urlscan.io logo urlscan.io
SecurityTrails logo

deficitgame.top Open in urlscan Pro
2606:4700:3035::6815:24f7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://deficitgame.top/?shiny
Effective URL: https://deficitgame.top/?shiny
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On October 25 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::6815:24f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is deficitgame.top.
TLS certificate: Issued by WE1 on October 15th 2024. Valid for: 3 months.
This is the only time deficitgame.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:303... 13335 (CLOUDFLAR...)
3 172.217.25.162 15169 (GOOGLE)
2 163.181.129.234 24429 (TAOBAO Zh...)
5 172.67.201.102 13335 (CLOUDFLAR...)
2 2600:140b:a00... 20940 (AKAMAI-ASN1)
1 47.88.85.171 45102 (ALIBABA-C...)
18 6
5    2606:4700:3035::6815:24f7 (United States)

ASN13335 (CLOUDFLARENET, US)
deficitgame.top
3    172.217.25.162 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s13-in-f2.1e100.net
securepubads.g.doubleclick.net
2    163.181.129.234 (Tokyo, Japan)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
relaxgamescdn.com
5    172.67.201.102 (United States)

ASN13335 (CLOUDFLARENET, US)
deficitgame.top
2    2600:140b:a00:8::b81a:2b5b (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
s.dailyreadingnews.com
1    47.88.85.171 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
api.stairsgame.com
Apex Domain
Subdomains		 Transfer
10 deficitgame.top
deficitgame.top
69 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
182 KB
2 dailyreadingnews.com
s.dailyreadingnews.com
38 KB
2 relaxgamescdn.com
relaxgamescdn.com
52 KB
1 stairsgame.com
api.stairsgame.com — Cisco Umbrella Rank: 881155
265 B
18 5
Domain Requested by
10 deficitgame.top deficitgame.top
3 securepubads.g.doubleclick.net deficitgame.top
securepubads.g.doubleclick.net
2 s.dailyreadingnews.com deficitgame.top
2 relaxgamescdn.com deficitgame.top
1 api.stairsgame.com deficitgame.top
18 5

This site contains no links.

Subject Issuer Validity Valid
deficitgame.top
WE1		 2024-10-15 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
relaxgamescdn.com
Encryption Everywhere DV TLS CA - G2		 2024-04-11 -
2025-04-10		 a year crt.sh
ak.cdn-us.advlion.com
R10		 2024-09-03 -
2024-12-02		 3 months crt.sh
api.stairsgame.com
Encryption Everywhere DV TLS CA - G1		 2023-08-03 -
2024-08-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://deficitgame.top/?shiny
Frame ID: 5827B6213CA3BFA1EAC2718D10CA855A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Funny Game Joy

Page URL History Show full URLs

  1. http://deficitgame.top/?shiny HTTP 307
    https://deficitgame.top/?shiny Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

341 kB
Transfer

884 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://deficitgame.top/?shiny HTTP 307
    https://deficitgame.top/?shiny Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
deficitgame.top/
Redirect Chain
  • http://deficitgame.top/?shiny
  • https://deficitgame.top/?shiny
31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deficitgame.top/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:24f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cfe4b82267ef371290ff8a7cd1c19876c1f3958fb1d2aa86b7658e54ed08dc2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d8598b93f2cf6f2-NRT
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 25 Oct 2024 22:20:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATG9J%2FfZN6YFCJfY%2FlqnJq6cUSKlf1PT0rt11Vc18KoFbp3b2tYlAKX%2FFYrdshwpEUJFxPF8pDq23onLZOwHUlA18Q4XN0j9MPjEnhcTpbZAGJOzdU%2B1838aXkoh7R%2BlwQSrJuV%2BQKvDu%2FQ5I%2BQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=984&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3986&recv_bytes=2416&delivery_rate=3541155&cwnd=254&unsent_bytes=0&cid=7e0b78e2edfcdcb8&ts=252&x=0"
vary
Accept-Encoding

Redirect headers

Location
https://deficitgame.top/?shiny
Non-Authoritative-Reason
HttpsUpgrades
jquery-2.1.1.min.js
deficitgame.top/static/template15/js/ 		155 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deficitgame.top/static/template15/js/jquery-2.1.1.min.js
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:24f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52a9a954bc1a5d2291d26abc90293ac86b9e97a8d85cb48f4935ca257ca6e453

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/?shiny

Response headers

cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"670e04e3-26b91"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qOlbOjNHVaeFngUUr8NqLmGlMOkos87tMhrB05Xkqxz7J5gR4gBok0fXl8ePPDEkBbsMHd8GbRrRjPUYSPpYHX1aD7yXtDtcvbL74EJQhlDGeGDBXU8J2lF6gnDV7dy9nngPFmN7SxsgCcPHjU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8598baf853f6f2-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1109&sent=33&recv=40&lost=0&retrans=0&sent_bytes=18192&recv_bytes=2825&delivery_rate=9421505&cwnd=257&unsent_bytes=0&cid=7e0b78e2edfcdcb8&ts=638&x=0"
date
Fri, 25 Oct 2024 22:20:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 15 Oct 2024 06:00:03 GMT
vary
Accept-Encoding
server
cloudflare
util.js
deficitgame.top/static/template15/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deficitgame.top/static/template15/js/util.js
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:24f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a70010b404d0c42439e86dcf39d18d46e9bce5ec84ebb943769f75d7f3684a65

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/?shiny

Response headers

cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"670e04e3-1b26"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3q0LzlIOfN%2FFrkgVW%2FDpl%2FKnlfdQWeyIyUCK16hxzEo99rS9wqANuBZKR5rfSL0fB0y9erb97uz03e53Gtuc%2Bbj8uGKABHXU75Dvl%2FEpoNt%2B%2FLuPMTzJK9RTxvOzHTEHSi874jeKC2Qi32Lar8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8598baf856f6f2-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1508&sent=26&recv=30&lost=0&retrans=0&sent_bytes=14483&recv_bytes=2825&delivery_rate=9421505&cwnd=257&unsent_bytes=0&cid=7e0b78e2edfcdcb8&ts=536&x=0"
date
Fri, 25 Oct 2024 22:20:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 15 Oct 2024 06:00:03 GMT
vary
Accept-Encoding
server
cloudflare
reported.js
deficitgame.top/static/general/ 		980 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://deficitgame.top/static/general/reported.js
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:24f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c1f22720da8fabafb5725f58f090846aa1a34dcc1325442e9799fb34d189ad

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/?shiny

Response headers

cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"670e04e3-3d4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Or0Cga5iY7gy8OhQrpJPl2vuL%2BfEhPRTnoKrdkuiFqX1KfUi4ITXyb06P4Sp1wMQGAUkNKTYMxC5t0Fdj3rLsVinmRP6yE%2Fj5LjFTSQIS8G72%2BGfWu0DPuJ76nUV1HO5Ea1SZhVP69NLonJf198%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8598baf858f6f2-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1508&sent=23&recv=30&lost=0&retrans=0&sent_bytes=13399&recv_bytes=2825&delivery_rate=9421505&cwnd=257&unsent_bytes=0&cid=7e0b78e2edfcdcb8&ts=535&x=0"
date
Fri, 25 Oct 2024 22:20:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 15 Oct 2024 06:00:03 GMT
vary
Accept-Encoding
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s13-in-f2.1e100.net
Software
cafe /
Resource Hash
0ef5c7bd7be7b24c86fa9e0ac031fcd556dd8436425588bc75ecc8edbf0be466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/

Response headers

content-encoding
br
etag
55 / 20021 / m202410210101 / config-hash: 7111543634931288829
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 22:20:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 25 Oct 2024 22:20:55 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33334
x-xss-protection
0
server
cafe
more_2.png
deficitgame.top/static/template15/img/ 		490 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deficitgame.top/static/template15/img/more_2.png
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:24f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871a26e696b4878e8d4160dcfaf8ce199bb4d1f237af207f1cdb0b309b02ca88

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/?shiny

Response headers

cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"670e04e3-1ea"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1YGIDkvlnuSNYv2RlWAO3BV5g1yGJ85ZoTrTUbfpcR%2BWAnagx1LLctaubiRfarH3AjTyHIlBXaKJWaK406iHtiXNSZAdszo8v9AB%2B35CAUSZqda61dymZ%2Bog3nn2bjcFc%2BE4hSFLLq2vAuRon8U%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8598baf85af6f2-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1180&sent=30&recv=37&lost=0&retrans=0&sent_bytes=17177&recv_bytes=2825&delivery_rate=9421505&cwnd=257&unsent_bytes=0&cid=7e0b78e2edfcdcb8&ts=539&x=0"
date
Fri, 25 Oct 2024 22:20:55 GMT
content-type
image/png
last-modified
Tue, 15 Oct 2024 06:00:03 GMT
vary
Accept-Encoding
server
cloudflare
10742.png
relaxgamescdn.com/app/t2/game/img/game9hub/small3/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10742.png
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.129.234 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
58523800a89d89ff7117ff87c70dcb6974495e401630bbc4803dea1b6127b5b2

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/

Response headers

Content-MD5
eGTKiRDOsCoszG7dnG0xoA==
x-oss-storage-class
Standard
ETag
"7864CA8910CEB02A2CCC6EDD9C6D31A0"
Age
2334290
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:713654354
Date
Sat, 28 Sep 2024 21:56:05 GMT
x-oss-server-time
97
Content-Type
image/png
Last-Modified
Tue, 27 Aug 2024 11:25:47 GMT
X-Swift-CacheTime
1168093
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
13349901270894519631
Connection
keep-alive
Via
cache34.l2jp1[0,0,200-0,H], cache23.l2jp1[2,0], ens-cache1.jp8[0,0,200-0,H], ens-cache3.jp8[6,0]
Ali-Swift-Global-Savetime
1727560565
X-Swift-SaveTime
Tue, 15 Oct 2024 09:27:52 GMT
Accept-Ranges
bytes
EagleId
a3b5819717298948550478392e
Content-Length
26886
x-oss-request-id
66F87B759191FB3130BB74FB
Server
Tengine
play.svg
deficitgame.top/static/general/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deficitgame.top/static/general/play.svg
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8cbc01f1655b17e3e22cf229781baf7b519d650cdb80ad4e171adb1613685c

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/?shiny

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
BYPASS
etag
W/"670e04e3-4a0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8y0dDXnCws%2FboS1rJITljnT3AgBaWZ9oGJm2r07ubTaCaDlXrqaDQ0Gz91VrvqKndop05%2Bc3FIx%2FoAVPc7NMakaSiLok5vDTo8yKRXzvViHBn519oJfQEPdmqJtFqu6xL8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8598bc5a043c15-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1480&sent=15&recv=14&lost=0&retrans=0&sent_bytes=4314&recv_bytes=5686&delivery_rate=1063&cwnd=12000&unsent_bytes=0&cid=c3f3fa2631dc38a3&ts=455&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 22:20:55 GMT
content-type
image/svg+xml
last-modified
Tue, 15 Oct 2024 06:00:03 GMT
vary
Accept-Encoding
priority
u=2,i
10739.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10739.jpg
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.129.234 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f183146080901b251bd6b924636a4749e2f8a0cfcb483a80ee084c5f07dd44dd

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/

Response headers

Content-MD5
i79AbpEl/tgrLZj6S2vTLw==
x-oss-storage-class
Standard
ETag
"8BBF406E9125FED82B2D98FA4B6BD32F"
Age
2334290
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:438698044
Date
Sat, 28 Sep 2024 21:56:05 GMT
x-oss-server-time
37
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:25:39 GMT
X-Swift-CacheTime
1168093
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
17711701023248978194
Connection
keep-alive
Via
cache24.l2jp1[0,0,200-0,H], cache34.l2jp1[2,0], ens-cache5.jp8[0,0,200-0,H], ens-cache3.jp8[1,0]
Ali-Swift-Global-Savetime
1727560565
X-Swift-SaveTime
Tue, 15 Oct 2024 09:27:52 GMT
Accept-Ranges
bytes
EagleId
a3b5819717298948550938489e
Content-Length
24582
x-oss-request-id
66F87B755EDFF63437E5C175
Server
Tengine
10842.png
s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/10842.png
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b5b Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c945f0237a45393ae61863864911538b4f94c87d6d751b6281082f19ba8b091c

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/

Response headers

Content-MD5
e7CIVRS+DENuvgmmsAj7rA==
x-oss-storage-class
Standard
ETag
"7BB0885514BE0C436EBE09A6B008FBAC"
x-oss-object-type
Normal
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Date
Fri, 25 Oct 2024 22:20:55 GMT
x-oss-server-time
31
Content-Type
image/png
Last-Modified
Tue, 27 Aug 2024 11:22:58 GMT
x-oss-hash-crc64ecma
3626113292358622939
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
24872
x-oss-request-id
66D6909F9191FB36333CD179
Server
AliyunOSS
11158.jpg
s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/11158.jpg
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b5b Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d7d462c2900ebf8d1e6bfef6387d1d367c560febebc21fae3a0d5abff9d9ce90

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/

Response headers

Content-MD5
uGfQk7Jn8DAfV1o3tqM+/g==
x-oss-storage-class
Standard
ETag
"B867D093B267F0301F575A37B6A33EFE"
x-oss-object-type
Normal
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Date
Fri, 25 Oct 2024 22:20:55 GMT
x-oss-server-time
70
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 12:09:04 GMT
x-oss-hash-crc64ecma
4394788314293398675
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
13111
x-oss-request-id
670DDEEC3BC7A83138AAE173
Server
AliyunOSS
to_top.3185312a.png
deficitgame.top/static/template15/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deficitgame.top/static/template15/img/to_top.3185312a.png
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18b2d1e4f1b4c0163721486d60819bc1f5e60b387471839431544f2e98bf88

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/?shiny

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"670e04e3-e08"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URHl4Hm2%2FJWmnmtdcIuf6ASllBi4H9sHoWNf0wyK82h49LURuIlvWu9BpzayMIg4LWS6pIIIbTKh8Md4D0tU%2FoWJiGzIwN0Z%2BVh0qn02SqwAyvwyh%2BN4x6QYv3A5bagoz2g%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8598bd7ad43c15-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1638&sent=17&recv=15&lost=0&retrans=0&sent_bytes=5644&recv_bytes=5729&delivery_rate=5704&cwnd=12000&unsent_bytes=0&cid=c3f3fa2631dc38a3&ts=630&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 22:20:55 GMT
content-type
image/png
last-modified
Tue, 15 Oct 2024 06:00:03 GMT
vary
Accept-Encoding
priority
u=3,i
search2.png
deficitgame.top/static/template15/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deficitgame.top/static/template15/img/search2.png
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23074cc2de46f5a20c074f40b082d4ad590de7c717336b3f2c4583b7750e6c27

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/?shiny

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"670e04e3-76b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=667sWywq%2BvHLpGGYvXGsLd5Z3CvLpvV2n72dDLM%2FEhsnwuu%2FhOKOJaNcguFJJSv6TwahhbGQ2QPbyOTA1r8NcZfpz%2BSmZG%2BwZX8SAu4ADmT8EHoopPGWg5OBxkPMseCBEMI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8598bd7ad63c15-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1560&sent=21&recv=17&lost=0&retrans=0&sent_bytes=10040&recv_bytes=5815&delivery_rate=3390562&cwnd=12000&unsent_bytes=0&cid=c3f3fa2631dc38a3&ts=632&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 22:20:55 GMT
content-type
image/png
last-modified
Tue, 15 Oct 2024 06:00:03 GMT
vary
Accept-Encoding
priority
u=3,i
sa
api.stairsgame.com/api/v1/ 		26 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.stairsgame.com/api/v1/sa?act=app&domain=deficitgame.top
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/static/template15/js/jquery-2.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.88.85.171 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
201df368b8d97e519c4b5a06aa451d728d689cdba91ebde36422a444e78a3b2c

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
*/*
Referer
https://deficitgame.top/

Response headers

Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Date
Fri, 25 Oct 2024 22:20:55 GMT
Content-Type
application/json
Server
openresty/1.15.8.3
Connection
close
Access-Control-Allow-Headers
*
bj.png
deficitgame.top/static/template30/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deficitgame.top/static/template30/bj.png
Requested by
Host: deficitgame.top
URL: https://deficitgame.top/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a862baad5b19dd4c26d3765f026ce10db48bcd368e30cb33a32c62d7b1abef

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/?shiny

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"670e04e3-1e90"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzwEOdG12DKIOhdQ71lJWb4u%2FB4PUECspf40YNo8sbIeBhPpVCp%2B1fFc8fuVFWUWHJVmrzeytFORUXKzCrrC41IVGoZJ78iogB1ariLMXsHdyTs8GCIw5s6%2FdWzy1uWECVY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8598bd7adb3c15-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1530&sent=23&recv=18&lost=0&retrans=0&sent_bytes=12424&recv_bytes=5858&delivery_rate=1805964&cwnd=12000&unsent_bytes=0&cid=c3f3fa2631dc38a3&ts=640&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 22:20:55 GMT
content-type
image/png
last-modified
Tue, 15 Oct 2024 06:00:03 GMT
vary
Accept-Encoding
priority
u=3,i
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/ 		481 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s13-in-f2.1e100.net
Software
cafe /
Resource Hash
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/

Response headers

content-encoding
br
etag
14283833466912019972
age
51771
x-content-type-options
nosniff
expires
Sat, 25 Oct 2025 07:58:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 25 Oct 2024 07:58:04 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152738
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/ 		69 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=deficitgame.top
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s13-in-f2.1e100.net
Software
cafe /
Resource Hash
b6056bc04739cc434f83433874f1e03653f5bf7bc45d5effdbbde1059570aa57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 22:20:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
60
date
Fri, 25 Oct 2024 22:20:55 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
icon2.png
deficitgame.top/static/template15/img/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://deficitgame.top/static/template15/img/icon2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b7e663465f1883339dc7c03ff4e572033faf6c4efd52f367a3076351633de1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://deficitgame.top/?shiny

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"670e04e3-f9a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KfjIBfkjbDYTn9Hm45bEBCrBmaAnHuITF1qcxCVRW%2F%2FBph1s2i8xgUIOCpp7osiEK2qdustSJblkfoS%2BXPnzegISxoScU0hl1%2F3T5IaKuOTH3LkcP%2BLrSabhBsyhPOIHQ18%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8598bf9c8d3c15-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1519&sent=31&recv=23&lost=0&retrans=0&sent_bytes=19782&recv_bytes=6421&delivery_rate=5911365&cwnd=12000&unsent_bytes=0&cid=c3f3fa2631dc38a3&ts=971&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 22:20:55 GMT
content-type
image/png
last-modified
Tue, 15 Oct 2024 06:00:03 GMT
vary
Accept-Encoding
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| lazyload object| IframeOnClick object| sessionStore boolean| popIsShow function| getQueryString function| getGameList function| renderNav function| selectFrom function| reported function| getQuery function| defineGameManualInterstitialSlot function| resumeGame function| printStatus object| googletag function| openPopUp function| closePopUp object| js_game_confg object| gameCfg string| title string| httpUrl function| showAd function| clickIntercept string| is_rookie object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.stairsgame.com
deficitgame.top
relaxgamescdn.com
s.dailyreadingnews.com
securepubads.g.doubleclick.net
163.181.129.234
172.217.25.162
172.67.201.102
2600:140b:a00:8::b81a:2b5b
2606:4700:3035::6815:24f7
47.88.85.171
0ef5c7bd7be7b24c86fa9e0ac031fcd556dd8436425588bc75ecc8edbf0be466
201df368b8d97e519c4b5a06aa451d728d689cdba91ebde36422a444e78a3b2c
23074cc2de46f5a20c074f40b082d4ad590de7c717336b3f2c4583b7750e6c27
4cfe4b82267ef371290ff8a7cd1c19876c1f3958fb1d2aa86b7658e54ed08dc2
52a9a954bc1a5d2291d26abc90293ac86b9e97a8d85cb48f4935ca257ca6e453
54c1f22720da8fabafb5725f58f090846aa1a34dcc1325442e9799fb34d189ad
58523800a89d89ff7117ff87c70dcb6974495e401630bbc4803dea1b6127b5b2
871a26e696b4878e8d4160dcfaf8ce199bb4d1f237af207f1cdb0b309b02ca88
8a18b2d1e4f1b4c0163721486d60819bc1f5e60b387471839431544f2e98bf88
9b8cbc01f1655b17e3e22cf229781baf7b519d650cdb80ad4e171adb1613685c
a70010b404d0c42439e86dcf39d18d46e9bce5ec84ebb943769f75d7f3684a65
b6056bc04739cc434f83433874f1e03653f5bf7bc45d5effdbbde1059570aa57
c2b7e663465f1883339dc7c03ff4e572033faf6c4efd52f367a3076351633de1
c8a862baad5b19dd4c26d3765f026ce10db48bcd368e30cb33a32c62d7b1abef
c945f0237a45393ae61863864911538b4f94c87d6d751b6281082f19ba8b091c
d7d462c2900ebf8d1e6bfef6387d1d367c560febebc21fae3a0d5abff9d9ce90
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
f183146080901b251bd6b924636a4749e2f8a0cfcb483a80ee084c5f07dd44dd