urlscan.io logo urlscan.io
SecurityTrails logo

negriltreehouse1.pro-moteit.com Open in urlscan Pro
43.204.18.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://negriltreehouse1.pro-moteit.com/
Effective URL: https://negriltreehouse1.pro-moteit.com/
Submission: On December 19 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 34 HTTP transactions. The main IP is 43.204.18.197, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is negriltreehouse1.pro-moteit.com.
TLS certificate: Issued by R3 on December 18th 2023. Valid for: 3 months.
This is the only time negriltreehouse1.pro-moteit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 43.204.18.197 16509 (AMAZON-02)
16 18.173.233.11 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
4 52.219.158.186 16509 (AMAZON-02)
4 13.233.239.209 16509 (AMAZON-02)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a03:2880:f17... 32934 (FACEBOOK)
34 11
2    43.204.18.197 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-204-18-197.ap-south-1.compute.amazonaws.com
negriltreehouse1.pro-moteit.com
16    18.173.233.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-11.dus51.r.cloudfront.net
game.rhym.io
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    52.219.158.186 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-south-1.amazonaws.com
rhym.s3.ap-south-1.amazonaws.com
4    13.233.239.209 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-233-239-209.ap-south-1.compute.amazonaws.com
api.rhym.io
1    2a02:26f0:780::210:a40a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
20 rhym.io
game.rhym.io
api.rhym.io
412 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
www.linkedin.com — Cisco Umbrella Rank: 629
px4.ads.linkedin.com — Cisco Umbrella Rank: 6419
5 KB
4 amazonaws.com
rhym.s3.ap-south-1.amazonaws.com
18 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
154 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 pro-moteit.com
negriltreehouse1.pro-moteit.com
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 763
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
34 9
Domain Requested by
16 game.rhym.io negriltreehouse1.pro-moteit.com
game.rhym.io
4 px.ads.linkedin.com 3 redirects snap.licdn.com
4 api.rhym.io game.rhym.io
4 rhym.s3.ap-south-1.amazonaws.com game.rhym.io
rhym.s3.ap-south-1.amazonaws.com
2 www.googletagmanager.com negriltreehouse1.pro-moteit.com
www.googletagmanager.com
2 connect.facebook.net negriltreehouse1.pro-moteit.com
connect.facebook.net
2 negriltreehouse1.pro-moteit.com 1 redirects
1 www.facebook.com game.rhym.io
1 px4.ads.linkedin.com game.rhym.io
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 fonts.googleapis.com game.rhym.io
34 12

This site contains no links.

Subject Issuer Validity Valid
negriltreehouse1.pro-moteit.com
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
*.game.rhym.io
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-27 -
2023-12-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.s3.ap-south-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-24 -
2024-10-12		 a year crt.sh
rhym.io
Amazon RSA 2048 M03		 2023-10-15 -
2024-11-13		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh

This page contains 3 frames:

Primary Page: https://negriltreehouse1.pro-moteit.com/
Frame ID: 8911A55D8DAB5A275D85FA4D93C0A04A
Requests: 1 HTTP requests in this frame

Frame: https://game.rhym.io/game?id=GAM681694749163
Frame ID: C35CF211CA2068E532D49DFDC7F9A1F0
Requests: 27 HTTP requests in this frame

Frame: https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/index.html
Frame ID: 76D7077365B0742FB09FA6566A597C68
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Negril Tree House Catcher Game

Page URL History Show full URLs

  1. http://negriltreehouse1.pro-moteit.com/ HTTP 301
    https://negriltreehouse1.pro-moteit.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

34
Requests

97 %
HTTPS

55 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

696 kB
Transfer

2511 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://negriltreehouse1.pro-moteit.com/ HTTP 301
    https://negriltreehouse1.pro-moteit.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6377097&time=1702974439583&url=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6377097&time=1702974439583&url=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6377097%26time%3D1702974439583%26url%3Dhttps%253A%252F%252Fnegriltreehouse1.pro-moteit.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6377097&time=1702974439583&url=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6377097&time=1702974439583&url=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLy2LAiKpN4XgAAAYyBL8MRzyrJ2o7WK9MBm5Rq8thribytgwTCsvLppOXJb7fgzJItWXg

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
negriltreehouse1.pro-moteit.com/
Redirect Chain
  • http://negriltreehouse1.pro-moteit.com/
  • https://negriltreehouse1.pro-moteit.com/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://negriltreehouse1.pro-moteit.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.204.18.197 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-204-18-197.ap-south-1.compute.amazonaws.com
Software
openresty/1.21.4.2 /
Resource Hash
b3b81c10e406f9665d40f80cb1b6397ea7a3061fc54b494e0d4b8a7e129c70b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-length
4406
content-type
text/html; charset=utf-8
date
Tue, 19 Dec 2023 08:27:16 GMT
etag
W/"1136-Ai01VkrOx9P5QaMzzx5aeIOcC7g"
server
openresty/1.21.4.2

Redirect headers

Connection
keep-alive
Content-Length
175
Content-Type
text/html
Date
Tue, 19 Dec 2023 08:27:16 GMT
Location
https://negriltreehouse1.pro-moteit.com/
Server
openresty/1.21.4.2
game
game.rhym.io/ Frame C35C 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/game?id=GAM681694749163
Requested by
Host: negriltreehouse1.pro-moteit.com
URL: https://negriltreehouse1.pro-moteit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/ Next.js
Resource Hash
63bda4bdfb2e64a0ec27bb1f1e3bac7434503a56598ccfc070e317a3aa9f6eeb

Request headers

Referer
https://negriltreehouse1.pro-moteit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 19 Dec 2023 08:27:17 GMT
vary
Accept-Encoding
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
x-amz-cf-id
U-suIJ7YNrMIhnDVinqgqxbAiSXZb-GzhfA5b-AKeW1eXKcxKook5g==
x-amz-cf-pop
DUS51-P3
x-cache
Miss from cloudfront
x-powered-by
Next.js
155e3fe2ba7f0241.css
game.rhym.io/_next/static/css/ Frame C35C 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/css/155e3fe2ba7f0241.css
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
20f9f5ce260633af8b22f23c49575495e421bb6328cf0d48001adaf6880d80f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"edad5bfe18e1da667289e2aba3e5fb8d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QH99SU7kENOA9Gs3Kik7O1gijYYUtkdpgdVdFL8e9Sv5kFdi6cprvg==
cb5f0084a1b490ae.css
game.rhym.io/_next/static/css/ Frame C35C 		58 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/css/cb5f0084a1b490ae.css
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
e62f325bc6e7edf633a835978f5016bf4a3e5fcaa92c13725069fe2ef937be7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"a1b1078ce1bebb937d637b955a0569d4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
pnBJjGTTDpPQnV-z-pNE6Y4u4rf2reQXWXSy3s_wO6rqCNY0yXIrvw==
9670403d3fc14e9b.css
game.rhym.io/_next/static/css/ Frame C35C 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/css/9670403d3fc14e9b.css
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
127631e6ee31359123a7fef3fe9f3f645503beb513740247d57282f367cadc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"3092f59b130a3f9d57c899ad8238cca1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
-_9YUsj7jWc_ezpO2I36wJa8bvu3nASD0ERDPt0vMXlbqCHbgxHb9g==
webpack-70f7a7822418fdf4.js
game.rhym.io/_next/static/chunks/ Frame C35C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/webpack-70f7a7822418fdf4.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
154513220cefc1d82e22c871caadc1ee1ea0dd660b16b6c9b64248687b816151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"b1d41667d594b5841b29977635497e60"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
oK4WqpILuBTHpgVibRHVB9BDl0isgZsi_cNu63hjD5C4lfaT-KILdQ==
fd9d1056-81ef257938a639fe.js
game.rhym.io/_next/static/chunks/ Frame C35C 		160 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/fd9d1056-81ef257938a639fe.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
a76a6b27386f6fbc9285a72f97de1ff0113b367b03fea5265d8154f03378e98c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"cd9c7e5501287819260faab40c104071"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
XI0Ks2cO-22IyOdBDEV1f2JZ7-MZTBJJMpEB8EkVzXk78de3WXMVkA==
472-d8b4a363e3825e3d.js
game.rhym.io/_next/static/chunks/ Frame C35C 		108 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/472-d8b4a363e3825e3d.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
c3eb769be7be2754eaf838d4875add3c218246863cbd7ff05132104423a1df83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"43781810f3f9f6306031c8bb30481115"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
YqJar_HDj0MMKVwHblKBqQSkrVSnaja3nSFivCN8kY5xbGtQln-8Og==
main-app-ddcac6735863b3b1.js
game.rhym.io/_next/static/chunks/ Frame C35C 		515 B
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/main-app-ddcac6735863b3b1.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
458ab7f5a7ce1df6e45f52a541028b319108c811f89459430ac7114a6b58e6b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
"3995d103cdb2ff658d9bd9e70a748cc6"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
515
x-amz-cf-id
7C85VidoQsrNnlxrsMeQB4uhnBp1Fyn4rrnd_hsjR4d_I0WCY4RsZw==
413-f8d9afacb9527732.js
game.rhym.io/_next/static/chunks/ Frame C35C 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/413-f8d9afacb9527732.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
d2a6ac2c3c7abb4f3d16f244d7e0984458e5bb85f39dbfa3b53dbc6c602e43be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"aee25e516c27ce94827565821ede56c3"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
d4oo1_OGCzLnJRouBJK5InPnSyK9iKzqEfWm7tCqENn3jurWX3bb3w==
page-d73747ef7c75f25d.js
game.rhym.io/_next/static/chunks/app/ Frame C35C 		403 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/app/page-d73747ef7c75f25d.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
3e30b108322fae82200c09086e427c7f2a8611da55bd11dc9e750d7fdca22235

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
"687485de2d87a1c39e2b5aadc6f875dc"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
403
x-amz-cf-id
m8cbbEyLOh3Y2IKewmR6KQJye7IxBdFIwd-EUXDZbmHGNl4tE_Fm1g==
layout-660a3dff6e48c2c8.js
game.rhym.io/_next/static/chunks/app/game/ Frame C35C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/app/game/layout-660a3dff6e48c2c8.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
849d67f1d3608fc55c8661d74c983cba6b3d2eb83fa9012a9253c07e9f6c280e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"f64f3d4099b76000adbcb09c36c8e967"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
3sGVJy4O6ZxYqMbd7VmvCi6r2WQDvGQUEHMwp8DnvhBD4Ebj4p1hog==
980-826521b5fe85716f.js
game.rhym.io/_next/static/chunks/ Frame C35C 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/980-826521b5fe85716f.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
4172d5f35e8fbdfcd2154ca81b55568391159ca4ef4ff4893aef3113da148074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"2a9a4db6b5dd02baf91587c8657814d7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
I-rMQ5d-CFUE9xwgB7hQLRqflF_cteIOKVWMPn4MJYMZEN8_jTKhCg==
error-1f7b8c57ae93f722.js
game.rhym.io/_next/static/chunks/app/game/ Frame C35C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/app/game/error-1f7b8c57ae93f722.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
8869bb4e71547d57176e2d7a5bbab77899a17cebe504597da11960933df41d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"f3ddd8f5062b36d6afcca496a94c7b04"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
MyP0lBmSe-9jaQXpTD2hIGfEGBEA-XFF4-VzCQ2KTrjXLSi6GsDYgw==
height.js
game.rhym.io/js/ Frame C35C 		299 B
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/js/height.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
121caf024080e9d8e0d237825d33832b4555cdf05c230fa9d84f75a6163544fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
"9dde2781f42f0aa2eb2df3b71241e032"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=5, stale-while-revalidate
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
299
x-amz-cf-id
cfxF3AFDoUcRg0m3UVsjXncLTvfOBnN-5sDjt_4deHwZTVhWAOjtXg==
43-c53b05021327b0f6.js
game.rhym.io/_next/static/chunks/ Frame C35C 		738 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/43-c53b05021327b0f6.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
d1ea29272c2f79d44c6e06a6625dec6ae4dda825460c107298f781f65844e846

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"2b7f551377afddfdd1986cde5d71ce83"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
hS6D1X2wPJWU9GU6EcO2V1DGcybfBTduMPlxpaHex3kD0NeUFr-Dmw==
page-c8f31114a4e9db69.js
game.rhym.io/_next/static/chunks/app/game/ Frame C35C 		123 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.rhym.io/_next/static/chunks/app/game/page-c8f31114a4e9db69.js
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-11.dus51.r.cloudfront.net
Software
/
Resource Hash
e3969d50f3c40b7bd8da56e87a263fa26ec90e9b783f7a2fc27e9c2ff3dc99b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/game?id=GAM681694749163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
via
1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 14:32:00 GMT
x-amz-cf-pop
DUS51-P3
etag
W/"8700996e9e744f5c897f30dcea216329"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1ugHBou_81lzkBcwRuQl0oPIy0ZZzri1wt_pVNWVty5HOCcFXPfHlQ==
css2
fonts.googleapis.com/ Frame C35C 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Alef&family=Inclusive+Sans&family=Lato&family=Lexend&family=Montserrat:wght@200;300&family=Mooli&family=Oswald&family=Poppins&family=Roboto+Mono&family=Roboto+Slab&family=Roboto&family=Satisfy&family=Skranji&family=Raleway:wght@400;600&display=swap
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/_next/static/css/9670403d3fc14e9b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c143a1d38ebbb6a07e4ce21cdef59490775bfc656f81e68da01924f21dbd643e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 08:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 08:27:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 08:27:18 GMT
fbevents.js
connect.facebook.net/en_US/ Frame C35C 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: negriltreehouse1.pro-moteit.com
URL: https://negriltreehouse1.pro-moteit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 19 Dec 2023 08:27:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
iDNZmaETAHOXd7I1tJ4zZA6wPimFObGjfv5hBfzr0D9zMJWf13fecVjdimkrxvfqb2y8OYpOyVUOwtdT9u7p5w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame C35C 		185 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M8K2QTV
Requested by
Host: negriltreehouse1.pro-moteit.com
URL: https://negriltreehouse1.pro-moteit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29013159e53501e2e123b662d7dc20a093faebd4922fc376567507a68ebbcdbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67351
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Dec 2023 08:27:19 GMT
index.html
rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/ Frame 76D7 		980 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/index.html
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/_next/static/chunks/fd9d1056-81ef257938a639fe.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.158.186 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
904b9d17a92dbe8e1d4129e6bd8ff3d0bedc2b62fc5ab27fab0d5504a09e98e1

Request headers

Referer
https://game.rhym.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
980
Content-Type
text/html
Date
Tue, 19 Dec 2023 08:27:20 GMT
ETag
"184579f27ad61330aec45514ce82a6f1"
Last-Modified
Mon, 18 Dec 2023 21:41:39 GMT
Server
AmazonS3
x-amz-id-2
9K0a21ERSehPrIf7P3QpL9nywu8N+8SoDJukCNzKN1idgYcnSWXMpZCA+QoWZf8CNH1m1rNvzg0=
x-amz-request-id
RC8224A3QHTQF25X
x-amz-server-side-encryption
AES256
graphql
api.rhym.io/ Frame C35C 		59 B
208 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rhym.io/graphql
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/_next/static/chunks/43-c53b05021327b0f6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.233.239.209 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-233-239-209.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
4f7a75f0c94ea01eefeaee6e9af88799611de3fc4b7c96c25672bdedeed7a13a

Request headers

accept
*/*
Referer
https://game.rhym.io/
apollo-require-preflight
true
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 08:27:20 GMT
etag
W/"3b-4HaYomYFacimzwd8/RFqM6sXh6E"
content-length
59
vary
Origin
content-type
application/json; charset=utf-8
graphql
api.rhym.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.rhym.io/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.233.239.209 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-233-239-209.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apollo-require-preflight,authorization,content-type
Access-Control-Request-Method
POST
Origin
https://game.rhym.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
apollo-require-preflight,authorization,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://game.rhym.io
date
Tue, 19 Dec 2023 08:27:19 GMT
vary
Origin, Access-Control-Request-Headers
graphql
api.rhym.io/ Frame C35C 		59 B
208 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rhym.io/graphql
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/_next/static/chunks/43-c53b05021327b0f6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.233.239.209 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-233-239-209.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
4f7a75f0c94ea01eefeaee6e9af88799611de3fc4b7c96c25672bdedeed7a13a

Request headers

accept
*/*
Referer
https://game.rhym.io/
apollo-require-preflight
true
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 08:27:20 GMT
etag
W/"3b-4HaYomYFacimzwd8/RFqM6sXh6E"
content-length
59
vary
Origin
content-type
application/json; charset=utf-8
graphql
api.rhym.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.rhym.io/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.233.239.209 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-233-239-209.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apollo-require-preflight,authorization,content-type
Access-Control-Request-Method
POST
Origin
https://game.rhym.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
apollo-require-preflight,authorization,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://game.rhym.io
date
Tue, 19 Dec 2023 08:27:19 GMT
vary
Origin, Access-Control-Request-Headers
js
www.googletagmanager.com/gtag/ Frame C35C 		261 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1RXN4HCYCP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8K2QTV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
962b7377f1857f93cc4da763a7c87c3d4b09a6ac1888c6082a93b093ccbc7634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89780
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Dec 2023 08:27:19 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame C35C 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8K2QTV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=51620
accept-ranges
bytes
content-length
15541
796363164774881
connect.facebook.net/signals/config/ Frame C35C 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/796363164774881?v=2.9.138&r=stable&domain=negriltreehouse1.pro-moteit.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd5a5adfffe4e162b779e931258f3a5b338faad648cdad1d8b0ce0c87323c937
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 19 Dec 2023 08:27:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
lk+KOzsrLKR1qDcJOwuUDNuT0KXStANEqu7KbwdPF7wdExfeV/mkDJD3x+tT1OfL6IpGQu4tjvY7RXhOfHe1oA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/ Frame C35C
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6377097&time=1702974439583&url=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6377097&time=1702974439583&url=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6377097%26time%3D1702974439583%26url%3Dhttps%253A%252F%252Fnegriltreehouse1.pro-m...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6377097&time=1702974439583&url=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6377097&time=1702974439583&url=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLy2LAiKpN4XgAAAYyBL8MRzyrJ2...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6377097&time=1702974439583&url=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLy2LAiKpN4XgAAAYyBL8MRzyrJ2o7WK9MBm5Rq8thribytgwTCsvLppOXJb7fgzJItWXg
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:27:20 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 73F98EF2F84D42739FCF525C95806A1C Ref B: FRAEDGE1311 Ref C: 2023-12-19T08:27:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYM2KKVrHYUw8wPhFukrQ==

Redirect headers

date
Tue, 19 Dec 2023 08:27:19 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 7EC1DD54ECEC4E2FB836900BAF25E173 Ref B: DUS30EDGE0906 Ref C: 2023-12-19T08:27:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6377097&time=1702974439583&url=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLy2LAiKpN4XgAAAYyBL8MRzyrJ2o7WK9MBm5Rq8thribytgwTCsvLppOXJb7fgzJItWXg
x-li-proto
http/2
content-length
0
x-li-uuid
AAYM2KKR4sFnmZrDLJGSyg==
/
www.facebook.com/tr/ Frame C35C 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=796363164774881&ev=PageView&dl=https%3A%2F%2Fgame.rhym.io%2Fgame%3Fid%3DGAM681694749163&rl=https%3A%2F%2Fnegriltreehouse1.pro-moteit.com%2F&if=true&ts=1702974439602&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1702974439419&coo=false&rqm=GET
Requested by
Host: game.rhym.io
URL: https://game.rhym.io/game?id=GAM681694749163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.rhym.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 19 Dec 2023 08:27:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
game.css
rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/ Frame 76D7 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/game.css?v=1662376602
Requested by
Host: rhym.s3.ap-south-1.amazonaws.com
URL: https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.158.186 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
801cf5ad02f97c872186954115ed710064368fc6536d2ec8504932eae62c1e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 08:27:21 GMT
Last-Modified
Mon, 18 Dec 2023 21:41:39 GMT
Server
AmazonS3
x-amz-request-id
1S8W3JJ6B3V66N1N
ETag
"f170aaf5eec2961377bd67e70bd1a0a7"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4787
x-amz-id-2
irmvCQmm0br2iAfPgxHmeenAvz+xVxrSuYrwOmT+TH6SBO2wqNAwRRchx7swCTZiTtuUd081mfU=
game.js
rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/ Frame 76D7 		306 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/game.js?v=1662376602
Requested by
Host: rhym.s3.ap-south-1.amazonaws.com
URL: https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.158.186 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 08:27:21 GMT
Last-Modified
Mon, 18 Dec 2023 21:41:39 GMT
Server
AmazonS3
x-amz-request-id
1S8XHPGJKSFAE2GZ
ETag
"7c01ae2b46b0b8485dbee7cda1396983"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
364149
x-amz-id-2
oLmrOj+mOzJ1jN5woaOP6DUPnMYSxY7yTq0R55bhZEQYKjBnL8LokHnWL6u8InPEWx4FrIgpJjQ=
landscape.jpg
rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/media/graphics/orientate/ Frame 76D7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/media/graphics/orientate/landscape.jpg
Requested by
Host: rhym.s3.ap-south-1.amazonaws.com
URL: https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.158.186 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
32163c871c7081ba645025b45fe323912357998cd4b78307cd48b859ec8e4889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rhym.s3.ap-south-1.amazonaws.com/user/USR547812590842/games/GAM681694749163/game/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 08:27:21 GMT
Last-Modified
Mon, 18 Dec 2023 21:41:39 GMT
Server
AmazonS3
x-amz-request-id
1S8GQEN1381YVQ35
ETag
"cdb48447e9510be9175db6175b1addb9"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
11955
x-amz-id-2
ZwzKLje20Pc1tNQECR1GwccJLXQTHqCgsOOicqR5Tfo3ySnMuTiSvkjOhYDG07RXedUB+o2+ceY=
/
px.ads.linkedin.com/wa/ Frame C35C 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://game.rhym.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Dec 2023 08:27:19 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B5B1D17102D142D48D71BAECC23086B7 Ref B: DUS30EDGE0906 Ref C: 2023-12-19T08:27:20Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://game.rhym.io
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYM2KKYNuHxOi6TJS0UcA==

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| isiOS

7 Cookies

Domain/Path Name / Value
.linkedin.com/ Name: li_sugr
Value: 99b0d583-a8ac-4c78-8513-eee6882b6fe1
.linkedin.com/ Name: bcookie
Value: "v=2&11fe8d78-6e92-480d-8390-3007657bbcd5"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2762:u=1:x=1:i=1702974439:t=1703060839:v=2:sig=AQEnarTWErnXfZN33x1maK-YZqdP9WiK"
.linkedin.com/ Name: UserMatchHistory
Value: AQLM0B0PwXDlfwAAAYyBL8Hzx9McBNsa67pctUQke8TZh0jcLRI6OUASR_mlr3LsYMypxVhFJNwg9Q
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJ7vaARBo3ciwAAAYyBL8HzLUuvqQokjCepY0XYxRu514zqOesMahxkX3dGOIQg4I6Cd762RnkS4M1ANOYfag
.www.linkedin.com/ Name: bscookie
Value: "v=1&20231219082720085eaa67-0804-4e96-8fdb-aeaffe52e401AQFhfWYnsMU5NEVIUxDkSIVNFZjgYMVr"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDI5NzQ0NDA7MjswMjFx0L39LwogploufhcNBqSbzKfe6SwAkkhTRDk0MMYyqw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rhym.io
connect.facebook.net
fonts.googleapis.com
game.rhym.io
negriltreehouse1.pro-moteit.com
px.ads.linkedin.com
px4.ads.linkedin.com
rhym.s3.ap-south-1.amazonaws.com
snap.licdn.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
13.233.239.209
18.173.233.11
2620:1ec:21::14
2a00:1450:4001:80b::2008
2a00:1450:4001:831::200a
2a02:26f0:780::210:a40a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
43.204.18.197
52.219.158.186
121caf024080e9d8e0d237825d33832b4555cdf05c230fa9d84f75a6163544fd
127631e6ee31359123a7fef3fe9f3f645503beb513740247d57282f367cadc63
154513220cefc1d82e22c871caadc1ee1ea0dd660b16b6c9b64248687b816151
20f9f5ce260633af8b22f23c49575495e421bb6328cf0d48001adaf6880d80f7
29013159e53501e2e123b662d7dc20a093faebd4922fc376567507a68ebbcdbf
32163c871c7081ba645025b45fe323912357998cd4b78307cd48b859ec8e4889
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e30b108322fae82200c09086e427c7f2a8611da55bd11dc9e750d7fdca22235
4172d5f35e8fbdfcd2154ca81b55568391159ca4ef4ff4893aef3113da148074
458ab7f5a7ce1df6e45f52a541028b319108c811f89459430ac7114a6b58e6b5
4f7a75f0c94ea01eefeaee6e9af88799611de3fc4b7c96c25672bdedeed7a13a
63bda4bdfb2e64a0ec27bb1f1e3bac7434503a56598ccfc070e317a3aa9f6eeb
801cf5ad02f97c872186954115ed710064368fc6536d2ec8504932eae62c1e7b
849d67f1d3608fc55c8661d74c983cba6b3d2eb83fa9012a9253c07e9f6c280e
8869bb4e71547d57176e2d7a5bbab77899a17cebe504597da11960933df41d66
904b9d17a92dbe8e1d4129e6bd8ff3d0bedc2b62fc5ab27fab0d5504a09e98e1
962b7377f1857f93cc4da763a7c87c3d4b09a6ac1888c6082a93b093ccbc7634
a76a6b27386f6fbc9285a72f97de1ff0113b367b03fea5265d8154f03378e98c
b3b81c10e406f9665d40f80cb1b6397ea7a3061fc54b494e0d4b8a7e129c70b8
c143a1d38ebbb6a07e4ce21cdef59490775bfc656f81e68da01924f21dbd643e
c3eb769be7be2754eaf838d4875add3c218246863cbd7ff05132104423a1df83
d1ea29272c2f79d44c6e06a6625dec6ae4dda825460c107298f781f65844e846
d2a6ac2c3c7abb4f3d16f244d7e0984458e5bb85f39dbfa3b53dbc6c602e43be
e3969d50f3c40b7bd8da56e87a263fa26ec90e9b783f7a2fc27e9c2ff3dc99b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62f325bc6e7edf633a835978f5016bf4a3e5fcaa92c13725069fe2ef937be7d
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
fd5a5adfffe4e162b779e931258f3a5b338faad648cdad1d8b0ce0c87323c937