Submitted URL: https://28907263-32160-ex.clibuceant.com/iyBEBoA2PArgZtczvVjHKSFJlNkRvoHRdqsEOcmfE5MdNp6Tpd0Coc_cVNNgfdfIkYgPcaRzh6jveuuzHOKnYBaKm6GluLiK...
Effective URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haf...
Submission: On December 18 via api from US — Scanned from CA

Summary

This website contacted 10 IPs in 5 countries across 11 domains to perform 41 HTTP transactions. The main IP is 104.21.58.193, located in and belongs to CLOUDFLARENET, US. The main domain is theeverydaygame.com. The Cisco Umbrella rank of the primary domain is 468656.
TLS certificate: Issued by WE1 on October 23rd 2024. Valid for: 3 months.
This is the only time theeverydaygame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 88.208.22.3 39572 (ADVANCEDH...)
2 37.114.46.212 58087 (FlorianKo...)
2 14 139.45.197.243 9002 (RETN-AS R...)
2 104.21.27.183 13335 (CLOUDFLAR...)
1 1 172.67.205.96 13335 (CLOUDFLAR...)
19 104.21.58.193 13335 (CLOUDFLAR...)
1 172.67.205.253 13335 (CLOUDFLAR...)
1 104.21.86.46 13335 (CLOUDFLAR...)
1 172.67.169.157 13335 (CLOUDFLAR...)
1 185.59.223.192 60068 (CDN77 Dat...)
1 2 34.199.64.7 14618 (AMAZON-AES)
41 10
Apex Domain
Subdomains
Transfer
19 theeverydaygame.com
theeverydaygame.com — Cisco Umbrella Rank: 468656
669 KB
14 gaimauroogrou.net
gaimauroogrou.net — Cisco Umbrella Rank: 387853
34 KB
3 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
3 KB
2 redwingshere.xyz
redwingshere.xyz — Cisco Umbrella Rank: 220818
1 KB
1 experttrafficmonitor.com
experttrafficmonitor.com — Cisco Umbrella Rank: 824220
409 B
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 15519
579 B
1 exoclick.com
a.exoclick.com Failed
syndication.exoclick.com — Cisco Umbrella Rank: 89770
363 B
1 twistconcept.com
twistconcept.com — Cisco Umbrella Rank: 797446
1 KB
1 gamesrevenue.com
ln.gamesrevenue.com — Cisco Umbrella Rank: 381290
4 KB
1 hooligs.app
click.hooligs.app — Cisco Umbrella Rank: 244860
965 B
1 clibuceant.com
28907263-32160-ex.clibuceant.com
557 B
41 11
Domain Requested by
19 theeverydaygame.com theeverydaygame.com
14 gaimauroogrou.net 2 redirects gaimauroogrou.net
3 my.rtmark.net gaimauroogrou.net
theeverydaygame.com
2 redwingshere.xyz
1 experttrafficmonitor.com theeverydaygame.com
1 proftrafficcounter.com 1 redirects
1 syndication.exoclick.com theeverydaygame.com
1 twistconcept.com ln.gamesrevenue.com
1 ln.gamesrevenue.com theeverydaygame.com
1 click.hooligs.app 1 redirects
1 28907263-32160-ex.clibuceant.com 1 redirects
0 a.exoclick.com Failed theeverydaygame.com
41 12

This site contains links to these domains. Also see Links.

Domain
r.hooliganapps.com
Subject Issuer Validity Valid
redwingshere.xyz
E6
2024-12-07 -
2025-03-07
3 months crt.sh
gaimauroogrou.net
R10
2024-10-04 -
2025-01-02
3 months crt.sh
my.rtmark.net
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
theeverydaygame.com
WE1
2024-10-23 -
2025-01-21
3 months crt.sh
gamesrevenue.com
WE1
2024-10-28 -
2025-01-26
3 months crt.sh
twistconcept.com
WE1
2024-11-14 -
2025-02-12
3 months crt.sh
exoclick.com
E6
2024-10-06 -
2025-01-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Frame ID: BDD08891F371FC9A4D1D5BBEAB3B2C82
Requests: 41 HTTP requests in this frame

Screenshot

Page Title

Lust Goddes

Page URL History Show full URLs

  1. https://28907263-32160-ex.clibuceant.com/iyBEBoA2PArgZtczvVjHKSFJlNkRvoHRdqsEOcmfE5MdNp6Tpd0Coc_cVNNgfdfIkYgPcaRzh6jv... HTTP 307
    https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
  2. https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083 Page URL
  3. https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false HTTP 302
    https://gaimauroogrou.net/4/7393037/?var=8477354 Page URL
  4. https://gaimauroogrou.net/?z=7393037&syncedCookie=true&rhd=false HTTP 302
    https://click.hooligs.app/?pid=1369&offer_id=49&land=929&ref_id=893143724056650721&sub1=papNA2 HTTP 302
    https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

95 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

10
IPs

5
Countries

711 kB
Transfer

903 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28907263-32160-ex.clibuceant.com/iyBEBoA2PArgZtczvVjHKSFJlNkRvoHRdqsEOcmfE5MdNp6Tpd0Coc_cVNNgfdfIkYgPcaRzh6jveuuzHOKnYBaKm6GluLiKdAIfSL9OLMlNoh0-63fj--h7TVl_CA?kws=cheemsporn%2Clos%2Cmejores%2Cvideos%2Cporno%2Clatino%2Cespa%2Cred%2Cencontrar&abl=0&fsb=0&pageUri=https%3A...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
    https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
  2. https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083 Page URL
  3. https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false HTTP 302
    https://gaimauroogrou.net/4/7393037/?var=8477354 Page URL
  4. https://gaimauroogrou.net/?z=7393037&syncedCookie=true&rhd=false HTTP 302
    https://click.hooligs.app/?pid=1369&offer_id=49&land=929&ref_id=893143724056650721&sub1=papNA2 HTTP 302
    https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://28907263-32160-ex.clibuceant.com/iyBEBoA2PArgZtczvVjHKSFJlNkRvoHRdqsEOcmfE5MdNp6Tpd0Coc_cVNNgfdfIkYgPcaRzh6jveuuzHOKnYBaKm6GluLiKdAIfSL9OLMlNoh0-63fj--h7TVl_CA?kws=cheemsporn%2Clos%2Cmejores%2Cvideos%2Cporno%2Clatino%2Cespa%2Cred%2Cencontrar&abl=0&fsb=0&pageUri=https%3A...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
  • https://redwingshere.xyz/go/8286/3?subid2={hostId}
Request Chain 7
  • https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false HTTP 302
  • https://gaimauroogrou.net/4/7393037/?var=8477354
Request Chain 38
  • https://proftrafficcounter.com/px.gif?akey=28407dccfb372e83ee9d49a69f097187 HTTP 307
  • https://experttrafficmonitor.com/dbs?uuid=34e995b7-9e28-4779-817b-fbf9f8ade9bb&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTczNDUwNTU3OX0sImFjY2wiOnsiMjAsMCI6MTczNDUwNTU3OX19.gISXJxqW0uHtXWovi32czv2Qdso7pvzqE29DyftDwT0

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
3
redwingshere.xyz/go/8286/
Redirect Chain
  • https://28907263-32160-ex.clibuceant.com/iyBEBoA2PArgZtczvVjHKSFJlNkRvoHRdqsEOcmfE5MdNp6Tpd0Coc_cVNNgfdfIkYgPcaRzh6jveuuzHOKnYBaKm6GluLiKdAIfSL9OLMlNoh0-63fj--h7TVl_CA?kws=cheemsporn%2Clos%2Cmejore...
  • https://redwingshere.xyz/go/8286/3?subid2={hostId}
293 B
831 B
Document
General
Full URL
https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.114.46.212 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS
212.46.114.37.in-addr.arpa
Software
nginx/1.24.0 (Ubuntu) / PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
identity
Content-Length
293
Content-Type
text/html; charset=utf-8
Date
Wed, 18 Dec 2024 07:06:16 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Wed, 18 Dec 2024 07:06:16 GMT
Pragma
no-cache
Server
nginx/1.24.0 (Ubuntu)
X-Powered-By
PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 18 Dec 2024 07:06:16 GMT
expires
Wed, 18 Dec 2024 07:06:16 UTC
last-modified
Wed, 18 Dec 2024 07:06:16 UTC
location
https://redwingshere.xyz/go/8286/3?subid2={hostId}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
no-referrer
server
nginx
8477354
gaimauroogrou.net/4/
31 KB
14 KB
Document
General
Full URL
https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
f51e89dff99ad101a4400c8f66027455f563cc1dbec96d2b8f9767e02209a5ef
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Wed, 18 Dec 2024 07:06:17 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
favicon.ico
redwingshere.xyz/
0
228 B
Other
General
Full URL
https://redwingshere.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.114.46.212 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS
212.46.114.37.in-addr.arpa
Software
nginx/1.24.0 (Ubuntu) / PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length
0
Date
Wed, 18 Dec 2024 07:06:17 GMT
Content-Type
text/html; charset=UTF-8
X-Powered-By
PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Server
nginx/1.24.0 (Ubuntu)
Connection
keep-alive
img.gif
my.rtmark.net/
43 B
878 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0081367f16194e16e952e597634c691b&z=8477354&p_rid=b59b5cff-d577-4c37-8a07-4d43260d0682&p_src=sf
Requested by
Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gaimauroogrou.net/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szTUhCz8zSjtcwGVC%2B0hgIp99gC28GkyE0ZhmKWQHcZQoaP8wjCgyrj%2BxZKWRN7pihbzXIH1hAXMjnj6pICojZCx4zcHKRU5ZpcjsD4GISeLaMj9m0AWwPJYuAhPtJUz"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23939&min_rtt=23273&rtt_var=4947&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4166&recv_bytes=4527&delivery_rate=525&cwnd=12000&unsent_bytes=0&cid=f3e347485bb39786&ts=126&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:17 GMT
content-type
image/gif
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f3d4f33db3eab84-YYZ
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
gaimauroogrou.net/
43 B
652 B
Image
General
Full URL
https://gaimauroogrou.net/sftouch?userId=0081367f16194e16e952e597634c691b&z=8477354&p_rid=b59b5cff-d577-4c37-8a07-4d43260d0682&p_src=sf&branchId=0&rb=pqgMABYGBo9XeJn5lig0Zh5iNs7uYEztgK1gs7fRwVfeaIqQLmJSwGSoBKUZkdnRp5LGPSqDyneuBwnDVHLCSLkX4ZSzQ-bm9ObsTkXgbzx0dSvzNFqVweWvgzJzhLySE5kQAybMzM6c8vUoHfjaKrdtrvUiDhMkljP0Nd_DwO2tBM-1MsCw3uqXEnjSBk4I_dJLpPfheCWToQYrWha8l1G-0hA8Kpq8L898oXJpI6jjaRixNR09FchjaixSNFPmWlk13ae92Vn_I7FOpaEa6J1YFzOyZqSUHJpI9fhWV3OjtXaa53jjrnaE8EyCreWsP7kLLONTxLQgyerPJNkkhQ==&w_img=1
Requested by
Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083

Response headers

access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Wed, 18 Dec 2024 07:06:17 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
0a350d0e4f29ba9948f0c515df83116d
access-control-allow-origin
*
content-length
43
server
nginx
add
gaimauroogrou.net/log/
12 B
386 B
XHR
General
Full URL
https://gaimauroogrou.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b59b5cff-d577-4c37-8a07-4d43260d0682
Requested by
Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://gaimauroogrou.net
content-length
12
date
Wed, 18 Dec 2024 07:06:17 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
gaimauroogrou.net/async_log/
0
340 B
XHR
General
Full URL
https://gaimauroogrou.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b59b5cff-d577-4c37-8a07-4d43260d0682
Requested by
Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://gaimauroogrou.net
content-length
0
date
Wed, 18 Dec 2024 07:06:17 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
/
gaimauroogrou.net/4/7393037/
Redirect Chain
  • https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false
  • https://gaimauroogrou.net/4/7393037/?var=8477354
31 KB
14 KB
Document
General
Full URL
https://gaimauroogrou.net/4/7393037/?var=8477354
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
17cbac01345050fc3affa0767bc23fdd4e2544e96502e178377e854c307ec170
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://gaimauroogrou.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Wed, 18 Dec 2024 07:06:17 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://gaimauroogrou.net
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Wed, 18 Dec 2024 07:06:17 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://gaimauroogrou.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://gaimauroogrou.net/4/7393037/?var=8477354
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
6576ab72d71bf274d40ea020453e944f
favicon.ico
gaimauroogrou.net/
0
150 B
Other
General
Full URL
https://gaimauroogrou.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gaimauroogrou.net/afu.php?zoneid=8477354&var=8477354&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Wed, 18 Dec 2024 07:06:17 GMT
pragma
public
server
nginx
favicon.ico
gaimauroogrou.net/
0
0
Other
General
Full URL
https://gaimauroogrou.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gaimauroogrou.net/afu.php?zoneid=8477354&var=8477354&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Wed, 18 Dec 2024 07:06:17 GMT
pragma
public
server
nginx
img.gif
my.rtmark.net/
43 B
844 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008136dc76684b17e12cd11a7bc29875&z=7393037&p_rid=203cb3c8-95b3-4385-bdc6-85503e99a1f1&p_src=sf
Requested by
Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gaimauroogrou.net/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbtX%2FPU0SV1%2ByTVIxlTcW2n3JV5UYCpb1%2BCyEQyLGMMhnIzfTjkI6S8Qa8X04Axl7FtIZi6YCFAF49VbjGOTTlsb0Wgv5RphnZykkIb7nUIWGFa50ncLxWJERWrRubTT"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26970&min_rtt=23273&rtt_var=9771&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5090&recv_bytes=5009&delivery_rate=18699&cwnd=12000&unsent_bytes=0&cid=f3e347485bb39786&ts=649&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:18 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f3d4f371cf4ab84-YYZ
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
gaimauroogrou.net/
43 B
652 B
Image
General
Full URL
https://gaimauroogrou.net/sftouch?userId=008136dc76684b17e12cd11a7bc29875&z=7393037&p_rid=203cb3c8-95b3-4385-bdc6-85503e99a1f1&p_src=sf&branchId=0&rb=-fkY-5Av9siP1_y2Z4sahL1BfGHuDV-p1FF-OX8upwCPs_H7QTR-5gI9ZRFpu7UzmbLrv0sSQwef_WoaVViFHPDmu8uXBOidIRsJ5884CCmIGfIxoXAEPMbdUjyDO8EOg8DVQlxww1tuno_mGv0AzfRhaXXCf3EJifIQTKdP-cPbUuoTTXKvrWfpEQWtaUcII1wwG3OGrGBG_L4btoHGLYoowwqLrOCIAyiSGpPRpfdslWRPfYMp3whCjgsjANKqw0Bl03eeyBFmsqPL6DOGAiV5SGXMpC88Lo3Yb0U6jZg4Z3qgc8QYCA==&w_img=1
Requested by
Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Wed, 18 Dec 2024 07:06:18 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
c1fbb4f072a707e24266637cf51cfef1
access-control-allow-origin
*
content-length
43
server
nginx
add
gaimauroogrou.net/log/
12 B
386 B
XHR
General
Full URL
https://gaimauroogrou.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=203cb3c8-95b3-4385-bdc6-85503e99a1f1
Requested by
Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://gaimauroogrou.net
content-length
12
date
Wed, 18 Dec 2024 07:06:18 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
gaimauroogrou.net/async_log/
0
340 B
XHR
General
Full URL
https://gaimauroogrou.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=203cb3c8-95b3-4385-bdc6-85503e99a1f1
Requested by
Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://gaimauroogrou.net
content-length
0
date
Wed, 18 Dec 2024 07:06:18 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
gaimauroogrou.net/
0
0
Other
General
Full URL
https://gaimauroogrou.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Wed, 18 Dec 2024 07:06:17 GMT
pragma
public
server
nginx
Primary Request /
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/
Redirect Chain
  • https://gaimauroogrou.net/?z=7393037&syncedCookie=true&rhd=false
  • https://click.hooligs.app/?pid=1369&offer_id=49&land=929&ref_id=893143724056650721&sub1=papNA2
  • https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
6 KB
2 KB
Document
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90486b38676cb2c685e05d4c148fd914a04abf18e2ae059d5b447bbf7a86d6f

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://gaimauroogrou.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3d4f3c2b5539e4-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 07:06:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCi9Y3N%2B04nMpaphTULeO1Uq4vnrRKaIvNg5V60hPpTTWDe6Pns%2F4010NeknhUkRPOWPFWysXCDS6knzxjj0BHqigdXVCUCk8PKGfchcYABYagq2THAZHbNhfvNOyueEMg8jwFZl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=24061&min_rtt=23419&rtt_var=5470&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4305&recv_bytes=4588&delivery_rate=24851&cwnd=12000&unsent_bytes=0&cid=edbdfee05021448c&ts=140&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3d4f3a6d55ab1c-YYZ
content-language
en
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Wed, 18 Dec 2024 07:06:18 GMT
location
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m07G2hLQnsIkkfPF%2FhL94TYy2hCfxX1ImtXsyng6tlP1Qg%2FtZOUkK9JXzh25JHTg1zl2K0L4zWRZ6YiuBaEB4sRkTdiV3axClTZSjtKz3um18WQ5bFXAe5ydXHfOCF9OgZlVKg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=24866&min_rtt=23271&rtt_var=5206&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4252&recv_bytes=4528&delivery_rate=529&cwnd=12000&unsent_bytes=0&cid=4ae5ad372f1e125e&ts=154&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=43200
vary
Accept-Language, Origin
x-clickid
4e6b0000907336de
x-content-type-options
nosniff
x-frame-options
DENY
favicon.ico
gaimauroogrou.net/
0
0
Other
General
Full URL
https://gaimauroogrou.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gaimauroogrou.net/afu.php?zoneid=7393037&var=7393037&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Wed, 18 Dec 2024 07:06:17 GMT
pragma
public
server
nginx
swiper-bundle.min.css
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/libs/swiper/
15 KB
5 KB
Stylesheet
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/libs/swiper/swiper-bundle.min.css
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90baf8605dfb4b8480994ad1333313d2a627e9585b42cb67e87bd56fd27a89c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65f0ac35-3cca"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUz9b2T2HjXBb3Pi9q0Lv0yrVYdY%2BXkgrRcaPyA6aaBhWhvSsvMRKJ6ih2nmjfRQjxJyK5%2FpIMyGBHAzlM9%2FsJMlpeXFGyerhIXSSkhCmpELbQPDY%2FmGM%2B0wL34n11qbTM7bdk29"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28444&min_rtt=23419&rtt_var=10705&sent=19&recv=19&lost=0&retrans=0&sent_bytes=9401&recv_bytes=7785&delivery_rate=39965&cwnd=12000&unsent_bytes=0&cid=edbdfee05021448c&ts=348&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
text/css
last-modified
Tue, 12 Mar 2024 19:25:41 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3dabf139e4-YYZ
server
cloudflare
main.css
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/css/main.css
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc542f0e478d3370f0704fedd802a9ca40364e36eb5da862c08b43156b68055

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f0ac29-12d6"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ioaVCWRYOA%2Brg%2Br9Z0JEpRDzJCezLb0W9HefiHrRbn%2BOqiKpoITuY1HCJw0%2FwKkQw%2Bm97rHfd7wN%2FdVPCXBN7Lu8lPc49rECyCnixGnHst5CGLOLSbt5Vu0%2FxrcEarXcRS62SakB"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28444&min_rtt=23419&rtt_var=10705&sent=16&recv=19&lost=0&retrans=0&sent_bytes=5993&recv_bytes=7785&delivery_rate=39965&cwnd=12000&unsent_bytes=0&cid=edbdfee05021448c&ts=346&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
text/css
last-modified
Tue, 12 Mar 2024 19:25:29 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3dabf239e4-YYZ
server
cloudflare
media.css
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/css/
801 B
1012 B
Stylesheet
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/css/media.css
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11df4924271a3b230eb5b27a44395e1347d2748451662282ff4e874ada42669

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f0ac2a-321"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MD7uBa63rvdHVAsv%2BaZtUxU%2Bft%2Fn3izhm%2BiAnZcpuv3n7l8x1piCt%2Bbd9KBM4nIat2y8LXXJl%2FyBxUpVIoh%2BZuiN%2F3wq%2BOelHgZjWV%2BQWNWmLxTRv87qypzjzZPw5CTkGl8Ckxk0"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28444&min_rtt=23419&rtt_var=10705&sent=18&recv=19&lost=0&retrans=0&sent_bytes=8366&recv_bytes=7785&delivery_rate=39965&cwnd=12000&unsent_bytes=0&cid=edbdfee05021448c&ts=348&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
text/css
last-modified
Tue, 12 Mar 2024 19:25:30 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3dabf439e4-YYZ
server
cloudflare
jquery.min.js
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/js/
85 KB
32 KB
Script
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/js/jquery.min.js
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65f0ac32-1538f"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAJYtCnhI6x4CA0SZctkEvHgx7iKI4tj43zLT32MIjY%2BOHsEr2OVo7YsuBKhpCbO1Or9n8tTm2oAJ1RvsFQmJ%2BWQz1gK7HVQEd%2BgI7oIiszYKFFegrBNHdthIJUNWrjSNBAUEZzD"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28444&min_rtt=23419&rtt_var=10705&sent=24&recv=19&lost=0&retrans=0&sent_bytes=14995&recv_bytes=7785&delivery_rate=39965&cwnd=12000&unsent_bytes=0&cid=edbdfee05021448c&ts=348&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
application/javascript
last-modified
Tue, 12 Mar 2024 19:25:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3dabf539e4-YYZ
server
cloudflare
px1.js
ln.gamesrevenue.com/
15 KB
4 KB
Script
General
Full URL
https://ln.gamesrevenue.com/px1.js
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40fc3bebe2dc3c28f08f2f4f5a6059425ccc5541ada3f0945f7539e90374441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"65856128-3b88"
age
5668
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YexD%2BFddM8HBjTIi3XLSluSCzfYKkKXYDrlsp4lQZHrsiqia6fT7n4L69jERFZV87TevKkA0eUPfkIaimWh8KXj6YvU%2F3fpZHJVTJc86yoDjtvTAZ1Y9yXvzCRYeZU%2F%2FzW%2FSvwem"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23340&min_rtt=23316&rtt_var=8791&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4277&recv_bytes=4307&delivery_rate=132062&cwnd=12000&unsent_bytes=0&cid=8f1d9852113438fb&ts=198&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
application/javascript
last-modified
Fri, 22 Dec 2023 10:12:56 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3ed97aab75-YYZ
server
cloudflare
awpx_click.js
theeverydaygame.com/
1 KB
1 KB
Script
General
Full URL
https://theeverydaygame.com/awpx_click.js?v=005
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fff603702e9bea03cf47ba47947bb7f8655eb7fcb1c8f7091e9a38d8f5d949c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6409abb0-5d2"
age
7081
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQHBXLF4VAaoYRZkNecFnMX2CfQo8l5D2PIQaWZQmdsuDRrgySBPXrqeP2HpVYeUb9jiJ9yRTyK275g%2BC%2BLZD9RpyH3K6tqXy0WDNcdUniALc%2FZOBrKgf%2FX9N%2FTTGvc4iyBBp8qX"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28444&min_rtt=23419&rtt_var=10705&sent=24&recv=19&lost=0&retrans=0&sent_bytes=14995&recv_bytes=7785&delivery_rate=39965&cwnd=12000&unsent_bytes=0&cid=edbdfee05021448c&ts=348&x=1", cfExtPri, cfHdrFlush;dur=21
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
application/javascript
last-modified
Thu, 09 Mar 2023 09:49:36 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3dabf739e4-YYZ
server
cloudflare
arrow.png
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/
1 KB
2 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/arrow.png
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25f7e450195a3bfca600d37cb7a97ff76e3fa9f995beec0629a2e2d897147bdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"65f0ac2d-5cf"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4g7kE6zH2ppTHi6tcFfC1tvW9jeTdNwJHeU4UlHvArDERSY5ixdTpMwcMS%2F4S4qfx8%2BytO1ZTxFovp3PMHem77s%2BgDQ5aY4kSmV5QLRRCcr6oMNQBXGs6TbDErmB9SPCDlJ7u7KI"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28444&min_rtt=23419&rtt_var=10705&sent=19&recv=19&lost=0&retrans=0&sent_bytes=9401&recv_bytes=7785&delivery_rate=39965&cwnd=12000&unsent_bytes=0&cid=edbdfee05021448c&ts=348&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/png
last-modified
Tue, 12 Mar 2024 19:25:33 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3dabf839e4-YYZ
accept-ranges
bytes
content-length
1487
server
cloudflare
logo.png
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/
25 KB
25 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/logo.png
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a70fa1e657108214290bebe3c86fdc0182fc35697b65614c87b29eb687d149

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"65f0ac30-6268"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2D5lvg7l%2BK1y0P60bCL8CeVS8dB3CdoaJ9NNn1gLQzw6M8aHTx8ZK55OTXOp4ypPhwHKO0AgF5Vs0ck5avAb5jVPVuhI2F%2BwqTBFCoj%2BZ3DYRFsMKk2P1qXR6gEDwI4oPQjCdcRP"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28444&min_rtt=23419&rtt_var=10705&sent=28&recv=19&lost=0&retrans=0&sent_bytes=17993&recv_bytes=7785&delivery_rate=39965&cwnd=12000&unsent_bytes=0&cid=edbdfee05021448c&ts=350&x=1", cfExtPri, cfHdrFlush;dur=19
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/png
last-modified
Tue, 12 Mar 2024 19:25:36 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3dabfa39e4-YYZ
accept-ranges
bytes
content-length
25192
server
cloudflare
swiper-bundle.min.js
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/libs/swiper/
132 KB
40 KB
Script
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/libs/swiper/swiper-bundle.min.js
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645255c46fe9e4d3bf32f39bb28399be808371071435e9cf3a3de9dc858a9eeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65f0ac36-210c8"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pnO6fQx13uXkBP%2BxrFt9fwEEL4ZjQq8ijomeTyjD%2BqQPcNs7vNNhSVBnM5VhAwgWfcfSOFOgkAqxkgJIUJM3QQRLpB2w8v504DCV8rjyLeIBowt4Ozb2cDOn4BIl%2F8IRWJH6Gg2"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25694&min_rtt=23166&rtt_var=3334&sent=88&recv=56&lost=0&retrans=0&sent_bytes=78811&recv_bytes=10163&delivery_rate=1188432&cwnd=39600&unsent_bytes=0&cid=edbdfee05021448c&ts=570&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
application/javascript
last-modified
Tue, 12 Mar 2024 19:25:42 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3f0c9939e4-YYZ
server
cloudflare
common.js
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/js/
778 B
1 KB
Script
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/js/common.js
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c66ec474b517f5c12a6e40137d8ae35ecb8b640ced4f4a8878187e533d20c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65f0ac32-30a"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DEl5Nl%2BggB9mZ9roOC1MwRnUlBXgDv2BouABO7LMuAy6TeS%2F2FRI7UgWCsN0oC7p7jL7CUC1CN%2BqjAy1vI6%2Fdr7nAfAMtVgF5eCiA8eCvXGzvpBTHV1vz4BY7GJb1q3c9ABHCy%2B4"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25694&min_rtt=23166&rtt_var=3334&sent=89&recv=56&lost=0&retrans=0&sent_bytes=79513&recv_bytes=10163&delivery_rate=1188432&cwnd=39600&unsent_bytes=0&cid=edbdfee05021448c&ts=571&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
application/javascript
last-modified
Tue, 12 Mar 2024 19:25:38 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3f0c9a39e4-YYZ
server
cloudflare
index.min.js
twistconcept.com/
653 B
1 KB
Script
General
Full URL
https://twistconcept.com/index.min.js?pk=28407dccfb372e83ee9d49a69f097187
Requested by
Host: ln.gamesrevenue.com
URL: https://ln.gamesrevenue.com/px1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.86.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af3e3bd3016f5762e3dc3dbd8fc7bbf00f4ec9349bee71a23bbe5547dcffd1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"655f4e52-28d"
age
2576
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mih0O%2FnMdHMEDbQ3%2F79ma1Mnw5k8%2BhPjFVi161o2iILLysW52w8yfIKjXnF6Af7j0a%2BbDgEOMPMVaDqp18X9GrZCB3I15a8mhOYOtO1mNZ9sw0x8aaYP5LUvJSDOUGm6QKLu"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23512&min_rtt=23481&rtt_var=8867&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4160&recv_bytes=4263&delivery_rate=130093&cwnd=12000&unsent_bytes=0&cid=5e15c4b0d9aad599&ts=40&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
application/javascript
last-modified
Thu, 23 Nov 2023 13:06:26 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3fdfbc36a4-YYZ
server
cloudflare
img.gif
my.rtmark.net/
43 B
878 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=sync&lr=1&partner=4525db4116ed1c87c5ad9a1c2cb785cedc7f7ec9dfd0157a058f115a95fabcf3
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gAMfsaVOzmeHbQWhmneVVX1Yj%2BAQrj9bJgmjjKrjC1jel%2FLbza5zXWl6kYWTLrfwiBzNO%2F2%2FpV4a18ifMPfcKqWtoOcbllMfwKnYOIJJyd%2FhT1gc26fSvLMcqrr8Q0C"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24313&min_rtt=23353&rtt_var=4922&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4164&recv_bytes=4525&delivery_rate=532&cwnd=12000&unsent_bytes=0&cid=c1a2ad055c99487b&ts=125&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f3d4f3fde62542b-YYZ
access-control-allow-origin
*
content-length
43
server
cloudflare
tag.php
a.exoclick.com/
0
0

tag.php
syndication.exoclick.com/
0
363 B
Image
General
Full URL
https://syndication.exoclick.com/tag.php?goal=315a7277b250d14fa10b881aa0e2bda6
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.59.223.192 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
unn-185-59-223-192.cdn77.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/

Response headers

x-robots-tag
noindex, follow
content-encoding
gzip
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
text/html; charset=UTF-8
x-served-by
hap06-web23-ny1-0
arrow.png
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/
1 KB
0
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/arrow.png
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25f7e450195a3bfca600d37cb7a97ff76e3fa9f995beec0629a2e2d897147bdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"65f0ac2d-5cf"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4g7kE6zH2ppTHi6tcFfC1tvW9jeTdNwJHeU4UlHvArDERSY5ixdTpMwcMS%2F4S4qfx8%2BytO1ZTxFovp3PMHem77s%2BgDQ5aY4kSmV5QLRRCcr6oMNQBXGs6TbDErmB9SPCDlJ7u7KI"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28444&min_rtt=23419&rtt_var=10705&sent=19&recv=19&lost=0&retrans=0&sent_bytes=9401&recv_bytes=7785&delivery_rate=39965&cwnd=12000&unsent_bytes=0&cid=edbdfee05021448c&ts=348&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/png
last-modified
Tue, 12 Mar 2024 19:25:33 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3dabf839e4-YYZ
accept-ranges
bytes
content-length
1487
server
cloudflare
bg.jpg
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/
185 KB
186 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/bg.jpg
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0781411a759049ba656968a3524f4fbf91825d287a52f895656258f4b61ca546

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/css/main.css

Response headers

cf-cache-status
HIT
etag
"65f0ac2d-2e4f8"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjnuo%2FWxMKa5vem6gJGjhdSIamHFpbNZqd5IS7P6EocgCooL5zU0TrANgJ%2FGoKcTzCeiePDIba4Kk3%2BNZ1zfUmqTonic7QFBhjTiMWFOBzaxquuGQssCKWsN%2BUq33JelQrk%2BnfrL"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26580&min_rtt=23166&rtt_var=1021&sent=129&recv=74&lost=0&retrans=0&sent_bytes=121558&recv_bytes=13430&delivery_rate=842691&cwnd=49200&unsent_bytes=0&cid=edbdfee05021448c&ts=675&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/jpeg
last-modified
Tue, 12 Mar 2024 19:25:33 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3fbcdd39e4-YYZ
accept-ranges
bytes
content-length
189688
server
cloudflare
g1a.png
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/
71 KB
72 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/g1a.png
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97928cb0fd1bc4e07b848d85fb6a4b5fa764ebd693dd5fa8dd30456afaa5d39a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"65f0ac2e-11baa"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxaSLlVJnqHB8bif%2BD5UbZZybCxknhQEzR7W7J8s1DNIxk6XYae3ri1oCT9zmlVAxBavzlOCeM9EotCtVeZhFlI1rwOfp865CMnKrreohYZmelxisXJOVQb3S0QldzsLSkcghX9T"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26580&min_rtt=23166&rtt_var=1021&sent=170&recv=74&lost=0&retrans=0&sent_bytes=170758&recv_bytes=13430&delivery_rate=842691&cwnd=49200&unsent_bytes=0&cid=edbdfee05021448c&ts=676&x=1", cfExtPri, cfHdrFlush;dur=24
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/png
last-modified
Tue, 12 Mar 2024 19:25:34 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3fbcdf39e4-YYZ
accept-ranges
bytes
content-length
72618
server
cloudflare
g2a.png
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/
70 KB
71 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/g2a.png
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb8ac4c183a4f6ae3daf41678b05e28d514266fe54aba69a4dce94c73fb0b83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"65f0ac2e-11995"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=auAyIpqB4kVHE%2FZQLuUkAW9zPDA6nC0%2B5aEKW2P04koVgcbq29Q%2BEhToVHCu1LHQK%2F%2BVPRmQ6G22PS16732mzW9EMnCota9%2B0hhwWkbM0zRKOkM9K2b1iIKuHbAXvD9pYhKPubjQ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26580&min_rtt=23166&rtt_var=1021&sent=159&recv=74&lost=0&retrans=0&sent_bytes=157558&recv_bytes=13430&delivery_rate=842691&cwnd=49200&unsent_bytes=0&cid=edbdfee05021448c&ts=676&x=1", cfExtPri, cfHdrFlush;dur=24
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/png
last-modified
Tue, 12 Mar 2024 19:25:34 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3fbce039e4-YYZ
accept-ranges
bytes
content-length
72085
server
cloudflare
g3a.png
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/
74 KB
75 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/g3a.png
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edbf390b7921e321c0f5cf7d36edd3f3eeef0c940da66d68f29d2634f7fa194e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"65f0ac2f-127e2"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcTPMqD4LngzbM8E04pCdp2Z2LxdDdoeV%2Bzobcw6VmEKvcObcNZSfFWsiuS7mrB6S4ykelaQWdRnKjsBw2Yb8crebAxfvyfn9u2VkpqZsG3VP4Y1NMa03bHRY0%2FzNV3qOw1Qy%2F0b"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26580&min_rtt=23166&rtt_var=1021&sent=170&recv=74&lost=0&retrans=0&sent_bytes=170758&recv_bytes=13430&delivery_rate=842691&cwnd=49200&unsent_bytes=0&cid=edbdfee05021448c&ts=676&x=1", cfExtPri, cfHdrFlush;dur=24
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/png
last-modified
Tue, 12 Mar 2024 19:25:35 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3fbce139e4-YYZ
accept-ranges
bytes
content-length
75746
server
cloudflare
g4a.png
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/
71 KB
71 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/g4a.png
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f651ba228560b7b2717075b7b42c57f21698f9de52926680e7b12bec9f3fa01b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"65f0ac2f-11ac2"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YnaV1vfY55mrmes4P2jdd3g%2B4PkVaP8jL9AjvtIe%2BYmLEYOAY1EmQS9hc376D%2B2cO4Je5lauo%2BHcPtnM9AcLOPG8RafrCtGUKSfK16Q7HVIaAWPI5kNiL4HX7RR8TXYqstaeFQKm"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26580&min_rtt=23166&rtt_var=1021&sent=171&recv=75&lost=0&retrans=0&sent_bytes=170782&recv_bytes=13802&delivery_rate=842691&cwnd=49200&unsent_bytes=0&cid=edbdfee05021448c&ts=678&x=1", cfExtPri, cfHdrFlush;dur=22
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/png
last-modified
Tue, 12 Mar 2024 19:25:35 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3fbce239e4-YYZ
accept-ranges
bytes
content-length
72386
server
cloudflare
g5a.png
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/
68 KB
69 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/g5a.png
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58b8b70932504dd83978ec28aebf38e0d5c920de38a5666e7ecb792728a0ec6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"65f0ac2f-111cb"
age
4237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElVuvf37R3V4dOiVFdHqxB2lEp6iNOS%2BkWo2IDA2zSnUkG7eC74YZ85mZe7CShweLF6AbqqX2CXzqiCDdXZIv3uJtyA2cU8UAFEtm7bsw%2Bp7OgT6Jh6yJ6L4oF679Kbb8yyLob%2Bl"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26580&min_rtt=23166&rtt_var=1021&sent=170&recv=74&lost=0&retrans=0&sent_bytes=170758&recv_bytes=13430&delivery_rate=842691&cwnd=49200&unsent_bytes=0&cid=edbdfee05021448c&ts=676&x=1", cfExtPri, cfHdrFlush;dur=24
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/png
last-modified
Tue, 12 Mar 2024 19:25:35 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3fbce339e4-YYZ
accept-ranges
bytes
content-length
70091
server
cloudflare
assassin.woff2
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/fonts/
11 KB
12 KB
Font
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/fonts/assassin.woff2
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cfe3440c199a65eebc7766d1e9c54e58d58090d411329f4171ed37aac3a1fe8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://theeverydaygame.com
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/css/main.css

Response headers

cf-cache-status
HIT
etag
"65f0ac2b-2cf4"
age
6561
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILaY%2Bw6gngjde2wDCnfaMyhwx0XpC2Yvzoi34EK%2Bv6XJbVBG5GMzqLOwuymmFQ%2FewpDM90Fc4q89i%2FUrr3VFh7gWS5RkUWEXTAVnTM%2FwHJhRChE2gR5%2FDZsixja5tOoFzQfImnHM"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26580&min_rtt=23166&rtt_var=1021&sent=171&recv=75&lost=0&retrans=0&sent_bytes=170782&recv_bytes=13802&delivery_rate=842691&cwnd=49200&unsent_bytes=0&cid=edbdfee05021448c&ts=685&x=1", cfExtPri, cfHdrFlush;dur=22
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
application/octet-stream
last-modified
Tue, 12 Mar 2024 19:25:31 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f3fcce839e4-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
11508
server
cloudflare
dbs
experttrafficmonitor.com/
Redirect Chain
  • https://proftrafficcounter.com/px.gif?akey=28407dccfb372e83ee9d49a69f097187
  • https://experttrafficmonitor.com/dbs?uuid=34e995b7-9e28-4779-817b-fbf9f8ade9bb&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTczNDUwNTU3OX0sImFjY2wiOnsiMjAsMCI6MTczNDUwNTU3OX1...
7 B
409 B
Image
General
Full URL
https://experttrafficmonitor.com/dbs?uuid=34e995b7-9e28-4779-817b-fbf9f8ade9bb&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTczNDUwNTU3OX0sImFjY2wiOnsiMjAsMCI6MTczNDUwNTU3OX19.gISXJxqW0uHtXWovi32czv2Qdso7pvzqE29DyftDwT0
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs
Protocol
H2
Server
34.199.64.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-64-7.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/

Response headers

expires
Wed, 18 Dec 2024 07:06:19 GMT
cache-control
max-age=0, : no-cache
content-length
7
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/gif
host
experttrafficmonitor.com
server
nginx/1.21.6

Redirect headers

cache-control
max-age=0, : no-cache
location
http://experttrafficmonitor.com/dbs?uuid=34e995b7-9e28-4779-817b-fbf9f8ade9bb&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTczNDUwNTU3OX0sImFjY2wiOnsiMjAsMCI6MTczNDUwNTU3OX19.gISXJxqW0uHtXWovi32czv2Qdso7pvzqE29DyftDwT0
expires
Wed, 18 Dec 2024 07:06:19 GMT
content-length
0
date
Wed, 18 Dec 2024 07:06:19 GMT
content-type
image/gif
host
proftrafficcounter.com
server
nginx/1.21.6
fav.png
theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/
1 KB
2 KB
Other
General
Full URL
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/images/fav.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a689201508b9dc7b2cc3049c7d89947f96a19790411506ecd6eb1875374fe329

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0324/land_lg_130324_en/?&noadult=1&haff_pid=1369&haff_oid=49&haff_cid=4e6b0000907336de&haff_sub1=papNA2&haff_sub2=&haff_sub3=&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"65f0ac2d-591"
age
6448
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwfb1x8KKQgDPGv%2BQkH1yF%2F7Zk5T4tfd1dWp4fzNZOydrcpNquCoSluUDnsPZ97AlikrIYs63%2FMZ0bdpV5sa1mCOFdltU5ZH3RLSiIXzHKonxkyjH8mlzRiXeN45G9lvgKUNnAsB"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27957&min_rtt=23166&rtt_var=4651&sent=666&recv=135&lost=39&retrans=39&sent_bytes=749714&recv_bytes=17019&delivery_rate=3129078&cwnd=154560&unsent_bytes=0&cid=edbdfee05021448c&ts=1289&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 07:06:20 GMT
content-type
image/png
last-modified
Tue, 12 Mar 2024 19:25:33 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3d4f438ea039e4-YYZ
accept-ranges
bytes
content-length
1425
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.exoclick.com
URL
https://a.exoclick.com/tag.php?goal=7ac151cecb6d5053d7cf4c7fa1ac596e

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| adfunc function| Swiper object| _0x4743 function| _0x531b

13 Cookies

Domain/Path Name / Value
redwingshere.xyz/ Name: mobitck
Value: 1
my.rtmark.net/ Name: ID
Value: 0081367f16194e16e952e597634c691b
gaimauroogrou.net/ Name: oaidts
Value: 1734505577
gaimauroogrou.net/ Name: OAID
Value: 0081367f16194e16e952e597634c691b
gaimauroogrou.net/ Name: syncedCookie
Value: true
click.hooligs.app/ Name: haff_cid:1369:49
Value: 4e6b0000907336de
.exoclick.com/ Name: goals
Value: a%3A1%3A%7Bi%3A85836%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-12-18%22%3B%7D%7D
proftrafficcounter.com/ Name: uid_id2
Value: 34e995b7-9e28-4779-817b-fbf9f8ade9bb:3:1
proftrafficcounter.com/ Name: ak
Value: 1921,1734505579
proftrafficcounter.com/ Name: acl
Value: 20,0,1734505579
experttrafficmonitor.com/ Name: uid_id2
Value: 34e995b7-9e28-4779-817b-fbf9f8ade9bb:3:1
experttrafficmonitor.com/ Name: ak
Value: 1921,1734505579
experttrafficmonitor.com/ Name: acl
Value: 20,0,1734505579

4 Console Messages

Source Level URL
Text
rendering warning URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=15ff6d1bg0083
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D0074310000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://gaimauroogrou.net/afu.php?zoneid=8477354&var=8477354&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F0D20474310000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://gaimauroogrou.net/4/7393037/?var=8477354
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F0D20474310000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://gaimauroogrou.net/afu.php?zoneid=7393037&var=7393037&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C0D20474310000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28907263-32160-ex.clibuceant.com
a.exoclick.com
click.hooligs.app
experttrafficmonitor.com
gaimauroogrou.net
ln.gamesrevenue.com
my.rtmark.net
proftrafficcounter.com
redwingshere.xyz
syndication.exoclick.com
theeverydaygame.com
twistconcept.com
a.exoclick.com
104.21.27.183
104.21.58.193
104.21.86.46
139.45.197.243
172.67.169.157
172.67.205.253
172.67.205.96
185.59.223.192
34.199.64.7
37.114.46.212
88.208.22.3
0781411a759049ba656968a3524f4fbf91825d287a52f895656258f4b61ca546
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17cbac01345050fc3affa0767bc23fdd4e2544e96502e178377e854c307ec170
25f7e450195a3bfca600d37cb7a97ff76e3fa9f995beec0629a2e2d897147bdf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58b8b70932504dd83978ec28aebf38e0d5c920de38a5666e7ecb792728a0ec6d
5cfe3440c199a65eebc7766d1e9c54e58d58090d411329f4171ed37aac3a1fe8
645255c46fe9e4d3bf32f39bb28399be808371071435e9cf3a3de9dc858a9eeb
67a70fa1e657108214290bebe3c86fdc0182fc35697b65614c87b29eb687d149
6af3e3bd3016f5762e3dc3dbd8fc7bbf00f4ec9349bee71a23bbe5547dcffd1e
6cc542f0e478d3370f0704fedd802a9ca40364e36eb5da862c08b43156b68055
76c66ec474b517f5c12a6e40137d8ae35ecb8b640ced4f4a8878187e533d20c5
7fff603702e9bea03cf47ba47947bb7f8655eb7fcb1c8f7091e9a38d8f5d949c
97928cb0fd1bc4e07b848d85fb6a4b5fa764ebd693dd5fa8dd30456afaa5d39a
a689201508b9dc7b2cc3049c7d89947f96a19790411506ecd6eb1875374fe329
c90486b38676cb2c685e05d4c148fd914a04abf18e2ae059d5b447bbf7a86d6f
c90baf8605dfb4b8480994ad1333313d2a627e9585b42cb67e87bd56fd27a89c
d40fc3bebe2dc3c28f08f2f4f5a6059425ccc5541ada3f0945f7539e90374441
e11df4924271a3b230eb5b27a44395e1347d2748451662282ff4e874ada42669
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edbf390b7921e321c0f5cf7d36edd3f3eeef0c940da66d68f29d2634f7fa194e
eeb8ac4c183a4f6ae3daf41678b05e28d514266fe54aba69a4dce94c73fb0b83
f51e89dff99ad101a4400c8f66027455f563cc1dbec96d2b8f9767e02209a5ef
f651ba228560b7b2717075b7b42c57f21698f9de52926680e7b12bec9f3fa01b