMiOiI4ZTkwNzU3NzgwNDljZDkxZmIwODYwMmMxM2JiYzI2YWExNDYyNjMwYzMxN2JkYjdmMWE0MDE1YTUyOTc0NTNjZDdmMWEyN2E4OGFkMTJhZTE3NTIxNDRhM2Q4MmVlYTEyMmRmOTI1OTA3OGRkNzlhZWIiLCJucmkiOiI3MjI4Mzc2MDI4NjY1NDMzNzcyIiwiZXQiOiIxNzAxODg2NTI0In0.CGRQMH0Wu7Qp5sM6I2cDGFfZW2Y3hb0ezpjprsof8o0&key=04aba6386442cd167638f681b6badf82&ap=${AUCTION_PRICE}&l=4375715&sub3=1701885924&pid=103196&auid=3a77ea14a4b79c5f7b61f2377ad8958d&sub2=to3000&dc8c66=3000&

213.174.151.98

3.0 kB

URL
dec0617.funsoups.com/wujq5t0x?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjEyMDg3NDUiLCJhaSI6IjNhNzdlYTE0YTRiNzljNWY3YjYxZjIzNzdhZDg5NThkIiwiYmlkIjowLjAwMDYzLCJjIjowLjksImwiOjQzNzU3MTUsImVhbiI6LTEsInMiOiI4ZTkwNzU3NzgwNDljZDkxZmIwODYwMmMxM2JiYzI2YWExNDYyNjMwYzMxN2JkYjdmMWE0MDE1YTUyOTc0NTNjZDdmMWEyN2E4OGFkMTJhZTE3NTIxNDRhM2Q4MmVlYTEyMmRmOTI1OTA3OGRkNzlhZWIiLCJucmkiOiI3MjI4Mzc2MDI4NjY1NDMzNzcyIiwiZXQiOiIxNzAxODg2NTI0In0.CGRQMH0Wu7Qp5sM6I2cDGFfZW2Y3hb0ezpjprsof8o0&key=04aba6386442cd167638f681b6badf82&ap=${AUCTION_PRICE}&l=4375715&sub3=1701885924&pid=103196&auid=3a77ea14a4b79c5f7b61f2377ad8958d&sub2=to3000&dc8c66=3000&
IP
213.174.151.98:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (596)
Size
3.0 kB (3001 bytes)
Hash
71617aced08330ffa488a3cdf1c73201
dbebe1e8e61f61b45e88c12ce2dbd5144b4f0ff7
139e95bfa6fb6e61f3e59741b8f02759b0c146503efa4064527eec0c03e267df

HTTP Headers

GET /wujq5t0x?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjEyMDg3NDUiLCJhaSI6IjNhNzdlYTE0YTRiNzljNWY3YjYxZjIzNzdhZDg5NThkIiwiYmlkIjowLjAwMDYzLCJjIjowLjksImwiOjQzNzU3MTUsImVhbiI6LTEsInMiOiI4ZTkwNzU3NzgwNDljZDkxZmIwODYwMmMxM2JiYzI2YWExNDYyNjMwYzMxN2JkYjdmMWE0MDE1YTUyOTc0NTNjZDdmMWEyN2E4OGFkMTJhZTE3NTIxNDRhM2Q4MmVlYTEyMmRmOTI1OTA3OGRkNzlhZWIiLCJucmkiOiI3MjI4Mzc2MDI4NjY1NDMzNzcyIiwiZXQiOiIxNzAxODg2NTI0In0.CGRQMH0Wu7Qp5sM6I2cDGFfZW2Y3hb0ezpjprsof8o0&key=04aba6386442cd167638f681b6badf82&ap=${AUCTION_PRICE}&l=4375715&sub3=1701885924&pid=103196&auid=3a77ea14a4b79c5f7b61f2377ad8958d&sub2=to3000&dc8c66=3000& HTTP/1.1
Host: dec0617.funsoups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ryymie.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 18:05:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19996658; expires=Thu, 07 Dec 2023 18:05:25 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTk5NjY1OCwiayI6IjA0YWJhNjM4NjQ0MmNkMTY3NjM4ZjY4MWI2YmFkZjgyIiwic2lkIjoiMTIwODc0NSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6Mjc3MzY1NiwicGlkIjoxMDMxOTYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzIsImFpZCI6MjgsInB0Ijo4LCJwayI6Ind1anE1dDB4IiwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vaG90LXN1cnZleS5jb20vc3VydmV5L2RhdGluZy9wcm94eTMvIiwiaWYiOnRydWUsImluIjpmYWxzZSwidHAiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yeXltaWUuY29tLyIsImFyIjpbXX19.aAaalHcdTEUwYwxpluznHIBFarAw4DrWWmHoNCGF4jw; expires=Wed, 06 Dec 2023 18:06:25 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ecc0f59559b5353f0e50608031877a05
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6b8442f4e540f7d308475f9b831dfc56
e610d0c4e853b50160d97bff0535498627c5e784
ebca9adaacec7e34a2b4aba18b89d9473e0b7b3521943137a6bff506b95d0abb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 06 Dec 2023 18:05:25 GMT
Last-Modified: Wed, 06 Dec 2023 16:19:12 GMT
Server: ECAcc (ska/F756)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZUdfcsUx7ztpEl295olLd8WyHCEeqwlPDGEQmELXKIYGH_NLzaFB5w==
Age: 6373

proftrafficcounter.com/stats

18.184.210.76

40 B

URL
proftrafficcounter.com/stats
IP
18.184.210.76:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
cf817e2af31300cc8044c986a91c01bc
a7e859bb87099b2dcb6e45a572d37934f7d02a95
5e149fc331958d4d4ce52b3fa4b468dd3e3a354747a9b06e10f2c38091d0afce

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dec0617.funsoups.com
DNT: 1
Connection: keep-alive
Referer: https://dec0617.funsoups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 18:05:25 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dec0617.funsoups.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=97ef9bd4-5bbd-4e68-8cdd-7a02ac13e639:2:1; expires=Sat, 03 Dec 2033 18:05:25 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

dec0617.funsoups.com/wujq5t0x?pst=1701885985&rmtc=t&uuid=97ef9bd4-5bbd-4e68-8cdd-7a02ac13e639%3A2%3A1&pii=&in=false&refer=https%3A%2F%2Fryymie.com%2F&key=04aba6386442cd167638f681b6badf82&l=4375715&auid=3a77ea14a4b79c5f7b61f2377ad8958d&sub2=to3000&dc8c66=3000&ap=%24%7BAUCTION_PRICE%7D&sub3=1701885924&pid=103196&shu=28875296164fd258988b189d9c952d9b30adcba3909989120f6a681a82c39812d5679a1f2e22f7caf27c2be4d99ace9bfa42b8984c693ddcf4c4bf239e08a87b963537adbce214609e3079552565eedd59f60179a7bf46f9318b8733b1586f&fr=0&sw2=1280&sh2=1024&sw3=1280&sh3=176&sw4=1280&sh4=1024&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1024&auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjEyMDg3NDUiLCJhaSI6IjNhNzdlYTE0YTRiNzljNWY3YjYxZjIzNzdhZDg5NThkIiwiYmlkIjowLjAwMDYzLCJjIjowLjksImwiOjQzNzU3MTUsImVhbiI6LTEsInMiOiI4ZTkwNzU3NzgwNDljZDkxZmIwODYwMmMxM2JiYzI2YWExNDYyNjMwYzMxN2JkYjdmMWE0MDE1YTUyOTc0NTNjZDdmMWEyN2E4OGFkMTJhZTE3NTIxNDRhM2Q4MmVlYTEyMmRmOTI1OTA3OGRkNzlhZWIiLCJucmkiOiI3MjI4Mzc2MDI4NjY1NDMzNzcyIiwiZXQiOiIxNzAxODg2NTI0In0.CGRQMH0Wu7Qp5sM6I2cDGFfZW2Y3hb0ezpjprsof8o0

192.243.61.226

302 Found

0 B

URL User Request GET HTTP/1.1
dec0617.funsoups.com/wujq5t0x?pst=1701885985&rmtc=t&uuid=97ef9bd4-5bbd-4e68-8cdd-7a02ac13e639%3A2%3A1&pii=&in=false&refer=https%3A%2F%2Fryymie.com%2F&key=04aba6386442cd167638f681b6badf82&l=4375715&auid=3a77ea14a4b79c5f7b61f2377ad8958d&sub2=to3000&dc8c66=3000&ap=%24%7BAUCTION_PRICE%7D&sub3=1701885924&pid=103196&shu=28875296164fd258988b189d9c952d9b30adcba3909989120f6a681a82c39812d5679a1f2e22f7caf27c2be4d99ace9bfa42b8984c693ddcf4c4bf239e08a87b963537adbce214609e3079552565eedd59f60179a7bf46f9318b8733b1586f&fr=0&sw2=1280&sh2=1024&sw3=1280&sh3=176&sw4=1280&sh4=1024&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1024&auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjEyMDg3NDUiLCJhaSI6IjNhNzdlYTE0YTRiNzljNWY3YjYxZjIzNzdhZDg5NThkIiwiYmlkIjowLjAwMDYzLCJjIjowLjksImwiOjQzNzU3MTUsImVhbiI6LTEsInMiOiI4ZTkwNzU3NzgwNDljZDkxZmIwODYwMmMxM2JiYzI2YWExNDYyNjMwYzMxN2JkYjdmMWE0MDE1YTUyOTc0NTNjZDdmMWEyN2E4OGFkMTJhZTE3NTIxNDRhM2Q4MmVlYTEyMmRmOTI1OTA3OGRkNzlhZWIiLCJucmkiOiI3MjI4Mzc2MDI4NjY1NDMzNzcyIiwiZXQiOiIxNzAxODg2NTI0In0.CGRQMH0Wu7Qp5sM6I2cDGFfZW2Y3hb0ezpjprsof8o0
IP
192.243.61.226:443
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjectfunsoups.com
FingerprintBD:C9:06:9E:C9:BC:BF:95:E8:BC:3C:B2:69:2A:68:20:C9:01:E7:DB
ValiditySun, 05 Nov 2023 06:33:10 GMT - Sat, 03 Feb 2024 06:33:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wujq5t0x?pst=1701885985&rmtc=t&uuid=97ef9bd4-5bbd-4e68-8cdd-7a02ac13e639%3A2%3A1&pii=&in=false&refer=https%3A%2F%2Fryymie.com%2F&key=04aba6386442cd167638f681b6badf82&l=4375715&auid=3a77ea14a4b79c5f7b61f2377ad8958d&sub2=to3000&dc8c66=3000&ap=%24%7BAUCTION_PRICE%7D&sub3=1701885924&pid=103196&shu=28875296164fd258988b189d9c952d9b30adcba3909989120f6a681a82c39812d5679a1f2e22f7caf27c2be4d99ace9bfa42b8984c693ddcf4c4bf239e08a87b963537adbce214609e3079552565eedd59f60179a7bf46f9318b8733b1586f&fr=0&sw2=1280&sh2=1024&sw3=1280&sh3=176&sw4=1280&sh4=1024&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1024&auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjEyMDg3NDUiLCJhaSI6IjNhNzdlYTE0YTRiNzljNWY3YjYxZjIzNzdhZDg5NThkIiwiYmlkIjowLjAwMDYzLCJjIjowLjksImwiOjQzNzU3MTUsImVhbiI6LTEsInMiOiI4ZTkwNzU3NzgwNDljZDkxZmIwODYwMmMxM2JiYzI2YWExNDYyNjMwYzMxN2JkYjdmMWE0MDE1YTUyOTc0NTNjZDdmMWEyN2E4OGFkMTJhZTE3NTIxNDRhM2Q4MmVlYTEyMmRmOTI1OTA3OGRkNzlhZWIiLCJucmkiOiI3MjI4Mzc2MDI4NjY1NDMzNzcyIiwiZXQiOiIxNzAxODg2NTI0In0.CGRQMH0Wu7Qp5sM6I2cDGFfZW2Y3hb0ezpjprsof8o0 HTTP/1.1
Host: dec0617.funsoups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dec0617.funsoups.com/wujq5t0x?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=19996658
Cookie: u_pl=19996658; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTk5NjY1OCwiayI6IjA0YWJhNjM4NjQ0MmNkMTY3NjM4ZjY4MWI2YmFkZjgyIiwic2lkIjoiMTIwODc0NSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6Mjc3MzY1NiwicGlkIjoxMDMxOTYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzIsImFpZCI6MjgsInB0Ijo4LCJwayI6Ind1anE1dDB4IiwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vaG90LXN1cnZleS5jb20vc3VydmV5L2RhdGluZy9wcm94eTMvIiwiaWYiOnRydWUsImluIjpmYWxzZSwidHAiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yeXltaWUuY29tLyIsImFyIjpbXX19.aAaalHcdTEUwYwxpluznHIBFarAw4DrWWmHoNCGF4jw; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 18:05:26 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://unfortunatecatch.com/ba3.Vp0/PX3dpbvzbnmfV/JaZjDQ0s0/OpDWcEzIMIThk/1pLATHQu4INbzmM/xyOqT_Y-?clickId=303baa06e2cf7d99e0f0cbdb2f63cf9b&sId=19996658
Set-Cookie: uid_id2=97ef9bd4-5bbd-4e68-8cdd-7a02ac13e639:2:1; expires=Wed, 13 Dec 2023 18:05:26 GMT
iprce60c2ceda6f39ecd18c94a0a2e1fb124=4599413; expires=Thu, 07 Dec 2023 18:05:26 GMT
pdhtkv=true; expires=Thu, 07 Dec 2023 18:05:26 GMT
uncs=1; expires=Thu, 07 Dec 2023 18:05:26 GMT
pdhtkv28=true; expires=Thu, 07 Dec 2023 18:05:26 GMT
uncs28=1; expires=Thu, 07 Dec 2023 18:05:26 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c2b95b2a95b6e56a9a89d90bf032cd09
Strict-Transport-Security: max-age=0; includeSubdomains

unfortunatecatch.com/ba3.Vp0/PX3dpbvzbnmfV/JaZjDQ0s0/OpDWcEzIMIThk/1pLATHQu4INbzmM/xyOqT_Y-?clickId=303baa06e2cf7d99e0f0cbdb2f63cf9b&sId=19996658

88.85.94.240

302 Found

0 B

URL User Request GET HTTP/2
unfortunatecatch.com/ba3.Vp0/PX3dpbvzbnmfV/JaZjDQ0s0/OpDWcEzIMIThk/1pLATHQu4INbzmM/xyOqT_Y-?clickId=303baa06e2cf7d99e0f0cbdb2f63cf9b&sId=19996658
IP
88.85.94.240:443
ASN
#35415 Webzilla B.V.

Certificate
IssuerLet's Encrypt
Subjectunfortunatecatch.com
Fingerprint31:10:EB:14:8C:D6:F7:D0:A7:DD:2F:71:96:77:13:5D:75:6A:2A:E2
ValiditySun, 05 Nov 2023 00:25:00 GMT - Sat, 03 Feb 2024 00:24:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ba3.Vp0/PX3dpbvzbnmfV/JaZjDQ0s0/OpDWcEzIMIThk/1pLATHQu4INbzmM/xyOqT_Y-?clickId=303baa06e2cf7d99e0f0cbdb2f63cf9b&sId=19996658 HTTP/1.1
Host: unfortunatecatch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dec0617.funsoups.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Wed, 06 Dec 2023 18:05:26 GMT
content-type: text/html;charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-frame-options: DENY
location: https://eatcells.com/
referrer-policy: no-referrer
x-content-type-options: nosniff
X-Firefox-Spdy: h2

eatcells.com/assets/css/new_index.css

94.130.177.84

200 OK

3.9 kB

URL GET HTTP/2
eatcells.com/assets/css/new_index.css
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
ASCII text
Size
3.9 kB (3923 bytes)
Hash
0070cb8e88e6776819b1ae397d40f209
db8d333e839bcc76d38026c6710e4be9d9cecd95
c611bde29c5e0950bcee6719767678d98b850288f452a6f7b641dae680fe6096

HTTP Headers

GET /assets/css/new_index.css HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:26 GMT
content-type: text/css
content-length: 3923
last-modified: Wed, 04 Sep 2019 20:36:34 GMT
etag: "5d702052-f53"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/assets/css/new_gallery.css

94.130.177.84

200 OK

1.8 kB

URL GET HTTP/2
eatcells.com/assets/css/new_gallery.css
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
ASCII text
Size
1.8 kB (1791 bytes)
Hash
7fe0557524dbf60d5b7d589d11f72fd6
ebbce6c0589f46dc0f8959e49a1778ab01c6b0f5
a374fd62e3d4aa19adba05d455c79bc3352b24e744d455156dcc275947079f9e

HTTP Headers

GET /assets/css/new_gallery.css HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:26 GMT
content-type: text/css
content-length: 1791
last-modified: Wed, 04 Sep 2019 20:36:34 GMT
etag: "5d702052-6ff"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/assets/js/new_quadtree.js

94.130.177.84

200 OK

3.6 kB

URL GET HTTP/2
eatcells.com/assets/js/new_quadtree.js
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
ASCII text
Size
3.6 kB (3639 bytes)
Hash
97535307fed0d8618244e4d8c19ee53f
a58c1a5deed12f5c7898262e74c380377cdd95ba
51faf127356027d068fa984e84e4fe2dcbe3d748f73fc3fb7944310c08b8187e

HTTP Headers

GET /assets/js/new_quadtree.js HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:26 GMT
content-type: application/javascript
content-length: 3639
last-modified: Wed, 04 Sep 2019 20:36:33 GMT
etag: "5d702051-e37"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-136886237-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-136886237-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (69011 bytes)
Hash
e66bbb9be32c00de8210c2efffee340b
94f4bd8bbb605cd107fa5e73d82ea367de066773
a048fa5670387edd99968653a9e47d5d6d8a6747f9c2f592728c0260bcdef93a

HTTP Headers

GET /gtag/js?id=UA-136886237-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Dec 2023 18:05:27 GMT
expires: Wed, 06 Dec 2023 18:05:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

eatcells.com/assets/js/new_main_out4.js?3512341123

94.130.177.84

200 OK

66 kB

URL GET HTTP/2
eatcells.com/assets/js/new_main_out4.js?3512341123
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
ASCII text
Size
66 kB (66367 bytes)
Hash
a09324e4f90b9d6437ded27984bfd1c9
654f526654aa638af0c7cfb378139b8bc0e9b25c
3fe37eefb8e3c4306bb7614aa524baba49a90960a7598053fee3f1d14af05fc7

HTTP Headers

GET /assets/js/new_main_out4.js?3512341123 HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:26 GMT
content-type: application/javascript
content-length: 66367
last-modified: Wed, 17 Mar 2021 11:17:47 GMT
etag: "6051e55b-1033f"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/assets/img/game-2048.jpg

94.130.177.84

200 OK

35 kB

URL GET HTTP/2
eatcells.com/assets/img/game-2048.jpg
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 1200x1200, components 3\012- data
Size
35 kB (35226 bytes)
Hash
83c6bcd32c7e90ab34e5a8f02e642e8d
97db55b7b37fc4d477057d0e35509af231f770fa
8eb5894f89bf0e0c90e32872557f0ed0bdc95e15518c4cd7eab98a629e17c65e

HTTP Headers

GET /assets/img/game-2048.jpg HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:26 GMT
content-type: image/jpeg
content-length: 35226
last-modified: Wed, 04 Sep 2019 20:36:34 GMT
etag: "5d702052-899a"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/assets/img/game-floppy.jpg

94.130.177.84

200 OK

22 kB

URL GET HTTP/2
eatcells.com/assets/img/game-floppy.jpg
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
22 kB (21816 bytes)
Hash
5ad1eea8c383ba8227fc0202cd53328b
555dced4831f55755a8b94b272be77963c7f243d
df91f7b73203d9477560338afd906fdaea7be4359efd8b4f5c710ea040236f88

HTTP Headers

GET /assets/img/game-floppy.jpg HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:26 GMT
content-type: image/jpeg
content-length: 21816
last-modified: Wed, 04 Sep 2019 20:36:35 GMT
etag: "5d702053-5538"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/assets/img/split.png?4

94.130.177.84

200 OK

8.4 kB

URL GET HTTP/2
eatcells.com/assets/img/split.png?4
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
8.4 kB (8351 bytes)
Hash
a750c895db286aad876dd4d0d921489f
9702489ca7bf3da73c794bc7b08ebde1af41251f
561d10034a0809c36d7d24c7f3aee2b061a9a5dad63ad28d75f4fbc434406d1b

HTTP Headers

GET /assets/img/split.png?4 HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:26 GMT
content-type: image/png
content-length: 8351
last-modified: Wed, 04 Sep 2019 20:36:36 GMT
etag: "5d702054-209f"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/assets/img/eject.png?4

94.130.177.84

200 OK

8.3 kB

URL GET HTTP/2
eatcells.com/assets/img/eject.png?4
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
8.3 kB (8253 bytes)
Hash
cdbc5150d163614cf9278cb6f4796fb1
80d9f03f734e95a89f39f2dd076d4466ed99b1bf
0efc772d5985fdb5a8b8bdb62af4732de2ec1ebc8af7f4a6b6039ef1623f5c63

HTTP Headers

GET /assets/img/eject.png?4 HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:26 GMT
content-type: image/png
content-length: 8253
last-modified: Wed, 04 Sep 2019 20:36:35 GMT
etag: "5d702053-203d"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/assets/img/game-tap.jpg

94.130.177.84

200 OK

188 kB

URL GET HTTP/2
eatcells.com/assets/img/game-tap.jpg
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x1200, components 3\012- data
Size
188 kB (188023 bytes)
Hash
f10541f07881ca3f61b1adeff57c62b8
c12fbce7d19d66e5fb7c769d1f3f1e75d750d9f7
b92f76d1bdafaafe084228cfda473a714e64f24d816f90d5bf7e2ae59ad65421

HTTP Headers

GET /assets/img/game-tap.jpg HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:26 GMT
content-type: image/jpeg
content-length: 188023
last-modified: Wed, 04 Sep 2019 20:36:36 GMT
etag: "5d702054-2de77"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/skinList.txt

94.130.177.84

200 OK

4.7 kB

URL GET HTTP/2
eatcells.com/skinList.txt
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
ASCII text, with very long lines (4653), with no line terminators
Size
4.7 kB (4653 bytes)
Hash
fc25f7574d752ded929cb1dac5cfd6dc
25214cdc98340d44f8152951370a8dc6ef858f38
c0b0c1999cab2333546e0233aed66ee13ba7ac3fc21b68bd378e8a7dc114a197

HTTP Headers

GET /skinList.txt HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:27 GMT
content-type: text/plain
content-length: 4653
last-modified: Wed, 04 Sep 2019 20:36:32 GMT
etag: "5d702050-122d"
accept-ranges: bytes
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2

104.18.11.207

200 OK

18 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

HTTP Headers

GET /bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eatcells.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 18:05:27 GMT
content-type: font/woff2
content-length: 18028
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "448c34a56d699c29117adc64c43affeb"
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 11/12/2022 05:25:23
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1049
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 65fad5cfc5af482c7c821eefc6a6a87c
cdn-cache: HIT
cf-cache-status: HIT
age: 1171426
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8316750659735689-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

216.58.207.227

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Size
30 kB (29752 bytes)
Hash
ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eatcells.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 02:31:32 GMT
expires: Wed, 04 Dec 2024 02:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
age: 142435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

eatcells.com/api/

94.130.177.84

0 B

URL
eatcells.com/api/
IP
94.130.177.84:0
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/ HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://eatcells.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gxwFpBFsFFwmkNPTtVNOpQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 06 Dec 2023 17:51:27 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kGkpAoUXsQpXQBilinItjY03OaQ=

eatcells.com/

94.130.177.84

200 OK

85 kB

URL User Request GET HTTP/2
eatcells.com/
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
85 kB (85022 bytes)
Hash
2a836235e02b1a4001c0acafb6bd4167
8815c48eed43385c80cd5363ea0fb03ed4a1bfcf
ff78c299a1b254c24e3352af14f4dbc227092d968308f5a80bc6d77daaa6fbbf

HTTP Headers

GET / HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:26 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2

eatcells.com/skins/yellow-streak.png

94.130.177.84

200 OK

62 kB

URL GET HTTP/2
eatcells.com/skins/yellow-streak.png
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
62 kB (61528 bytes)
Hash
762e6911bd1dedd08b94ffb20ad938d3
3a797b010a62b9f8267951eb7bce7e870edbe3a5
7fa71d8d579afd68e142c7aec7e0c293910a07aceede6b25ff2c135be6890e5a

HTTP Headers

GET /skins/yellow-streak.png HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701885933.1.0.1701885933.0.0.0; _ga=GA1.1.38946699.1701885934
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:27 GMT
content-type: image/png
content-length: 61528
last-modified: Sun, 17 Feb 2019 13:00:15 GMT
etag: "5c695adf-f058"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/skins/gemini.png

94.130.177.84

200 OK

48 kB

URL GET HTTP/2
eatcells.com/skins/gemini.png
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
48 kB (47481 bytes)
Hash
9fab62abd41b1bdff0deb79783e74454
e34e04439479fee66a96f0a437b2eacea964a419
3c687b8096aee4208b6f20cebec5327abdf8210ec4313d0c23f33f38c16eb897

HTTP Headers

GET /skins/gemini.png HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701885933.1.0.1701885933.0.0.0; _ga=GA1.1.38946699.1701885934
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:27 GMT
content-type: image/png
content-length: 47481
last-modified: Sun, 17 Feb 2019 12:59:47 GMT
etag: "5c695ac3-b979"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Ubuntu:700

216.58.211.10

200 OK

50 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Ubuntu:700
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
50 kB (50064 bytes)
Hash
d323dfab00e7e2a94087005d1257cae6
7e0e9c74df72c62b8a1a9b86d1e8aba969312aa9
70217569669e52b157f7f597e8c133dabd6084a5f9d5841d8d0d56898169f3c3

HTTP Headers

GET /css?family=Ubuntu:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Dec 2023 18:05:27 GMT
date: Wed, 06 Dec 2023 18:05:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

eatcells.com/skins/marceline.png

94.130.177.84

200 OK

98 kB

URL GET HTTP/2
eatcells.com/skins/marceline.png
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 1076 x 1076, 8-bit colormap, non-interlaced\012- data
Size
98 kB (97794 bytes)
Hash
1fca5bea2b3fdc8e020d591ff6818e33
b816f894ce5f0c8882c42035e9a02b75c26cc52a
c44ef84f51219e810745f9645c69c3387c2445be23941fe138851a4245e45691

HTTP Headers

GET /skins/marceline.png HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701885933.1.0.1701885933.0.0.0; _ga=GA1.1.38946699.1701885934
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:27 GMT
content-type: image/png
content-length: 97794
last-modified: Sun, 17 Feb 2019 12:59:55 GMT
etag: "5c695acb-17e02"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.icone-png.com/png/22/22430.png

194.150.236.240

44 kB

URL GET
www.icone-png.com/png/22/22430.png
IP
194.150.236.240:0
ASN
#44976 AZNET s.a.r.l.

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecticone-png.com
FingerprintF8:AB:FA:46:BD:65:7A:64:F0:8A:F9:5E:75:EF:A0:C0:65:3A:DD:32
ValidityWed, 18 Oct 2023 06:13:39 GMT - Tue, 16 Jan 2024 06:13:38 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
44 kB (44103 bytes)
Hash
e3f3995eee92ffbd800489ea80bcf4b1
09b579124f0cff2b416274fd9dc1533971cedc65
72e00f5849a0359da527b77f1f1063d1476d00aefc93c347b78b96c960bd994a

HTTP Headers

GET /png/22/22430.png HTTP/1.1
Host: www.icone-png.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 18:05:27 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000
Last-Modified: Sun, 06 Jan 2019 22:18:39 GMT
ETag: "324f27-ac75-57ed17e8caf03"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 44103
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2

216.58.207.227

200 OK

38 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37840, version 1.0\012- data
Size
38 kB (37840 bytes)
Hash
6957af42676a9a6104e7a8eee1cee92f
05a81c1de245f5abfda3e26e333753a98a90b77f
e4f50b8bf27fec2b2be5907a06a6579a355aa86542322a2434fac71a22c2ea6e

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eatcells.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:49:01 GMT
expires: Fri, 29 Nov 2024 04:49:01 GMT
cache-control: public, max-age=31536000
age: 566186
last-modified: Wed, 27 Apr 2022 17:05:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjs2yNL4U.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjs2yNL4U.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12936, version 1.0\012- data
Size
13 kB (12936 bytes)
Hash
6addbc1c8b8d01749d11b911a14b495e
56d87e9231ba1cf4c97a03e98d1ead1622b366ac
7e60d4df52144b57e1065524716f9087b1be34ffc9049e0d3eb1091f8d1e2551

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjs2yNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eatcells.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:22:57 GMT
expires: Fri, 29 Nov 2024 23:22:57 GMT
cache-control: public, max-age=31536000
age: 499350
last-modified: Wed, 27 Apr 2022 17:10:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18200, version 1.0\012- data
Size
18 kB (18200 bytes)
Hash
8c7519686a5ddf20a3981e660a5f2610
3e0d73d14e4892b36fb5c6a9854c7d2e6bec005a
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eatcells.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 20:40:59 GMT
expires: Tue, 03 Dec 2024 20:40:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:10:53 GMT
content-type: font/woff2
age: 163468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

eatcells.com/assets/img/favicon.ico?4

94.130.177.84

200 OK

32 kB

URL GET HTTP/2
eatcells.com/assets/img/favicon.ico?4
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32347 bytes)
Hash
86a61de6ab87b83d46a4873affaa717a
8863fa661cf2a1561a7ea19261f0980010d20eac
04e2c050285112bcd703f8765b5104c8dcf2c5b7b463f47802ccbd1933b57adf

HTTP Headers

GET /assets/img/favicon.ico?4 HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701885933.1.0.1701885933.0.0.0; _ga=GA1.1.38946699.1701885934
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:27 GMT
content-type: image/x-icon
content-length: 32347
last-modified: Wed, 04 Sep 2019 20:36:35 GMT
etag: "5d702053-7e5b"
accept-ranges: bytes
X-Firefox-Spdy: h2

eatcells.com/skins/star-girl.png

94.130.177.84

200 OK

50 kB

URL GET HTTP/2
eatcells.com/skins/star-girl.png
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
50 kB (49591 bytes)
Hash
d05b9f13452a545a827a40736049c388
52b0fa1a97dbf3134229ebf9c306babfd8485ba8
38bb66522464b7a2eed23a680886b05c4dd197a106a888b6bd298f41de3e78c2

HTTP Headers

GET /skins/star-girl.png HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Cookie: _ga_7KY1EBYBZS=GS1.1.1701885933.1.0.1701885933.0.0.0; _ga=GA1.1.38946699.1701885934
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 17:51:27 GMT
content-type: image/png
content-length: 49591
last-modified: Sun, 17 Feb 2019 13:00:08 GMT
etag: "5c695ad8-c1b7"
accept-ranges: bytes
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

104.18.11.207

200 OK

117 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (65371)
Size
117 kB (117305 bytes)
Hash
eedf9ee80c2faa4e1b9ab9017cdfcb88
ed29315e0ffb3f14382431f2724235bf67f44eb3
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

HTTP Headers

GET /bootstrap/3.3.4/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 18:05:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"eedf9ee80c2faa4e1b9ab9017cdfcb88"
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 08/04/2023 12:50:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7e74c5fea2151758aaf7c8cf1f839c4a
cdn-cache: HIT
cf-cache-status: HIT
age: 987947
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 831675047fc8b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7KY1EBYBZS&l=dataLayer&cx=c

142.250.74.168

200 OK

229 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-7KY1EBYBZS&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://eatcells.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
229 kB (229437 bytes)
Hash
7ee83228191157cd12197a1e94ab8f15
3b38fca244ac622d281099ea6ba56df00232840a
d5b9fdea65bc41f0c5b93eb97b76a0d7d5d34f7f08b2af41317c265f44c94843

HTTP Headers

GET /gtag/js?id=G-7KY1EBYBZS&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eatcells.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Dec 2023 18:05:27 GMT
expires: Wed, 06 Dec 2023 18:05:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

eatcells.com/api/

94.130.177.84

101 Switching Protocols

0 B

URL GET HTTP/1.1
eatcells.com/api/
IP
94.130.177.84:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://eatcells.com/
Certificate
IssuerLet's Encrypt
Subjecteatcells.com
FingerprintFB:12:33:21:9E:98:19:D2:25:B6:7C:71:12:58:85:D0:9C:7E:E8:02
ValidityWed, 29 Nov 2023 09:45:41 GMT - Tue, 27 Feb 2024 09:45:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/ HTTP/1.1
Host: eatcells.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://eatcells.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gxwFpBFsFFwmkNPTtVNOpQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 06 Dec 2023 17:51:27 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kGkpAoUXsQpXQBilinItjY03OaQ=

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (42)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP