urlscan.io logo urlscan.io
SecurityTrails logo

play-rift-expedition.xyz Open in urlscan Pro
172.67.200.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://play-rift-expedition.xyz/
Effective URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Submission: On December 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 42 HTTP transactions. The main IP is 172.67.200.168, located in United States and belongs to CLOUDFLARENET, US. The main domain is play-rift-expedition.xyz.
TLS certificate: Issued by WE1 on December 23rd 2024. Valid for: 3 months.
This is the only time play-rift-expedition.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 172.67.200.168 13335 (CLOUDFLAR...)
2 104.17.111.223 13335 (CLOUDFLAR...)
13 37.19.207.34 60068 (CDN77 Dat...)
42 3
Apex Domain
Subdomains		 Transfer
28 play-rift-expedition.xyz
play-rift-expedition.xyz
3 MB
13 b-cdn.net
easy-image.b-cdn.net
261 KB
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5669
65 KB
42 3
Domain Requested by
28 play-rift-expedition.xyz 1 redirects play-rift-expedition.xyz
13 easy-image.b-cdn.net play-rift-expedition.xyz
2 cdn.onesignal.com play-rift-expedition.xyz
cdn.onesignal.com
42 3

This site contains no links.

Subject Issuer Validity Valid
play-rift-expedition.xyz
WE1		 2024-12-23 -
2025-03-23		 3 months crt.sh
*.onesignal.com
WE1		 2024-10-31 -
2025-01-29		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2024-11-05 -
2025-11-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Frame ID: 02822A03CB9C95839A10F9D1BF5F11A6
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Plinko Deluxe India

Page URL History Show full URLs

  1. https://play-rift-expedition.xyz/ HTTP 302
    https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3355 kB
Transfer

4274 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://play-rift-expedition.xyz/ HTTP 302
    https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ddtjc9l
play-rift-expedition.xyz/
Redirect Chain
  • https://play-rift-expedition.xyz/
  • https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
35 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
365d6543b1f0e31b43724d35ea0c0ed752739535fb776c5fc0e3ed2fe3a449ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f752c483fc025af-MIA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Wed, 25 Dec 2024 01:49:09 GMT
expires
Wed, 25 Dec 2024 01:49:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlpUI%2Fz8m9pN%2Fux8lKr99y5S4H9UE6nhZrBIlnJJnygwnrM8gHEaemNjWQ53pUVzakBueixXd0hV1q3gu685PvP%2FeDVgg9CuxjazcS8ZNo2UQ1R0Crp7I%2BSUOUYgWbiBBnSdHDFU%2F1ty0QI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=29378&min_rtt=29173&rtt_var=3711&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5318&recv_bytes=5162&delivery_rate=34111&cwnd=12000&unsent_bytes=0&cid=0f693f79273e2979&ts=513&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f752c463d9a25af-MIA
content-type
text/html; charset=utf-8
date
Wed, 25 Dec 2024 01:49:09 GMT
expires
Wed, 25 Dec 2024 01:49:09 GMT
location
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bwvImBLfGHT%2BFElCCo6mxcI4DkJlZmQU%2BSdtNuee6oUdRc4l19b87bsqSz48ED5FLq0iuDqWthkSi7NeVD7hQAhhbjqWV2lrQbZAeq%2FpSatyvQ8unimnrI2YTvHFfmYi4okpsWg5Xuzt8Bo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=29367&min_rtt=29173&rtt_var=4918&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4190&recv_bytes=4492&delivery_rate=505&cwnd=12000&unsent_bytes=0&cid=0f693f79273e2979&ts=325&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
style.css
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/style/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/style/style.css
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a789911574156aa3caea14f5d11b7b8b232050d4cc7fa5b3c6063f6341e93942

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"676adff8-51cb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnrbnWMc3dRLI1B1QXxDcp5b44vHPte7WZH%2BacoMtKEadDFYKjujLdp0cklbVFLQ3pVqr4hAvdCH%2FoIM6ggkyNjO2ReulsxbDYUIaiOHl3LlI0Vf3XANhcEHWCFW%2BoT2HMreVrinRO6PODY%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29417&min_rtt=29173&rtt_var=1311&sent=35&recv=34&lost=0&retrans=0&sent_bytes=18960&recv_bytes=18749&delivery_rate=36830&cwnd=12000&unsent_bytes=0&cid=0f693f79273e2979&ts=808&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
text/css
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
accept-encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49790325af-MIA
access-control-allow-origin
*
server
cloudflare
OneSignalSDK.page.js
cdn.onesignal.com/sdks/web/v16/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7117651b417a2cd9ae025f1d78ae94dbb24bba520b5d7a962d66dc7b85011d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"ddd578065f98e195848d7fc86a519869"
age
423
expires
Sat, 28 Dec 2024 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
via
1.1 google
cf-ray
8f752c49bff3a563-MIA
server
cloudflare
push-method.js
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/push-method.js
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc9dc5532bc85798c90775b83babea117799eb9d0622026e485d07f21326c1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://play-rift-expedition.xyz
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676adff8-d3a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fftTcX8o3X%2FXIeB3nlhSmgFyKFqfbrAyLryLbO7P2%2BXA1PmUChJWkBzBnA%2FRpqQ2w7R39sY%2B7UyEGA2Trb2O6QIA2k0WCcntB0C7NVpx7eapyXhVzq4uKvpOxsMk6KZqQZFlcLqyNNqmKnI%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29417&min_rtt=29173&rtt_var=1311&sent=27&recv=34&lost=0&retrans=0&sent_bytes=12258&recv_bytes=18749&delivery_rate=36830&cwnd=12000&unsent_bytes=0&cid=0f693f79273e2979&ts=799&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/javascript
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49790425af-MIA
access-control-allow-origin
*
server
cloudflare
icon_arrow.svg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		219 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/icon_arrow.svg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac79cfa70fe0b3820fa22be89a4220bfa05de2b99f3ee68bb10a7a35937c245c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676adff8-db"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWevlJh8a3tjzPXC1XiNvZraQ2mwj9KkUs%2FalhbLrmM0CUCK2PhbYxHYgcMaKH6vXhr29MBBI7gebvgcjXrvF%2BA%2BUi%2FzO4A1zDksK3YJjqEqkzpmUd8fNF9%2BBBtBylCkolV4cpdH%2Bf8nu8o%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29417&min_rtt=29173&rtt_var=1311&sent=33&recv=34&lost=0&retrans=0&sent_bytes=18004&recv_bytes=18749&delivery_rate=36830&cwnd=12000&unsent_bytes=0&cid=0f693f79273e2979&ts=807&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49790525af-MIA
access-control-allow-origin
*
server
cloudflare
icon_zoom.svg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		1010 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/icon_zoom.svg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd6e763c431a2c5af2d04463719b7002f112f9539e9b1b0a90269a229f50314

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676adff8-3f2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2Bh0wA8MPGXnXCH%2BRuJmgn7bFT51UlcLZgfunoBHIjFXXjKpsZdfHvuVPZeoXaoVmsk6Q%2F5qmUm8HhoG2r0pQo8CHRLcBw1q1h0brpZGCOL9bmSUd%2B%2FvPVJE8UrhAmBbHIx1oR%2B7YUAFx8U%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29417&min_rtt=29173&rtt_var=1311&sent=32&recv=34&lost=0&retrans=0&sent_bytes=16826&recv_bytes=18749&delivery_rate=36830&cwnd=12000&unsent_bytes=0&cid=0f693f79273e2979&ts=806&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49790a25af-MIA
access-control-allow-origin
*
server
cloudflare
icon_point.svg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		949 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/icon_point.svg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cf31df5b105adeee79efb9d94fb767c0cb05a552d231835ef8c258d05fbc977

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676adff8-3b5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4HtWS%2ByfDe%2B2Oxw2IVSlcQfpx510iqVvAfRktxVOZvA1iuQBn6eAopVyZ7hgZM8TnP8YjaC0oTBqKnA5xYocUxXM4YIN%2BNlVl4EGWMjN6JFuSyulEO6Y6ZwStc86OKhlS7pGnHWZPqG6LIg%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33786&min_rtt=29173&rtt_var=5289&sent=64&recv=41&lost=0&retrans=0&sent_bytes=44601&recv_bytes=19670&delivery_rate=43589&cwnd=20400&unsent_bytes=0&cid=0f693f79273e2979&ts=853&x=1", cfExtPri, cfHdrFlush;dur=5
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a94025af-MIA
access-control-allow-origin
*
server
cloudflare
icon.png
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/ 		576 KB
577 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/icon.png
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cea136ae58405d0f7242fed15014920a3d37eea4ec725d6c0f84313cc9cb1f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

cf-cache-status
MISS
etag
"676adff8-90104"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4UtH541Wv6fnX2gOtMaRkQofA35qlADEYuocDMboHZCRD3mY3f4bgOI99WN50x9XlM3UICPlPLbAQyfxGEUI%2ByXGRP6iojLBFBXhTLLS1SVDzN0SCyspfBoQszbz2TApYuoUWCdL94OLIY%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30935&min_rtt=29173&rtt_var=1091&sent=350&recv=96&lost=0&retrans=0&sent_bytes=353386&recv_bytes=25202&delivery_rate=2499706&cwnd=99900&unsent_bytes=0&cid=0f693f79273e2979&ts=1068&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/png
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a94225af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
590084
server
cloudflare
verify-dev.webp
easy-image.b-cdn.net/icon/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/icon/verify-dev.webp
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
8e30d059ae297c9c231e28ccb6637a6fa5a95f8d29643a76c36ac63180d617e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf247d-1450"
cdn-fileserver
860
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-346
content-type
image/webp
last-modified
Fri, 16 Aug 2024 10:05:49 GMT
cdn-cachedat
11/01/2024 14:50:59
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
42bdb61db6abb492bb4e717225012b72
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
5200
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
new_icon_downloads.svg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		550 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/new_icon_downloads.svg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1266bd734a167b46b287221ff03697cf323e198d441a3ab274fad08f35ea016e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676adff8-226"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F944VaSYhcsu3txaziuDcEDSdE6tkNYScYZ6QtX9xh%2BXagwHwbrSIPGHrGHXtbUNsRhEbILOVnpB83r0dyCFuFeTd5P9oE0Jfeo73XhSS5sZA%2FnrAcwMka5oRsXWdv%2BJ%2F8ZBkPu%2FxWDTyu8%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30450&min_rtt=29173&rtt_var=2562&sent=48&recv=37&lost=0&retrans=0&sent_bytes=30630&recv_bytes=18878&delivery_rate=20971&cwnd=15600&unsent_bytes=0&cid=0f693f79273e2979&ts=836&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a94b25af-MIA
access-control-allow-origin
*
server
cloudflare
icon_18.webp
easy-image.b-cdn.net/icon/ 		372 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/icon/icon_18.webp
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
d189311ea5cbefe56171921828cbc8f1c9d573c99832d801cce072d830523161

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf22e9-174"
cdn-fileserver
839
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-427
content-type
image/webp
last-modified
Fri, 16 Aug 2024 09:59:05 GMT
cdn-cachedat
11/11/2024 05:15:00
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
9392fc251f40da3166f8625a4f6a373b
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
372
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
screen_1.jpg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/screen_1.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d585a60fc9f0e83db63c23140ac21771435ff5cc19167044d820fa6a9f8002b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

cf-cache-status
MISS
etag
"676adff8-324f7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dq2KEimURoruuJEud3PlBkEIBM6RovD9%2FCcxLY%2BLTrbmJArzBFttcCuN1IlgmGgmZhSgWhWSdpoCRWDXq2GNAo4bfzHiYAItH47ggSlMllQzynDCWsF9l428yqAvazP3mbitg0qND7JEiMc%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30935&min_rtt=29173&rtt_var=1091&sent=318&recv=96&lost=0&retrans=0&sent_bytes=315324&recv_bytes=25202&delivery_rate=2499706&cwnd=99900&unsent_bytes=0&cid=0f693f79273e2979&ts=1066&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a94f25af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
206071
server
cloudflare
screen_2.jpg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/screen_2.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f877868e50832c415393a03dad801a898de1db1aa24d54fa5994c31bd17438

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

cf-cache-status
MISS
etag
"676adff8-1df71"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDO%2FY4iSX%2FbMXcDWtLc3nYXhCuTtzu97N4PT0JS8OwPGGJipHuvOUG1%2BpuGmVSIjM874ZltEBIF5Ded%2F64CrVaJPCYqqVbpxQjkVkBMpMzYCmWz9%2FIH16chDSrkTUs2VzbSQqybcCZO19go%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33043&min_rtt=29173&rtt_var=5069&sent=63&recv=40&lost=0&retrans=0&sent_bytes=44160&recv_bytes=19007&delivery_rate=41979&cwnd=20400&unsent_bytes=0&cid=0f693f79273e2979&ts=845&x=1", cfExtPri, cfHdrFlush;dur=20
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a95025af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
122737
server
cloudflare
screen_3.jpg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/screen_3.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1187b875408223dffdbc97eb4176966b58f31ed19b9a473618f69e74fe955dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

cf-cache-status
MISS
etag
"676adff8-320f2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpP%2BosnNzBi8ZI5aTomwoacDkktuVXflTHINRSPDMifGbuDVqLQvq9oawKj73gmMjmKm%2FSG3sdCApP1sZjXOJ9KK%2FrHhA2b7W2VuX1rItaIdryO0cPLCAssn4ew%2FBn3ksZyJV5MjCrOsOeM%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33043&min_rtt=29173&rtt_var=5069&sent=54&recv=40&lost=0&retrans=0&sent_bytes=34887&recv_bytes=19007&delivery_rate=41979&cwnd=20400&unsent_bytes=0&cid=0f693f79273e2979&ts=839&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a95225af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
205042
server
cloudflare
screen_4.jpg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		232 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/screen_4.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f0d7ee94f0c643e05a214765d1c7cbb30be954586fdc0708018ca43ea630a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

cf-cache-status
MISS
etag
"676adff8-39faa"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kt61%2Fq%2FN1EAtIlugjtzSLs%2F6oTYyTQ7kG85tHbpH%2B%2Fuzufk8Hbfjb%2FxTdHh%2BXMQFzexwf4LUiJiXMdk%2BJF%2BUaPRqFV1tvQhyAFf2bSNH4UhpXFl%2B3fxpe%2BTiI0NM8Ybgm0woR29Q1KLQAXk%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33043&min_rtt=29173&rtt_var=5069&sent=63&recv=40&lost=0&retrans=0&sent_bytes=44160&recv_bytes=19007&delivery_rate=41979&cwnd=20400&unsent_bytes=0&cid=0f693f79273e2979&ts=839&x=1", cfExtPri, cfHdrFlush;dur=26
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a95325af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
237482
server
cloudflare
screen_5.jpg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/screen_5.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
781e7981f74e3c2f71580d88c2e9769b6cbcc70ca06519b0fc95c99d63aaa5c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

cf-cache-status
MISS
etag
"676adff8-11abf1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5Yj20nJiTbkjsmgcuCvRFE5mOoQHSZR%2FIlvDRERn7p0YCNayNV3z0d%2F3LNBZNpikt8Q45m5pon%2F61Iss0RLeHnqg%2B1pKtbKviOjPy2BBHZP8HqJeMK%2BiJgtKJNj7yHU48kOj%2BiECl%2BEr3U%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33786&min_rtt=29173&rtt_var=5289&sent=64&recv=41&lost=0&retrans=0&sent_bytes=44601&recv_bytes=19670&delivery_rate=43589&cwnd=20400&unsent_bytes=0&cid=0f693f79273e2979&ts=853&x=1", cfExtPri, cfHdrFlush;dur=12
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a95425af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1158129
server
cloudflare
icon_share.svg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/icon_share.svg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aff23b6c4ee6f36ee8e6d6de0e03ef346def4789521296e75023c1d9986df1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676adff8-a8d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqZCI6S4wQqfx9y1k3N7AksQc7Ps5sBj%2B9i%2FlQPvdS1UCRrEvgrM5vv6aVHyBMn%2FWvWPcWteHeUCCBCOUVDO07vkSmfvP1I4MkIgpYNbSgr71qHlp2mx%2B6vE2oXXj8EoMoIHPtJ9OJYs0J8%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31288&min_rtt=29173&rtt_var=3596&sent=50&recv=38&lost=0&retrans=0&sent_bytes=31755&recv_bytes=18921&delivery_rate=24460&cwnd=15600&unsent_bytes=0&cid=0f693f79273e2979&ts=837&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a95525af-MIA
access-control-allow-origin
*
server
cloudflare
icon_lock.svg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		1013 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/icon_lock.svg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932533fb9bf574bb1b71e61ff42d99c7309fe23e8cb8d522e5b5b87934689a62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676adff8-3f5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwkgYlnaYixvDelBlFDOeEvIX6Dy3pniGDR%2BUMBJ51TK687AemnNJHXBK55pZGemAiI8Qb9qE1u7GmNSy1dtyRKqOV%2BtuKhCTsD27VG9P8nVoetWdB%2FyArw3gBgNTCOrkj6nKL3Fj9hnVRQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29663&min_rtt=29173&rtt_var=1316&sent=45&recv=36&lost=0&retrans=0&sent_bytes=28980&recv_bytes=18835&delivery_rate=12854&cwnd=13200&unsent_bytes=0&cid=0f693f79273e2979&ts=835&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a95625af-MIA
access-control-allow-origin
*
server
cloudflare
92.jpg
easy-image.b-cdn.net/users/male/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/users/male/92.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
11d4a4ae7aa4eb88b41581dc90f0b851731b3d25763c7453a322d5d77f2a162c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf1d78-944"
cdn-fileserver
839
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-353
content-type
image/jpeg
last-modified
Fri, 16 Aug 2024 09:35:52 GMT
cdn-cachedat
11/06/2024 12:23:20
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
4f05c08d5462c29b0a43c0dbfca86cd1
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
2372
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
59.jpg
easy-image.b-cdn.net/users/male/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/users/male/59.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
2333953d891e0853ada655e8f5c06b3cd2d6bce68a14e3006199fb398d40ff21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf1d72-9ea"
cdn-fileserver
857
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-353
content-type
image/jpeg
last-modified
Fri, 16 Aug 2024 09:35:46 GMT
cdn-cachedat
11/11/2024 03:38:52
cdn-cache
REVALIDATED
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
f98dc72e30b4b536ce53b62092e22def
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
2538
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
26.jpg
easy-image.b-cdn.net/users/male/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/users/male/26.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
e79f9d2a5bf5985b4c8a0d5642f4e4df59b229262aa9a1ce06f4a1b2282cec7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf1d6c-9ef"
cdn-fileserver
857
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-346
content-type
image/jpeg
last-modified
Fri, 16 Aug 2024 09:35:40 GMT
cdn-cachedat
11/07/2024 06:50:45
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
6d2a50c07c1b8185267d23727e7f0a5b
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
2543
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
53.jpg
easy-image.b-cdn.net/users/male/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/users/male/53.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
4055e9f6917ae4983f79b2619d5d0725c4e1ac17e5c816a729a85cfcfea01f14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf1d71-880"
cdn-fileserver
858
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-353
content-type
image/jpeg
last-modified
Fri, 16 Aug 2024 09:35:45 GMT
cdn-cachedat
11/11/2024 05:20:06
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
3a3b653997767e3b17c9d965de015e91
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
2176
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
21.jpg
easy-image.b-cdn.net/users/male/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/users/male/21.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
208b4941a2b2d910a3541052876b1857b2662da8e6edb1eee5e745c6a3e335b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf1d6c-1798"
cdn-fileserver
839
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-267
content-type
image/jpeg
last-modified
Fri, 16 Aug 2024 09:35:40 GMT
cdn-cachedat
11/06/2024 12:23:55
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
ef3275370e6238cf73757fee06cc40b3
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
6040
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
77.jpg
easy-image.b-cdn.net/users/male/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/users/male/77.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
b8a749b705e00a214b2182411ebdbe5ffc552b2597d1556c5ce844c99aa09af3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf1d75-8c6"
cdn-fileserver
857
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-353
content-type
image/jpeg
last-modified
Fri, 16 Aug 2024 09:35:49 GMT
cdn-cachedat
11/07/2024 07:15:09
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
590707e428963b5600cc763fbef09a34
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
2246
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
68.jpg
easy-image.b-cdn.net/users/male/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/users/male/68.jpg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
c40f3da14748fefcf2a9f77c3e9e28b3868cb5904be2b7bd7dcc3b94417e3822

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf1d73-a48"
cdn-fileserver
830
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-268
content-type
image/jpeg
last-modified
Fri, 16 Aug 2024 09:35:47 GMT
cdn-cachedat
11/01/2024 14:53:01
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
71d2014542e323aeec52062e6193088f
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
2632
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
aviator.webp
easy-image.b-cdn.net/app-icon/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/app-icon/aviator.webp
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
eace3bb3e76ba68da01bbe4ef5602f153a66a0022ebb4501d5b57885c7da3af9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf2844-13630"
cdn-fileserver
857
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-267
content-type
image/webp
last-modified
Fri, 16 Aug 2024 10:21:56 GMT
cdn-cachedat
11/01/2024 14:57:40
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
d2d6e581b1d5ba2bc0e10ca1a7670717
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
79408
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
plinko.webp
easy-image.b-cdn.net/app-icon/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/app-icon/plinko.webp
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
4d34072018d7657f0a6e05ec5a155fb7d7772bc49b1c3e1b6943f872aef27083

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf2845-bdaa"
cdn-fileserver
839
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-427
content-type
image/webp
last-modified
Fri, 16 Aug 2024 10:21:57 GMT
cdn-cachedat
11/06/2024 12:25:59
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
52f9a341cd2bdfd72794760525150da7
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
48554
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
sweet_bonanza.webp
easy-image.b-cdn.net/app-icon/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easy-image.b-cdn.net/app-icon/sweet_bonanza.webp
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
7befff9e0259bba05ae796e2bc198bd44a534f563365c20935b6c39339399dde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66bf2845-158f0"
cdn-fileserver
830
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-353
content-type
image/webp
last-modified
Fri, 16 Aug 2024 10:21:57 GMT
cdn-cachedat
11/06/2024 12:28:13
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
1538e572e3d87bbaea808a2f07778f3a
cdn-pullzone
2442763
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
88304
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
icon_close.png
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		427 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/icon_close.png
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67d193e6472e73251254135e0eee99f529bb8d14c4e434d40d9e7a53a37ce9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

cf-cache-status
MISS
etag
"676adff8-1ab"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FeRVwW3NFqsj9oY%2FlHJ7Cp9uSfs5ppqb%2BQ1rKQjXwFcfW3kfhuS5mtG7ZaqBNgLLeGUz7Uzp4WLXc%2BiVPJsjt05%2BieL4s%2BjbKNK8OYt9Ldjox13B%2BMoRwVU4FR8MA5n7fCvbH2Tgmo9N3Ps%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31288&min_rtt=29173&rtt_var=3596&sent=52&recv=38&lost=0&retrans=0&sent_bytes=33694&recv_bytes=18921&delivery_rate=24460&cwnd=15600&unsent_bytes=0&cid=0f693f79273e2979&ts=837&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/png
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a95925af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
427
server
cloudflare
jquery.min.js
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/jquery.min.js
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"676adff8-155ec"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLDESTQ3YMXb14qmzTYcOD%2Bzku7gV3q2jSR9GByCWnsO7gs9bS9mMfNdk6oCvJ0KAFtQx1RGafdyfRoxe72xxTn7yWCq%2Fl3Hkzs2HJ%2BfcW2QmzC%2FeiIeeAZblgU4IdcMR1aI%2FgrIdZwNbDk%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33786&min_rtt=29173&rtt_var=5289&sent=64&recv=41&lost=0&retrans=0&sent_bytes=44601&recv_bytes=19670&delivery_rate=43589&cwnd=20400&unsent_bytes=0&cid=0f693f79273e2979&ts=858&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/javascript
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
accept-encoding
priority
u=2,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a94625af-MIA
access-control-allow-origin
*
server
cloudflare
uaParser.js
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/uaParser.js
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ae5e1bd11ce49f04aad92bfc79dc80734a3bd673ebc7c7f38d34535fac380a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"676adff8-4bbc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BN%2FshIweAqHevLGXMODDSjz%2FJWRO%2B2gaQZQ5szJJtCgQE3op5g9knRvGVWVhIwoqQbSKmtp6SAMcnf298MlUUd3EeIaCbHYi8av%2Fkfp3UHig7yO%2FnAUqGj%2Bcm7Hswu5igiuj%2BL%2BOpAnVSKU%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33043&min_rtt=29173&rtt_var=5069&sent=63&recv=40&lost=0&retrans=0&sent_bytes=44160&recv_bytes=19007&delivery_rate=41979&cwnd=20400&unsent_bytes=0&cid=0f693f79273e2979&ts=843&x=1", cfExtPri, cfHdrFlush;dur=18
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/javascript
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
accept-encoding
priority
u=2,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a94a25af-MIA
access-control-allow-origin
*
server
cloudflare
translate.js
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/translate.js
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9272cf8e32fa50126ccacba832b56f3c70e28cc9c15b19d749880df68d52e293

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://play-rift-expedition.xyz
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676adff8-dfb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vawcNiFKlEVC2FdV5jwJuMbgjUzQbhrIy725E0r1ILXokLsXdfuW502P%2BQ5JthvrKccyfDSzySMDLSnb6Sg4%2FauVKfU%2FTXi%2BK4rlTOwoe6ML00xgenmJyVW6GKFVMzHYaS%2FUFwSB0n9xc1M%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29417&min_rtt=29173&rtt_var=1311&sent=30&recv=34&lost=0&retrans=0&sent_bytes=15046&recv_bytes=18749&delivery_rate=36830&cwnd=12000&unsent_bytes=0&cid=0f693f79273e2979&ts=802&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/javascript
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49790c25af-MIA
access-control-allow-origin
*
server
cloudflare
prompt.js
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/ 		497 B
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/prompt.js
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ff6cf8d4767431e38e31bf578c7e120509ad06cd69bff6fe83175a90690ac1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://play-rift-expedition.xyz
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676adff8-1f1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yAIBcBY30%2FV5F11cT26SR8iYWgXE4m14dQjthvS1MevpJF3%2B1NfWiYw9KFpnwhJFsBIJSZNuXCuOb9HDy73pqJrEP7zQCHuh3ZhproSBSW9MArKczNJxaClGqFzvEGyWkeI7TV2nVa8XBss%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29417&min_rtt=29173&rtt_var=1311&sent=29&recv=34&lost=0&retrans=0&sent_bytes=14050&recv_bytes=18749&delivery_rate=36830&cwnd=12000&unsent_bytes=0&cid=0f693f79273e2979&ts=801&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/javascript
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49790d25af-MIA
access-control-allow-origin
*
server
cloudflare
main-function.js
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/main-function.js
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa41457dcb2f0ac734bab68edb86b3ed69ce9e68e8fd92f928d3061fc55ed316

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://play-rift-expedition.xyz
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"676adff8-4cd3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQEFGpR7PM6uWJfD2KkSV2cD5OLASeEK09Y%2BrfTaC4kLIqVKcwJjrDig8FiZIzeQBfANtfOT7GMDCMSzUBsXo%2Bbowjdowo7nJ9onJ7D7kSpEDHqA%2B48gkE1Y9Y32eQhsXm%2F%2F3p1wUXuIBoA%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29417&min_rtt=29173&rtt_var=1311&sent=40&recv=34&lost=0&retrans=0&sent_bytes=24201&recv_bytes=18749&delivery_rate=36830&cwnd=12000&unsent_bytes=0&cid=0f693f79273e2979&ts=817&x=1", cfExtPri, cfHdrFlush;dur=12
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/javascript
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49790f25af-MIA
access-control-allow-origin
*
server
cloudflare
icon_star_black.svg
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/ 		252 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/images/icon_star_black.svg
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/style/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a29eb18c76586c2f55eedce4c2b46fa158df9148af71ade04a7934f9c5d312f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/style/style.css

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676adff8-fc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sp5f4w5sSFxRvTKpcLzqwS2L8lnBUDLpcDSmwt6kePS5fCUPNjuqgXruXtOkpU9DzULriUmWMKyX6yx61h%2FwWphTKeA51ffrT8R59EGsYfGvoSJFxHr68ol67wj611no9uKfCVUBjgrsWb8%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30874&min_rtt=29104&rtt_var=1051&sent=511&recv=105&lost=0&retrans=0&sent_bytes=543490&recv_bytes=25602&delivery_rate=2021535&cwnd=187500&unsent_bytes=0&cid=0f693f79273e2979&ts=1110&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c4b4b2525af-MIA
access-control-allow-origin
*
server
cloudflare
Roboto-Bold.ttf
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/fonts/ 		163 KB
164 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/fonts/Roboto-Bold.ttf
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/style/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://play-rift-expedition.xyz
Referer
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/style/style.css

Response headers

cf-cache-status
MISS
etag
"676adff8-28da8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TeWeHvWbhUtvRXNcyCdhxcvkIVmtREBdTDlVy4g0%2FTH5IG3afNk2cDTiIk5ifPLGEgaGiTUU8tikTxBSNzLr6TvCXpUG19kJ2Ue52MFISCQZhm%2FeX7JFvXH328F0U0y%2Bg3tn4%2BROJ7dJGCk%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39449&min_rtt=29104&rtt_var=513&sent=2215&recv=298&lost=1&retrans=1&sent_bytes=2554687&recv_bytes=35472&delivery_rate=11386963&cwnd=334530&unsent_bytes=0&cid=0f693f79273e2979&ts=1505&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/octet-stream
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c4bab9d25af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
167336
server
cloudflare
Roboto-Medium.ttf
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/fonts/ 		165 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/fonts/Roboto-Medium.ttf
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/style/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d0d55a303bfd13b79a87721f65185e93f235e2d77fe398b2dca67ac519915f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://play-rift-expedition.xyz
Referer
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/style/style.css

Response headers

cf-cache-status
MISS
etag
"676adff8-292c4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CkAj%2F0jic4MoLZj76jA2D7KUd5SjEBZ55tCZKLr5g%2BZhJ5dnXtXDIZVSLGvM41xNOBmKG%2B7Brb6rHKLNo7r7Nb372HgqxDr%2FGRd4Yk84eLTa7ysc9GMc3PwNhut3RtrRflluksYlnSvaJzs%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31999&min_rtt=29104&rtt_var=1353&sent=1613&recv=231&lost=0&retrans=0&sent_bytes=1837234&recv_bytes=32428&delivery_rate=6641069&cwnd=453900&unsent_bytes=0&cid=0f693f79273e2979&ts=1413&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/octet-stream
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c4bab9f25af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
168644
server
cloudflare
Roboto-Regular.ttf
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/fonts/ 		164 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/fonts/Roboto-Regular.ttf
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/style/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://play-rift-expedition.xyz
Referer
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/style/style.css

Response headers

cf-cache-status
MISS
etag
"676adff8-29144"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2B%2F4sy7mHU3QE5NDxbdnmdEwyRmeh4d%2F01FTi3Aj8zxF64KG4020GEI5l%2FYa70aXTWrlPjYhQM2wEyEiGVfOFR7u4Jd0dK6SEgA5zFQ14i%2Ba63Nu6MbXulekxkTyFOEHsd3TOUdeO8Ljrrk%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30910&min_rtt=29104&rtt_var=1131&sent=526&recv=123&lost=0&retrans=0&sent_bytes=558480&recv_bytes=26418&delivery_rate=2206597&cwnd=199500&unsent_bytes=0&cid=0f693f79273e2979&ts=1160&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/octet-stream
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c4baba025af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
168260
server
cloudflare
OneSignalSDK.page.es6.js
cdn.onesignal.com/sdks/web/v16/ 		263 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160205
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b36eb3eed63ce88ee1c51492e5c2f7501cdee63a9e869f854e43edf7a4d50fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"459cd4a78df607cbccc4276ff8d8953f"
age
1008
expires
Sat, 28 Dec 2024 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
via
1.1 google
cf-ray
8f752c4c8ae6a563-MIA
server
cloudflare
manifest.php
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/script/ 		384 B
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/script/manifest.php?start_url=https%3A%2F%2Fplay-rift-expedition.xyz%2Fddtjc9l
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc2d44eee1e2c4544f17e6d0fab12671ce7f49e8d7aaf46c75d45043a8c20470

Request headers

Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zd8mwkAmadNlenkeb4il6w5CTVZZQ%2BDwkia%2B5dQ0TVvPkNEOQga30l0jOJ81G9tVILgO2RtGts2FfqmRMk2PD2Zt7C6zqqOmL4o05IpZqg4aEmnEFzNlXWs9iNbbeI2jUB94Bwuym6XnXjo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f752c4c8c7025af-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30910&min_rtt=29104&rtt_var=1131&sent=540&recv=123&lost=0&retrans=0&sent_bytes=573693&recv_bytes=26418&delivery_rate=2206597&cwnd=199500&unsent_bytes=0&cid=0f693f79273e2979&ts=1173&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
text/html; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=1,i
text-translate.json
easy-image.b-cdn.net/translate/ 		49 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://easy-image.b-cdn.net/translate/text-translate.json
Requested by
Host: play-rift-expedition.xyz
URL: https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
e481e71102af8cb70e6cc6343c86891ff0126fa1b3f189b1df38a6bd164a5d6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Referer
https://play-rift-expedition.xyz/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"6735f49a-c5e4"
cdn-fileserver
266
date
Wed, 25 Dec 2024 01:49:10 GMT
cdn-storageserver
NY-427
last-modified
Thu, 14 Nov 2024 13:01:14 GMT
content-type
application/json
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/14/2024 15:59:24
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
a2ba95ff-f7d4-4c79-b671-4b1bf35121f6
cdn-requestid
20612e183865f0f061973ed0b77e57be
cdn-pullzone
2442763
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
icon.png
play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/ 		576 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://play-rift-expedition.xyz/lander/template-2024-12-24-16-21-24.190674/icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cea136ae58405d0f7242fed15014920a3d37eea4ec725d6c0f84313cc9cb1f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://play-rift-expedition.xyz/ddtjc9l?lead_id=3t2rc3lcka8is&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&key=&ln=EN&sub_id_30=open_pwa

Response headers

cf-cache-status
MISS
etag
"676adff8-90104"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4UtH541Wv6fnX2gOtMaRkQofA35qlADEYuocDMboHZCRD3mY3f4bgOI99WN50x9XlM3UICPlPLbAQyfxGEUI%2ByXGRP6iojLBFBXhTLLS1SVDzN0SCyspfBoQszbz2TApYuoUWCdL94OLIY%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 01:49:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30935&min_rtt=29173&rtt_var=1091&sent=350&recv=96&lost=0&retrans=0&sent_bytes=353386&recv_bytes=25202&delivery_rate=2499706&cwnd=99900&unsent_bytes=0&cid=0f693f79273e2979&ts=1068&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 01:49:10 GMT
content-type
image/png
last-modified
Tue, 24 Dec 2024 16:23:20 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f752c49a94225af-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
590084
server
cloudflare

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| UAParser function| OneSignalDeferred number| __oneSignalSdkLoadCount function| OneSignal

3 Cookies

Domain/Path Name / Value
play-rift-expedition.xyz/ Name: _subid
Value: 3t2rc3lcka8iv
play-rift-expedition.xyz/ Name: 4e582
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxNTExXCI6MTczNTA5MTM0OSxcIjQxNTEwXCI6MTczNTA5MTM0OX0sXCJjYW1wYWlnbnNcIjp7XCIxMjUwNlwiOjE3MzUwOTEzNDl9LFwidGltZVwiOjE3MzUwOTEzNDl9In0.yXtcw9VXPriuABdg4123LBx-8fnmuc3CS2WG9bM0xXg
.onesignal.com/ Name: __cf_bm
Value: doL34kxl2fIckEofabvNBY1J1qwJPE1lEfI_QxzM6Gg-1735091350-1.0.1.1-L37tCRe_yNcNrIAnLzH1RGK23WcqYJBCynDRRMLsWKl3pqfxTfDjYg5QAJYDtT2SPQuCnuRJ4V_JErgeLCwvEA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
easy-image.b-cdn.net
play-rift-expedition.xyz
104.17.111.223
172.67.200.168
37.19.207.34
07f877868e50832c415393a03dad801a898de1db1aa24d54fa5994c31bd17438
0aff23b6c4ee6f36ee8e6d6de0e03ef346def4789521296e75023c1d9986df1f
11d4a4ae7aa4eb88b41581dc90f0b851731b3d25763c7453a322d5d77f2a162c
1266bd734a167b46b287221ff03697cf323e198d441a3ab274fad08f35ea016e
208b4941a2b2d910a3541052876b1857b2662da8e6edb1eee5e745c6a3e335b0
2333953d891e0853ada655e8f5c06b3cd2d6bce68a14e3006199fb398d40ff21
2cf31df5b105adeee79efb9d94fb767c0cb05a552d231835ef8c258d05fbc977
365d6543b1f0e31b43724d35ea0c0ed752739535fb776c5fc0e3ed2fe3a449ae
3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24
4055e9f6917ae4983f79b2619d5d0725c4e1ac17e5c816a729a85cfcfea01f14
4cea136ae58405d0f7242fed15014920a3d37eea4ec725d6c0f84313cc9cb1f6
4d34072018d7657f0a6e05ec5a155fb7d7772bc49b1c3e1b6943f872aef27083
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
5a29eb18c76586c2f55eedce4c2b46fa158df9148af71ade04a7934f9c5d312f
781e7981f74e3c2f71580d88c2e9769b6cbcc70ca06519b0fc95c99d63aaa5c5
7b36eb3eed63ce88ee1c51492e5c2f7501cdee63a9e869f854e43edf7a4d50fa
7befff9e0259bba05ae796e2bc198bd44a534f563365c20935b6c39339399dde
88ae5e1bd11ce49f04aad92bfc79dc80734a3bd673ebc7c7f38d34535fac380a
8e30d059ae297c9c231e28ccb6637a6fa5a95f8d29643a76c36ac63180d617e7
91f0d7ee94f0c643e05a214765d1c7cbb30be954586fdc0708018ca43ea630a1
9272cf8e32fa50126ccacba832b56f3c70e28cc9c15b19d749880df68d52e293
92ff6cf8d4767431e38e31bf578c7e120509ad06cd69bff6fe83175a90690ac1
932533fb9bf574bb1b71e61ff42d99c7309fe23e8cb8d522e5b5b87934689a62
9d0d55a303bfd13b79a87721f65185e93f235e2d77fe398b2dca67ac519915f5
a1187b875408223dffdbc97eb4176966b58f31ed19b9a473618f69e74fe955dc
a789911574156aa3caea14f5d11b7b8b232050d4cc7fa5b3c6063f6341e93942
aa41457dcb2f0ac734bab68edb86b3ed69ce9e68e8fd92f928d3061fc55ed316
ac79cfa70fe0b3820fa22be89a4220bfa05de2b99f3ee68bb10a7a35937c245c
b8a749b705e00a214b2182411ebdbe5ffc552b2597d1556c5ce844c99aa09af3
bdc9dc5532bc85798c90775b83babea117799eb9d0622026e485d07f21326c1c
c40f3da14748fefcf2a9f77c3e9e28b3868cb5904be2b7bd7dcc3b94417e3822
ca7117651b417a2cd9ae025f1d78ae94dbb24bba520b5d7a962d66dc7b85011d
d189311ea5cbefe56171921828cbc8f1c9d573c99832d801cce072d830523161
d585a60fc9f0e83db63c23140ac21771435ff5cc19167044d820fa6a9f8002b7
dc2d44eee1e2c4544f17e6d0fab12671ce7f49e8d7aaf46c75d45043a8c20470
e481e71102af8cb70e6cc6343c86891ff0126fa1b3f189b1df38a6bd164a5d6d
e79f9d2a5bf5985b4c8a0d5642f4e4df59b229262aa9a1ce06f4a1b2282cec7f
eace3bb3e76ba68da01bbe4ef5602f153a66a0022ebb4501d5b57885c7da3af9
ebd6e763c431a2c5af2d04463719b7002f112f9539e9b1b0a90269a229f50314
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7
f67d193e6472e73251254135e0eee99f529bb8d14c4e434d40d9e7a53a37ce9e