Submitted URL: https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiK...
Effective URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haf...
Submission: On November 28 via api from US — Scanned from US

Summary

This website contacted 11 IPs in 3 countries across 17 domains to perform 19 HTTP transactions. The main IP is 172.67.163.114, located in United States and belongs to CLOUDFLARENET, US. The main domain is theeverydaygame.com. The Cisco Umbrella rank of the primary domain is 468656.
TLS certificate: Issued by WE1 on October 23rd 2024. Valid for: 3 months.
This is the only time theeverydaygame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 88.208.22.4 39572 (ADVANCEDH...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 172.67.221.11 13335 (CLOUDFLAR...)
1 172.67.211.93 13335 (CLOUDFLAR...)
1 1 172.67.179.124 13335 (CLOUDFLAR...)
1 1 109.202.106.4 49453 (GLOBALLAY...)
1 172.67.164.151 13335 (CLOUDFLAR...)
1 3 185.59.223.192 60068 (CDN77 Dat...)
1 1 94.130.72.48 24940 (HETZNER-A...)
1 1 172.67.205.96 13335 (CLOUDFLAR...)
8 172.67.163.114 13335 (CLOUDFLAR...)
1 5.161.79.44 213230 (HETZNER-C...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.67.169.157 13335 (CLOUDFLAR...)
1 2 52.200.81.52 14618 (AMAZON-AES)
19 11
Apex Domain
Subdomains
Transfer
8 theeverydaygame.com
theeverydaygame.com — Cisco Umbrella Rank: 468656
2 MB
2 pemsrv.com
s.pemsrv.com — Cisco Umbrella Rank: 29726
3 KB
2 gancypnectist.com
28877825-21689-ex.gancypnectist.com
4 KB
1 experttrafficmonitor.com
experttrafficmonitor.com — Cisco Umbrella Rank: 824220
409 B
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 15519
576 B
1 exoclick.com
a.exoclick.com Failed
syndication.exoclick.com — Cisco Umbrella Rank: 89770
363 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
877 B
1 twistconcept.com
twistconcept.com — Cisco Umbrella Rank: 797446
1 KB
1 gamesrevenue.com
ln.gamesrevenue.com — Cisco Umbrella Rank: 381290
4 KB
1 hooligs.app
click.hooligs.app — Cisco Umbrella Rank: 244860
957 B
1 lustgoddessgame.buzz
lustgoddessgame.buzz
606 B
1 hdpornplay.com
hdpornplay.com
1 KB
1 yourassbig.com
yourassbig.com
385 B
1 1ts17.top
p.1ts17.top — Cisco Umbrella Rank: 478770
1 KB
1 lostporntube.com
lostporntube.com
1 KB
1 xvids8.com
xvids8.com
1 KB
1 google.com
ads.google.com — Cisco Umbrella Rank: 23719
19 17
Domain Requested by
8 theeverydaygame.com s.pemsrv.com
theeverydaygame.com
2 s.pemsrv.com 1 redirects
2 28877825-21689-ex.gancypnectist.com 1 redirects
1 experttrafficmonitor.com theeverydaygame.com
1 proftrafficcounter.com 1 redirects
1 syndication.exoclick.com theeverydaygame.com
1 my.rtmark.net theeverydaygame.com
1 twistconcept.com ln.gamesrevenue.com
1 ln.gamesrevenue.com theeverydaygame.com
1 click.hooligs.app 1 redirects
1 lustgoddessgame.buzz 1 redirects
1 hdpornplay.com
1 yourassbig.com 1 redirects
1 p.1ts17.top 1 redirects
1 lostporntube.com 28877825-21689-ex.gancypnectist.com
1 xvids8.com 1 redirects
1 ads.google.com 28877825-21689-ex.gancypnectist.com
0 a.exoclick.com Failed theeverydaygame.com
19 18

This site contains links to these domains. Also see Links.

Domain
www.lust-goddess.com
Subject Issuer Validity Valid
*.gancypnectist.com
R11
2024-09-23 -
2024-12-22
3 months crt.sh
adwords.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
lostporntube.com
WE1
2024-11-13 -
2025-02-11
3 months crt.sh
hdpornplay.com
WE1
2024-10-26 -
2025-01-24
3 months crt.sh
pemsrv.com
E6
2024-11-13 -
2025-02-11
3 months crt.sh
theeverydaygame.com
WE1
2024-10-23 -
2025-01-21
3 months crt.sh
*.gamesrevenue.com
R11
2024-11-06 -
2025-02-04
3 months crt.sh
twistconcept.com
WE1
2024-11-14 -
2025-02-12
3 months crt.sh
my.rtmark.net
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
exoclick.com
E6
2024-10-06 -
2025-01-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Frame ID: 9E13A7387AB96C2C3AC33C1BA5E2F2DD
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Lust Goddess

Page URL History Show full URLs

  1. https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTk... Page URL
  2. https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTk... HTTP 307
    https://xvids8.com/CsttFAJ/cgi/out.php?scheme_id=4 HTTP 302
    https://lostporntube.com/se2111.php Page URL
  3. https://p.1ts17.top/pu.php?partnersCode=31afa475&flt=0&bu=http%3A%2F%2Fyourassbig.com%2Flipg4.html HTTP 302
    http://yourassbig.com/lipg4.html HTTP 307
    https://yourassbig.com/lipg4.html HTTP 307
    http://yourassbig.com/lipg4.html HTTP 302
    https://hdpornplay.com/exo11.php Page URL
  4. https://s.pemsrv.com/splash.php?cat=&idzone=4176530&type=8 Page URL
  5. https://s.pemsrv.com/splash.php?cat=&idzone=4176530&type=8&p=https%3A%2F%2Fhdpornplay.com%2F&test... HTTP 302
    https://lustgoddessgame.buzz/c4thl3k.php?key=LGpop&tag=oqdRbHNRPHNNbHZY45c3UzWV1USumlpunsusrdK51UtrqZnTum... HTTP 302
    https://click.hooligs.app/?pid=1237&offer_id=49&land=938&ref_id=5eb357swhci16f57&sub1=&sub2=&sub3=1090 HTTP 302
    https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6... Page URL

Page Statistics

19
Requests

89 %
HTTPS

13 %
IPv6

17
Domains

18
Subdomains

11
IPs

3
Countries

2332 kB
Transfer

2343 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1 Page URL
  2. https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...+312+...2c%22%5B%5D%22%5D&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Wed%20Nov%2027%202024%2023%3A05%3A54%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)%22%2C%22600%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
    https://xvids8.com/CsttFAJ/cgi/out.php?scheme_id=4 HTTP 302
    https://lostporntube.com/se2111.php Page URL
  3. https://p.1ts17.top/pu.php?partnersCode=31afa475&flt=0&bu=http%3A%2F%2Fyourassbig.com%2Flipg4.html HTTP 302
    http://yourassbig.com/lipg4.html HTTP 307
    https://yourassbig.com/lipg4.html HTTP 307
    http://yourassbig.com/lipg4.html HTTP 302
    https://hdpornplay.com/exo11.php Page URL
  4. https://s.pemsrv.com/splash.php?cat=&idzone=4176530&type=8 Page URL
  5. https://s.pemsrv.com/splash.php?cat=&idzone=4176530&type=8&p=https%3A%2F%2Fhdpornplay.com%2F&tested=1&check=2c87130ca225eadd31d72f932c45af4f&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    https://lustgoddessgame.buzz/c4thl3k.php?key=LGpop&tag=oqdRbHNRPHNNbHZY45c3UzWV1USumlpunsusrdK51UtrqZnTumqdK6V0rqrbXUzVVWVTOpmrpmotdK6Z0rpXSuldM6V0rpnV2U20T2WZ53T6Sx12y1U3TSzV21zS21UUustt21uzs1l3lpsquu1oqrqqn0ono34zsdK7rYQSAF9muPUP7pq5ZVTTyyudK6V0rpXSuldK6V0rprKJ7LabK5XOdK6V0rpXSuldK6V0rpXTOlcWMW_5SIj1D.6V1mmdNk10_G2s9WttPGlO9NlMs8t0vG9ezg.w&cost=0.00063204&source=hdpornplay.com&varid=104927976&campid=6900650&siteid=901150&zoneid=4176530&catid=508&country=USA&format= HTTP 302
    https://click.hooligs.app/?pid=1237&offer_id=49&land=938&ref_id=5eb357swhci16f57&sub1=&sub2=&sub3=1090 HTTP 302
    https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...+312+...2c%22%5B%5D%22%5D&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Wed%20Nov%2027%202024%2023%3A05%3A54%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)%22%2C%22600%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
  • https://xvids8.com/CsttFAJ/cgi/out.php?scheme_id=4 HTTP 302
  • https://lostporntube.com/se2111.php
Request Chain 3
  • https://p.1ts17.top/pu.php?partnersCode=31afa475&flt=0&bu=http%3A%2F%2Fyourassbig.com%2Flipg4.html HTTP 302
  • http://yourassbig.com/lipg4.html HTTP 307
  • https://yourassbig.com/lipg4.html HTTP 307
  • http://yourassbig.com/lipg4.html HTTP 302
  • https://hdpornplay.com/exo11.php
Request Chain 16
  • https://proftrafficcounter.com/px.gif?akey=28407dccfb372e83ee9d49a69f097187 HTTP 307
  • https://experttrafficmonitor.com/dbs?uuid=579cd899-8394-4c2c-9a77-c3fff127a116&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTczMjc4NDc2Mn0sImFjY2wiOnsiMjAsMCI6MTczMjc4NDc2Mn19._5sNEqqnnjoE8UJk-s0mpoxJ09ErmQDiyrX2ys468Pg

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg
28877825-21689-ex.gancypnectist.com/
8 KB
3 KB
Document
General
Full URL
https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.22.4 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
ffbe19c86fba11e8d28f1277c8ff3a6bc2ca466f79cf3195d678baa322d9f371

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Thu, 28 Nov 2024 09:05:54 GMT
expires
Thu, 28 Nov 2024 09:05:54 UTC
last-modified
Thu, 28 Nov 2024 09:05:54 UTC
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
vary
Accept-Encoding
/
ads.google.com/
0
0
Fetch
General
Full URL
https://ads.google.com/
Requested by
Host: 28877825-21689-ex.gancypnectist.com
URL: https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1103
date
Thu, 28 Nov 2024 09:05:54 GMT
content-type
text/html; charset=UTF-8
se2111.php
lostporntube.com/
Redirect Chain
  • https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg?kws=&abl=0&fsb=0&pageUri=h...
  • https://xvids8.com/CsttFAJ/cgi/out.php?scheme_id=4
  • https://lostporntube.com/se2111.php
514 B
1 KB
Document
General
Full URL
https://lostporntube.com/se2111.php
Requested by
Host: 28877825-21689-ex.gancypnectist.com
URL: https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.211.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
953a9feaecd49429bcb2c9aa19aeb4dd39a48cff3498ace35111aab495c79190

Request headers

Referer
https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e9932ee4f56a55a-MIA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 09:05:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bsRvQ%2BJpFBpcb8eZQmoGQgGDbthG7P129V2Ss%2BekVWGhDpNN2x2yk1aaA5YTSCu4pvwaVe2rPOsJ9fFtGlHnLAKb7NipP3GR%2BV4KquqIz%2FnqmpZHcETk%2B69GMMpi0JFp%2BU83"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=30733&min_rtt=30413&rtt_var=5166&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4180&recv_bytes=4733&delivery_rate=493&cwnd=12000&unsent_bytes=0&cid=08cf1a7a78904653&ts=290&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e9932ebf83f7439-MIA
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 09:05:54 GMT
location
https://lostporntube.com/se2111.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKgTcHkM3XIfE2OjwtYeC1YiaP%2FjRcpYD%2F0RNQzs8AVArYXm5ruXpfl1zDGpoL7n5qnF57KB6HymiXJIV12HiWzAMpWUdJA%2FFzFO0l7hxUmVfuXew26Tam%2FWCoUC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=33637&min_rtt=30513&rtt_var=11044&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4160&recv_bytes=4745&delivery_rate=505&cwnd=12000&unsent_bytes=0&cid=601e8aa860bf6a08&ts=284&x=1" cfExtPri cfHdrFlush;dur=0
exo11.php
hdpornplay.com/
Redirect Chain
  • https://p.1ts17.top/pu.php?partnersCode=31afa475&flt=0&bu=http%3A%2F%2Fyourassbig.com%2Flipg4.html
  • http://yourassbig.com/lipg4.html
  • https://yourassbig.com/lipg4.html
  • http://yourassbig.com/lipg4.html
  • https://hdpornplay.com/exo11.php
570 B
1 KB
Document
General
Full URL
https://hdpornplay.com/exo11.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.164.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d9455f8be1564cad9a000970053b0dd3e1cdb3f4ca91e5a528f71f2454cb286

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://lostporntube.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e993307cf6e09b6-MIA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 09:05:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4tXtdvHrfJadwPyFnpc7k7QgVXG2oXw%2BnwmBfMPHYrOw%2FmkkhzTLfg6QvqIYvboWcI7RigA39lLcCM%2FTstlEmwEduZhQvX7RgSp1soQjRreNAzd6qE4PORZ4FqWaXtcYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=33725&min_rtt=30542&rtt_var=11072&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4163&recv_bytes=4479&delivery_rate=505&cwnd=12000&unsent_bytes=0&cid=a0b994ba5fcea2e0&ts=281&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

Connection
close
Content-Encoding
gzip
Content-Length
191
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 28 Nov 2024 09:05:58 GMT
Location
https://hdpornplay.com/exo11.php
Server
Apache
Vary
Accept-Encoding
splash.php
s.pemsrv.com/
1 KB
1011 B
Document
General
Full URL
https://s.pemsrv.com/splash.php?cat=&idzone=4176530&type=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.59.223.192 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
unn-185-59-223-192.cdn77.com
Software
/
Resource Hash
ea9fab3ee54e9c39cb098766f5176881f4e2234fcc6d54de515c8416df395ff0

Request headers

Referer
https://hdpornplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-Ch-Ua,Sec-Ch-Ua-Mobile,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Full-Version-list,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Bitness,Sec-Ch-Ua-Arch
access-control-allow-headers
X-CH-VALUES
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 09:05:59 GMT
x-robots-tag
noindex, follow
x-served-by
hap01-web25-ny1-1
Primary Request /
theeverydaygame.com/lg/lg_0624/land_lg_240624_en/
Redirect Chain
  • https://s.pemsrv.com/splash.php?cat=&idzone=4176530&type=8&p=https%3A%2F%2Fhdpornplay.com%2F&tested=1&check=2c87130ca225eadd31d72f932c45af4f&screen_resolution=1600x1200&container_resolution=1600x12...
  • https://lustgoddessgame.buzz/c4thl3k.php?key=LGpop&tag=oqdRbHNRPHNNbHZY45c3UzWV1USumlpunsusrdK51UtrqZnTumqdK6V0rqrbXUzVVWVTOpmrpmotdK6Z0rpXSuldM6V0rpnV2U20T2WZ53T6Sx12y1U3TSzV21zS21UUustt21uzs1l3lp...
  • https://click.hooligs.app/?pid=1237&offer_id=49&land=938&ref_id=5eb357swhci16f57&sub1=&sub2=&sub3=1090
  • https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
1 KB
1 KB
Document
General
Full URL
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Requested by
Host: s.pemsrv.com
URL: https://s.pemsrv.com/splash.php?cat=&idzone=4176530&type=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df7ef05aaa9459015c41709d9b39cd240713df52b3071458e204937de8b33b90

Request headers

Referer
https://s.pemsrv.com/splash.php?cat=&idzone=4176530&type=8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e993318fec0a528-MIA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 09:06:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79ca2PxVaYJPhiGrULrKtBYTg5FYfWGkBS85%2BAPuney9RkH8ierGd1DSJJ1GnWN%2BwGp%2BUzvKYjpkGex8Vt%2FWCZxJPjUqu2U2nftJz1o4cG040fslvBTIpWVM4SzkrPMbxPmrZ1c1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31260&min_rtt=31105&rtt_var=6755&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4253&recv_bytes=4528&delivery_rate=18461&cwnd=12000&unsent_bytes=0&cid=0b68f019588a0eba&ts=108&x=1" cfHdrFlush;dur=0
vary
accept-encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e993315efa5dab5-MIA
content-language
en
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Thu, 28 Nov 2024 09:06:01 GMT
location
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2%2FYu9ZwfAu2BGznpTVDo%2FH5MmGqeJnxZST0ZBpn17Ss6xyWW9DC6mnxWqyf10A6n0RSyLRNCWngikJ0C0uS0GDQBm%2BAkubY9XGwAMlEnk7ngf5ma3ZTnoNg02WJPpye%2FJHPXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=30328&min_rtt=30194&rtt_var=4905&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4286&recv_bytes=4599&delivery_rate=505&cwnd=12000&unsent_bytes=0&cid=635c88e97824bdaa&ts=518&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=43200
vary
Accept-Language, Origin
x-clickid
4e5700008c6ac0da
x-content-type-options
nosniff
x-frame-options
DENY
main.css
theeverydaygame.com/lg/lg_0624/land_lg_240624_en/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/css/main.css?v=1
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03b1bd7bc9e323c0b3c414fb8a92abcec408f571afb2ed6ef4b920487f3c9f8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"667aec00-c95"
age
6482
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OljaZFSSb%2BUmhVs2ze9xZ3pNk8HjuuUp7b0BEA3Hfhq2Sh4ceU7UFIGGW9UVgBMwaNrsScFpi1O6ZAuYRVbEcskFI1mJeB2m17J9QZnfLV2sJvA8VilNvAtpyX21lN7JjPTPcE6J"}],"group":"cf-nel","max_age":604800}
cf-ray
8e993319cf38a528-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33840&min_rtt=30334&rtt_var=9424&sent=15&recv=15&lost=0&retrans=0&sent_bytes=5536&recv_bytes=6376&delivery_rate=23035&cwnd=12000&unsent_bytes=0&cid=0b68f019588a0eba&ts=173&x=1", cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:06:01 GMT
content-type
text/css
last-modified
Tue, 25 Jun 2024 16:10:40 GMT
vary
Accept-Encoding
server
cloudflare
px1.js
ln.gamesrevenue.com/
15 KB
4 KB
Script
General
Full URL
https://ln.gamesrevenue.com/px1.js
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.161.79.44 , United States, ASN213230 (HETZNER-CLOUD2-AS Hetzner Online GmbH, DE),
Reverse DNS
static.44.79.161.5.clients.your-server.de
Software
nginx /
Resource Hash
d40fc3bebe2dc3c28f08f2f4f5a6059425ccc5541ada3f0945f7539e90374441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/

Response headers

content-encoding
gzip
date
Thu, 28 Nov 2024 09:06:02 GMT
etag
W/"65856128-3b88"
content-type
application/javascript
last-modified
Fri, 22 Dec 2023 10:12:56 GMT
server
nginx
awpx_click.js
theeverydaygame.com/
1 KB
1 KB
Script
General
Full URL
https://theeverydaygame.com/awpx_click.js?v=005
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fff603702e9bea03cf47ba47947bb7f8655eb7fcb1c8f7091e9a38d8f5d949c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6409abb0-5d2"
age
5263
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lchOIFGcPO0O4jGSzmjp3r6NobUe1gOhCD1Q1juwh0lwdYdn%2Bl7Imaz4%2BNnwggPEKp4seMpVtJZFyiBDqID2YjpjcTivwvJwNYA3fAfrk5TUR1NuaiC0Uhr1YfpLQ7ePhr0dLPmN"}],"group":"cf-nel","max_age":604800}
cf-ray
8e993319cf3aa528-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33840&min_rtt=30334&rtt_var=9424&sent=24&recv=15&lost=0&retrans=0&sent_bytes=15370&recv_bytes=6376&delivery_rate=23035&cwnd=12000&unsent_bytes=0&cid=0b68f019588a0eba&ts=175&x=1", cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:06:01 GMT
content-type
application/javascript
last-modified
Thu, 09 Mar 2023 09:49:36 GMT
vary
Accept-Encoding
server
cloudflare
btn1.png
theeverydaygame.com/lg/lg_0624/land_lg_240624_en/image/
7 KB
8 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/image/btn1.png
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1e1e73f4fc2c826c1abb99a32699a0060c91cd1ab9d818b4590e17cbdd7f7d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"667ae986-1d41"
age
2046
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZMjH1n6dVkgOLHRNdw41iQwWQQS8NKSPln44ZBJvzYU50UalmngxUUUO%2BkD4wisKlzmIipfe6Sxhc5ThRsXobzRptUYqleSkwS5IP9nyvm73CpJwEqXnVi%2BNcU3K2oQKT1sD23O"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33840&min_rtt=30334&rtt_var=9424&sent=17&recv=15&lost=0&retrans=0&sent_bytes=7072&recv_bytes=6376&delivery_rate=23035&cwnd=12000&unsent_bytes=0&cid=0b68f019588a0eba&ts=175&x=1", cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:06:01 GMT
content-type
image/png
last-modified
Tue, 25 Jun 2024 16:00:06 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e993319cf3ba528-MIA
accept-ranges
bytes
content-length
7489
server
cloudflare
btn2.png
theeverydaygame.com/lg/lg_0624/land_lg_240624_en/image/
7 KB
8 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/image/btn2.png
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea49fe69c93e9bf01853f1d78a1289a3b45aff31847250e67b4b71484f5e7871

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"667ae987-1dc3"
age
3151
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zo%2Ffvy4XGgGZH79bdEvlc015jBdZAqdLBIxcclk8lcRMex1ZAY8utKgaAoaPh3Mrg8FVUKkpz3XShJinUfVeWaP4DmmgJo7Von77lKpdrqJfIPVx3y6LqIVy%2FGILXKcct5v1ZBro"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33840&min_rtt=30334&rtt_var=9424&sent=26&recv=15&lost=0&retrans=0&sent_bytes=16728&recv_bytes=6376&delivery_rate=23035&cwnd=12000&unsent_bytes=0&cid=0b68f019588a0eba&ts=184&x=1", cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:06:01 GMT
content-type
image/png
last-modified
Tue, 25 Jun 2024 16:00:07 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e993319cf3da528-MIA
accept-ranges
bytes
content-length
7619
server
cloudflare
index.min.js
twistconcept.com/
653 B
1 KB
Script
General
Full URL
https://twistconcept.com/index.min.js?pk=28407dccfb372e83ee9d49a69f097187
Requested by
Host: ln.gamesrevenue.com
URL: https://ln.gamesrevenue.com/px1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:562e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af3e3bd3016f5762e3dc3dbd8fc7bbf00f4ec9349bee71a23bbe5547dcffd1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"655f4e52-28d"
age
2932
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MeQUXaknh%2BXcPq5m9EnxmyV9iHvMI30REWhdbqz8SRy%2B%2BIp%2Fd0YfYv2qlQR1Jbm9xV%2BNxsM1SgBRzweQN%2FcQUGpgN3UZFyNToPjfuitCmV1dkA2Y6RFRFwFpt3Btz%2FaXmW9K9ikqmXKlLUrhDrQL"}],"group":"cf-nel","max_age":604800}
cf-ray
8e99331b9c104c13-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=30621&min_rtt=29573&rtt_var=7814&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4006&recv_bytes=2230&delivery_rate=118794&cwnd=252&unsent_bytes=0&cid=97ffcbfa35b9833b&ts=51&x=0"
date
Thu, 28 Nov 2024 09:06:02 GMT
content-type
application/javascript
last-modified
Thu, 23 Nov 2023 13:06:26 GMT
vary
Accept-Encoding
server
cloudflare
img.gif
my.rtmark.net/
43 B
877 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=sync&lr=1&partner=4525db4116ed1c87c5ad9a1c2cb785cedc7f7ec9dfd0157a058f115a95fabcf3
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lb9D2m50zgSMCgcHS2cIz1DFb3lJXRzapjbmIEQPzasBdx3KbHv0V2X9EmDMITdbJOasQ%2F262ChEOblrVa%2Bzx6%2BbpYdXuAEFiEi6i2%2FnWe1YeSBZdTR34TtBBet5OL2u"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33123&min_rtt=29951&rtt_var=10992&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4494&delivery_rate=510&cwnd=12000&unsent_bytes=0&cid=4108547c84a61131&ts=160&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:06:02 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e99331b4ff1da05-MIA
access-control-allow-origin
*
content-length
43
server
cloudflare
tag.php
a.exoclick.com/
0
0

tag.php
syndication.exoclick.com/
0
363 B
Image
General
Full URL
https://syndication.exoclick.com/tag.php?goal=315a7277b250d14fa10b881aa0e2bda6
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.59.223.192 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
unn-185-59-223-192.cdn77.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/

Response headers

x-robots-tag
noindex, follow
content-encoding
gzip
date
Thu, 28 Nov 2024 09:06:02 GMT
content-type
text/html; charset=UTF-8
x-served-by
hap02-web05-ny1-1
bg.jpg
theeverydaygame.com/lg/lg_0624/land_lg_240624_en/image/
73 KB
74 KB
Image
General
Full URL
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/image/bg.jpg
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/css/main.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10327037b6b1c17f946a1758d2a28713c15595a75d93ac1cb7673520af4526f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/css/main.css?v=1

Response headers

cf-cache-status
HIT
etag
"667ae986-123b7"
age
5799
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bn%2BzWYAgENY%2FlO300NEZ2yk5op4NiB1sgAsCIpHkS4tjIcSWQ8NX82kDdo%2FBknM2rAXG6QDd33WVZDEIPc90WJV95v4CaPIavmGsigMrAlpw3QEdHSGWNj6bBLIw8b86SrxtJ0o1"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35771&min_rtt=30301&rtt_var=5009&sent=36&recv=26&lost=0&retrans=0&sent_bytes=25234&recv_bytes=7202&delivery_rate=235943&cwnd=22800&unsent_bytes=0&cid=0b68f019588a0eba&ts=380&x=1", cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:06:02 GMT
content-type
image/jpeg
last-modified
Tue, 25 Jun 2024 16:00:06 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e99331b182ca528-MIA
accept-ranges
bytes
content-length
74679
server
cloudflare
bg.mp4
theeverydaygame.com/lg/lg_0624/land_lg_240624_en/image/
2 MB
2 MB
Media
General
Full URL
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/image/bg.mp4
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
747f903f789451433698fdb3fedb917a6b00030d6332fad0c85fab20b1f56502

Request headers

Referer
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cf-cache-status
HIT
etag
"667ae987-22b9ed"
age
5599
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zYqw1SxcCd6jdZ37%2BYJ7XiMjrIhyZVNen9rA0Y%2FA38GRNCFtedu%2BLDx97n73tfu1WJ4ChEL6SYZCdQW57V8FhHP%2B46aRKdB6sbbChci4iLVAKAS4rcwa6KVoaXJzIv7sP5K33xQU"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35771&min_rtt=30301&rtt_var=5009&sent=56&recv=27&lost=0&retrans=0&sent_bytes=48058&recv_bytes=7607&delivery_rate=235943&cwnd=22800&unsent_bytes=0&cid=0b68f019588a0eba&ts=394&x=1", cfHdrFlush;dur=16
date
Thu, 28 Nov 2024 09:06:02 GMT
content-type
video/mp4
last-modified
Tue, 25 Jun 2024 16:00:07 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-2275820/2275821
cf-ray
8e99331b2835a528-MIA
Content-Length
2275821
server
cloudflare
dbs
experttrafficmonitor.com/
Redirect Chain
  • https://proftrafficcounter.com/px.gif?akey=28407dccfb372e83ee9d49a69f097187
  • https://experttrafficmonitor.com/dbs?uuid=579cd899-8394-4c2c-9a77-c3fff127a116&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTczMjc4NDc2Mn0sImFjY2wiOnsiMjAsMCI6MTczMjc4NDc2Mn1...
7 B
409 B
Image
General
Full URL
https://experttrafficmonitor.com/dbs?uuid=579cd899-8394-4c2c-9a77-c3fff127a116&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTczMjc4NDc2Mn0sImFjY2wiOnsiMjAsMCI6MTczMjc4NDc2Mn19._5sNEqqnnjoE8UJk-s0mpoxJ09ErmQDiyrX2ys468Pg
Requested by
Host: theeverydaygame.com
URL: https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs
Protocol
H2
Server
52.200.81.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-81-52.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/

Response headers

expires
Thu, 28 Nov 2024 09:06:02 GMT
cache-control
max-age=0, : no-cache
content-length
7
date
Thu, 28 Nov 2024 09:06:02 GMT
content-type
image/gif
host
experttrafficmonitor.com
server
nginx/1.21.6

Redirect headers

cache-control
max-age=0, : no-cache
location
http://experttrafficmonitor.com/dbs?uuid=579cd899-8394-4c2c-9a77-c3fff127a116&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsiMTkyMSI6MTczMjc4NDc2Mn0sImFjY2wiOnsiMjAsMCI6MTczMjc4NDc2Mn19._5sNEqqnnjoE8UJk-s0mpoxJ09ErmQDiyrX2ys468Pg
expires
Thu, 28 Nov 2024 09:06:02 GMT
content-length
0
date
Thu, 28 Nov 2024 09:06:02 GMT
content-type
image/gif
host
proftrafficcounter.com
server
nginx/1.21.6
fav.png
theeverydaygame.com/lg/lg_0624/land_lg_240624_en/image/
1 KB
2 KB
Other
General
Full URL
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/image/fav.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a689201508b9dc7b2cc3049c7d89947f96a19790411506ecd6eb1875374fe329

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://theeverydaygame.com/lg/lg_0624/land_lg_240624_en/?haff_pid=1237&haff_oid=49&haff_cid=4e5700008c6ac0da&haff_sub1=&haff_sub2=&haff_sub3=1090&haff_tag=rs

Response headers

cf-cache-status
HIT
etag
"667ae987-591"
age
7138
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0teA7YXKI5kzkYz%2FlHM4%2BECEZOiKJxZO4l9nBxTEX%2BloUAi3ACEFceD7TjrysSjNgiivk480A57IWNUlaMBArzc3ijmhTl18TiNsdizOSQBSMg0EyLyPNHDuS0uxUMMur7HgYd8p"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31789&min_rtt=30099&rtt_var=758&sent=2307&recv=270&lost=240&retrans=240&sent_bytes=2718769&recv_bytes=19311&delivery_rate=3693826&cwnd=460256&unsent_bytes=0&cid=0b68f019588a0eba&ts=810&x=1", cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:06:02 GMT
content-type
image/png
last-modified
Tue, 25 Jun 2024 16:00:07 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e99331dc9aea528-MIA
accept-ranges
bytes
content-length
1425
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.exoclick.com
URL
https://a.exoclick.com/tag.php?goal=7ac151cecb6d5053d7cf4c7fa1ac596e

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| adfunc object| _0x4743 function| _0x531b

23 Cookies

Domain/Path Name / Value
xvids8.com/ Name: 90e58e4e722e5c82f68b7e1a44b2e48c
Value: notrade
xvids8.com/ Name: d98a677ecc1f04b86feaa770da2543bc
Value: notrade
xvids8.com/ Name: 36e13db7992917eedaf65bdbfb881923
Value: 1732784754
xvids8.com/ Name: 469d53d4426e3d73a25b2fbed002ece8
Value: %2FCsttFAJ%2Fcgi%2Fout.php%3Fscheme_id%3D4
xvids8.com/ Name: 29406273454fd0842246ad09286a2e4d
Value: 1
xvids8.com/ Name: de6a355edb73771f572668b7204c9655
Value: 1
.1ts17.top/ Name: u
Value: NENyRUxTX45rcGymfrWLipfMp6uo4rnDzMYFCA4W6%2FP2LjEKD0YhHiosMTxDRU5SWGNfb2s%3D
.1ts17.top/ Name: c
Value: NENATE5TXmVncHR6hYKRjZGZnaWpsbW9wcnN1dnh5e3x%2Bf0GCREVHSEpLTU5QUVNUVldZWlxdX2BiY2VmaE%3D
.yourassbig.com/ Name: mkkzv
Value: ptEbADQAAgBGAHYySGf__3YySGdAAAEAAAB2MkhnAA--
.pemsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2267483277aa92b0.680549101686108534%22%3B%7D
.pemsrv.com/ Name: impressions
Value: xesxcrmoavxzxmsomcoacczxccevxerscblmbvxzxmsomcoacrzxccevxeamaoomcvszxmsomcoacrzxccevxermaxelevszxmsomcoacrzxccevxemmolomevxzxmsomcoacrzxccevbcxoxxxcvozxmsomcoacrzxccevxerscblbevxzxmsomcoacrzxccevxemlcamacvxzxmsomcserazxccevxeormlelbvxzxmsommlsxmzxccevxeelobbrbvozxmsommlsxmzxccevxemsxelxbvozxmsommlsxmzxccevxemolbrbavxzxmsommlsxbzxccevxemselsecvozxmsommlsxbzxccevxealacbeevozxmsommlsxbzxccevxeorssasevxzxmsombeoxezxccevboelxbrcvxzxmsombeoxezxccevboelxbravxzxmsombeoxxzxccevlaaocmaavxzxmsombeoxxzxccevxeclomlmavxzxmsombcmaezxcce
.pemsrv.com/ Name: c-tag
Value: %7B%22tag-link%22%3A%22v5%7C%7CUSA%7C4176530%7C104927976%7C0%7C%7C508%7C41%7C2%7C15%7C0%7C0%7C0%7C588%7C4155751%7C4164138%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C67483277aa92b0.680549101686108534%7C788dc9a7c0e047599c356552b323efa7%7C0%7Chdpornplay.com%7C1600x1200%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1732784760%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7Cs.pemsrv.com%7C0%7Cbc3f7c55cfabf1fd7b1350a43e3de5ce%7Cok%22%7D
lustgoddessgame.buzz/ Name: uclick
Value: 7swhci16
lustgoddessgame.buzz/ Name: uclickhash
Value: 7swhci16-7swhci16-2toc-0-he8p-2tqqwj-2tqqi4-505d81
click.hooligs.app/ Name: haff_cid:1237:49
Value: 4e5700008c6ac0da
my.rtmark.net/ Name: ID
Value: 08812289422a4b8ffdc2532776354785
.exoclick.com/ Name: goals
Value: a%3A1%3A%7Bi%3A85836%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-11-28%22%3B%7D%7D
proftrafficcounter.com/ Name: uid_id2
Value: 579cd899-8394-4c2c-9a77-c3fff127a116:2:1
proftrafficcounter.com/ Name: ak
Value: 1921,1732784762
proftrafficcounter.com/ Name: acl
Value: 20,0,1732784762
experttrafficmonitor.com/ Name: uid_id2
Value: 579cd899-8394-4c2c-9a77-c3fff127a116:2:1
experttrafficmonitor.com/ Name: ak
Value: 1921,1732784762
experttrafficmonitor.com/ Name: acl
Value: 20,0,1732784762

2 Console Messages

Source Level URL
Text
rendering warning URL: https://28877825-21689-ex.gancypnectist.com/iyJDCY0yOAznZtczvVvDJiJLktkRvoHRdq1RM8rKT8sTNcrGpdwAo8-PWoA3KNOZlItQcaQkjvTkeuuzHOKnYBWKmKGlubiKcAQfS7ROFk_CsiX0HCoA8UeE6Ucmdg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fimgbaron.com%2Fhxao1ut45knl%2Fphoto_2019-04-29_14-12-58.jpg.html%23_...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0901D007C1C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://ads.google.com/
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28877825-21689-ex.gancypnectist.com
a.exoclick.com
ads.google.com
click.hooligs.app
experttrafficmonitor.com
hdpornplay.com
ln.gamesrevenue.com
lostporntube.com
lustgoddessgame.buzz
my.rtmark.net
p.1ts17.top
proftrafficcounter.com
s.pemsrv.com
syndication.exoclick.com
theeverydaygame.com
twistconcept.com
xvids8.com
yourassbig.com
a.exoclick.com
109.202.106.4
172.67.163.114
172.67.164.151
172.67.169.157
172.67.179.124
172.67.205.96
172.67.211.93
172.67.221.11
185.59.223.192
2606:4700:3030::6815:562e
2607:f8b0:4006:822::200e
5.161.79.44
52.200.81.52
88.208.22.4
94.130.72.48
03b1bd7bc9e323c0b3c414fb8a92abcec408f571afb2ed6ef4b920487f3c9f8e
0d9455f8be1564cad9a000970053b0dd3e1cdb3f4ca91e5a528f71f2454cb286
10327037b6b1c17f946a1758d2a28713c15595a75d93ac1cb7673520af4526f9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
6af3e3bd3016f5762e3dc3dbd8fc7bbf00f4ec9349bee71a23bbe5547dcffd1e
747f903f789451433698fdb3fedb917a6b00030d6332fad0c85fab20b1f56502
7fff603702e9bea03cf47ba47947bb7f8655eb7fcb1c8f7091e9a38d8f5d949c
953a9feaecd49429bcb2c9aa19aeb4dd39a48cff3498ace35111aab495c79190
a1e1e73f4fc2c826c1abb99a32699a0060c91cd1ab9d818b4590e17cbdd7f7d2
a689201508b9dc7b2cc3049c7d89947f96a19790411506ecd6eb1875374fe329
d40fc3bebe2dc3c28f08f2f4f5a6059425ccc5541ada3f0945f7539e90374441
df7ef05aaa9459015c41709d9b39cd240713df52b3071458e204937de8b33b90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea49fe69c93e9bf01853f1d78a1289a3b45aff31847250e67b4b71484f5e7871
ea9fab3ee54e9c39cb098766f5176881f4e2234fcc6d54de515c8416df395ff0
ffbe19c86fba11e8d28f1277c8ff3a6bc2ca466f79cf3195d678baa322d9f371