Overview

URL luckypatchers.com/
IP172.67.74.56
ASNCLOUDFLARENET
Location United States
Report completed2022-09-29 08:13:38 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-29 2 upgulpinon.com/27/b7bd02994a2771796f8a835cfb750d4b Malware
2022-09-29 2 upgulpinon.com/1?z=5349250 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-29 2 unphionetor.com Sinkholed
2022-09-29 2 unphionetor.com Sinkholed
2022-09-29 2 unphionetor.com Sinkholed


Files

No files detected



Passive DNS (17)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.luckypatchers.com (1) 0 2016-05-18 08:08:52 UTC 2022-09-11 11:12:12 UTC 172.67.74.56 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS upgulpinon.com (6) 83187 2020-06-05 12:59:18 UTC 2022-09-29 00:50:23 UTC 139.45.197.242
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-29 04:10:37 UTC 34.120.237.76
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-29 05:03:41 UTC 143.204.55.110
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 54.69.181.45
mnemonic passive DNS interstitial-07.com (3) 36198 2017-03-09 00:00:07 UTC 2022-09-29 01:42:56 UTC 139.45.197.153
mnemonic passive DNS luckypatchers.com (2) 0 2016-04-22 01:10:01 UTC 2022-09-29 00:10:25 UTC 104.26.6.23 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:36:09 UTC 23.36.76.226
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-09-29 04:56:10 UTC 142.250.74.3
mnemonic passive DNS luckypatchers.com (2) 0 2016-04-22 01:10:01 UTC 2022-09-29 00:10:25 UTC 172.67.74.56 Unknown ranking
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-28 04:42:17 UTC 142.250.74.72
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-29 03:20:00 UTC 142.250.74.174
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-09-29 04:57:31 UTC 139.45.195.8
mnemonic passive DNS unphionetor.com (3) 54035 2022-02-11 12:53:49 UTC 2022-09-29 01:42:45 UTC 139.45.197.236
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-29 05:05:36 UTC 143.204.55.36
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-29 04:12:37 UTC 93.184.220.29


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 172.67.74.56

Date UQ / IDS / BL URL IP
2022-09-29 08:13:38 +0000
0 - 0 - 5 luckypatchers.com/ 172.67.74.56

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-04 22:47:35 +0000
0 - 0 - 1 hungrygrizzly.com/ 188.114.96.1
2022-12-04 22:46:19 +0000
0 - 0 - 73 www.skidrowcodex.net/tag/the-callisto-protoco (...) 104.21.24.71
2022-12-04 22:45:45 +0000
0 - 0 - 1 reversestatutory.top/ 172.67.216.185
2022-12-04 22:44:56 +0000
0 - 0 - 44 lojarenner.shop/ 188.114.97.1
2022-12-04 22:44:53 +0000
0 - 0 - 2 realize.solucoesfin.info/login.php 104.21.87.251

Last 3 reports on domain: luckypatchers.com

Date UQ / IDS / BL URL IP
2022-11-24 20:53:00 +0000
0 - 0 - 3 www.luckypatchers.com/lucky-patcher-all-versions/ 104.26.6.23
2022-11-06 08:38:36 +0000
0 - 0 - 5 luckypatchers.com/ 104.26.6.23
2022-09-29 08:13:38 +0000
0 - 0 - 5 luckypatchers.com/ 172.67.74.56

Last 4 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-15 23:41:33 +0000
0 - 0 - 33 gsurl.in/lN1S 172.67.173.77
2022-10-16 15:46:32 +0000
0 - 0 - 25 xcigamesdd.com/super-mario-odyssey-v327/ 107.6.168.100
2022-10-16 02:51:54 +0000
0 - 0 - 12 www.gamesloft.in/2020/05/gta-liberty-city-sto (...) 142.250.74.179
2022-10-25 12:37:58 +0000
0 - 0 - 32 xcigamesdd.com/mario-rabbids-sparks-of-hope/ 107.6.168.100


JavaScript

Executed Scripts (24)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (41)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: luckypatchers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.26.6.23
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 29 Sep 2022 08:13:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 29 Sep 2022 09:13:26 GMT
Location: https://luckypatchers.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZfnoEuw0hW6KPYm3sk3205HwO9G5pWx9eZuvkCW5TINgey%2B5pxERIfPUg22RlWsREeQ0JKa9qQtbr6YDWdFPV8InLl7wg%2FzMELKs21iqEtTXBTDUi3fNBWyCshqAxblgSKn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 75234271b838b517-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 07:15:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gy-SiBx4aw8mOeqAeGCH6mGtdQSd7rJKWwy5u93fbefHUxfPvlyInw==
Age: 3454


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15562
Expires: Thu, 29 Sep 2022 12:32:48 GMT
Date: Thu, 29 Sep 2022 08:13:26 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 18T1XnDH4kqPGQpupxBGBFEp8yoNhPeIVdh6D-C3HYIkRP5JskzDwA==
age: 9899
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:27 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:13:27 GMT
Server: ECS (amb/6BC7)
Content-Length: 278

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 07:29:33 GMT
Expires: Thu, 29 Sep 2022 07:40:10 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4pVDm1pX7zLWG2QYlUuBFBJfsNJj5XjBnQ7cp63qHm4pctXDGpj7ww==
Age: 2634


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6289
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:13:27 GMT
Last-Modified: Thu, 29 Sep 2022 06:28:38 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:13:27 GMT
Last-Modified: Thu, 29 Sep 2022 08:13:27 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D3uBIPadzu/FEVk7anWjTg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.69.181.45
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e7CefunUGzZ76L/BG5QrdvEfouk=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   8282
Md5:    51a121a4b36cdf1edca8ae50ba65b85e
Sha1:   dd01c1a4b5f58d5e28898919cd926fa7f031856b
Sha256: 0e686d773694b30e555b31caeb72e68ea1a697275ef2d6855c81c1fd694dd4a9
                                        
                                            GET / HTTP/1.1 
Host: luckypatchers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.74.56
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Thu, 29 Sep 2022 08:13:27 GMT
location: https://www.luckypatchers.com/
x-redirect-by: WordPress
vary: Accept-Encoding,User-Agent
cache-control: s-maxage=10
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFCeUKPJ9fVdFDCCxouURftuihyv1fHvXp%2BWnn1EAtRei328%2F5K1gfPziBVmLZdnEFT0DmKGYTYQ938%2B2zyqvOSDBu9mAVneeADG3KK6FXlnMIERE%2BBwKLW60LEs0sVmhKHs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75234274a997b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1275
Md5:    c103c0a390d86941c37da187d6fb53ee
Sha1:   84ab1b5ac5c32146e481c7166e41623700e797ac
Sha256: 5afc909cb52ced2bcffa2880b6bfade48d9337f5ff1838b41a6b431efe8e149f
                                        
                                            GET /gtag/js?id=UA-74724554-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 08:13:28 GMT
expires: Thu, 29 Sep 2022 08:13:28 GMT
cache-control: private, max-age=900
last-modified: Thu, 29 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42392
Md5:    11f8c15ce2bbd3de41e54336d80822b2
Sha1:   6f4ccc5e1e5a3323c8a5545285c784424c7c8bce
Sha256: ed6f918d226648b0074ce508eaecf3f8b57e046075dabcd8fd3296005d6f53d7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2514
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 08:13:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2514
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 08:13:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2514
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 08:13:29 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9654
x-amzn-requestid: 7961f184-9476-43de-bf35-8ccb50ee1760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsHA6oAMFvRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-05f567f7606462ac44f89987;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XaB4TwXv4xy0Sy3dncNYZWEPEnHY5BkEHR7fZDK59APYkzH9DPdT7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 13969
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9654
Md5:    36ae9444071dd70dcf86802c370ffda9
Sha1:   44cc19b21912d07f82a88af5b2fa6d3e370459bf
Sha256: 99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dyDhatfeYzzSQpRY7JpOIu3VhjlI8IOWcKCLCBWYaxJ1CYgCxqdQjA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:42 GMT
age: 37427
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14073
Md5:    11594ce7500d8776bfd5162b17f87d72
Sha1:   72603efba82d649ce5a7a0ca45dc830c0d9ef012
Sha256: 511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:58 GMT
age: 36511
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10023
Md5:    f4505f57697072468da82e0b536d0d5b
Sha1:   e1067a2dfbc22e7eb196046d57bd1e17604dba75
Sha256: b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3332
x-amzn-requestid: fb6cb616-5b4d-4aaf-a891-50b4de8b6f95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJ_6AGNYIAMFSHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333e03f-377fe02d1cc7ad2b3a15ca1a;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 05:48:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nJJZxZlapt4k5988yU-V94pBBH2SmfSZ0Zb_oJXA07mppg0lF04wLg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 17:18:10 GMT
age: 53719
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3332
Md5:    6ac86079d2901fb11bfaff81d91bb2d2
Sha1:   4fc0699c763f67a2602b4b3f46b8b4013d2049c6
Sha256: 8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LwYd0qn4P-zh1W4GvU8vNEo3_TZHEqtErAj3UKx7a82LIDaBsiXE-w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:04:20 GMT
age: 47349
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7859
Md5:    c62a6368c456e9614ca4c8e360a2ef12
Sha1:   35ec6e80d324bb215796c590a7ffafbaea55d88e
Sha256: 90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe91221c7-ce03-4ea5-9826-7a53eaafc5e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9002
x-amzn-requestid: 0623931b-a4d6-49de-ba32-d071c08eddbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKoiGKRIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be36-1573e2e91c85617424db019f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mmSMfKcxGrh9meSHTynf1wRZLrzc4wejFbKSO6qaJ3hn8h4-QwAAcQ==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 37383
etag: "d76293673a7aa2861b069ced614cdcdb84fed6d3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9002
Md5:    c80d7ce8a9d3fba54855e05731db759c
Sha1:   d76293673a7aa2861b069ced614cdcdb84fed6d3
Sha256: eabd1bfef29cad4045d688a909b9a8c88818d80bb432ce642d055583cf66d77d
                                        
                                            GET /42/38?z=5349250 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Cookie: scm=1; OAID=fe80414ff5844ea388c0bd63fb935592; oaidts=1664439208
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:29 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: b94ad9f2e3f097529a8158eaf9b9f618
access-control-expose-headers: X-Sc
set-cookie: OAID=fe80414ff5844ea388c0bd63fb935592; expires=Fri, 29 Sep 2023 08:13:29 GMT; secure; SameSite=None oaidts=1664439208; expires=Fri, 29 Sep 2023 08:13:29 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   49516
Md5:    a521d6588a4415345a117fc7ebb20a12
Sha1:   8ed5a4507847f90aaa7d77d654657c03b8c11459
Sha256: b1c3e059ed3137705770f566f1d71fdb67a61375dafb31629751a320fc308b78
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 06:41:09 GMT
expires: Thu, 29 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 5541
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Cookie: scm=1; OAID=fe80414ff5844ea388c0bd63fb935592; oaidts=1664439208
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:29 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   131716
Md5:    4b6f855f86099fea823128d310c1fd02
Sha1:   ed74b64654c802bbab668f8f32b7987014186ed9
Sha256: 27afe7793b69f0bca6ae55416e30a4e99a7d5deab0444f7f74dfe27cb7d211a9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /gid.js HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.luckypatchers.com
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:30 GMT
content-length: 65
access-control-allow-origin: https://www.luckypatchers.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dca7519c2c424997a95c27613e6c0e77; expires=Fri, 29 Sep 2023 08:13:30 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    724eb3353839c6f889699278df69c55c
Sha1:   007c14cfd43e4f63342be909049734b5ad3bfefb
Sha256: 16b228daf44d8780aed1103e26a9745a776006b11203240daddccff4ccc4bcec
                                        
                                            OPTIONS /9?z=5349250&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.luckypatchers.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=dca7519c2c424997a95c27613e6c0e77 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.luckypatchers.com/
Origin: https://www.luckypatchers.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.luckypatchers.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /9?z=5349250&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.luckypatchers.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=dca7519c2c424997a95c27613e6c0e77 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 100
Origin: https://www.luckypatchers.com
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Cookie: scm=1; OAID=fe80414ff5844ea388c0bd63fb935592; oaidts=1664439208
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.luckypatchers.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 37fdc3284469fb2a7248171737084389
access-control-expose-headers: X-Sc
set-cookie: OAID=dca7519c2c424997a95c27613e6c0e77; expires=Fri, 29 Sep 2023 08:13:30 GMT; secure; SameSite=None oaidts=1664439208; expires=Fri, 29 Sep 2023 08:13:30 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6831), with no line terminators
Size:   2866
Md5:    ab8b4859654d6ae08f951b9100d7512e
Sha1:   ef76ddcbb7edde687af2a0bd99116a80830bb4b8
Sha256: 6bb41b4be90325d461953f17ac44c2c7c7137985bf21ab2bc52ad715bdb18fba
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6E308B5EE7449BBC2928C9BD352B1EE6D2B1A5C4D948330A4AF0765692618E1F"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17046
Expires: Thu, 29 Sep 2022 12:57:36 GMT
Date: Thu, 29 Sep 2022 08:13:30 GMT
Connection: keep-alive

                                        
                                            GET /contents/s/d6/8b/74/1399c81d3d40323a9283c84de7/01611244700873.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=ESInDNHsgDSQ0sO&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1456138997%26z%3D5349250%26b%3D15013339%26c%3D6137250%26var%3D%26d%3Dhttps%253A%252F%252Fengingrepare.com%252Fb68fbfec-7b24-433b-9c67-97b9b84e7421%253Fzoneid%253D%257Bzoneid%257D%2526bannerid%253D%257Bbannerid%257D%2526browser%253D%257Bbrowser%257D%2526os%253D%257Bos%257D%2526device%253D%257Bdevice%257D%2526region%253D%257Bregion%257D%2526isp%253D%257Bisp%257D%2526useragent%253D%257Buseragent%257D%2526language%253D%257Blanguage%257D%2526connectiontype%253D%257Bconnection.type%257D%2526cost%253D%257Bcost%257D%2526visitor_id%253D%2524%257BSUBID%257D%2526country%253D%257Bcountry%257D%2526zone_type%253D%257Bzone_type%257D%2526browserversion%253D%257Bbrowserversion%257D%2526carrier%253D%257Bcarrier%257D%2526campaignid%253D%257Bcampaignid%257D%2526osversion%253D%257Bosversion%257D%2526countryname%253D%257Bcountryname%257D%26cln%3D1%26btp%3D7%26rb%3DIUQWKolGnxwmw-B4OxPETEdY64_kXV8LWWPEYwNQfSr5dXyN_QEo185fB7nea5HDcRYyvwt6YN6u7mu7htOE9at2oY5Nos4qrdDm1oiJ91x_vrfg9Au33zCSe1Ui9ZB7c-A3D2OxfWJgNXzEsGnVjmhqcsG3fi5JbukuoCacf8oIS4owJfQf_2Gqo4zwY1xueoDjJ8kZ6NfQDD2rro1RRXNM1Z7J9mDy5qOVru-e1WMht4mDpqpi4a1hF8FAPHAqbToAXmXjv6YcWdEtU_l3xme_cz0qViN_31AxwggC8u7FyjQQlvMp_bgaWDyBlUXcib9CMY0YM-3R-dn-t0ksPD4kADwwWd-BxzxB2_7AwttgW5xrGunv1K0qh6Ew-dIhs9UQrfPyWOXefKjvytyfKOxAM0ffrpjCP-RXbhsefulPDJx_f1NGH8CeD1Rn4vWaPlrgF266J-2AYt20XneQln_uuFCpwpxKxtiv00SGYOjaCSaAHCf0X8T8xJHy6wicXCQmcZ87KaU1L8r08adVAa3gMMUrraoiMeSNkzdpYfvGEsGlwO8sib4F4sqn8YYkTj85qmkWJV677hy8Dse7W6mXXZrM721JFOHPaQ1qohbMweIwgb-gWE0T_jacFo0Uiqni9yuJy7hhv5fy6Bb0nfnjyusdXEyfPHOUNKeBOB21o_K2wd9JeWNJZA4CK2GtGF7C-iHndGmWEVDI%26bag%3DM7m7ERTROhSyq5tu8nv1AkD64CsaY0bp%26ruid%3D861abc95-de06-4f27-a0fb-6d0c480e6992%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.luckypatchers.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.153
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:30 GMT
content-length: 31939
last-modified: Wed, 28 Sep 2022 19:39:16 GMT
etag: "6334a2e4-7cc3"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   31939
Md5:    d68b741399c81d3d40323a9283c84de7
Sha1:   5a9fed7a055d2cea7b377d097d8a1a4467b84b6c
Sha256: eafbd070e242221ff6a9f212d233c299858f92a8b9f2718bad4c99986c5f8b64
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C380CB3C3DE69CACE9CCA15D27745FAA180CC89BB5AD521F46070402F6FFD386"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11982
Expires: Thu, 29 Sep 2022 11:33:12 GMT
Date: Thu, 29 Sep 2022 08:13:30 GMT
Connection: keep-alive

                                        
                                            GET /contents/s/2d/40/af/8e20ab58355a466d1640c54da4/01291161879152.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=ESInDNHsgDSQ0sO&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1456138997%26z%3D5349250%26b%3D15013339%26c%3D6137250%26var%3D%26d%3Dhttps%253A%252F%252Fengingrepare.com%252Fb68fbfec-7b24-433b-9c67-97b9b84e7421%253Fzoneid%253D%257Bzoneid%257D%2526bannerid%253D%257Bbannerid%257D%2526browser%253D%257Bbrowser%257D%2526os%253D%257Bos%257D%2526device%253D%257Bdevice%257D%2526region%253D%257Bregion%257D%2526isp%253D%257Bisp%257D%2526useragent%253D%257Buseragent%257D%2526language%253D%257Blanguage%257D%2526connectiontype%253D%257Bconnection.type%257D%2526cost%253D%257Bcost%257D%2526visitor_id%253D%2524%257BSUBID%257D%2526country%253D%257Bcountry%257D%2526zone_type%253D%257Bzone_type%257D%2526browserversion%253D%257Bbrowserversion%257D%2526carrier%253D%257Bcarrier%257D%2526campaignid%253D%257Bcampaignid%257D%2526osversion%253D%257Bosversion%257D%2526countryname%253D%257Bcountryname%257D%26cln%3D1%26btp%3D7%26rb%3DIUQWKolGnxwmw-B4OxPETEdY64_kXV8LWWPEYwNQfSr5dXyN_QEo185fB7nea5HDcRYyvwt6YN6u7mu7htOE9at2oY5Nos4qrdDm1oiJ91x_vrfg9Au33zCSe1Ui9ZB7c-A3D2OxfWJgNXzEsGnVjmhqcsG3fi5JbukuoCacf8oIS4owJfQf_2Gqo4zwY1xueoDjJ8kZ6NfQDD2rro1RRXNM1Z7J9mDy5qOVru-e1WMht4mDpqpi4a1hF8FAPHAqbToAXmXjv6YcWdEtU_l3xme_cz0qViN_31AxwggC8u7FyjQQlvMp_bgaWDyBlUXcib9CMY0YM-3R-dn-t0ksPD4kADwwWd-BxzxB2_7AwttgW5xrGunv1K0qh6Ew-dIhs9UQrfPyWOXefKjvytyfKOxAM0ffrpjCP-RXbhsefulPDJx_f1NGH8CeD1Rn4vWaPlrgF266J-2AYt20XneQln_uuFCpwpxKxtiv00SGYOjaCSaAHCf0X8T8xJHy6wicXCQmcZ87KaU1L8r08adVAa3gMMUrraoiMeSNkzdpYfvGEsGlwO8sib4F4sqn8YYkTj85qmkWJV677hy8Dse7W6mXXZrM721JFOHPaQ1qohbMweIwgb-gWE0T_jacFo0Uiqni9yuJy7hhv5fy6Bb0nfnjyusdXEyfPHOUNKeBOB21o_K2wd9JeWNJZA4CK2GtGF7C-iHndGmWEVDI%26bag%3DM7m7ERTROhSyq5tu8nv1AkD64CsaY0bp%26ruid%3D861abc95-de06-4f27-a0fb-6d0c480e6992%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.luckypatchers.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.153
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:30 GMT
content-length: 67696
last-modified: Wed, 28 Sep 2022 19:39:12 GMT
etag: "6334a2e0-10870"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x600, components 3\012- data
Size:   67696
Md5:    2d40af8e20ab58355a466d1640c54da4
Sha1:   9994d1306d1c1cb46019627443b71f3fc103af36
Sha256: 6881f7ede3f2844b47113ea9ec10bac093b0d1d58773a494600a15414e504f45
                                        
                                            GET /vctx?t=72747 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:30 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 1bc0c8250bc6edd34b4c78328f0b75ce
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:30 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 35437bdc14a1cbde8b52a3f4919bf06f
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /11?rnd=2088448370&z=5349250&b=15013339&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=IUQWKolGnxwmw-B4OxPETEdY64_kXV8LWWPEYwNQfSr5dXyN_QEo185fB7nea5HDcRYyvwt6YN6u7mu7htOE9at2oY5Nos4qrdDm1oiJ91x_vrfg9Au33zCSe1Ui9ZB7c-A3D2OxfWJgNXzEsGnVjmhqcsG3fi5JbukuoCacf8oIS4owJfQf_2Gqo4zwY1xueoDjJ8kZ6NfQDD2rro1RRXNM1Z7J9mDy5qOVru-e1WMht4mDpqpi4a1hF8FAPHAqbToAXmXjv6YcWdEtU_l3xme_cz0qViN_31AxwggC8u7FyjQQlvMp_bgaWDyBlUXcib9CMY0YM-3R-dn-t0ksPD4kADwwWd-BxzxB2_7AwttgW5xrGunv1K0qh6Ew-dIhs9UQrfPyWOXefKjvytyfKOxAM0ffrpjCP-RXbhsefulPDJx_f1NGH8CeD1Rn4vWaPlrgF266J-2AYt20XneQln_uuFCpwpxKxtiv00SGYOjaCSaAHCf0X8T8xJHy6wicXCQmcZ87KaU1L8r08adVAa3gMMUrraoiMeSNkzdpYfvGEsGlwO8sib4F4sqn8YYkTj85qmkWJV677hy8Dse7W6mXXZrM721JFOHPaQ1qohbMweIwgb-gWE0T_jacFo0Uiqni9yuJy7hhv5fy6Bb0nfnjyusdXEyfPHOUNKeBOB21o_K2wd9JeWNJZA4CK2GtGF7C-iHndGmWEVDI&ruid=861abc95-de06-4f27-a0fb-6d0c480e6992&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.luckypatchers.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.luckypatchers.com
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Cookie: scm=1; OAID=dca7519c2c424997a95c27613e6c0e77; oaidts=1664439208
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:30 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.luckypatchers.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5cb535eac8bfc7af5f347d52df04f891
access-control-expose-headers: X-Sc
set-cookie: OAID=dca7519c2c424997a95c27613e6c0e77; expires=Fri, 29 Sep 2023 08:13:30 GMT; secure; SameSite=None oaidts=1664439208; expires=Fri, 29 Sep 2023 08:13:30 GMT; secure; SameSite=None oaidvc=1; expires=Fri, 29 Sep 2023 08:13:30 GMT; secure; SameSite=None CNT=1_v1_2xXlAAEAAABAS___; expires=Thu, 29 Sep 2022 09:13:30 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4235
x-amzn-requestid: 60825c64-7743-4b16-b80d-d1195ccb0f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2nFsDoAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-1898e5d9111db7c843c1ebb4;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C-XC9qsktkENdI6lWZp5RQjeEvrrFMUfBq1mA5dxEjRq5tkfL5Jsxw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:55 GMT
age: 36520
etag: "2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4235
Md5:    30471179bd7cdeecea2fa4ea98701aef
Sha1:   2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb
Sha256: 967e070aec3942c64cc6c4cfdc13d430825c9e5c26dbec5bb3d66237d5978dfc
                                        
                                            GET /fv.js?t=72747&cb=2054814343 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: text/javascript; charset=utf8
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:30 GMT
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 5b507df75940380d52952aea4c2dcc5a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /1?z=5349250 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.242
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:28 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 25e84a467d45e99289f010b3e0471482
access-control-expose-headers: X-Sc
x-sc: q_vcQiAv3nuZ6bu3ktJGxPh7x0_cLXLI9H4OZB91QJwqisN7IU_z7c_RAY73k6ss_UugE1__MMPMj9t79jWbgb90EQ0=
set-cookie: scm=1; expires=Fri, 29 Sep 2023 08:13:28 GMT; secure; SameSite=None OAID=fe80414ff5844ea388c0bd63fb935592; expires=Fri, 29 Sep 2023 08:13:28 GMT; secure; SameSite=None oaidts=1664439208; expires=Fri, 29 Sep 2023 08:13:28 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: www.luckypatchers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         172.67.74.56
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 29 Sep 2022 08:13:28 GMT
link: <https://www.luckypatchers.com/wp-json/>; rel="https://api.w.org/", <https://www.luckypatchers.com/wp-json/wp/v2/pages/6174>; rel="alternate"; type="application/json", <https://www.luckypatchers.com/>; rel=shortlink
vary: Accept-Encoding,User-Agent
x-mod-pagespeed: 1.13.35.2-0
cache-control: max-age=0, no-cache, s-maxage=10
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNbaJHPer1CgBPalDBY1oH%2B9BF4U22QmjV6DjaKfhlc5RV9E9sPTdvxQgWKajVK4HOJWOwbethXUTdkY7E8fJHh6d%2FjtN5p0l9xXxKbcja7lpYNNXsA4JsuqSfc%2FNjktxgD7ONrEKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75234277cd1eb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?l=ESInDNHsgDSQ0sO&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1456138997%26z%3D5349250%26b%3D15013339%26c%3D6137250%26var%3D%26d%3Dhttps%253A%252F%252Fengingrepare.com%252Fb68fbfec-7b24-433b-9c67-97b9b84e7421%253Fzoneid%253D%257Bzoneid%257D%2526bannerid%253D%257Bbannerid%257D%2526browser%253D%257Bbrowser%257D%2526os%253D%257Bos%257D%2526device%253D%257Bdevice%257D%2526region%253D%257Bregion%257D%2526isp%253D%257Bisp%257D%2526useragent%253D%257Buseragent%257D%2526language%253D%257Blanguage%257D%2526connectiontype%253D%257Bconnection.type%257D%2526cost%253D%257Bcost%257D%2526visitor_id%253D%2524%257BSUBID%257D%2526country%253D%257Bcountry%257D%2526zone_type%253D%257Bzone_type%257D%2526browserversion%253D%257Bbrowserversion%257D%2526carrier%253D%257Bcarrier%257D%2526campaignid%253D%257Bcampaignid%257D%2526osversion%253D%257Bosversion%257D%2526countryname%253D%257Bcountryname%257D%26cln%3D1%26btp%3D7%26rb%3DIUQWKolGnxwmw-B4OxPETEdY64_kXV8LWWPEYwNQfSr5dXyN_QEo185fB7nea5HDcRYyvwt6YN6u7mu7htOE9at2oY5Nos4qrdDm1oiJ91x_vrfg9Au33zCSe1Ui9ZB7c-A3D2OxfWJgNXzEsGnVjmhqcsG3fi5JbukuoCacf8oIS4owJfQf_2Gqo4zwY1xueoDjJ8kZ6NfQDD2rro1RRXNM1Z7J9mDy5qOVru-e1WMht4mDpqpi4a1hF8FAPHAqbToAXmXjv6YcWdEtU_l3xme_cz0qViN_31AxwggC8u7FyjQQlvMp_bgaWDyBlUXcib9CMY0YM-3R-dn-t0ksPD4kADwwWd-BxzxB2_7AwttgW5xrGunv1K0qh6Ew-dIhs9UQrfPyWOXefKjvytyfKOxAM0ffrpjCP-RXbhsefulPDJx_f1NGH8CeD1Rn4vWaPlrgF266J-2AYt20XneQln_uuFCpwpxKxtiv00SGYOjaCSaAHCf0X8T8xJHy6wicXCQmcZ87KaU1L8r08adVAa3gMMUrraoiMeSNkzdpYfvGEsGlwO8sib4F4sqn8YYkTj85qmkWJV677hy8Dse7W6mXXZrM721JFOHPaQ1qohbMweIwgb-gWE0T_jacFo0Uiqni9yuJy7hhv5fy6Bb0nfnjyusdXEyfPHOUNKeBOB21o_K2wd9JeWNJZA4CK2GtGF7C-iHndGmWEVDI%26bag%3DM7m7ERTROhSyq5tu8nv1AkD64CsaY0bp%26ruid%3D861abc95-de06-4f27-a0fb-6d0c480e6992%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.luckypatchers.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckypatchers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.153
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 08:13:30 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
set-cookie: reverse=yJhh-kz_HhViNEdHz6husFmvH07l1QYLGy55pRHcwI8; expires=Thu, 29-Sep-2022 09:13:30 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---