| www.luckypatchers.com/lucky-patcher-all-versions/ | 172.67.74.56 | 200 OK | 120 kB |
URL User Request GET HTTP/2www.luckypatchers.com/lucky-patcher-all-versions/ IP172.67.74.56:443
CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (19027) Size120 kB (120311 bytes) Hash3add407cf202c91b745c9eb1853b782e 747d9d1cf60d7a79165f6620e2f4459465ce00c3 24aea62fefca7a31e0575aaa7497c495b56e3efcdc6faee1d4b7d298f8518d3e
GET /lucky-patcher-all-versions/ HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:35:00 GMT
content-type: text/html; charset=UTF-8
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f89MHoAvIGdHQEbFtHXGSZoIgu%2FgfpEO%2F%2FEi1pNu8QhbWgEJr1JVa4wuJQmF9Cok%2Be%2BQ5Ul9RDAnN%2BvOKsELQxEQILtUy3HE5ARUuuq6wjCI%2B%2F4c7VV4Dn6rA6AAaZJ%2BPIJnEW6%2BNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87e9e6c8ad62b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.luckypatchers.com/wp-content/themes/Zephyr/fonts/fa-solid-900.woff2?ver=8.23.4 | 172.67.74.56 | 200 OK | 78 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/themes/Zephyr/fonts/fa-solid-900.woff2?ver=8.23.4 IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78268, version 331.-31196 Hashd824df7eb2e268626a2dd9a6a741ac4e 0ccb2c814a7e4ca12c4778821633809cb0361eaa 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
GET /wp-content/themes/Zephyr/fonts/fa-solid-900.woff2?ver=8.23.4 HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:01 GMT
content-type: application/font-woff2
content-length: 78268
last-modified: Wed, 24 Apr 2024 17:31:39 GMT
etag: "131bc-616db0b10b800"
cache-control: max-age=31536000, s-maxage=10
expires: Fri, 02 May 2025 15:21:20 GMT
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
age: 177221
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQNEY5W2zU6F2Gaqyxeb%2BQL7KU6ZyKtnCul0ubEPKceEyqkEk1sjFKcHNQoPlFsBTGeb3hvn0WgSKDL5p0NQuUJgdiJ2lU%2Bxm9kaS1ZJN8R%2F8UyzJa3DLAv6MREqDVTrxqYk68Xo%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87e9e6cd5ea75689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.luckypatchers.com/wp-content/themes/Zephyr/fonts/material-icons.woff2?ver=8.23.4 | 172.67.74.56 | 200 OK | 128 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/themes/Zephyr/fonts/material-icons.woff2?ver=8.23.4 IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /wp-content/themes/Zephyr/fonts/material-icons.woff2?ver=8.23.4 HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:01 GMT
content-type: application/font-woff2
content-length: 128352
last-modified: Wed, 24 Apr 2024 17:31:39 GMT
etag: "1f560-616db0b10bbe8"
cache-control: max-age=31536000, s-maxage=10
expires: Thu, 01 May 2025 15:53:26 GMT
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
age: 261695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFLJmUWLEEKCLkhkwPozZOrrzozOBt%2Bfwx9AxSc%2F3CDIdCCg8MrDaFEEYIscSfY%2FXgze7rTMinFEf1Gb0NnZvAOso%2Byp9obLYOu%2B589kSvjD9dt8UZDxvsRL1JDZBe%2BVtPK72TYvMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87e9e6cd5ea95689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=UA-74724554-1 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-74724554-1 IP142.250.74.168:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash46082dd7fb3412816c2e8f2fcc69ab5a 76f77e939681923bde49ed17a739c3d2b77dd070 a427fac3e3a77449d22e0faddb50cc7f2e998270aa8991507d9d4da543ba25de
GET /gtag/js?id=UA-74724554-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 16:35:01 GMT
expires: Sat, 04 May 2024 16:35:01 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tailorprecious.com/3eca821ef45fde49595e58b6255cacf3/invoke.js | 172.240.108.84 | 200 OK | 9.8 kB |
URL GET HTTP/1.1tailorprecious.com/3eca821ef45fde49595e58b6255cacf3/invoke.js IP172.240.108.84:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjecttailorprecious.com FingerprintBA:E0:A2:F2:07:63:16:74:65:05:DE:37:97:4F:8C:0C:FD:66:8C:14 ValidityMon, 01 Apr 2024 00:23:08 GMT - Sun, 30 Jun 2024 00:23:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (26614), with no line terminators Hash09718604282b1fd3597f33fce3cc1783 ebc70fbc2620de1d2730e6076aed56ba612a9a30 e4f715421fc2b26ef3065177c9d7fcc142ae37c9b6144590e795df3adbb16646
GET /3eca821ef45fde49595e58b6255cacf3/invoke.js HTTP/1.1
Host: tailorprecious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:35:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b2d0f67971f0f39f7984377a77d48f9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| tailorprecious.com/ae6b00eba237d65649579c179e26a29b/invoke.js | 172.240.108.84 | 200 OK | 12 kB |
URL GET HTTP/1.1tailorprecious.com/ae6b00eba237d65649579c179e26a29b/invoke.js IP172.240.108.84:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjecttailorprecious.com FingerprintBA:E0:A2:F2:07:63:16:74:65:05:DE:37:97:4F:8C:0C:FD:66:8C:14 ValidityMon, 01 Apr 2024 00:23:08 GMT - Sun, 30 Jun 2024 00:23:07 GMT
File typeJavaScript source, ASCII text, with very long lines (31354), with no line terminators Hashb38d2b1aca0cafe30afe387a7451718a fd5f2dc78ef5f4946dee221bc564f5e59f9eb930 a4266b94f9e2dd870136dc17c9d629cc7da7ce0b6191d504b159d3e677d3e74f
GET /ae6b00eba237d65649579c179e26a29b/invoke.js HTTP/1.1
Host: tailorprecious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:35:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b4297943d31619ba268270e82a80ce09
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.luckypatchers.com/wp-content/themes/Zephyr/fonts/fa-brands-400.woff2?ver=8.23.4 | 172.67.74.56 | 200 OK | 77 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/themes/Zephyr/fonts/fa-brands-400.woff2?ver=8.23.4 IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 76736, version 331.-31196 Hashed311c7a0ade9a75bb3ebf5a7670f31d 0613c7ebba55ee47ef302c0f7766324692f899a7 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
GET /wp-content/themes/Zephyr/fonts/fa-brands-400.woff2?ver=8.23.4 HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:02 GMT
content-type: application/font-woff2
content-length: 76736
last-modified: Wed, 24 Apr 2024 17:31:39 GMT
etag: "12bc0-616db0b10b418"
cache-control: max-age=31536000, s-maxage=10
expires: Thu, 01 May 2025 15:53:26 GMT
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
age: 261696
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2F9VbPB6eR%2Fn4w%2B0zjISOvFLsyYiKZTpgnNdzCnpk1c2oq6mHb3y2CVpugszBYdtJuFFwei5UtHDn3GVi1bC0T9MvLxSuB32wDLKATitFOxChTVWS%2BQq7fwqp%2Fz%2Fx3FpSkHeY%2B904A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87e9e6d26e275689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash691c3f87e4fe41a736328d3c71e2dbdc fd76f455b38ba18f00a6fb81e3585201eb3c43f6 8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 16:35:02 GMT
Last-Modified: Sat, 04 May 2024 15:11:13 GMT
Server: ECAcc (ska/F77E)
X-Cache: Miss from cloudfront
Via: 1.1 24250f9fc8a444002a645b3d312db1c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: d-dYmUN2itdbfsvYaOTRyuB31A4RzPx-ZniG8AWl2LzzhHW8UV8h0g==
Age: 5029
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash49445db2e08d9ff2e17c704b554a9150 15a99da3d96228d88c73bf0227c4decbac2fda23 770fb0504f0de4424e686c269ef44cce6e0cbabb7c2fb60e4f33668acb5769f5
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.luckypatchers.com
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:35:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.luckypatchers.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=7bc06b6c-cceb-4d09-8173-1a10111b4eda:2:1; expires=Tue, 02 May 2034 16:35:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash49445db2e08d9ff2e17c704b554a9150 15a99da3d96228d88c73bf0227c4decbac2fda23 770fb0504f0de4424e686c269ef44cce6e0cbabb7c2fb60e4f33668acb5769f5
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.luckypatchers.com
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Cookie: uid_id2=7bc06b6c-cceb-4d09-8173-1a10111b4eda:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 16:35:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.luckypatchers.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| www.luckypatchers.com/lucky-patcher-all-versions/ | 172.67.74.56 | 200 OK | 0 B |
URL User Request GET HTTP/2www.luckypatchers.com/lucky-patcher-all-versions/ IP172.67.74.56:443
CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /lucky-patcher-all-versions/ HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:02 GMT
content-type: text/html; charset=UTF-8
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJ2z6dqeR6uPRbma6Tcllw0uLenOEfaVuV9rYdDTo3QoUlupQ1jo0AhLsc3xhlnf58fi2wbjCYezez8VhEi%2BXlKvy7rLuA0h9HOKEdlfU%2Bs0S%2F5kD%2BEiFEan2MEyo2alMqbUfIDMpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87e9e6d25df95689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.luckypatchers.com/wp-content/uploads/2018/01/Lucky-Patcher-icon.png | 172.67.74.56 | 200 OK | 7.0 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/uploads/2018/01/Lucky-Patcher-icon.png IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hashfe4836807ecb6ef5e1bd188f45238e90 71cb69899a73829a74768a8254bc8f838f75f99f 5a251eebaef66b3451718700b5e3ee02388990a4f839e69da93f26e020d2d6b4
GET /wp-content/uploads/2018/01/Lucky-Patcher-icon.png HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Cookie: pll_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:02 GMT
content-type: image/png
content-length: 7030
cache-control: max-age=31536000, s-maxage=10
cf-bgj: imgq:85,h2pri
cf-polished: origSize=8612
etag: "21a4-595d1e4083580"
expires: Fri, 02 May 2025 12:13:03 GMT
last-modified: Sat, 26 Oct 2019 15:26:30 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
age: 188121
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IteMD92JIXpYjmIEorUfwB7Xx3bitWmiQL9lRpU7YXTkAIn2tekzRyP2QkJ5CpdDt%2F8ApMHKr413KEIHr74lVQXgf3eZWFC7gjB4lpOnVbIF4iNmIducX16COfjX131iAiixylYoag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87e9e6d34f765689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| vaikijie.net/tag.min.js | 139.45.197.244 | 200 OK | 28 kB |
IP139.45.197.244:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectvaikijie.net Fingerprint16:35:56:02:7F:8B:C6:9F:4C:11:EE:FE:F5:DB:3C:FA:36:AB:F8:B7 ValidityTue, 30 Apr 2024 05:29:33 GMT - Mon, 29 Jul 2024 05:29:32 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash6161cd5b16afc637789c8a29da15ed13 04f9e513c05079726b06b2154995c4c5c7c09b08 562a877675f8c3df7e1be8c3b2999127466ca8784a0a556810ec018ab6c86e34
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: vaikijie.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 16:35:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 28333
content-encoding: br
x-trace-id: 83d77d3386b8e36b1019b32a8b6bba40
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 03 May 2024 05:53:48 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| www.luckypatchers.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 172.67.74.56 | 200 OK | 95 kB |
URL GET HTTP/3www.luckypatchers.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typeJavaScript source, ASCII text, with very long lines (18607), with no line terminators Hash0eec1c4ab7bf86f404adde4eb7fef079 8ffda7ff4628796dc1e4133b4ac22cc4c12a191f 24a2071a6ff33f8868cf8d73f227924716780ba699241ada0a66298ab7e6b824
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Cookie: pll_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:02 GMT
content-type: application/x-javascript
referrer-policy: no-referrer-when-downgrade
x-original-content-length: 18726
vary: Accept-Encoding
etag: W/"PSA-aj-DuwcSre_hv"
expires: Wed, 30 Apr 2025 19:21:18 GMT
cache-control: max-age=31535228
x-content-type-options: nosniff
cf-cache-status: HIT
age: 329220
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c84tQlP%2FGpDXvC8ggRAabq802K1xfgzSjAOgl45Jtm%2F6XLEGcqNQn53FUXDEcb5wecYDw2VOewPdxc8Ir6mJHmvUqeu06%2FnryGpQcu0z7%2B4SHF9jbZxrDzszuCpC3MVg%2BX5GymdwUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 87e9e6d30ef25689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sunflowercoastlineprobe.com/22/1b/2b/221b2bcc6c886d033875a6dca9060c2a.js | 172.240.127.234 | 200 OK | 16 kB |
URL GET HTTP/1.1sunflowercoastlineprobe.com/22/1b/2b/221b2bcc6c886d033875a6dca9060c2a.js IP172.240.127.234:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectsunflowercoastlineprobe.com Fingerprint3B:6A:63:2D:99:C7:E1:7E:7A:14:16:8D:76:48:71:7A:A1:46:52:76 ValidityMon, 29 Apr 2024 13:07:49 GMT - Sun, 28 Jul 2024 13:07:48 GMT
File typeJavaScript source, ASCII text, with very long lines (44073), with no line terminators Hash184fc901758e921ef19314cd2513ba97 d043593d2b898b36e8bb3ade5184d01f5acb5dbc 59db671fc37b622480a87efd8dd522b06e1a76132b5a8c73a04af30c3aadd47c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /22/1b/2b/221b2bcc6c886d033875a6dca9060c2a.js HTTP/1.1
Host: sunflowercoastlineprobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:35:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=0; expires=Tue, 07 May 2024 19:35:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 23126272471f78df59b983d3f82a55c4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| my.rtmark.net/gid.js?userId=00805250b44947edebc15e96463fa176 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=00805250b44947edebc15e96463fa176 IP139.45.195.8:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashbf8aff2a63168b6b699d3c6a16229d26 16f927678b0e5aa2e462d0578c4d129c409cb330 601859d814ed7310cdb80c54b85966d60783c7150d8c4c1cf95bfd04e2c20be2
GET /gid.js?userId=00805250b44947edebc15e96463fa176 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.luckypatchers.com
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 16:35:02 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.luckypatchers.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00805250b44947edebc15e96463fa176; expires=Sun, 04 May 2025 16:35:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:35:02 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b5ff2a43523536092f918766f3aa84c1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 16:35:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i0k7gSeL4agYVkcc4Z%2FV2ZxMqHsLCNa5MlRRZbH7fkWjwNip0ys48OKPonScZYCo%2BWRpCk6okQ8bkaFLVqQ6j%2FFtz%2B6GAI2cgVcrmyKS%2BjRMtn93VsIBrSTzUQKHZMFoDRVUtRsEbUwb8vbYszMo2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e9e6d55d1b0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sunflowercoastlineprobe.com/watch.1588175815118.js?key=ae6b00eba237d65649579c179e26a29b&kw=%5B%22lucky%22%2C%22patcher%22%2C%22all%22%2C%22versions%22%2C%22free%22%2C%22download%22%2C%22-%22%2C%22lucky%22%2C%22patcher%22%5D&refer=https%3A%2F%2Fwww.luckypatchers.com%2Flucky-patcher-all-versions%2F&tz=0&dev=e&res=14.2071&uuid=7bc06b6c-cceb-4d09-8173-1a10111b4eda%3A2%3A1 | 172.240.108.76 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1sunflowercoastlineprobe.com/watch.1588175815118.js?key=ae6b00eba237d65649579c179e26a29b&kw=%5B%22lucky%22%2C%22patcher%22%2C%22all%22%2C%22versions%22%2C%22free%22%2C%22download%22%2C%22-%22%2C%22lucky%22%2C%22patcher%22%5D&refer=https%3A%2F%2Fwww.luckypatchers.com%2Flucky-patcher-all-versions%2F&tz=0&dev=e&res=14.2071&uuid=7bc06b6c-cceb-4d09-8173-1a10111b4eda%3A2%3A1 IP172.240.108.76:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectsunflowercoastlineprobe.com Fingerprint3B:6A:63:2D:99:C7:E1:7E:7A:14:16:8D:76:48:71:7A:A1:46:52:76 ValidityMon, 29 Apr 2024 13:07:49 GMT - Sun, 28 Jul 2024 13:07:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1588175815118.js?key=ae6b00eba237d65649579c179e26a29b&kw=%5B%22lucky%22%2C%22patcher%22%2C%22all%22%2C%22versions%22%2C%22free%22%2C%22download%22%2C%22-%22%2C%22lucky%22%2C%22patcher%22%5D&refer=https%3A%2F%2Fwww.luckypatchers.com%2Flucky-patcher-all-versions%2F&tz=0&dev=e&res=14.2071&uuid=7bc06b6c-cceb-4d09-8173-1a10111b4eda%3A2%3A1 HTTP/1.1
Host: sunflowercoastlineprobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.luckypatchers.com
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:35:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.luckypatchers.com
Access-Control-Allow-Origin: https://www.luckypatchers.com
Access-Control-Allow-Credentials: true
Location: https://sunflowercoastlineprobe.com/watch.1588175815118.js?dev=e&key=ae6b00eba237d65649579c179e26a29b&kw=%5B%22lucky%22%2C%22patcher%22%2C%22all%22%2C%22versions%22%2C%22free%22%2C%22download%22%2C%22-%22%2C%22lucky%22%2C%22patcher%22%5D&pst=1714840562&refer=https%3A%2F%2Fwww.luckypatchers.com%2Flucky-patcher-all-versions%2F&res=14.2071&rmtc=t&shu=1c36d1ff98d9133bbe16d9ebdd4e294872ac95ac9fd856e1435cf3c0d04fded3935ffc69d93c3b11c3a366cf6ebf8716798c210efb3cf3abf48c0678e13d66211369a538c3c49f5bd4e1084967e26e308f4de9c382fffcc8855aaed3f21cdeee731d06&tz=0&uuid=7bc06b6c-cceb-4d09-8173-1a10111b4eda%3A2%3A1
Set-Cookie: u_pl=20528585; expires=Sun, 05 May 2024 16:35:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDUyODU4NSwiayI6ImFlNmIwMGViYTIzN2Q2NTY0OTU3OWMxNzllMjZhMjliIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyOTM1MzU3LCJwaWQiOjExOTI2OTUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6NSwicHQiOjQsInBrIjoia2k3YnNzczR4IiwiY3BrcyI6eyIyOSI6IjIyMWIyYmNjNmM4ODZkMDMzODc1YTZkY2E5MDYwYzJhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5sdWNreXBhdGNoZXJzLmNvbS9sdWNreS1wYXRjaGVyLWFsbC12ZXJzaW9ucy8iLCJhciI6W119fQ.4l5p-f6jg-PD8FrtOJp2icAx9DKh-hlZ2_EBtiFNSQk; expires=Sat, 04 May 2024 16:36:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 07d2910ddca2eb3c3a5372f1b5136aea
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| endlesslyalwaysbeset.com/ntv.json?key=3eca821ef45fde49595e58b6255cacf3&vstc=4 | 192.243.59.13 | 200 OK | 18 kB |
URL GET HTTP/1.1endlesslyalwaysbeset.com/ntv.json?key=3eca821ef45fde49595e58b6255cacf3&vstc=4 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectendlesslyalwaysbeset.com Fingerprint24:CC:3C:25:47:D7:61:35:9D:1F:FF:A6:3E:BF:D2:E0:16:60:72:DB ValidityMon, 29 Apr 2024 08:49:02 GMT - Sun, 28 Jul 2024 08:49:01 GMT
Hash114e64154de8f004e6352c1e7a87276a 8680e604f374a1457e503449f1ba310c2f867410 22e0a07ac76e7f468ede4c57b216eb20a51609c10fc3222d341d6ae443fde506
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ntv.json?key=3eca821ef45fde49595e58b6255cacf3&vstc=4 HTTP/1.1
Host: endlesslyalwaysbeset.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.luckypatchers.com
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 16:35:02 GMT
Content-Type: application/json
Content-Length: 17831
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.luckypatchers.com
Access-Control-Allow-Origin: https://www.luckypatchers.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=20467878; expires=Sun, 05 May 2024 16:35:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 16:35:02 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 16:35:02 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sun, 05 May 2024 16:35:02 GMT; secure; SameSite=None
uncs49=1; expires=Sun, 05 May 2024 16:35:02 GMT; secure; SameSite=None
nlec3eca821ef45fde49595e58b6255cacf3=[4991488,4991490,4991489]; expires=Sat, 04 May 2024 16:35:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3830bf64c87df4d3c66768da579e8b14
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| sunflowercoastlineprobe.com/watch.1588175815118.js?dev=e&key=ae6b00eba237d65649579c179e26a29b&kw=%5B%22lucky%22%2C%22patcher%22%2C%22all%22%2C%22versions%22%2C%22free%22%2C%22download%22%2C%22-%22%2C%22lucky%22%2C%22patcher%22%5D&pst=1714840562&refer=https%3A%2F%2Fwww.luckypatchers.com%2Flucky-patcher-all-versions%2F&res=14.2071&rmtc=t&shu=1c36d1ff98d9133bbe16d9ebdd4e294872ac95ac9fd856e1435cf3c0d04fded3935ffc69d93c3b11c3a366cf6ebf8716798c210efb3cf3abf48c0678e13d66211369a538c3c49f5bd4e1084967e26e308f4de9c382fffcc8855aaed3f21cdeee731d06&tz=0&uuid=7bc06b6c-cceb-4d09-8173-1a10111b4eda%3A2%3A1 | 172.240.127.234 | 200 OK | 2.1 kB |
URL GET HTTP/1.1sunflowercoastlineprobe.com/watch.1588175815118.js?dev=e&key=ae6b00eba237d65649579c179e26a29b&kw=%5B%22lucky%22%2C%22patcher%22%2C%22all%22%2C%22versions%22%2C%22free%22%2C%22download%22%2C%22-%22%2C%22lucky%22%2C%22patcher%22%5D&pst=1714840562&refer=https%3A%2F%2Fwww.luckypatchers.com%2Flucky-patcher-all-versions%2F&res=14.2071&rmtc=t&shu=1c36d1ff98d9133bbe16d9ebdd4e294872ac95ac9fd856e1435cf3c0d04fded3935ffc69d93c3b11c3a366cf6ebf8716798c210efb3cf3abf48c0678e13d66211369a538c3c49f5bd4e1084967e26e308f4de9c382fffcc8855aaed3f21cdeee731d06&tz=0&uuid=7bc06b6c-cceb-4d09-8173-1a10111b4eda%3A2%3A1 IP172.240.127.234:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectsunflowercoastlineprobe.com Fingerprint3B:6A:63:2D:99:C7:E1:7E:7A:14:16:8D:76:48:71:7A:A1:46:52:76 ValidityMon, 29 Apr 2024 13:07:49 GMT - Sun, 28 Jul 2024 13:07:48 GMT
File typeJavaScript source, ASCII text, with very long lines (2673) Hashbb4482e25758ae5774f7820243e8a5d5 bc580ef45702a106e1b80e4b1072af76929cbb1d f3ab397cedfbb452bb0db7372d3ad5311e952867ed817bbb048a7130159c2eed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1588175815118.js?dev=e&key=ae6b00eba237d65649579c179e26a29b&kw=%5B%22lucky%22%2C%22patcher%22%2C%22all%22%2C%22versions%22%2C%22free%22%2C%22download%22%2C%22-%22%2C%22lucky%22%2C%22patcher%22%5D&pst=1714840562&refer=https%3A%2F%2Fwww.luckypatchers.com%2Flucky-patcher-all-versions%2F&res=14.2071&rmtc=t&shu=1c36d1ff98d9133bbe16d9ebdd4e294872ac95ac9fd856e1435cf3c0d04fded3935ffc69d93c3b11c3a366cf6ebf8716798c210efb3cf3abf48c0678e13d66211369a538c3c49f5bd4e1084967e26e308f4de9c382fffcc8855aaed3f21cdeee731d06&tz=0&uuid=7bc06b6c-cceb-4d09-8173-1a10111b4eda%3A2%3A1 HTTP/1.1
Host: sunflowercoastlineprobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.luckypatchers.com
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Cookie: u_pl=20528585; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDUyODU4NSwiayI6ImFlNmIwMGViYTIzN2Q2NTY0OTU3OWMxNzllMjZhMjliIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyOTM1MzU3LCJwaWQiOjExOTI2OTUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6NSwicHQiOjQsInBrIjoia2k3YnNzczR4IiwiY3BrcyI6eyIyOSI6IjIyMWIyYmNjNmM4ODZkMDMzODc1YTZkY2E5MDYwYzJhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5sdWNreXBhdGNoZXJzLmNvbS9sdWNreS1wYXRjaGVyLWFsbC12ZXJzaW9ucy8iLCJhciI6W119fQ.4l5p-f6jg-PD8FrtOJp2icAx9DKh-hlZ2_EBtiFNSQk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:35:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.luckypatchers.com
Access-Control-Allow-Origin: https://www.luckypatchers.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7bc06b6c-cceb-4d09-8173-1a10111b4eda:2:1; expires=Sat, 11 May 2024 16:35:03 GMT; secure; SameSite=None
iprc82fc07665c175aa0935f93787029c0f7=3569806; expires=Sat, 04 May 2024 20:35:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 16:35:03 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 16:35:03 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 05 May 2024 16:35:03 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 05 May 2024 16:35:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20aced23961394afda92483d632ab7b2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| endlesslyalwaysbeset.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzm9OP0EwxJOXOWoIs909Mz0zBgnGuCE4ZtdE0ZtUV1XPllPd1VR1T8%2BOIIsBycHDCF701PvMfqCGYC7eDDIbEF0Qdm57yIJ%2FgxCv0uPi6Av1ftTzFDzv%2B9Znu%2FkZ8ZHT0xtv64lUiq61G2795Q8872q9L5N8XB93gw%2BD1tW6Gb3aCxruK%2FWbgg31mu96ruu5Xn1dGhHp8VoFQqYPel6j5zZafsNrtzA2%2F61t7sBSB3x0Ri5C8kXtiXMJks2RxN%2FfEHaY6fTKm3GuaKYNRvzwvWSY6CJBvEoj4yBKDs%2FZ0PZk%2FTF0sr%2BUCz36hxjKBXF%2BfowwOTwXiXC0t9QZKogEIX8OxWgOoeaQdA6m70HyEwIwjtsbSOKD29oUdPtvlFbogtSe%2FQFZLEjt6SUk8cPrSo7rd7XKM6kTi3FUQo7nkIM50vwI2eQCZHEEln0KyX8ja8%2F6SOK9Das0JC%2BXvUs5h4zmUGIKah3k1ZEO8shBnjqI%2BWmdeZ7XcTmjbrfHWJN3RBhw16OdyKOeG3SRs0reFFk6BVNTMLOD1OxgKL84aV%2BEyX%2BC3SphuQObLYjzzg5GvEQhCApLUFCCQhIUGUExKve5sr4tD7iyeeidR%2F88NsuZzga7dF9nA5EQUDOF4eVuekZeqEbkdDcPMBSn9aZgtOt7Imq1Iy5avXavLdrdMPDbbUZZ1ISVJaS9sOx6Ihfkyq%2BvIZULctH%2FEyE9glVHYPJF0NwDLUrQrRKT5JHK2XA7pRnbEsY2mI7BdYk0qyHbdnbVGXlpuan%2BZQLBjq9lk99vPrz0MZgpkZoSH8knBAN1f3ZHF2Tvji4sebSRZjKWE1pt8W5GM%2FG%2Fb98S24U2%2FNYNO%2F3mdVYBVfrgXWGzPk24TAaWfHddci7MujZMkB9v2fdFuJnbreu5SfK0v%2FnG%2Bq04NcJaqZM5qFyQ2vE2mFyQ559%2Bsvygl%2FPPIc0cJi8R58fk3CD1EVi6A5uu9FtNYNSKE6YOirycGT9cXSpJoMSqpmEJ%2B686XOUzQ6vXVJa79j4Gpgaa3UMSlxiZEiNVgqopbP7%2FWZaa42u%2FfFXZ1whVbRYqU9sLlVFfLsdcuQuVcxakP9iDlaf1TrPp0qDX9jodKjphy%2B9Ggccp9VuBHwS0icwuooD98BcAAAD%2F%2FwEAAP%2F%2FKyv8MoQEAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL GET HTTP/1.1endlesslyalwaysbeset.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzm9OP0EwxJOXOWoIs909Mz0zBgnGuCE4ZtdE0ZtUV1XPllPd1VR1T8%2BOIIsBycHDCF701PvMfqCGYC7eDDIbEF0Qdm57yIJ%2FgxCv0uPi6Av1ftTzFDzv%2B9Znu%2FkZ8ZHT0xtv64lUiq61G2795Q8872q9L5N8XB93gw%2BD1tW6Gb3aCxruK%2FWbgg31mu96ruu5Xn1dGhHp8VoFQqYPel6j5zZafsNrtzA2%2F61t7sBSB3x0Ri5C8kXtiXMJks2RxN%2FfEHaY6fTKm3GuaKYNRvzwvWSY6CJBvEoj4yBKDs%2FZ0PZk%2FTF0sr%2BUCz36hxjKBXF%2BfowwOTwXiXC0t9QZKogEIX8OxWgOoeaQdA6m70HyEwIwjtsbSOKD29oUdPtvlFbogtSe%2FQFZLEjt6SUk8cPrSo7rd7XKM6kTi3FUQo7nkIM50vwI2eQCZHEEln0KyX8ja8%2F6SOK9Das0JC%2BXvUs5h4zmUGIKah3k1ZEO8shBnjqI%2BWmdeZ7XcTmjbrfHWJN3RBhw16OdyKOeG3SRs0reFFk6BVNTMLOD1OxgKL84aV%2BEyX%2BC3SphuQObLYjzzg5GvEQhCApLUFCCQhIUGUExKve5sr4tD7iyeeidR%2F88NsuZzga7dF9nA5EQUDOF4eVuekZeqEbkdDcPMBSn9aZgtOt7Imq1Iy5avXavLdrdMPDbbUZZ1ISVJaS9sOx6Ihfkyq%2BvIZULctH%2FEyE9glVHYPJF0NwDLUrQrRKT5JHK2XA7pRnbEsY2mI7BdYk0qyHbdnbVGXlpuan%2BZQLBjq9lk99vPrz0MZgpkZoSH8knBAN1f3ZHF2Tvji4sebSRZjKWE1pt8W5GM%2FG%2Fb98S24U2%2FNYNO%2F3mdVYBVfrgXWGzPk24TAaWfHddci7MujZMkB9v2fdFuJnbreu5SfK0v%2FnG%2Bq04NcJaqZM5qFyQ2vE2mFyQ559%2Bsvygl%2FPPIc0cJi8R58fk3CD1EVi6A5uu9FtNYNSKE6YOirycGT9cXSpJoMSqpmEJ%2B686XOUzQ6vXVJa79j4Gpgaa3UMSlxiZEiNVgqopbP7%2FWZaa42u%2FfFXZ1whVbRYqU9sLlVFfLsdcuQuVcxakP9iDlaf1TrPp0qDX9jodKjphy%2B9Ggccp9VuBHwS0icwuooD98BcAAAD%2F%2FwEAAP%2F%2FKyv8MoQEAAA%3D IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectendlesslyalwaysbeset.com Fingerprint24:CC:3C:25:47:D7:61:35:9D:1F:FF:A6:3E:BF:D2:E0:16:60:72:DB ValidityMon, 29 Apr 2024 08:49:02 GMT - Sun, 28 Jul 2024 08:49:01 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzm9OP0EwxJOXOWoIs909Mz0zBgnGuCE4ZtdE0ZtUV1XPllPd1VR1T8%2BOIIsBycHDCF701PvMfqCGYC7eDDIbEF0Qdm57yIJ%2FgxCv0uPi6Av1ftTzFDzv%2B9Znu%2FkZ8ZHT0xtv64lUiq61G2795Q8872q9L5N8XB93gw%2BD1tW6Gb3aCxruK%2FWbgg31mu96ruu5Xn1dGhHp8VoFQqYPel6j5zZafsNrtzA2%2F61t7sBSB3x0Ri5C8kXtiXMJks2RxN%2FfEHaY6fTKm3GuaKYNRvzwvWSY6CJBvEoj4yBKDs%2FZ0PZk%2FTF0sr%2BUCz36hxjKBXF%2BfowwOTwXiXC0t9QZKogEIX8OxWgOoeaQdA6m70HyEwIwjtsbSOKD29oUdPtvlFbogtSe%2FQFZLEjt6SUk8cPrSo7rd7XKM6kTi3FUQo7nkIM50vwI2eQCZHEEln0KyX8ja8%2F6SOK9Das0JC%2BXvUs5h4zmUGIKah3k1ZEO8shBnjqI%2BWmdeZ7XcTmjbrfHWJN3RBhw16OdyKOeG3SRs0reFFk6BVNTMLOD1OxgKL84aV%2BEyX%2BC3SphuQObLYjzzg5GvEQhCApLUFCCQhIUGUExKve5sr4tD7iyeeidR%2F88NsuZzga7dF9nA5EQUDOF4eVuekZeqEbkdDcPMBSn9aZgtOt7Imq1Iy5avXavLdrdMPDbbUZZ1ISVJaS9sOx6Ihfkyq%2BvIZULctH%2FEyE9glVHYPJF0NwDLUrQrRKT5JHK2XA7pRnbEsY2mI7BdYk0qyHbdnbVGXlpuan%2BZQLBjq9lk99vPrz0MZgpkZoSH8knBAN1f3ZHF2Tvji4sebSRZjKWE1pt8W5GM%2FG%2Fb98S24U2%2FNYNO%2F3mdVYBVfrgXWGzPk24TAaWfHddci7MujZMkB9v2fdFuJnbreu5SfK0v%2FnG%2Bq04NcJaqZM5qFyQ2vE2mFyQ559%2Bsvygl%2FPPIc0cJi8R58fk3CD1EVi6A5uu9FtNYNSKE6YOirycGT9cXSpJoMSqpmEJ%2B686XOUzQ6vXVJa79j4Gpgaa3UMSlxiZEiNVgqopbP7%2FWZaa42u%2FfFXZ1whVbRYqU9sLlVFfLsdcuQuVcxakP9iDlaf1TrPp0qDX9jodKjphy%2B9Ggccp9VuBHwS0icwuooD98BcAAAD%2F%2FwEAAP%2F%2FKyv8MoQEAAA%3D HTTP/1.1
Host: endlesslyalwaysbeset.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Cookie: u_pl=20467878; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec3eca821ef45fde49595e58b6255cacf3=[4991488,4991490,4991489]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 16:35:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: faa6d161e5e3f7f64d357ad6dcaccd81
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/cti/a3/5a/7f/a35a7f4ba8fbdbbd350aae9d384fc183/1708421576.jpg | 45.133.44.10 | 200 OK | 17 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/a3/5a/7f/a35a7f4ba8fbdbbd350aae9d384fc183/1708421576.jpg IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3 Hash81f9c10ac0985ffbb5a1442f202d7de7 0a6ec80ed52a7d3ce9cdf5104c423cda5deea0d8 10262e18e86a732c856bd84285e1897adeca4af03fedc8799c25306e0a6289ff
GET /cti/a3/5a/7f/a35a7f4ba8fbdbbd350aae9d384fc183/1708421576.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:35:03 GMT
content-type: image/jpeg
content-length: 17019
server: nginx/1.21.6
last-modified: Tue, 20 Feb 2024 09:33:04 GMT
etag: "65d471d0-427b"
expires: Mon, 06 May 2024 16:35:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png | 45.133.44.10 | 200 OK | 184 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced Size184 kB (183812 bytes) Hashadc709f858c8b4ff4ce26a2757b75131 c91b170aba4aafdca5690d29e17f61b6505e15c1 ad475e95022da6d65aec3479ad3b4ff6d36dc85bbc634d750cdd575ea1a985ce
GET /si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:35:03 GMT
content-type: image/png
content-length: 183812
server: nginx/1.21.6
last-modified: Wed, 14 Feb 2024 19:50:20 GMT
etag: "65cd197c-2ce04"
expires: Mon, 06 May 2024 16:35:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.luckypatchers.com/wp-content/cache/minify/4f808.css | 172.67.74.56 | 200 OK | 205 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/cache/minify/4f808.css IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size205 kB (205123 bytes) Hashf7eb0c14c5f4a5cef83e4ff6c201254b 483c75b0a4c037e923224a45520be0c1c70107de b54496b5ef4e8599e27a5e13fd1f1b99a312cadd486e0a7b18de39daacbc5f9d
GET /wp-content/cache/minify/4f808.css HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:01 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=477641
etag: W/"749c9-61739ccdffbeb"
expires: Wed, 30 Apr 2025 19:33:41 GMT
last-modified: Mon, 29 Apr 2024 10:34:38 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
cf-cache-status: HIT
age: 329221
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQPifsrWllkNtt0RKULn0luP5cvKT0%2F0nbkR29LouvZckoSpXrLHFhEz4azGGsKbB4kH%2BhSOpg9ZglhZrcy34qBfc5ap6YvbxW62qR%2B3A5RqYXppg61TyH90D1MM0RHXs1AYsjiITQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87e9e6cc1c985689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.cloudimagesb.com/si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png | 45.133.44.10 | 200 OK | 105 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced Size105 kB (104949 bytes) Hash440d0ebcc9ae01aba77f74d9015ff0b3 9065b873ac93b45da1765682071eaaf6efe12e5c 7834596c29b94d74435163b3875c5042082912c1aff529986b0235cd9b7b27cc
GET /si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:35:03 GMT
content-type: image/png
content-length: 104949
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:37 GMT
etag: "65f9577d-199f5"
expires: Mon, 06 May 2024 16:35:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png | 45.133.44.10 | 200 OK | 144 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Size144 kB (144379 bytes) Hash33c304429dc1a4408a96e6a74ffa2feb c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04 dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 16:35:03 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Mon, 06 May 2024 16:35:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| endlesslyalwaysbeset.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4sjxRevXsL38N2Tw3oQPeSoy5Lp7iSdxEXEcRwZjDvjrqI3qa6qzpSp7mqqutOZOQ0uyB4j6EFPPZ%2FMD9RF3Is3F8ksiC4Ik9scnIt%2FgrB6lM4ORh%2F0e%2B%2FzPq%2Fh896rTw7yC%2BIjp%2Bfrb%2Bs9qRRdbTfc%2BosfeN7Nel8m%2Bbg%2B7gYfBq2bdTN6uRc03Jfqbwo21Ku%2B67mu53r1DWlEpMerFQmZ3u95jZ7baPkNr93C2PwX29yBpQ746IKsQPJ57ZFzDZLNkMTfrQs7zHR64404VzTTBiN%2B8l4yTHSRIF6mkXEQJSeX3dD2bOMhdHK0kAs9%2BqcxlHPi%2FPQQYXJyKRLh6HChM1QQCUJ%2BFcVoBqFmkHQGpu9C8jMCMI5bW0ji41vaFHT3KUsrdk5qT%2F6ALOak9ts1JPG3a0qO63e0yjOpE4txVEKOZ5CDGdL8FNneFcjiFCz7GJL%2FSlaf9JHEh1tWaUheLmaXcgYZzaDEBNQ6yKtPOsgjB3nqIObndeZ5XsfljLrdHmNN3hFhwF2PdiKPem7QRc4qeRNk6QRMTcDMPlKzj6H89Ky9ApP%2FCLtTwnIHNpsT5519jHiJQhAUlqCgBIUkKDKCYlQecWV9Wx5zZfPQu4z%2BZWyWU50NDuiRzgYiIaBmAsPLg%2FSCPFOtyOluH2MozutNwWjX90TUakdctHrtXlu0u2Hgt9uMsqgJK0tIe2Ux9Z6ckxu%2FvIJUzsmK%2FydCegqrTsHks6C5B1qUoDsl9pIHKmfD3ZRmbEcY22A6Btcl0qyGbNc5UBfk%2BcWl%2BoNDCPaYXBqYKZGaEh%2FJRwQDdW96Wxfk8LYuLHmwlWYylnu0uuKdjGbif1%2B%2FJXYLbfjmup189RqriCq9%2F66wWZ8mXCYDS75Zk5wLs6ENE%2BSHTfu%2BCLdzu7OWmyRP%2B9uvb2zGqRHWSp3MQOXZ1l9gck6uvvD74nle%2F%2Fw5SDODyUvE%2BVKp1DOwdB82XdasJjBqicO0hiIvp8YPl0UlCZRYYhqWsP%2FC4TKfGlr9TWV5YO9hYGqg2V0kcYmRKTFSJaiawOb%2Fn2apefzqz19U9iVCVZuGytQOQ2XUZ3PSv04qd6VyztOdW3le7zSbLg16ba%2FToaITtvxuFHicUr8V%2BEFAm8jsPArY938DAAD%2F%2FwEAAP%2F%2FMPgdXYIEAAA%3D | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1endlesslyalwaysbeset.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4sjxRevXsL38N2Tw3oQPeSoy5Lp7iSdxEXEcRwZjDvjrqI3qa6qzpSp7mqqutOZOQ0uyB4j6EFPPZ%2FMD9RF3Is3F8ksiC4Ik9scnIt%2FgrB6lM4ORh%2F0e%2B%2FzPq%2Fh896rTw7yC%2BIjp%2Bfrb%2Bs9qRRdbTfc%2BosfeN7Nel8m%2Bbg%2B7gYfBq2bdTN6uRc03Jfqbwo21Ku%2B67mu53r1DWlEpMerFQmZ3u95jZ7baPkNr93C2PwX29yBpQ746IKsQPJ57ZFzDZLNkMTfrQs7zHR64404VzTTBiN%2B8l4yTHSRIF6mkXEQJSeX3dD2bOMhdHK0kAs9%2BqcxlHPi%2FPQQYXJyKRLh6HChM1QQCUJ%2BFcVoBqFmkHQGpu9C8jMCMI5bW0ji41vaFHT3KUsrdk5qT%2F6ALOak9ts1JPG3a0qO63e0yjOpE4txVEKOZ5CDGdL8FNneFcjiFCz7GJL%2FSlaf9JHEh1tWaUheLmaXcgYZzaDEBNQ6yKtPOsgjB3nqIObndeZ5XsfljLrdHmNN3hFhwF2PdiKPem7QRc4qeRNk6QRMTcDMPlKzj6H89Ky9ApP%2FCLtTwnIHNpsT5519jHiJQhAUlqCgBIUkKDKCYlQecWV9Wx5zZfPQu4z%2BZWyWU50NDuiRzgYiIaBmAsPLg%2FSCPFOtyOluH2MozutNwWjX90TUakdctHrtXlu0u2Hgt9uMsqgJK0tIe2Ux9Z6ckxu%2FvIJUzsmK%2FydCegqrTsHks6C5B1qUoDsl9pIHKmfD3ZRmbEcY22A6Btcl0qyGbNc5UBfk%2BcWl%2BoNDCPaYXBqYKZGaEh%2FJRwQDdW96Wxfk8LYuLHmwlWYylnu0uuKdjGbif1%2B%2FJXYLbfjmup189RqriCq9%2F66wWZ8mXCYDS75Zk5wLs6ENE%2BSHTfu%2BCLdzu7OWmyRP%2B9uvb2zGqRHWSp3MQOXZ1l9gck6uvvD74nle%2F%2Fw5SDODyUvE%2BVKp1DOwdB82XdasJjBqicO0hiIvp8YPl0UlCZRYYhqWsP%2FC4TKfGlr9TWV5YO9hYGqg2V0kcYmRKTFSJaiawOb%2Fn2apefzqz19U9iVCVZuGytQOQ2XUZ3PSv04qd6VyztOdW3le7zSbLg16ba%2FToaITtvxuFHicUr8V%2BEFAm8jsPArY938DAAD%2F%2FwEAAP%2F%2FMPgdXYIEAAA%3D IP172.240.108.68:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectendlesslyalwaysbeset.com Fingerprint24:CC:3C:25:47:D7:61:35:9D:1F:FF:A6:3E:BF:D2:E0:16:60:72:DB ValidityMon, 29 Apr 2024 08:49:02 GMT - Sun, 28 Jul 2024 08:49:01 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4sjxRevXsL38N2Tw3oQPeSoy5Lp7iSdxEXEcRwZjDvjrqI3qa6qzpSp7mqqutOZOQ0uyB4j6EFPPZ%2FMD9RF3Is3F8ksiC4Ik9scnIt%2FgrB6lM4ORh%2F0e%2B%2FzPq%2Fh896rTw7yC%2BIjp%2Bfrb%2Bs9qRRdbTfc%2BosfeN7Nel8m%2Bbg%2B7gYfBq2bdTN6uRc03Jfqbwo21Ku%2B67mu53r1DWlEpMerFQmZ3u95jZ7baPkNr93C2PwX29yBpQ746IKsQPJ57ZFzDZLNkMTfrQs7zHR64404VzTTBiN%2B8l4yTHSRIF6mkXEQJSeX3dD2bOMhdHK0kAs9%2BqcxlHPi%2FPQQYXJyKRLh6HChM1QQCUJ%2BFcVoBqFmkHQGpu9C8jMCMI5bW0ji41vaFHT3KUsrdk5qT%2F6ALOak9ts1JPG3a0qO63e0yjOpE4txVEKOZ5CDGdL8FNneFcjiFCz7GJL%2FSlaf9JHEh1tWaUheLmaXcgYZzaDEBNQ6yKtPOsgjB3nqIObndeZ5XsfljLrdHmNN3hFhwF2PdiKPem7QRc4qeRNk6QRMTcDMPlKzj6H89Ky9ApP%2FCLtTwnIHNpsT5519jHiJQhAUlqCgBIUkKDKCYlQecWV9Wx5zZfPQu4z%2BZWyWU50NDuiRzgYiIaBmAsPLg%2FSCPFOtyOluH2MozutNwWjX90TUakdctHrtXlu0u2Hgt9uMsqgJK0tIe2Ux9Z6ckxu%2FvIJUzsmK%2FydCegqrTsHks6C5B1qUoDsl9pIHKmfD3ZRmbEcY22A6Btcl0qyGbNc5UBfk%2BcWl%2BoNDCPaYXBqYKZGaEh%2FJRwQDdW96Wxfk8LYuLHmwlWYylnu0uuKdjGbif1%2B%2FJXYLbfjmup189RqriCq9%2F66wWZ8mXCYDS75Zk5wLs6ENE%2BSHTfu%2BCLdzu7OWmyRP%2B9uvb2zGqRHWSp3MQOXZ1l9gck6uvvD74nle%2F%2Fw5SDODyUvE%2BVKp1DOwdB82XdasJjBqicO0hiIvp8YPl0UlCZRYYhqWsP%2FC4TKfGlr9TWV5YO9hYGqg2V0kcYmRKTFSJaiawOb%2Fn2apefzqz19U9iVCVZuGytQOQ2XUZ3PSv04qd6VyztOdW3le7zSbLg16ba%2FToaITtvxuFHicUr8V%2BEFAm8jsPArY938DAAD%2F%2FwEAAP%2F%2FMPgdXYIEAAA%3D HTTP/1.1
Host: endlesslyalwaysbeset.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Cookie: u_pl=20467878; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec3eca821ef45fde49595e58b6255cacf3=[4991488,4991490,4991489]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:35:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9846d4478895bdd5449175ddd0b269dd
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| endlesslyalwaysbeset.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuakIBjiycscNYTZ7p6ZnhmDBGPcEByTNVH0JtVV1bPlVHc1Vd3TsyPIYkByEUbwoqfeb%2FYHagjm4s0gswHRBWHntocs%2BDcI8So9Lo4%2BqHrve98r%2BN579flOfkp85PTk%2Bjt6IpWia%2B2GW3%2FlQ8%2B7Uu%2FLJB%2FXx93go6B1pW5Gr%2FWChvtq%2FYZgQ73mu57req5XX5dGRHq8VpGQ6YOe1%2Bi5jZbf8NotjM3%2Fsc0dWOqAj07JBUi%2BqD1xLkKyOZL4h%2BvCDjOdXn4rzhXNtMGIH7yfDBNdJIhXYWQcRMnBWTW0PV5%2FDJ3sLeVCj%2F4tDOWCOL88RpgcnIlEONpd6gwVRIKQP49iNIdQc0g6B9P3IPkxARjHrdtI4v1b2hR06x%2BWVuyC1J79CVksSO3pRSTxw2tKjut3tcozqROLcVRCjueQgznS%2FBDZ5BxkcQiWfQbJfydrz%2FpI4t3bVmlIXi57l3IOGc2hxBTUOsirIx3kkYM8dRDzkzrzPK%2Fjckbdbo%2BxJu%2BIMOCuRzuRRz036CJnlbwpsnQKpqZgZhup2cZQfnncvgCT%2Fwy7WcJyBzZbEOfdbYx4iUIQFJagoASFJCgygmJU7nFlfVvuc2Xz0Dvz%2FplvljOdDXbons4GIiGgZgrDy530lLxYjcjpbuxjKE7qTcFo1%2FdE1GpHXLR67V5btLth4LfbjLKoCStLSHtu2fVELsjl315HKhfkgv8XQnoIqw7B5EuguQdalKCbJSbJI5Wz4VZKM7YpjG0wHYPrEmlWQ7bl7KhT8vJyU%2F1LDgQ7uppN%2Frjx8OInYKZEakp8LJ8QDNT92R1dkN07urDk0e00k7Gc0GqLdzOaifPfvS22Cm34zet2%2Bu0brCKq8MF7wmZ9mnCZDCz5%2FprkXJh1bZggP920H4hwI7eb13KT5Gl%2F4831m3FqhLVSJ3NQuSC1oy0wuSAvPP10%2BUEv5V9AmjlMXiLOj8iZQepDsHQbNl3lrCYwaoXD9DyKvJwZP1wllSRQYoVpWML%2BB4ereGZo9ZrKcsfex8DUQLN7SOISI1NipEpQNYXNn5tlqTm6%2BuvXlX2DUNVmoTK13VAZ9VU1ZlJd55YDX5D%2BYBdWntQ7zaZLg17b63So6IQtvxsFHqfUbwV%2BENAmMruIAvbj3wAAAP%2F%2FAQAA%2F%2F99onbYhAQAAA%3D%3D | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1endlesslyalwaysbeset.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuakIBjiycscNYTZ7p6ZnhmDBGPcEByTNVH0JtVV1bPlVHc1Vd3TsyPIYkByEUbwoqfeb%2FYHagjm4s0gswHRBWHntocs%2BDcI8So9Lo4%2BqHrve98r%2BN579flOfkp85PTk%2Bjt6IpWia%2B2GW3%2FlQ8%2B7Uu%2FLJB%2FXx93go6B1pW5Gr%2FWChvtq%2FYZgQ73mu57req5XX5dGRHq8VpGQ6YOe1%2Bi5jZbf8NotjM3%2Fsc0dWOqAj07JBUi%2BqD1xLkKyOZL4h%2BvCDjOdXn4rzhXNtMGIH7yfDBNdJIhXYWQcRMnBWTW0PV5%2FDJ3sLeVCj%2F4tDOWCOL88RpgcnIlEONpd6gwVRIKQP49iNIdQc0g6B9P3IPkxARjHrdtI4v1b2hR06x%2BWVuyC1J79CVksSO3pRSTxw2tKjut3tcozqROLcVRCjueQgznS%2FBDZ5BxkcQiWfQbJfydrz%2FpI4t3bVmlIXi57l3IOGc2hxBTUOsirIx3kkYM8dRDzkzrzPK%2Fjckbdbo%2BxJu%2BIMOCuRzuRRz036CJnlbwpsnQKpqZgZhup2cZQfnncvgCT%2Fwy7WcJyBzZbEOfdbYx4iUIQFJagoASFJCgygmJU7nFlfVvuc2Xz0Dvz%2FplvljOdDXbons4GIiGgZgrDy530lLxYjcjpbuxjKE7qTcFo1%2FdE1GpHXLR67V5btLth4LfbjLKoCStLSHtu2fVELsjl315HKhfkgv8XQnoIqw7B5EuguQdalKCbJSbJI5Wz4VZKM7YpjG0wHYPrEmlWQ7bl7KhT8vJyU%2F1LDgQ7uppN%2Frjx8OInYKZEakp8LJ8QDNT92R1dkN07urDk0e00k7Gc0GqLdzOaifPfvS22Cm34zet2%2Bu0brCKq8MF7wmZ9mnCZDCz5%2FprkXJh1bZggP920H4hwI7eb13KT5Gl%2F4831m3FqhLVSJ3NQuSC1oy0wuSAvPP10%2BUEv5V9AmjlMXiLOj8iZQepDsHQbNl3lrCYwaoXD9DyKvJwZP1wllSRQYoVpWML%2BB4ereGZo9ZrKcsfex8DUQLN7SOISI1NipEpQNYXNn5tlqTm6%2BuvXlX2DUNVmoTK13VAZ9VU1ZlJd55YDX5D%2BYBdWntQ7zaZLg17b63So6IQtvxsFHqfUbwV%2BENAmMruIAvbj3wAAAP%2F%2FAQAA%2F%2F99onbYhAQAAA%3D%3D IP172.240.108.68:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectendlesslyalwaysbeset.com Fingerprint24:CC:3C:25:47:D7:61:35:9D:1F:FF:A6:3E:BF:D2:E0:16:60:72:DB ValidityMon, 29 Apr 2024 08:49:02 GMT - Sun, 28 Jul 2024 08:49:01 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuakIBjiycscNYTZ7p6ZnhmDBGPcEByTNVH0JtVV1bPlVHc1Vd3TsyPIYkByEUbwoqfeb%2FYHagjm4s0gswHRBWHntocs%2BDcI8So9Lo4%2BqHrve98r%2BN579flOfkp85PTk%2Bjt6IpWia%2B2GW3%2FlQ8%2B7Uu%2FLJB%2FXx93go6B1pW5Gr%2FWChvtq%2FYZgQ73mu57req5XX5dGRHq8VpGQ6YOe1%2Bi5jZbf8NotjM3%2Fsc0dWOqAj07JBUi%2BqD1xLkKyOZL4h%2BvCDjOdXn4rzhXNtMGIH7yfDBNdJIhXYWQcRMnBWTW0PV5%2FDJ3sLeVCj%2F4tDOWCOL88RpgcnIlEONpd6gwVRIKQP49iNIdQc0g6B9P3IPkxARjHrdtI4v1b2hR06x%2BWVuyC1J79CVksSO3pRSTxw2tKjut3tcozqROLcVRCjueQgznS%2FBDZ5BxkcQiWfQbJfydrz%2FpI4t3bVmlIXi57l3IOGc2hxBTUOsirIx3kkYM8dRDzkzrzPK%2Fjckbdbo%2BxJu%2BIMOCuRzuRRz036CJnlbwpsnQKpqZgZhup2cZQfnncvgCT%2Fwy7WcJyBzZbEOfdbYx4iUIQFJagoASFJCgygmJU7nFlfVvuc2Xz0Dvz%2FplvljOdDXbons4GIiGgZgrDy530lLxYjcjpbuxjKE7qTcFo1%2FdE1GpHXLR67V5btLth4LfbjLKoCStLSHtu2fVELsjl315HKhfkgv8XQnoIqw7B5EuguQdalKCbJSbJI5Wz4VZKM7YpjG0wHYPrEmlWQ7bl7KhT8vJyU%2F1LDgQ7uppN%2Frjx8OInYKZEakp8LJ8QDNT92R1dkN07urDk0e00k7Gc0GqLdzOaifPfvS22Cm34zet2%2Bu0brCKq8MF7wmZ9mnCZDCz5%2FprkXJh1bZggP920H4hwI7eb13KT5Gl%2F4831m3FqhLVSJ3NQuSC1oy0wuSAvPP10%2BUEv5V9AmjlMXiLOj8iZQepDsHQbNl3lrCYwaoXD9DyKvJwZP1wllSRQYoVpWML%2BB4ereGZo9ZrKcsfex8DUQLN7SOISI1NipEpQNYXNn5tlqTm6%2BuvXlX2DUNVmoTK13VAZ9VU1ZlJd55YDX5D%2BYBdWntQ7zaZLg17b63So6IQtvxsFHqfUbwV%2BENAmMruIAvbj3wAAAP%2F%2FAQAA%2F%2F99onbYhAQAAA%3D%3D HTTP/1.1
Host: endlesslyalwaysbeset.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Cookie: u_pl=20467878; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec3eca821ef45fde49595e58b6255cacf3=[4991488,4991490,4991489]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:35:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c3cc52e519b050c81f60e8f383bd637
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| endlesslyalwaysbeset.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuu3m9OnyAY4snLHDWE2e6emZ4ZgwRj3BAckzVR9CbVVdWz5VR3NVXd07MjyGJAcpIRvOip95n9gRqCuXgzyGxAdEHYue0hC%2F4NQrxKj4ujL3S%2F71vPU%2FC8z1uf7eZnxEdOT6%2B%2FrSdSKbrebrj1lz%2FwvCv1vkzycX3cDT4MWlfqZvRqL2i4r9RvCDbU677rua7nevUNaUSkx%2BsVCJk%2B6HmNntto%2BQ2v3cLY%2FLe3uQNLHfDRGbkAyRe1J85FSDZHEn9%2FXdhhptPLb8a5opk2GPHD95JhoosE8aqMjIMoOTxnQ9uTjcfQyf5SLvToH2IoF8T5%2BTHC5PBcJMLR3lJnqCAShPw5FKM5hJpD0jmYvgfJTwjAOG7dRhIf3NKmoNt%2Fo7RCF6T27A%2FIYkFqTy8iiR9eU3Jcv6tVnkmdWIyjEnI8hxzMkeZHyCZrkMURWPYpJP%2BNrD%2FrI4n3blulIXm5nF3KOWQ0hxJTUOsgrz7pII8c5KmDmJ%2FWmed5HZcz6nZ7jDV5R4QBdz3aiTzquUEXOavkTZGlUzA1BTM7SM0OhvKLk%2FYFmPwn2K0Sljuw2YI47%2BxgxEsUgqCwBAUlKCRBkREUo3KfK%2Bvb8oArm4feefbPc7Oc6WywS%2Fd1NhAJATVTGF7upmfkhcoip7t5gKE4rTcFo13fE1GrHXHR6rV7bdHuhoHfbjPKoiasLCHt2nLqiVyQy7%2B%2BhlQuyAX%2FT4T0CFYdgckXQXMPtChBt0pMkkcqZ8PtlGZsSxjbYDoG1yXSrIZs29lVZ%2BSl5ab6l9Yg2PHVbPL7jYcXPwYzJVJT4iP5hGCg7s%2Fu6ILs3dGFJY9up5mM5YRWW7yb0Uz879u3xHahDb953U6%2FeZ1VQFU%2BeFfYrE8TLpOBJd9dk5wLs6ENE%2BTHm%2FZ9EW7mdutabpI87W%2B%2BsXEzTo2wVupkDioXpHa8DSYX5Pmnnywf6KX8c0gzh8lLxPkxOQ9IfQSW7sCmK%2F1WExi14oTpGoq8nBk%2FXB0qSaDEqqdhCfuvPlzVM0Or21SWu%2FY%2BBqYGmt1DEpcYmRIjVYKqKWz%2B%2F1mWmuOrv3xVxdcIVW0WKlPbC5VRX1Y2k6XX1c9ZkP5gD1ae1jvNpkuDXtvrdKjohC2%2FGwUep9RvBX4Q0CYyu4gC9sNfAAAA%2F%2F8BAAD%2F%2F8LZAUuEBAAA | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1endlesslyalwaysbeset.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuu3m9OnyAY4snLHDWE2e6emZ4ZgwRj3BAckzVR9CbVVdWz5VR3NVXd07MjyGJAcpIRvOip95n9gRqCuXgzyGxAdEHYue0hC%2F4NQrxKj4ujL3S%2F71vPU%2FC8z1uf7eZnxEdOT6%2B%2FrSdSKbrebrj1lz%2FwvCv1vkzycX3cDT4MWlfqZvRqL2i4r9RvCDbU677rua7nevUNaUSkx%2BsVCJk%2B6HmNntto%2BQ2v3cLY%2FLe3uQNLHfDRGbkAyRe1J85FSDZHEn9%2FXdhhptPLb8a5opk2GPHD95JhoosE8aqMjIMoOTxnQ9uTjcfQyf5SLvToH2IoF8T5%2BTHC5PBcJMLR3lJnqCAShPw5FKM5hJpD0jmYvgfJTwjAOG7dRhIf3NKmoNt%2Fo7RCF6T27A%2FIYkFqTy8iiR9eU3Jcv6tVnkmdWIyjEnI8hxzMkeZHyCZrkMURWPYpJP%2BNrD%2FrI4n3blulIXm5nF3KOWQ0hxJTUOsgrz7pII8c5KmDmJ%2FWmed5HZcz6nZ7jDV5R4QBdz3aiTzquUEXOavkTZGlUzA1BTM7SM0OhvKLk%2FYFmPwn2K0Sljuw2YI47%2BxgxEsUgqCwBAUlKCRBkREUo3KfK%2Bvb8oArm4feefbPc7Oc6WywS%2Fd1NhAJATVTGF7upmfkhcoip7t5gKE4rTcFo13fE1GrHXHR6rV7bdHuhoHfbjPKoiasLCHt2nLqiVyQy7%2B%2BhlQuyAX%2FT4T0CFYdgckXQXMPtChBt0pMkkcqZ8PtlGZsSxjbYDoG1yXSrIZs29lVZ%2BSl5ab6l9Yg2PHVbPL7jYcXPwYzJVJT4iP5hGCg7s%2Fu6ILs3dGFJY9up5mM5YRWW7yb0Uz879u3xHahDb953U6%2FeZ1VQFU%2BeFfYrE8TLpOBJd9dk5wLs6ENE%2BTHm%2FZ9EW7mdutabpI87W%2B%2BsXEzTo2wVupkDioXpHa8DSYX5Pmnnywf6KX8c0gzh8lLxPkxOQ9IfQSW7sCmK%2F1WExi14oTpGoq8nBk%2FXB0qSaDEqqdhCfuvPlzVM0Or21SWu%2FY%2BBqYGmt1DEpcYmRIjVYKqKWz%2B%2F1mWmuOrv3xVxdcIVW0WKlPbC5VRX1Y2k6XX1c9ZkP5gD1ae1jvNpkuDXtvrdKjohC2%2FGwUep9RvBX4Q0CYyu4gC9sNfAAAA%2F%2F8BAAD%2F%2F8LZAUuEBAAA IP172.240.108.68:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectendlesslyalwaysbeset.com Fingerprint24:CC:3C:25:47:D7:61:35:9D:1F:FF:A6:3E:BF:D2:E0:16:60:72:DB ValidityMon, 29 Apr 2024 08:49:02 GMT - Sun, 28 Jul 2024 08:49:01 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuu3m9OnyAY4snLHDWE2e6emZ4ZgwRj3BAckzVR9CbVVdWz5VR3NVXd07MjyGJAcpIRvOip95n9gRqCuXgzyGxAdEHYue0hC%2F4NQrxKj4ujL3S%2F71vPU%2FC8z1uf7eZnxEdOT6%2B%2FrSdSKbrebrj1lz%2FwvCv1vkzycX3cDT4MWlfqZvRqL2i4r9RvCDbU677rua7nevUNaUSkx%2BsVCJk%2B6HmNntto%2BQ2v3cLY%2FLe3uQNLHfDRGbkAyRe1J85FSDZHEn9%2FXdhhptPLb8a5opk2GPHD95JhoosE8aqMjIMoOTxnQ9uTjcfQyf5SLvToH2IoF8T5%2BTHC5PBcJMLR3lJnqCAShPw5FKM5hJpD0jmYvgfJTwjAOG7dRhIf3NKmoNt%2Fo7RCF6T27A%2FIYkFqTy8iiR9eU3Jcv6tVnkmdWIyjEnI8hxzMkeZHyCZrkMURWPYpJP%2BNrD%2FrI4n3blulIXm5nF3KOWQ0hxJTUOsgrz7pII8c5KmDmJ%2FWmed5HZcz6nZ7jDV5R4QBdz3aiTzquUEXOavkTZGlUzA1BTM7SM0OhvKLk%2FYFmPwn2K0Sljuw2YI47%2BxgxEsUgqCwBAUlKCRBkREUo3KfK%2Bvb8oArm4feefbPc7Oc6WywS%2Fd1NhAJATVTGF7upmfkhcoip7t5gKE4rTcFo13fE1GrHXHR6rV7bdHuhoHfbjPKoiasLCHt2nLqiVyQy7%2B%2BhlQuyAX%2FT4T0CFYdgckXQXMPtChBt0pMkkcqZ8PtlGZsSxjbYDoG1yXSrIZs29lVZ%2BSl5ab6l9Yg2PHVbPL7jYcXPwYzJVJT4iP5hGCg7s%2Fu6ILs3dGFJY9up5mM5YRWW7yb0Uz879u3xHahDb953U6%2FeZ1VQFU%2BeFfYrE8TLpOBJd9dk5wLs6ENE%2BTHm%2FZ9EW7mdutabpI87W%2B%2BsXEzTo2wVupkDioXpHa8DSYX5Pmnnywf6KX8c0gzh8lLxPkxOQ9IfQSW7sCmK%2F1WExi14oTpGoq8nBk%2FXB0qSaDEqqdhCfuvPlzVM0Or21SWu%2FY%2BBqYGmt1DEpcYmRIjVYKqKWz%2B%2F1mWmuOrv3xVxdcIVW0WKlPbC5VRX1Y2k6XX1c9ZkP5gD1ae1jvNpkuDXtvrdKjohC2%2FGwUep9RvBX4Q0CYyu4gC9sNfAAAA%2F%2F8BAAD%2F%2F8LZAUuEBAAA HTTP/1.1
Host: endlesslyalwaysbeset.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Cookie: u_pl=20467878; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec3eca821ef45fde49595e58b6255cacf3=[4991488,4991490,4991489]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:35:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37d864ca85673e4d3d900610ad4af54c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=7bc06b6c-cceb-4d09-8173-1a10111b4eda&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=221b2bcc6c886d033875a6dca9060c2a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=7bc06b6c-cceb-4d09-8173-1a10111b4eda&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=221b2bcc6c886d033875a6dca9060c2a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=7bc06b6c-cceb-4d09-8173-1a10111b4eda&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=221b2bcc6c886d033875a6dca9060c2a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 16:35:03 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7855d4516f328d3cd242ab679ab6cfeb
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.luckypatchers.com/wp-content/uploads/2018/01/Lucky-Patcher-icon.png | 172.67.74.56 | 200 OK | 7.0 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/uploads/2018/01/Lucky-Patcher-icon.png IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hashfe4836807ecb6ef5e1bd188f45238e90 71cb69899a73829a74768a8254bc8f838f75f99f 5a251eebaef66b3451718700b5e3ee02388990a4f839e69da93f26e020d2d6b4
GET /wp-content/uploads/2018/01/Lucky-Patcher-icon.png HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Cookie: pll_language=en; dom3ic8zudi28v8lr6fgphwffqoz0j6c=7bc06b6c-cceb-4d09-8173-1a10111b4eda%3A2%3A1; _ga_FBV84JFNZ5=GS1.1.1714840502.1.0.1714840502.0.0.0; _ga=GA1.1.1178061727.1714840503; m5a4xojbcp2nx3gptmm633qal3gzmadn=endlesslyalwaysbeset.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:03 GMT
content-type: image/png
content-length: 7030
cache-control: max-age=31536000, s-maxage=10
cf-bgj: imgq:85,h2pri
cf-polished: origSize=8612
etag: "21a4-595d1e4083580"
expires: Fri, 02 May 2025 12:13:03 GMT
last-modified: Sat, 26 Oct 2019 15:26:30 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
age: 188122
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMTg7nEeCS1sB%2BzkPFhhUG8F3gTDC4AxHXvj15TivGCOXqMdLwmmpbqPNWOK%2BVmAxV%2Fmytka2rebFq%2F3aP2%2FUDl8SYbo8JV9eXrLQyfuWiMMEMqMXpjtCs8kIfZIxkuEJypThYFCaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87e9e6dc0d465689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.luckypatchers.com/wp-content/uploads/2018/01/Lucky-Patcher-icon.png | 172.67.74.56 | 200 OK | 7.0 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/uploads/2018/01/Lucky-Patcher-icon.png IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hashfe4836807ecb6ef5e1bd188f45238e90 71cb69899a73829a74768a8254bc8f838f75f99f 5a251eebaef66b3451718700b5e3ee02388990a4f839e69da93f26e020d2d6b4
GET /wp-content/uploads/2018/01/Lucky-Patcher-icon.png HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Cookie: pll_language=en; dom3ic8zudi28v8lr6fgphwffqoz0j6c=7bc06b6c-cceb-4d09-8173-1a10111b4eda%3A2%3A1; _ga_FBV84JFNZ5=GS1.1.1714840502.1.0.1714840502.0.0.0; _ga=GA1.1.1178061727.1714840503; m5a4xojbcp2nx3gptmm633qal3gzmadn=endlesslyalwaysbeset.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:03 GMT
content-type: image/png
content-length: 7030
cache-control: max-age=31536000, s-maxage=10
cf-bgj: imgq:85,h2pri
cf-polished: origSize=8612
etag: "21a4-595d1e4083580"
expires: Fri, 02 May 2025 12:13:03 GMT
last-modified: Sat, 26 Oct 2019 15:26:30 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
age: 188122
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T66Qv%2BI1LZfzoL23TmtYDVB4kjxDNzJeznKw8nFzmZ%2FQATlgE24xrIQVIATGzg3hDVf3AQS%2FU4o6VCq64n4EGC3Ld%2FqLZqCnPrFvxAjbhSAdAAJKkeMWqvFT9MYIKCOUD6%2BWZmaYJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87e9e6dc0d435689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.luckypatchers.com/wp-content/cache/minify/618c8.js | 172.67.74.56 | 200 OK | 317 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/cache/minify/618c8.js IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size317 kB (317330 bytes) Hash149df67de920263ad6be63ff35a8f677 d65b7958b48aed5305b1601ed840a5bae4c75609 5d1e61dad3f04706d666b87e8319e4cf173bbaaa7f288b94dc319e1bf76cb1a7
GET /wp-content/cache/minify/618c8.js HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:01 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=317336
etag: W/"4d798-6176361e07a6d"
expires: Thu, 01 May 2025 13:22:53 GMT
last-modified: Wed, 01 May 2024 12:11:11 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
cf-cache-status: HIT
age: 267737
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2B3uzbfsqAo53LK8rXO0RXfdj0KyqUTDsjHZKTwg7o1nL75i3UzUsXZIdmTG5E1JQMkvp5dodpY3KH%2FYGtwKhmZ8Grpgu2HDag37ZDNNZ6wVfnrV6%2FzR40NjfmFfXh19ycnG871Ojg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 87e9e6cc6d235689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png | 45.133.44.10 | 200 OK | 120 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced Size120 kB (119965 bytes) Hashc5a83c3079df6439410f74f3e8de6930 66dab231922cc92db7c41f49d7bdb7da1dfde08a ee0745b5678c7e4277047ba8f87d53ee77e60a4985dace65c73b970521dbf1f8
GET /si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:35:03 GMT
content-type: image/png
content-length: 119965
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:15 GMT
etag: "65f95767-1d49d"
expires: Mon, 06 May 2024 16:35:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.luckypatchers.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js | 172.67.74.56 | 200 OK | 6.3 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typeJavaScript source, ASCII text, with very long lines (6422), with no line terminators Hashb786f6ea74a911b1a83c82643c944002 e3b1975042f679614ca0f02a98880cc75bea50c3 3d4a62276371cfd643fb195c9b4c2948b650319a26ef436c947fbb2aac4cc861
GET /wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:01 GMT
content-type: application/x-javascript
referrer-policy: no-referrer-when-downgrade
x-original-content-length: 6275
vary: Accept-Encoding
etag: W/"PSA-aj-a09HTdfpzb"
expires: Wed, 30 Apr 2025 19:21:08 GMT
cache-control: max-age=31535246
x-content-type-options: nosniff
cf-cache-status: HIT
age: 329220
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3UKzauXmQ3U%2F0wUj0rKXMxB6WG6EtcaY4kaJlPn%2FMB0RLjGkt3SEFdCvoS4WfGVgmyJuUTZzxGHjT%2FdUIKn6QXfYXAWxubeWT1oquchKy%2BVPcwwt%2BrkxwYOfjNZvUkTEadoPBmzCoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 87e9e6cc1c955689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.luckypatchers.com/wp-content/cache/minify/1f540.js | 172.67.74.56 | 200 OK | 12 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/cache/minify/1f540.js IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typeJavaScript source, ASCII text, with very long lines (11513), with no line terminators Hashefc27e253fae1b7b891fb5a40e687768 ad12044651ffac0badcd0e42f32edef91678b1ff 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
GET /wp-content/cache/minify/1f540.js HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:01 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"2cf9-617393ddf094d"
expires: Wed, 30 Apr 2025 19:28:15 GMT
last-modified: Mon, 29 Apr 2024 09:54:38 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
cf-cache-status: HIT
age: 329220
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JEngD7vpgNEjNR1ym7pnlM%2BtyhDa5lsYrEKNvkUkBcSqxqTsHGDz9JHBrds2oZKtVgzTBF5nSyMhIAo4GNCWbOD6%2BGYjWX6naVGc3PJ7QdQUKjRG5dEF6peT8233iVNEOvD99Fn2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 87e9e6cc6d1c5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.luckypatchers.com/wp-content/cache/minify/1615d.js | 172.67.74.56 | 200 OK | 6.3 kB |
URL GET HTTP/3www.luckypatchers.com/wp-content/cache/minify/1615d.js IP172.67.74.56:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectluckypatchers.com Fingerprint45:61:6F:14:33:2F:55:81:DB:4F:62:B4:45:5C:C5:9D:99:4C:95:99 ValidityFri, 03 May 2024 23:56:54 GMT - Thu, 01 Aug 2024 23:56:53 GMT
File typeJavaScript source, ASCII text, with very long lines (6422), with no line terminators Hashb786f6ea74a911b1a83c82643c944002 e3b1975042f679614ca0f02a98880cc75bea50c3 3d4a62276371cfd643fb195c9b4c2948b650319a26ef436c947fbb2aac4cc861
GET /wp-content/cache/minify/1615d.js HTTP/1.1
Host: www.luckypatchers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.luckypatchers.com/lucky-patcher-all-versions/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 16:35:01 GMT
content-type: application/x-javascript
cache-control: max-age=31535676
cf-bgj: minify
etag: W/"PSA-aj-a09HTdfpzb"
expires: Wed, 30 Apr 2025 19:28:17 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-original-content-length: 6275
cf-cache-status: HIT
age: 329219
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JeTqZHNenKcoh4pgWGYun4ypj1GQKhrDYNAl8br4grRCMjG0SPZiAnl9kKxSNq8fcFWkMGGSmE1xbAXYoWO0u55wJwk7X64q%2BsJ2zVDlnMLAgRodny0a6AZXHI30%2BtvdmwTGWBpHnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 87e9e6cc7d3b5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-FBV84JFNZ5&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 257 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-FBV84JFNZ5&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size257 kB (256689 bytes) Hash7e512714000706cb1b9aa1d5715766e5 ea180f0b5ba012d897e11ad2775231dece04eb23 91de1acb83083547b2f34d1f63e45f867768a0401b0d59f11e3d4796e0a33bcc
GET /gtag/js?id=G-FBV84JFNZ5&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 16:35:02 GMT
expires: Sat, 04 May 2024 16:35:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| vaikijie.net/5/6325697/?oo=1&aab=1 | 139.45.197.244 | 200 OK | 2.9 kB |
URL GET HTTP/2vaikijie.net/5/6325697/?oo=1&aab=1 IP139.45.197.244:443
Requested byhttps://www.luckypatchers.com/lucky-patcher-all-versions/ CertificateIssuerLet's Encrypt Subjectvaikijie.net Fingerprint16:35:56:02:7F:8B:C6:9F:4C:11:EE:FE:F5:DB:3C:FA:36:AB:F8:B7 ValidityTue, 30 Apr 2024 05:29:33 GMT - Mon, 29 Jul 2024 05:29:32 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3098), with no line terminators Hashd4b4638658b42379f640965cc4f824f0 044536cda595d8bc2013a67d3e204be47da89e05 3aafc30f9f4a34e5f033a0e386f775172f4b0c14a4fe05f71819271b47e4fc26
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/6325697/?oo=1&aab=1 HTTP/1.1
Host: vaikijie.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.luckypatchers.com
DNT: 1
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 16:35:02 GMT
content-type: application/json
x-trace-id: fc277e6f84ced3cccf521da947eaef26
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.luckypatchers.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00805250b44947edebc15e96463fa176; expires=Sun, 04 May 2025 16:35:02 GMT; path=/; secure; SameSite=None
oaidts=1714840502; expires=Sun, 04 May 2025 16:35:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|