urlscan.io logo urlscan.io
SecurityTrails logo

easygamepromo.com Open in urlscan Pro
2606:4700:3037::681f:4be5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secret-photos.com/Ryan.php
Effective URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A...
Submission: On March 23 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3037::681f:4be5, located in United States and belongs to CLOUDFLARENET, US. The main domain is easygamepromo.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 3rd 2020. Valid for: 8 months.
This is the only time easygamepromo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 198.54.126.143 22612 (NAMECHEAP...)
1 1 104.219.248.118 22612 (NAMECHEAP...)
1 1 172.255.248.108 7979 (SERVERS)
20 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
22 3
2    198.54.126.143 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium3-3.web-hosting.com
secret-photos.com
1    104.219.248.118 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server162-2.web-hosting.com
mediadelmar.com
1    172.255.248.108 (Luxembourg)

ASN7979 (SERVERS, US)
go.cm-trk3.com
20    2606:4700:3037::681f:4be5 (United States)

ASN13335 (CLOUDFLARENET, US)
easygamepromo.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    2606:4700:3033::681f:560b (United States)

ASN13335 (CLOUDFLARENET, US)
country.yepshare.com
Apex Domain
Subdomains		 Transfer
20 easygamepromo.com
easygamepromo.com
969 KB
2 secret-photos.com
secret-photos.com
357 B
1 yepshare.com
country.yepshare.com
888 B
1 onesignal.com
cdn.onesignal.com
3 KB
1 cm-trk3.com
go.cm-trk3.com
921 B
1 mediadelmar.com
mediadelmar.com
264 B
22 6
Domain Requested by
20 easygamepromo.com easygamepromo.com
2 secret-photos.com 2 redirects
1 country.yepshare.com easygamepromo.com
1 cdn.onesignal.com easygamepromo.com
1 go.cm-trk3.com 1 redirects
1 mediadelmar.com 1 redirects
22 6

This site contains links to these domains. Also see Links.

Domain
www.play5r.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-03 -
2020-10-09		 8 months crt.sh
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-03-20 -
2020-09-26		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Frame ID: 734A02B0BBFD106AB4C014D39D009952
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://secret-photos.com/Ryan.php HTTP 301
    https://secret-photos.com/Ryan.php HTTP 302
    http://mediadelmar.com/?aff_id=2422&media_sub=seryan HTTP 302
    https://go.cm-trk3.com/aff_c?offer_id=4110&aff_id=27709&url_id=6343&aff_sub=0316 HTTP 302
    https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTV... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

3
IPs

2
Countries

973 kB
Transfer

1453 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secret-photos.com/Ryan.php HTTP 301
    https://secret-photos.com/Ryan.php HTTP 302
    http://mediadelmar.com/?aff_id=2422&media_sub=seryan HTTP 302
    https://go.cm-trk3.com/aff_c?offer_id=4110&aff_id=27709&url_id=6343&aff_sub=0316 HTTP 302
    https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
easygamepromo.com/ef/custom_affiliate/3dgay/
Redirect Chain
  • http://secret-photos.com/Ryan.php
  • https://secret-photos.com/Ryan.php
  • http://mediadelmar.com/?aff_id=2422&media_sub=seryan
  • https://go.cm-trk3.com/aff_c?offer_id=4110&aff_id=27709&url_id=6343&aff_sub=0316
  • https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de...
14 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9711f87d718cdb467e0d1c07bf1b07d71bb243c5f093d3e4d2bd9b15df681057

Request headers

:method
GET
:authority
easygamepromo.com
:scheme
https
:path
/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 23 Mar 2020 13:25:54 GMT
content-type
text/html
set-cookie
__cfduid=d6f90291ac73553e98ec5994b7229eaf01584969954; expires=Wed, 22-Apr-20 13:25:54 GMT; path=/; domain=.easygamepromo.com; HttpOnly; SameSite=Lax
cache-control
max-age=77558
last-modified
Wed, 19 Dec 2018 14:38:52 GMT
x-hw
1584969954.dop018.lo4.t,1584969954.cds046.lo4.c
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57887b26ef3ddfbf-FRA
content-encoding
br

Redirect headers

Server
nginx/1.10.3
Date
Mon, 23 Mar 2020 13:25:54 GMT
Content-Type
text/html; charset=utf-8
Content-Length
516
Connection
keep-alive
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Set-Cookie
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT 4110=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d; Domain=go.cm-trk3.com; Path=/; Expires=Wed, 22 Apr 2020 13:25:54 GMT op_4110=6343; Domain=go.cm-trk3.com; Path=/; Expires=Wed, 22 Apr 2020 13:25:54 GMT
Location
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Vary
Accept
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
887
etag
W/"f242ff15a186d9d5dc1c33cc46f2d4a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
57887b27799797fc-FRA
expires
Tue, 24 Mar 2020 01:25:54 GMT
push.js
easygamepromo.com/js/push/ 		994 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/js/push/push.js
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aef6e87f03532a1c06bd0555767ae5f3f125a010b3c137fe5e247d6967935cb

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jun 2019 13:27:45 GMT
server
cloudflare
age
1583
status
200
etag
W/"1561123665"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1561172586.dop015.fr8.t,1561172586.cds016.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=80223
cf-ray
57887b2758a9dfbf-FRA
style.css
easygamepromo.com/ef/custom_affiliate/3dgay/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/css/style.css
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9f6a1d75291bb4d406c1efd58b68754fa93602aa07781aff0067e22aadd69b3

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Nov 2018 20:42:24 GMT
server
cloudflare
age
4077
status
200
etag
W/"1542832944"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1572503142.dop012.fr8.t,1572503142.cds136.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
57887b2758a2dfbf-FRA
goodurl.js
easygamepromo.com/ef/custom_affiliate/ 		1 KB
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/goodurl.js
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361ae2e9de371c94cdccbe30d6d82461fa4a4d1b66fcde71e7e496f4dbf07a60

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Feb 2019 15:58:18 GMT
server
cloudflare
age
1742
status
200
etag
W/"1549468698"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1572416499.dop140.fr8.t,1572416499.cds122.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
57887b2758abdfbf-FRA
blank.png
easygamepromo.com/ef/custom_affiliate/3dgay/imgs/bkgs/set/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/imgs/bkgs/set/blank.png
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4f961ecdcd52dea3deac7c94b4a6ea533060b41a5ff47cac7c7abd6c30ee8ac

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
cf-cache-status
HIT
age
4077
status
200
content-length
1197
last-modified
Wed, 21 Nov 2018 20:25:31 GMT
server
cloudflare
etag
"1542831931"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1583742034.dop041.lo4.t,1583742034.cds239.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=37212
accept-ranges
bytes
cf-ray
57887b2758aedfbf-FRA
jquery.parallax.min.js
easygamepromo.com/ef/custom_affiliate/3dgay/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/js/jquery.parallax.min.js
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dab4f4b7228aa71eb1ee8a3b8071d8cbaefdda7427aeb59dbccceea5d35e243

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2017 04:26:39 GMT
server
cloudflare
age
4076
status
200
etag
W/"1510806399"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1572497137.dop028.fr8.t,1572497137.cds083.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=16270
cf-ray
57887b2778f0dfbf-FRA
index.js
easygamepromo.com/ef/custom_affiliate/3dgay/js/ 		1 KB
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/js/index.js
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ff55b3cdfb6fb6e8506ee33e42081531cab0973ca27b4751f80261489d6144

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2017 03:26:10 GMT
server
cloudflare
age
2559
status
200
etag
W/"1510802770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1572508187.dop009.fr8.t,1572508187.cds100.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=82064
cf-ray
57887b27997fdfbf-FRA
country
country.yepshare.com/geoip/ 		534 B
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://country.yepshare.com/geoip/country?callback=get_geoip
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:560b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
de72b9c1416240a92928c1cec2e7b119e8b8122bedf295ba69c8ef0ac5ca0b4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-fastly-country
DE
age
1848
x-powered-by
Express
x-cache
HIT
status
200
content-encoding
br
x-served-by
cache-fra19162-FRA
server
cloudflare
x-timer
S1584969955.528452,VS0,VE0
etag
W/"216-5gHsBaW4YbK89wOAIo5Yq+xcb8A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-cloudflare-country
DE
cf-ray
57887b27bacadfcb-FRA
access-control-allow-headers
X-Requested-With
x-cache-hits
21
main.js
easygamepromo.com/ef/custom_affiliate/3dgay/js/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/js/main.js?v=1584969954475
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75602832cba5cf3933052ef9b1d09cdd04e0cb3ba7be9b6fe5b7297d17b27d3e

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Nov 2018 18:22:06 GMT
server
cloudflare
status
200
etag
W/"1542997326"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1584969954.dop023.lo4.t,1584969954.cds090.lo4.p
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
57887b2778f7dfbf-FRA
main.js
easygamepromo.com/ef/custom_affiliate/3dgay/text/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/text/main.js
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1583ca6892840dc873ddc5725c83bbad2dac5354ed2c7d5e2c33627119a4270c

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Dec 2018 20:30:11 GMT
server
cloudflare
age
1379
status
200
etag
W/"1544646611"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1573309158.dop009.fr8.t,1573309158.cds097.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=61293
cf-ray
57887b2a3898dfbf-FRA
bkg_01-landscape-big.jpg
easygamepromo.com/ef/custom_affiliate/3dgay/imgs/bkgs/ 		162 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/imgs/bkgs/bkg_01-landscape-big.jpg
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 13:25:55 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
status
404
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1584969954.dop035.lo4.t,1584969955.cds206.lo4.p
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
57887b2a793bdfbf-FRA
click.mp3
easygamepromo.com/ef/custom_affiliate/3dgay/audio/ 		125 KB
125 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/audio/click.mp3
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31acfa79e5d48ed0ecaa8084282627eb0db48da40eaa99b9015388031e63305

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Sec-Fetch-Dest
audio
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 23 Mar 2020 13:25:55 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 18 May 2016 19:21:46 GMT
server
cloudflare
access-control-allow-origin
*
etag
"1463599306"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
x-hw
1584969954.dop018.lo4.t,1584969955.cds209.lo4.c
content-type
audio/mpeg
Content-Range
bytes 0-127717/127718
cache-control
max-age=84818
accept-ranges
bytes
cf-ray
57887b2a896bdfbf-FRA
Content-Length
127718
music.mp3
easygamepromo.com/ef/custom_affiliate/3dgay/audio/ 		125 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/audio/music.mp3
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Sec-Fetch-Dest
audio
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 23 Mar 2020 13:25:55 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 12 Dec 2017 17:49:46 GMT
server
cloudflare
access-control-allow-origin
*
etag
"1513100986"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
x-hw
1584969954.dop034.lo4.t,1584969954.cds236.lo4.c
content-type
audio/mpeg
Content-Range
bytes 0-615360/615361
cache-control
max-age=84819
accept-ranges
bytes
cf-ray
57887b2a896ddfbf-FRA
Content-Length
615361
music2.mp3
easygamepromo.com/ef/custom_affiliate/3dgay/audio/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/audio/music2.mp3
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Sec-Fetch-Dest
audio
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 23 Mar 2020 13:25:55 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 01 Dec 2017 02:35:40 GMT
server
cloudflare
access-control-allow-origin
*
etag
"1512095740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
x-hw
1584969955.dop032.lo4.t,1584969955.cds082.lo4.c
content-type
audio/mpeg
Content-Range
bytes 0-985254/985255
cache-control
max-age=84818
accept-ranges
bytes
cf-ray
57887b2a8970dfbf-FRA
Content-Length
985255
en.mp3
easygamepromo.com/ef/custom_affiliate/3dgay/audio/ 		189 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/audio/en.mp3
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Sec-Fetch-Dest
audio
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 23 Mar 2020 13:25:55 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 05 May 2017 03:24:54 GMT
server
cloudflare
access-control-allow-origin
*
etag
"1493954694"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
x-hw
1584969955.dop072.lo4.t,1584969955.cds232.lo4.c
content-type
audio/mpeg
Content-Range
bytes 0-195724/195725
cache-control
max-age=172
accept-ranges
bytes
cf-ray
57887b2a8977dfbf-FRA
Content-Length
195725
dust1.png
easygamepromo.com/ef/custom_affiliate/3dgay/imgs/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/imgs/dust1.png
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/js/jquery.parallax.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96e01e89cf660f52743af9a91bb8953a8ce7fb5057a4c36157bfbbb5cbdd0b12

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
cf-cache-status
HIT
age
1378
status
200
content-length
84446
last-modified
Fri, 01 Dec 2017 20:07:54 GMT
server
cloudflare
etag
"1512158874"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1574388979.dop015.la3.t,1574388979.cds063.la3.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=44800
accept-ranges
bytes
cf-ray
57887b2a897edfbf-FRA
dust2.png
easygamepromo.com/ef/custom_affiliate/3dgay/imgs/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/imgs/dust2.png
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/js/jquery.parallax.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182fe4d918a1e69fc4c0037b9257b358931dddf781487f72133bc91b00a91b35

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 13:25:54 GMT
cf-cache-status
HIT
age
1582
status
200
content-length
198198
last-modified
Fri, 01 Dec 2017 20:03:50 GMT
server
cloudflare
etag
"1512158630"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1559154652.dop012.fr8.t,1559154652.cds069.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=74032
accept-ranges
bytes
cf-ray
57887b2a8983dfbf-FRA
dust3.png
easygamepromo.com/ef/custom_affiliate/3dgay/imgs/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/imgs/dust3.png
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/js/jquery.parallax.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42c1f9d5037f8bbda12397de0b61864cd247307022c8a8e14a45a7cafb9b597

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 13:25:55 GMT
cf-cache-status
HIT
age
1378
status
200
content-length
7651
last-modified
Fri, 01 Dec 2017 19:07:30 GMT
server
cloudflare
etag
"1512155250"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1573309158.dop145.fr8.t,1573309158.cds077.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=61293
accept-ranges
bytes
cf-ray
57887b2a8985dfbf-FRA
gotham-black-webfont.woff2
easygamepromo.com/ef/custom_affiliate/3dgay/font/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/font/gotham-black-webfont.woff2
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/js/jquery.parallax.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e8f3066260b54da654be0523d0a46cee71bd26321193d3b5fbe35252e288d56

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/css/style.css
Origin
https://easygamepromo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Mar 2020 13:25:55 GMT
cf-cache-status
HIT
age
7094
status
200
content-length
16584
last-modified
Thu, 16 Nov 2017 20:44:08 GMT
server
cloudflare
etag
"1510865048"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1559154652.dop017.fr8.t,1559154652.cds068.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=74032
accept-ranges
bytes
cf-ray
57887b2a8989dfbf-FRA
bkg_01-landscape-reallybig.jpg
easygamepromo.com/ef/custom_affiliate/3dgay/imgs/bkgs/set/03/ 		460 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/imgs/bkgs/set/03/bkg_01-landscape-reallybig.jpg
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/js/main.js?v=1584969954475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40a5f3d558f6bacd4a489504d2dfa498579aa3b62e6f947792a6feb17f5a898

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 13:25:55 GMT
cf-cache-status
HIT
age
7094
status
200
content-length
471222
last-modified
Mon, 26 Mar 2018 18:07:39 GMT
server
cloudflare
etag
"1522087659"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1572506184.dop054.fr8.t,1572506184.cds146.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=28704
accept-ranges
bytes
cf-ray
57887b2aca85dfbf-FRA
logo.png
easygamepromo.com/ef/custom_affiliate/3dgay/imgs/bkgs/set/03/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easygamepromo.com/ef/custom_affiliate/3dgay/imgs/bkgs/set/03/logo.png
Requested by
Host: easygamepromo.com
URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b35c676c924be63666527123ae9649fe8a7b214ce7e1ba7c5b0da14e388b95

Request headers

Referer
https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 13:25:55 GMT
cf-cache-status
HIT
age
1379
status
200
content-length
38709
last-modified
Wed, 21 Nov 2018 20:24:59 GMT
server
cloudflare
etag
"1542831899"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1559154689.dop004.fr8.t,1559154689.cds055.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=73995
accept-ranges
bytes
cf-ray
57887b2aca87dfbf-FRA

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| site_domain_name function| getURLParameter object| push object| camp undefined| script function| getLink function| arrayElementContains object| OneSignal string| dust string| set string| ft string| cpi string| ci string| sd string| vc string| vid string| privacy string| novid string| sub1 string| sub2 string| sub3 string| sub4 string| sub5 string| source_id object| lgAvailable string| lg string| offer string| link undefined| cep function| isMobileDevice function| go function| $ function| jQuery string| bkgImgNum object| menu number| speed object| parallax function| twinkleLoop function| twinkle function| get_geoip string| datascreen string| deviceorientation

1 Cookies

Domain/Path Name / Value
.easygamepromo.com/ Name: __cfduid
Value: d6f90291ac73553e98ec5994b7229eaf01584969954

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://easygamepromo.com/ef/custom_affiliate/3dgay/index.html?sd=1&vc=1&offer=aHR0cHM6Ly93d3cucGxheTVyLmNvbS8yNzE0REhRL1A4WkIxQi8/c291cmNlX2lkPQ==&sub1=27709&sub2=42_27709_4110_e063acd2796c882b9de2ce0c4e070a3d&sub3=(Line 20)
Message:
[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
country.yepshare.com
easygamepromo.com
go.cm-trk3.com
mediadelmar.com
secret-photos.com
104.219.248.118
172.255.248.108
198.54.126.143
2606:4700:3033::681f:560b
2606:4700:3037::681f:4be5
2606:4700::6812:e234
02ff55b3cdfb6fb6e8506ee33e42081531cab0973ca27b4751f80261489d6144
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0
1583ca6892840dc873ddc5725c83bbad2dac5354ed2c7d5e2c33627119a4270c
182fe4d918a1e69fc4c0037b9257b358931dddf781487f72133bc91b00a91b35
2dab4f4b7228aa71eb1ee8a3b8071d8cbaefdda7427aeb59dbccceea5d35e243
361ae2e9de371c94cdccbe30d6d82461fa4a4d1b66fcde71e7e496f4dbf07a60
4e8f3066260b54da654be0523d0a46cee71bd26321193d3b5fbe35252e288d56
54b35c676c924be63666527123ae9649fe8a7b214ce7e1ba7c5b0da14e388b95
6aef6e87f03532a1c06bd0555767ae5f3f125a010b3c137fe5e247d6967935cb
75602832cba5cf3933052ef9b1d09cdd04e0cb3ba7be9b6fe5b7297d17b27d3e
96e01e89cf660f52743af9a91bb8953a8ce7fb5057a4c36157bfbbb5cbdd0b12
9711f87d718cdb467e0d1c07bf1b07d71bb243c5f093d3e4d2bd9b15df681057
b4f961ecdcd52dea3deac7c94b4a6ea533060b41a5ff47cac7c7abd6c30ee8ac
d9f6a1d75291bb4d406c1efd58b68754fa93602aa07781aff0067e22aadd69b3
de72b9c1416240a92928c1cec2e7b119e8b8122bedf295ba69c8ef0ac5ca0b4f
e31acfa79e5d48ed0ecaa8084282627eb0db48da40eaa99b9015388031e63305
e40a5f3d558f6bacd4a489504d2dfa498579aa3b62e6f947792a6feb17f5a898
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
f42c1f9d5037f8bbda12397de0b61864cd247307022c8a8e14a45a7cafb9b597