| cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css | 104.17.24.14 | 200 OK | 1.4 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css IP104.17.24.14:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (7048) Hash8d4fba5186f02a0c4458986b0cf91667 785579011ecdda9e4754ca41649fa2fc06453b52 1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
GET /ajax/libs/froala-editor/2.8.5/css/froala_style.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: text/css; charset=utf-8
content-length: 1380
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6a-1c28"
last-modified: Mon, 04 May 2020 16:10:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4228126
expires: Tue, 15 Apr 2025 11:43:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0HYpfGPpY1PrlRxSTXdhskVSDYfnXoPgK5QEIUD7y2Ivevoi9adNWxfmzQyI4dXi8vJCuhCrLZbtBj1C1rbmIS%2FCHBaDFQ48TQ8kHYg9ttfmWJABiiRWfD7566xpzvWyjVLyX%2B5h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879e12a908210b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lp.luckyrafflex.com/gg11181win/1157ecab4ef2b338c4e92cba7579f672.static.png | 172.67.220.152 | 200 OK | 13 kB |
URL GET HTTP/3lp.luckyrafflex.com/gg11181win/1157ecab4ef2b338c4e92cba7579f672.static.png IP172.67.220.152:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerGoogle Trust Services LLC Subjectlp.luckyrafflex.com Fingerprint48:25:8F:36:3C:D8:0D:F6:5A:43:18:D3:ED:68:02:E6:30:41:27:CD ValidityFri, 29 Mar 2024 02:54:43 GMT - Thu, 27 Jun 2024 02:54:42 GMT
File typePNG image data, 300 x 222, 8-bit colormap, non-interlaced Hash845223d4b41c46c9a6d737e058c3ab0d c9bad2ea265d067eed376ed4f465df0f04a4713c 1010f7803e7f7f230bc119578c7485282eb7afb63c0e3eaae1ca3a214130fb94
GET /gg11181win/1157ecab4ef2b338c4e92cba7579f672.static.png HTTP/1.1
Host: lp.luckyrafflex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/gg11181win/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: image/png
content-length: 13206
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "8ce9eb77d05fe3ee61dd7ff3e1888716"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UhAtqAJ%2F0i4qdGJAu6DAC8ZwgGPrbCTCD92H6vXFze8UcLxeHq5LrkjGHM%2FkxSaVmnvzP%2BFUfPtzb9Yqra7ogEZxEEppGKv1RRx%2B81gJbCWF84qgI1FAlSoO%2FL1WzfHuShNolQhH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 879e12a8f9c756cc-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lp.luckyrafflex.com/gg11181win/49328fec4559a3f7db6182e59889b84e.static.css | 172.67.220.152 | 200 OK | 33 B |
URL GET HTTP/3lp.luckyrafflex.com/gg11181win/49328fec4559a3f7db6182e59889b84e.static.css IP172.67.220.152:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerGoogle Trust Services LLC Subjectlp.luckyrafflex.com Fingerprint48:25:8F:36:3C:D8:0D:F6:5A:43:18:D3:ED:68:02:E6:30:41:27:CD ValidityFri, 29 Mar 2024 02:54:43 GMT - Thu, 27 Jun 2024 02:54:42 GMT
File typeASCII text, with no line terminators Hashc588c17324f2be0e0ec90a18f39e7d7c 69d360eddd15f527aac7f7e610346517732b7770 b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240
GET /gg11181win/49328fec4559a3f7db6182e59889b84e.static.css HTTP/1.1
Host: lp.luckyrafflex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/gg11181win/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: text/css; charset=utf-8
content-length: 33
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "4165f7316a59fe16fefe55c4e7e24819"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oWJARIyvbMLR%2FK9JZSn%2FrcjSQV3a4TxQxRHSad9VddWyK5Kje1FSKdMTO8vzAztNNR3ZCPJ%2FN6SoKvK9xT4mBp7WE6Nr3bi1QaadcbTK0wdZRrgXDrKmglaKPQCjNsJqnz6sEWDN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 879e12a8f9be56cc-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lp.luckyrafflex.com/zone?&pub=0&zone_id=6484700&is_mobile=false&domain=lp.luckyrafflex.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.498&trace_id=8d6b2daf-0f7d-408d-82a9-4ec141ab92b8&action=prerequest | 172.67.220.152 | 405 Method Not Allowed | 0 B |
URL POST HTTP/3lp.luckyrafflex.com/zone?&pub=0&zone_id=6484700&is_mobile=false&domain=lp.luckyrafflex.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.498&trace_id=8d6b2daf-0f7d-408d-82a9-4ec141ab92b8&action=prerequest IP172.67.220.152:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerGoogle Trust Services LLC Subjectlp.luckyrafflex.com Fingerprint48:25:8F:36:3C:D8:0D:F6:5A:43:18:D3:ED:68:02:E6:30:41:27:CD ValidityFri, 29 Mar 2024 02:54:43 GMT - Thu, 27 Jun 2024 02:54:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=6484700&is_mobile=false&domain=lp.luckyrafflex.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.498&trace_id=8d6b2daf-0f7d-408d-82a9-4ec141ab92b8&action=prerequest HTTP/1.1
Host: lp.luckyrafflex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/gg11181win/
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 405 Method Not Allowed
date: Thu, 25 Apr 2024 11:43:00 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMUclHCwjlYTGzDZuefg9HpIO04Y73YFPcBfrB3M6KMV7DDiGEIVGlAXNXnu4B8drYhzrUzyhSXHvxsEFRnlEqWVhDcu%2B%2BvuSnJp%2B4CPUscNfnMY8Pk6YU5V20uzUTcHr1g%2B0oD2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 879e12a9eaa656cc-OSL
alt-svc: h3=":443"; ma=86400
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 264
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f15473a0a4829aa1a553e35d90ee1a80
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 266
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: fd126b3c8dedd6d753f4d3a16d8b704d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 267
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d9e18dd7c90331ee45ca6777c9252e83
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lp.luckyrafflex.com/
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashe9adb1f53e89e78aad0382400cf064ee c61f5125249a9372358265e0a35285e456b0ef14 40b257bb9f2e484d3c5086520e670e941a24ed1bbfa1a17d1fa163b0d669b3e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
Content-Type: application/json
Content-Length: 1042
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 264
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c9a7008d5d3859c737269fa9ec247cfe
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 267
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3ccb23ab80a2e19c77c91056c3bd2200
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 266
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e908a4eac08bbfa69b4be438c22a5a15
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| laugoust.com/zone?&pub=0&zone_id=6484700&is_mobile=false&domain=lp.luckyrafflex.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=c8739c21-9960-4c5c-b4ac-6a54e3de62aa&action=prerequest | 139.45.197.250 | 200 OK | 0 B |
URL POST HTTP/2laugoust.com/zone?&pub=0&zone_id=6484700&is_mobile=false&domain=lp.luckyrafflex.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=c8739c21-9960-4c5c-b4ac-6a54e3de62aa&action=prerequest IP139.45.197.250:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectlaugoust.com Fingerprint7E:22:8B:9A:F0:BB:8B:B7:E8:BA:E3:C7:7A:4C:C7:03:85:E9:D8:D8 ValidityMon, 22 Apr 2024 05:11:34 GMT - Sun, 21 Jul 2024 05:11:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6484700&is_mobile=false&domain=lp.luckyrafflex.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=c8739c21-9960-4c5c-b4ac-6a54e3de62aa&action=prerequest HTTP/1.1
Host: laugoust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-length: 0
x-trace-id: 7a007ab32141461982f321c23876bdd4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lp.luckyrafflex.com/
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| lp.luckyrafflex.com/sw-check-permissions-b69d3.js?zoneId=6484700 | 172.67.220.152 | 404 Not Found | 0 B |
URL GET HTTP/3lp.luckyrafflex.com/sw-check-permissions-b69d3.js?zoneId=6484700 IP172.67.220.152:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerGoogle Trust Services LLC Subjectlp.luckyrafflex.com Fingerprint48:25:8F:36:3C:D8:0D:F6:5A:43:18:D3:ED:68:02:E6:30:41:27:CD ValidityFri, 29 Mar 2024 02:54:43 GMT - Thu, 27 Jun 2024 02:54:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-b69d3.js?zoneId=6484700 HTTP/1.1
Host: lp.luckyrafflex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/gg11181win/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 11:43:00 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0AxWI8ol%2BDWUyHyMVi8khYyagz0EbBJvwFQ8S8kVecsRCcb1TtzBJwAv40q8Jou%2FyeFkHITTSYKlNIPakOs19%2FwYjto1gXHzM4AvTvdYgAgWlVYuvj%2FUhCVjgu4TskSqPSpSUJK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
server: cloudflare
cf-ray: 879e12ab7cd156cc-OSL
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash3e6f958a407c951cc2033bb97219217e 2fa666f6c43fd0876421c6e37de3c58382302be6 d4ade05bfd295c30e42b31abd5b26465e8aa3d4b22751bbdb17a7fbca79a4ac9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
Content-Type: application/json
Content-Length: 882
Origin: https://lp.luckyrafflex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lp.luckyrafflex.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| lp.luckyrafflex.com/gg11181win/9ade4ef19afad3811cdf87fc1cc3b82c.static.css | 172.67.220.152 | 200 OK | 4.1 kB |
URL GET HTTP/3lp.luckyrafflex.com/gg11181win/9ade4ef19afad3811cdf87fc1cc3b82c.static.css IP172.67.220.152:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerGoogle Trust Services LLC Subjectlp.luckyrafflex.com Fingerprint48:25:8F:36:3C:D8:0D:F6:5A:43:18:D3:ED:68:02:E6:30:41:27:CD ValidityFri, 29 Mar 2024 02:54:43 GMT - Thu, 27 Jun 2024 02:54:42 GMT
File typeASCII text, with very long lines (4094), with no line terminators Hash90aa4b404cdad5c7087b1f38828de505 ff93f4adac14e1433af89160610dd197b6de866a 5dcfee0d0d27d44fef201cd92bddcb7c20394ad02a86f297ab9a609b37a00aab
GET /gg11181win/9ade4ef19afad3811cdf87fc1cc3b82c.static.css HTTP/1.1
Host: lp.luckyrafflex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/gg11181win/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"58b7195acdbcde55a3f82a891f8f167d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSXfHYeBvbbMCjSBasWXpDrd%2Bg%2FuYayAdWYLP%2FLdxgSYfwcX1P7zOQckqn%2FUUuf929EYsQodq4lsQdzde8wt0nRc3mbsFoXYQZEO6w4LVsN7XsHC1GXaalSli9rQIuHw1QjZLELh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 879e12a8f9c156cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.lnstogsurvey.com/ceyzl3k.php?event7=1 | 0.0.0.0 | | 0 B |
URL GET www.lnstogsurvey.com/ceyzl3k.php?event7=1 IP0.0.0.0:0
Requested byhttps://lp.luckyrafflex.com/gg11181win/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ceyzl3k.php?event7=1 HTTP/1.1
Host: www.lnstogsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| laugoust.com/pfe/current/micro.tag.min.js?z=6484700&sw=/sw-check-permissions-b69d3.js | 139.45.197.250 | 200 OK | 37 kB |
URL GET HTTP/2laugoust.com/pfe/current/micro.tag.min.js?z=6484700&sw=/sw-check-permissions-b69d3.js IP139.45.197.250:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerLet's Encrypt Subjectlaugoust.com Fingerprint7E:22:8B:9A:F0:BB:8B:B7:E8:BA:E3:C7:7A:4C:C7:03:85:E9:D8:D8 ValidityMon, 22 Apr 2024 05:11:34 GMT - Sun, 21 Jul 2024 05:11:33 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=6484700&sw=/sw-check-permissions-b69d3.js HTTP/1.1
Host: laugoust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.lnstogsurvey.com/ceyzl3k.php?event9=0 | 0.0.0.0 | | 0 B |
URL GET www.lnstogsurvey.com/ceyzl3k.php?event9=0 IP0.0.0.0:0
Requested byhttps://lp.luckyrafflex.com/gg11181win/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ceyzl3k.php?event9=0 HTTP/1.1
Host: www.lnstogsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| lp.luckyrafflex.com/gg11181win/ac9cd1dffeb1e9f4fddaacc6e5d1fdd9.static.js?z=6484700&sw=/sw-check-permissions-b69d3.js | 172.67.220.152 | 200 OK | 36 kB |
URL GET HTTP/3lp.luckyrafflex.com/gg11181win/ac9cd1dffeb1e9f4fddaacc6e5d1fdd9.static.js?z=6484700&sw=/sw-check-permissions-b69d3.js IP172.67.220.152:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerGoogle Trust Services LLC Subjectlp.luckyrafflex.com Fingerprint48:25:8F:36:3C:D8:0D:F6:5A:43:18:D3:ED:68:02:E6:30:41:27:CD ValidityFri, 29 Mar 2024 02:54:43 GMT - Thu, 27 Jun 2024 02:54:42 GMT
File typeJavaScript source, ASCII text, with very long lines (36343), with no line terminators Hash34c41b82c46f2217bac67ea0caadfeff 4e7c6e3cf5a50e8d71bfa85b4a635cf064d72ebc fd40092670878500d72daa4cc63b43734f5e02e69da925877ea5b010945eaef4
GET /gg11181win/ac9cd1dffeb1e9f4fddaacc6e5d1fdd9.static.js?z=6484700&sw=/sw-check-permissions-b69d3.js HTTP/1.1
Host: lp.luckyrafflex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/gg11181win/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"1f53b7023874cb02fbdc31347ad13065"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rprD4Zbq3q111f%2Fc12h9nyQ9XNWwVIaWPg5PT7%2BjF6YDeqE2fFDy635%2BPU13gryJixeKx6mF97LQYOwJJayx%2B81T0FUAyzQYVT5pGw4BAIeRj4BDwYtBAmYGj1YzevRuaRbcktyM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 879e12a8f9b956cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lp.luckyrafflex.com/gg11181win/f1d0449e5c324bc62f7cd8cdfa4b03e1.static.js?zoneId=6484700 | 172.67.220.152 | 200 OK | 566 B |
URL GET HTTP/3lp.luckyrafflex.com/gg11181win/f1d0449e5c324bc62f7cd8cdfa4b03e1.static.js?zoneId=6484700 IP172.67.220.152:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerGoogle Trust Services LLC Subjectlp.luckyrafflex.com Fingerprint48:25:8F:36:3C:D8:0D:F6:5A:43:18:D3:ED:68:02:E6:30:41:27:CD ValidityFri, 29 Mar 2024 02:54:43 GMT - Thu, 27 Jun 2024 02:54:42 GMT
File typeASCII text, with very long lines (605), with no line terminators Hasha9864c05655faddf0354c424b271cdb9 50c027c0549715990ffcbbc599deadee72b97425 2af06928f9515b5de21aad8cc11410c16eb3d06db9ca1b250e88547b2763bef1
GET /gg11181win/f1d0449e5c324bc62f7cd8cdfa4b03e1.static.js?zoneId=6484700 HTTP/1.1
Host: lp.luckyrafflex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/gg11181win/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"9fc327a35cb8f0c537b5046a8804749d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gj4G6GY3wffyidw%2BcP7bfNEFwitGIGvIMBswe9PT1i2im78%2BsS0bYLCVWEtXjawzQVbinH69jqoqELPjEFS4yH2XBRWIDfVqp5Ln9n1jSATp6CXBG%2Bl%2BJOHJV3TPDVwv9qMF3f3S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 879e12ab8ce156cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.lnstogsurvey.com/ceyzl3k.php?event7=1 | 0.0.0.0 | | 0 B |
URL GET www.lnstogsurvey.com/ceyzl3k.php?event7=1 IP0.0.0.0:0
Requested byhttps://lp.luckyrafflex.com/gg11181win/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ceyzl3k.php?event7=1 HTTP/1.1
Host: www.lnstogsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.lnstogsurvey.com/ceyzl3k.php?event7=1 | 0.0.0.0 | | 0 B |
URL GET www.lnstogsurvey.com/ceyzl3k.php?event7=1 IP0.0.0.0:0
Requested byhttps://lp.luckyrafflex.com/gg11181win/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ceyzl3k.php?event7=1 HTTP/1.1
Host: www.lnstogsurvey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| lp.luckyrafflex.com/gg11181win/ | 172.67.220.152 | 200 OK | 4.0 kB |
URL User Request GET HTTP/2lp.luckyrafflex.com/gg11181win/ IP172.67.220.152:443
CertificateIssuerGoogle Trust Services LLC Subjectlp.luckyrafflex.com Fingerprint48:25:8F:36:3C:D8:0D:F6:5A:43:18:D3:ED:68:02:E6:30:41:27:CD ValidityFri, 29 Mar 2024 02:54:43 GMT - Thu, 27 Jun 2024 02:54:42 GMT
File typeHTML document, ASCII text, with very long lines (4224), with no line terminators Hash5676430a74d6d27393e5fa655c56ca1b 427bfe059bdc7449f9a3cbe1e500be4d570e01e0 4b90352b18c9237875e6704320d76ba8a575a789372787e42526628dc65e5cc5
GET /gg11181win/ HTTP/1.1
Host: lp.luckyrafflex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 11:42:59 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8Akjb4XCLXRaXT2w9%2FhWmJ0AQSWMQbpM4w%2FmiTD068jMP9CppuuDNIlT6piSDvZ1FhPQVNzaT0U9s5Nh8wxckvGyM%2BhqayL3DfBEo5x9G9WLGxK18l%2BcQcOVCke01Ct%2FOZ7wUPL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 879e12a6bdbe56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lp.luckyrafflex.com/gg11181win/1bc26059be9c5613b0c5800a0ef7c491.static.js | 172.67.220.152 | 200 OK | 977 B |
URL GET HTTP/3lp.luckyrafflex.com/gg11181win/1bc26059be9c5613b0c5800a0ef7c491.static.js IP172.67.220.152:443
Requested byhttps://lp.luckyrafflex.com/gg11181win/ CertificateIssuerGoogle Trust Services LLC Subjectlp.luckyrafflex.com Fingerprint48:25:8F:36:3C:D8:0D:F6:5A:43:18:D3:ED:68:02:E6:30:41:27:CD ValidityFri, 29 Mar 2024 02:54:43 GMT - Thu, 27 Jun 2024 02:54:42 GMT
File typeASCII text, with very long lines (995), with no line terminators Hashca0ef5412eda3db47320b7f585815a77 3f29129f430a8ceb735c7a28a621a0b2ee3d0fc3 0f2b323705a2b17a9e4586abb72d502e1c6721ec5637802f8ac27726d8ebbdcf
GET /gg11181win/1bc26059be9c5613b0c5800a0ef7c491.static.js HTTP/1.1
Host: lp.luckyrafflex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.luckyrafflex.com/gg11181win/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:43:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"8901e87a10c412602a8542142000e79f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VRR8DWAdHKnIGK%2FxmgZuEFiWDqGlzUtHOPC2ESdd8QMTLkAupLXiflV%2BJwtP9UkT9NmFBCrXpEOChlnJv65R9PjDnZMuTyetZHptOGdwT4DDJ4XVP9e91oMkTUnS3nJ3g50A8B4G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 879e12a8f9ca56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|