luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
104.21.86.39200 OK 850 B URL HTTP/1.1 luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
IP 104.21.86.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6fbd5284b703e44981aad912b9cf4a27
d19a766ca7e68499fee37d76c882263988c12d4c
2f8a81e3c943c8548f263206da148a80ad9ec36b72dc5fa6dfc11de18ca95a88
GET /ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082 HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:29 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsyZtX%2F7WeZYAhBc2UOYZlx4%2FZTaKjFBk%2FSGR%2B%2BoS1%2FZJg5%2FUSUaR6iHOCysamPebYaPtY4Yd6bCx97dmg1wm9VxINeV1HgQ9N7MbRYMQ5dg65QlKOANsZGyCsJM4p54"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f7ca650efe0b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10644
Expires: Fri, 25 Nov 2022 07:52:35 GMT
Date: Fri, 25 Nov 2022 04:55:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4967
Cache-Control: max-age=111527
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:55:11 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:53:58 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12502
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 04:55:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 04:17:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2267
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YmTpL7VdAS5SKdaxB2eJ/NbSZCxm3DghkEBV10S2tIh9XWl8KdWMAD/9Lwe6wtIR4WvTykCeqxk=
x-amz-request-id: 8936M1FAS60KGENJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 04:40:40 GMT
age: 871
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:55:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
luckyme.homes/ip14/tw/style.css
104.21.86.39200 OK 1.6 kB URL HTTP/1.1 luckyme.homes/ip14/tw/style.css
IP 104.21.86.39:0
Hash 269323df0b826f66dfc44f1b06309a09
e63ff20b8103dc605e872c9dcd8b5bde99cd026c
63f7c00f3501a68d044d5d97e160dc3a6c9d2d8fd6b4e980a8f79da2de29dad9
GET /ip14/tw/style.css HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:30 GMT
Vary: Accept-Encoding
ETag: W/"63461fbe-122e"
Expires: Fri, 25 Nov 2022 16:54:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 19
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsLHK39Vvj%2BXEdGiEfTCeYRhrwcOc4n4D%2Fy63j8kSdYZ3qgeTM9tS%2Bi%2B24Z8zdsPgPRGI1g77OS4mqBrWLjF7xbD%2BHGR4h6zyNJ1%2FP%2BhyYZxlmjuFwRpovKLSCZjsyx7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f7ca6818780b61-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/text.js
104.21.86.39200 OK 1.6 kB URL HTTP/1.1 luckyme.homes/ip14/tw/text.js
IP 104.21.86.39:0
Hash 3eb12b8e3fa5c35fdb82f4f28875569d
21e61e63b1d7feee6c4816ab36568574d6b3288a
69ac0620f71664859d7637eaff2c9b6405d876dbb09ceae4e4589978ffb19660
Analyzer Verdict Alert fortinet Phishing
GET /ip14/tw/text.js HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:30 GMT
Vary: Accept-Encoding
ETag: W/"63461fbe-e66"
Expires: Fri, 25 Nov 2022 16:54:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 19
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAyLtXwuuUSDIZVWaLI7pWZtid1xdE%2B7ezg0TgdHzufqLRCcF4THAsID%2FPpS0daKciidL00Hf%2Beb4LRWb4imCC%2BtheIJqPe84h7IB5pbajtE9ACVyeDKHba07fpPvX%2Fd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f7ca682aabb503-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
216.58.207.234200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (32025)
Hash 83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://luckyme.homes/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 08:31:51 GMT
expires: Fri, 24 Nov 2023 08:31:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 73400
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
luckyme.homes/ip14/tw/m_w.png
104.21.86.39200 OK 236 B URL HTTP/1.1 luckyme.homes/ip14/tw/m_w.png
IP 104.21.86.39:0
File type PNG image data, 40 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c55d0a952585a0934374a44fd38fc26
b1fce8b92d801908234542184852a79a96b3c69e
0ba95122154369bab4a5809962d9cf8fe91b69161e490bcbfd61581365b940a7
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /ip14/tw/m_w.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 236
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:30 GMT
ETag: "63461fbe-ec"
Expires: Fri, 23 Dec 2022 09:19:17 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 19
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrniyqWITogU2Jfg397ODK6Zz9mIupe9h5qvzomFhmBcCIpzYAmCMnlUXjZoOlTNu3xyULYZZBldsmn%2F2VSv2FJx8akhHUTJ8rkl0vsanOW644%2BQW734XO5scHhy8JOA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69b9a70b61-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/o.png
104.21.86.39200 OK 412 kB URL HTTP/1.1 luckyme.homes/ip14/tw/o.png
IP 104.21.86.39:0
File type PNG image data, 1164 x 706, 8-bit/color RGBA, non-interlaced\012- data
Size 412 kB (412422 bytes)
Hash 23c338e1d83a6cf16030be5878b93744
ac5739baaced04f311b1ce1f485d9552cd86cd48
49dfa01468deecc2a6268803ef3b2f1060d9de66521c1123d7a49e5d249bd65c
GET /ip14/tw/o.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 412422
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:32 GMT
ETag: "63461fc0-64b06"
Expires: Thu, 22 Dec 2022 02:17:36 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 19
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBLSK9FBf9ld60TLdSuDQLbRMINua%2FZhX1JmthgK2R3O%2BTPinbhA7vgFFBnlgJRvrt4mRyJhWxQfcx0Dz4F9vOVLifEv1Df5jGZwBjAlakZa8u4bTM76%2BjCq%2FY5Yywzn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69bbb3b503-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/5.png
104.21.86.39200 OK 3.9 kB URL HTTP/1.1 luckyme.homes/ip14/tw/5.png
IP 104.21.86.39:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 31fb7a318562f1a38bc3793079ff0728
cdcc229346b4c78fc49d1fbba672581d7c2b8d7e
332d5708e6189c34bcb8de6be39e5e7a7f5210ba4c5dec13887a13659a7fc053
GET /ip14/tw/5.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 3937
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:29 GMT
ETag: "63461fbd-f61"
Expires: Fri, 23 Dec 2022 15:15:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 19
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKx6rf0EGU08YYvsqrzBTM7HcM2ODoueS1lllv2Osx%2BLEsygjjNOL1V3zimap7RATp0FyrS4QGUsVxUO8FfTp%2FqPxL4SW6taSF5vd3wRDp2xHM9xZP%2FbFTy6XSwIqpcq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69c9ab0b61-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/1.png
104.21.86.39200 OK 3.9 kB URL HTTP/1.1 luckyme.homes/ip14/tw/1.png
IP 104.21.86.39:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 6e5f1d0b7ae4d182a8213479414663e2
e1ca6800ef2d8a8e171241c864da8b9afbfee694
52d09cef39076ea05b232f8d9cb60849db44db2e51392bf5841b6cfa7e53be00
GET /ip14/tw/1.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 3851
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:28 GMT
ETag: "63461fbc-f0b"
Expires: Thu, 22 Dec 2022 02:17:37 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 135602
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEmjbOHp4XJTNfE5g2ZPZEwPfkAZnBpJXMEtiF3cvEH0eUeDR6ts32Zer2Bv9LGKrnRLGhyT4CEFhnKUslsiL9Gn8t1SZWT4AyWanoXj%2BsqbwF1aAS6uEWm6qkJtSETh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69bf14b51b-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/2.png
104.21.86.39200 OK 3.9 kB URL HTTP/1.1 luckyme.homes/ip14/tw/2.png
IP 104.21.86.39:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash b9ba6b627e9bc6b633dd5a0925018562
893158cf2a77417fde5f2f9c6f0fa80fa5dfdc66
12cc9731a311d0b29aea0c4216af33b20bcc958b65f60740821517b7034b4b47
GET /ip14/tw/2.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 3904
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:28 GMT
ETag: "63461fbc-f40"
Expires: Thu, 22 Dec 2022 02:17:37 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 19
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frYoJYfDzYL4%2FVrnjxE0K5pkxkd2O4sFyxKzcQSFuq3323zXK74S5cl5s6Q9HIfgrZ2XriRvAxp0Yq8YslfHyCFpfz7X4PZ%2BKezmDegO9Wf3onKW%2BubxcAmAN5JQdt%2Bn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69cdd01bfa-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/3.png
104.21.86.39200 OK 3.1 kB URL HTTP/1.1 luckyme.homes/ip14/tw/3.png
IP 104.21.86.39:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 2dac80b17741d265574d17ad5bfcc866
e1cec63c76f2be07abf318fa1899f88f12fc336c
6b6946c28a3d2da5b9dd9632aa80fb85b8883d052db771ec17489fd8473413ef
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /ip14/tw/3.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 3111
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:29 GMT
ETag: "63461fbd-c27"
Expires: Fri, 23 Dec 2022 15:15:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 19
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLJlddjF0Lsfozi46A%2B%2BxvqtC9e5OLlGRHmZ7nAO9Ey%2Fd9Af9FOWvjKvbHQcPIFZY25cnuZMunQrglkcT2yz2BBBN%2FZwAdOjbtxgzOh87NG7Gy3Tu0U8VRZvpHhbXoJA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69cb80b527-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/4.png
104.21.86.39200 OK 6.7 kB URL HTTP/1.1 luckyme.homes/ip14/tw/4.png
IP 104.21.86.39:0
File type PNG image data, 48 x 48, 8-bit/color RGB, non-interlaced\012- data
Hash 6b134c5a127c35795c87fdef6ad51069
58e5fcaf29056daf7b7de448fde92c07ab664461
01e7cb398609b2591143eac31ebf7273292d6ef6be6d55e1971d828ecccc56eb
GET /ip14/tw/4.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 6748
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:29 GMT
ETag: "63461fbd-1a5c"
Expires: Thu, 22 Dec 2022 02:17:38 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 135602
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XM%2BHmTyYtB5zuNvV6SPGbRnedWOYA%2FMo4xuIbonAEhNjgIK2q%2FHLJtCAlEn5Le1VAAkt8hurgUrlofj2BLUcOrr%2FJtsE8JcqhDW42IkvCShl5YoGRCpDkagCfISkpT9v"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69cb5db506-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/a.png
104.21.86.39200 OK 21 kB URL HTTP/1.1 luckyme.homes/ip14/tw/a.png
IP 104.21.86.39:0
File type PNG image data, 257 x 184, 8-bit/color RGBA, non-interlaced\012- data
Hash 00079ff1ac333a44fcef3d9caf7b88e1
d7b0fd07a16bdabb4be71ee4a889fcb02c9a539e
11c473d8a2d02601a32761c5d22e1f7564205d3006a9d18e4a269183053ed3f4
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /ip14/tw/a.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 21047
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:29 GMT
ETag: "63461fbd-5237"
Expires: Fri, 23 Dec 2022 15:15:09 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 19
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FihlWbVmrDtoZHgT%2BAuqMeqFiEWb5Qt%2FN6izn0f1D5wO4L3LhKQbniLBIr2w7qn3Es9lHo38CD8bWgCeVYwm3RpB23xaqm%2BKKOyQsD6dOvSn0Bba%2BKB56kFR4QnA6PWm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69fbd8b503-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/6.png
104.21.86.39200 OK 5.0 kB URL HTTP/1.1 luckyme.homes/ip14/tw/6.png
IP 104.21.86.39:0
File type PNG image data, 48 x 48, 8-bit/color RGB, non-interlaced\012- data
Hash a897bc92f91cc4979c8241a787a1f46e
7b0be6f8bc199b771f32df6d46b7e0b58d192ad6
f8f947c9de8e9f48a45ae7a3cab9f71849ed3171f826b27de5dad8f371143dbe
GET /ip14/tw/6.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 4977
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:29 GMT
ETag: "63461fbd-1371"
Expires: Thu, 22 Dec 2022 02:17:38 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 19
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QGOyTxHTnEm%2BUw%2F4aFk%2FTYtwfaaraHORapR3LmCPBbUHeuW%2Fi7Qfd%2BCJ4iCG%2FZjh3ZX89nvu3dm6ELRgzw2Sx0sSQbSshkTE8utc2uLLULBGRbi0fkGzRrqqZXAfMXX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69f9b60b61-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/ixs.png
104.21.86.39200 OK 104 kB URL HTTP/1.1 luckyme.homes/ip14/tw/ixs.png
IP 104.21.86.39:0
File type PNG image data, 481 x 353, 8-bit/color RGBA, non-interlaced\012- data
Size 104 kB (103552 bytes)
Hash 92884997f6162e01567b2f192a161e99
a644f9d1eb276c95d33f2bb63b518a97d957f331
c15bda93fb2eb38365797716a9beb926d2c10aca0b686f93aaca647ced752dc5
GET /ip14/tw/ixs.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 103552
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:30 GMT
ETag: "63461fbe-19480"
Expires: Thu, 22 Dec 2022 02:17:39 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 19
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exIYgmN6tbrGbltDHbEU4IhCs3iRoiBHI7%2Frbcw2Lp2cElP4U4%2By%2B%2F5%2BDvUBx7cDHlmHV8n6NpBGWr8NzSFMUcdPfKOkCgjCfUDrjTCT739wWYJr9sEz%2F1uNuFteQK%2BW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69ff39b51b-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/l.png
104.21.86.39404 Not Found 167 B URL HTTP/1.1 luckyme.homes/ip14/tw/l.png
IP 104.21.86.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4e93325cbd7d0a1bd9182c50a87ee855
4761e9470180e0a73ba9df2773318dab945e33be
c9741cd73b587f99806ca15ae0bf08ca7e78d0a805fc0258394b757107395c96
GET /ip14/tw/l.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/style.css
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 19
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BF2lSnDYrbBr81jJ%2F2vKKtCF1m70RTCQQUDqZ7lNkgRnps2cF%2FFD7PnjzeNBnBR84hNIuZUd6S8Pl1HiUO7GgjPybSE2KWoj3mbzjFuwCKrdawMA83GF0%2FQsH5cssbbA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69fdd61bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
luckyme.homes/ip14/tw/s.png
104.21.86.39200 OK 9.8 kB URL HTTP/1.1 luckyme.homes/ip14/tw/s.png
IP 104.21.86.39:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash fff94a5719a346c10d76c34b55b15023
988be071c096b37b716670d139ea62179d25d138
4cdfdb1301d3d2c30a88cc6683062ce0f38867d5b62c4cb704855df748abc0ac
GET /ip14/tw/s.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip14/tw/?cid=w55nr3qh1rqedcnki2n8kog0&cep=oSwcTdaX0ksCCjT4Ln8a-1TVm6rA3tSFP5z-WPmjktw48c46yt6jRyqVzbaVMerKLBM1IsEsLUcTHt_GcNJgFk5taqAiG4R1HvmNfSoidanI1MalWlPDGHWYRm_oeTwFIVSYcMbuNQckE2XfTk0KxC6zhmL3ZcTCtzZoDJkG82ev6Pp44RR1UuLcmUbT6097bZ9cDGC3WiajpxkworkW_ZsywT_lqP_LM0jvMwWRogM5iLv9kmYuURfMfB0zwZwnDHmAg8oD7WsQEriBCKC0uBjaCO_qI_JEjkwinEg5YyVs_nmmOfqhSdiDDkLUd0m_EUa9lM7hOeLqwO7NWsbqyW7VxbZRa6dWei1O9VJM9Po08mhcZgtvUddjxU7i7_EKeoQX4d1bGwp1m1RupyUx3vLpyZMM6flzn87S3V_HAEh46G7TkJUTVP3hzlJbzMgu&lptoken=168669fc35b638608082
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: image/png
Content-Length: 9775
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 02:00:30 GMT
ETag: "63461fbe-262f"
Expires: Thu, 22 Dec 2022 02:17:39 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 19
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2W0eVWol6SSiwQJtHcdwRlem2AthdqMBzONI4KkMR9%2Fs5hm2jYbosU7t3e88qyCD8LTAawXYREfsw9rbjBKR5oPJun0YirNdkRrUCIH%2F%2FoK8v4qzlFO9LcQk0KDCsci"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7ca69fb6bb506-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2a4594dea4cfc377de858773cf331714
f7e517c16ad9355330a785c1c12c474fbecfc1cb
f28dcb1a56166b67e4c4f60941ac44ad25a8bfa8b627ea808a6dfea24aed0c7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 63
Cache-Control: max-age=131074
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:55:11 GMT
Etag: "637fa772-117"
Expires: Sat, 26 Nov 2022 17:19:45 GMT
Last-Modified: Thu, 24 Nov 2022 17:18:42 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
oogneenu.net/pfe/current/tag.min.js?z=3654242&ymid=w55nr3qh1rqedcnki2n8kog0
139.45.197.251200 OK 6.0 kB URL HTTP/1.1 oogneenu.net/pfe/current/tag.min.js?z=3654242&ymid=w55nr3qh1rqedcnki2n8kog0
IP 139.45.197.251:0
File type C source, ASCII text, with very long lines (14782), with no line terminators
Hash 5577e5de2d2466d72c39013afbc9fb1e
610dff5b10fe0d45379629f0a8d399fcae70251e
025d0ade1d4a3f78e5e80370d43d78ce3455510e9a5cf02fe55670813d1f1937
GET /pfe/current/tag.min.js?z=3654242&ymid=w55nr3qh1rqedcnki2n8kog0 HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Nov 2022 15:53:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637f9392-39be"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2a4594dea4cfc377de858773cf331714
f7e517c16ad9355330a785c1c12c474fbecfc1cb
f28dcb1a56166b67e4c4f60941ac44ad25a8bfa8b627ea808a6dfea24aed0c7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 63
Cache-Control: max-age=131074
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:55:11 GMT
Etag: "637fa772-117"
Expires: Sat, 26 Nov 2022 17:19:45 GMT
Last-Modified: Thu, 24 Nov 2022 17:18:42 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ef57f59d58128bb86190d34431cd28e3
029ec663cdcd1384b3c64ae28eb1e968870d956a
6801ede9f6495a4ad95b4faf3ff01c8f18a3b65971de26ee3cf500681c1c5c34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6801EDE9F6495A4AD95B4FAF3FF01C8F18A3B65971DE26EE3CF500681C1C5C34"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Fri, 25 Nov 2022 10:54:55 GMT
Date: Fri, 25 Nov 2022 04:55:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2608d2e76f86ae33e25168f6f0ace1b4
c6837040316adc00c33de7f3d0b5474c6afbde43
cf29f82546255648d5af1c44e83baa5aa203d2e3813979f309243f37f28a6510
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF29F82546255648D5AF1C44E83BAA5AA203D2E3813979F309243F37F28A6510"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Fri, 25 Nov 2022 10:55:09 GMT
Date: Fri, 25 Nov 2022 04:55:11 GMT
Connection: keep-alive
tagstaticx.com/tag.js
104.21.28.10200 OK 5.9 kB IP 104.21.28.10:0
File type ASCII text, with very long lines (12932), with no line terminators
Hash da8df24aea75e974a3a080c997ddbeed
f86fb90435c6aa208a3cd49cf32fd1ebdcb64b77
14b237c2fee93678872f70232ba3ccb8784f0b2f5973348196d314e6016b5712
GET /tag.js HTTP/1.1
Host: tagstaticx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://luckyme.homes/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:55:11 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
cache-control: max-age=1800
cf-cache-status: HIT
age: 19
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PayiPZT1L7u9%2BtuqeeqqBR99fSVVtzHEf4lHwQLhCcEdlKQW8LXJa9an79DartF7x9RpeOPkVwtSyszDL3yQ4PSpDqdz2jmLj1SvkF0s4v4Q%2FSNNriWxkrdYq1sfHsg%2BlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7ca6a5fbd1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8a2e7ab9f879e661a79bbd1a8941771d
2ffaca360ca166595c22af6993fe09f828d94f2e
7de1ce8e8144f318bd65ae8f6cfc023abdd5f34da94a0fd9098b18e1be3413d2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:55:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 16:52:35 GMT
Expires: Thu, 01 Dec 2022 16:52:34 GMT
Etag: "2ffaca360ca166595c22af6993fe09f828d94f2e"
Cache-Control: max-age=560842,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f7ca6b8827b52d-OSL
datatechone.com/log/add?cid=unknown
37.48.68.71204 No Content 0 B URL HTTP/1.1 datatechone.com/log/add?cid=unknown
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=unknown HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1344
Origin: http://luckyme.homes
Connection: keep-alive
Referer: http://luckyme.homes/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 04:55:11 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 2640
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1765
Cache-Control: max-age=103262
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:55:12 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:36:14 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
oogneenu.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://luckyme.homes/
Origin: http://luckyme.homes
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:55:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
oogneenu.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://luckyme.homes/
Origin: http://luckyme.homes
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:55:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
oogneenu.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://luckyme.homes/
Origin: http://luckyme.homes
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:55:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
oogneenu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://luckyme.homes/
Content-Type: application/json
Origin: http://luckyme.homes
Content-Length: 915
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:55:12 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7feef284c99c6643fc79213e340a85f6
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
oogneenu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://luckyme.homes/
Content-Type: application/json
Origin: http://luckyme.homes
Content-Length: 1169
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:55:12 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 01851905996a3115f3cf18e5a5b67e41
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
oogneenu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://luckyme.homes/
Content-Type: application/json
Origin: http://luckyme.homes
Content-Length: 924
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:55:12 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6e8824cb43a36161e3d68be121347042
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.240.57.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.57.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7uITPTRyZd1iI1fuZ96IZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jUq3IsHB9yynmT2SQsNRh74PROY=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2848
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:55:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2848
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:55:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2848
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:55:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2848
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:55:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f59a591b222397ff0f01c22a0786e660
6a8504212141af411a18ce58960c8bb52e8116ac
624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rIKW7gaK37mlbk_TUo63AH9-XDOoF3Z-5mGaeOkzmESFLJ3GHz60lA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:10 GMT
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
age: 26403
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uj2zluKZJzwlcymflJicV2rFLgOEYzWuhZsThZPRbCwiNoYxCgbEwg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
age: 26412
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 648677a7e7bab1896a190d2e5fb7243c
6217a262002244ef3f2e8034076a735cafd9888a
72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4270
x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xFwXoAMFkqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NLXTbS53l_c-lByM8Ym4_tfOlgP2lB-F1dYxOSfdeEfBSM41X0Cpug==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "6217a262002244ef3f2e8034076a735cafd9888a"
content-type: image/jpeg
age: 26412
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
age: 26405
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 78066
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _FkuS0I2--xiqT4sOKa8ACg8BtI97R-bGe2UZ3o91wfqn_WgktspiQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:36:27 GMT
age: 26326
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
luckyme.homes/javascript.js
104.21.86.39200 OK 0 B URL HTTP/2 luckyme.homes/javascript.js
IP 104.21.86.39:0
Analyzer Verdict Alert fortinet Phishing
GET /javascript.js HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://luckyme.homes/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:55:11 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 00:31:59 GMT
vary: Accept-Encoding
etag: W/"632120ff-1a19"
expires: Fri, 25 Nov 2022 10:35:46 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 19
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zutdFYhjxSTJtroNlFOjDJ8wWpaJrkmKL%2BOQZBOHNcnkpP3F4ODdCH3kdVqWl4SXRMb1PB4atFk4YD9aEtWHMq0ulqXWB41%2BBpW5uxoVcGn6mSl8Gh24%2BaFcvNjm%2Fd8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f7ca685c75b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oogneenu.net/pfe/current/universal.min.js?v=3.1.405
139.45.197.251200 OK 0 B URL HTTP/2 oogneenu.net/pfe/current/universal.min.js?v=3.1.405
IP 139.45.197.251:0
GET /pfe/current/universal.min.js?v=3.1.405 HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://luckyme.homes/
Origin: http://luckyme.homes
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:55:11 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-180b9"
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
luckyme.homes/propush.js
104.21.86.39200 OK 0 B IP 104.21.86.39:0
Analyzer Verdict Alert fortinet Phishing
GET /propush.js HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://luckyme.homes/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:55:11 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 00:32:09 GMT
etag: W/"63212109-1f7"
expires: Fri, 25 Nov 2022 12:49:25 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 19
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zu%2FCB9JSRSBTzrW5MC3lP0EnKqAjQ4mCALqbYP3pEzv06UK9wxhE6vfudCZQd6%2FNynLL1g23rdTq6J9f%2FQca2QLm1AqYeIDER4qa0wUC4YL4FIXzsAZWU5C2MvzxH8Uh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7ca684c71b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2