Report - walter-larence.com/c31fd236-727d-4fd2-97b4-8d8ce3e0aef7

Report Overview

Submitted URL
walter-larence.com/c31fd236-727d-4fd2-97b4-8d8ce3e0aef7
IP
18.193.146.82
ASN
#16509 AMAZON-02
Submitted
2023-12-05 20:08:30
Access
public
Website Title
Win Free Spins
Final URL
happy-u.vip/free-spins-ke/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
walter-larence.com	208176	2019-03-14	2019-03-30	2023-12-05	521 B	1.4 kB	18.193.146.82
happy-u.vip	unknown	2019-12-18	2019-12-18	2023-12-05	9.2 kB	469 kB	188.114.97.1
assets.landerlab.io	484499	2019-07-03	2020-11-05	2023-12-05	424 B	9.2 kB	54.230.111.7
notix.io	14765	2020-08-20	2020-08-20	2023-12-04	904 B	146 kB	139.45.240.92
oungimuk.net	335656	2021-02-06	2021-02-10	2023-12-05	1.0 kB	28 kB	139.45.197.251
track.landerlab.io	818681	2019-07-03	2021-07-23	2023-12-05	470 B	890 B	104.18.16.6

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	notix.io/ent/current/enot.min.js	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	unknown	322 B	2023-05-04	2024-01-31
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-04 19:32:59 Last Seen2024-01-31 00:52:33 Times Seen109 Hash e2ccc5eb24f72889c34031ba7e7e6968 c3b1d0bc1b79ec98ceebec72d09a0d1d0817f60b 51816618bafa3a0d603560f8d43748aed9a516f2d41023787e1c4b49256c3200 Loading...

	notix.io/ent/current/enot.min.js	145 kB	2023-11-29	2023-12-08
Pretty URL notix.io/ent/current/enot.min.js IP 139.45.240.92 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 11:39:02 Last Seen2023-12-08 03:48:58 Times Seen370 Hash 5ec57c87dbac3f07e59e5d74ae3421e4 70121f1541a1961d7b87544001d612f18ad04243 e1d529afcbb911c99bb039ba39c7fb6716275b97650ae816a90fc03f256542bb Loading...

	happy-u.vip/free-spins-ke/	438 B	2023-03-08	2024-02-28
Pretty URL happy-u.vip/free-spins-ke/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 08:02:53 Last Seen2024-02-28 05:04:57 Times Seen112 Hash 0b818be8ab6790b4b9ee65f423cf5f41 1b17b6a85413b069bc81667e4ddc97e65a989e5f b068a0cb42b4a0c6ce3d9b83c5a20288380fdc0e8bd433bc270cd16a6695f32c Loading...

	happy-u.vip/free-spins-ke/	2.1 kB	2023-03-07	2024-04-13
Pretty URL happy-u.vip/free-spins-ke/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-13 12:48:17 Times Seen602 Hash 9a27a79c569d6f8d21da059cfcbf88e0 33bde2d716e6bbe4058a0f8994c780a48d25787d 96c5e25724dec359fca6ea85c6485a9f12129292cbf4c4ce537db5e4642220a9 Loading...

	happy-u.vip/free-spins-ke/	4.3 kB	2023-03-07	2024-06-18
Pretty URL happy-u.vip/free-spins-ke/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:23:43 Last Seen2024-06-18 21:39:31 Times Seen235 Hash aaa8094d159f2eb478c4b0ae980396b3 9d64cef54ba9f2d31d1497adcb0ceec66b8674c3 69ab8cfee0110535b4125c8b77e5ab6f493829a94e60499c32da8f95cc71a484 Loading...

	happy-u.vip/free-spins-ke/	1.0 kB	2023-03-07	2024-06-19
Pretty URL happy-u.vip/free-spins-ke/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:56 Last Seen2024-06-19 20:51:26 Times Seen329 Hash 45c5589e039ce9af84fedc2389a9a4ed bedbff74d155bc641db49937f47c710a855da5b8 531ab2305ce2d762f9e2d1002008f56025b0b4e39070ede781eda96787ed5b1a Loading...

	happy-u.vip/free-spins-ke%2Fjs%2Fjquery.min.js	97 kB	2023-03-07	2024-07-24
Pretty URL happy-u.vip/free-spins-ke%2Fjs%2Fjquery.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-07-24 23:47:30 Times Seen1085 Hash 723e11a50995eef960d59451910e2cb4 76e617c6f9bad2602bdea1c20d50ba7c89a55097 ae34fd2197cffa02b5b7a753c262c1bbb3560afb92e403a1d59e935d8a320b41 Loading...

	happy-u.vip/free-spins-ke/	2.8 kB	2023-03-07	2024-06-19
Pretty URL happy-u.vip/free-spins-ke/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:56 Last Seen2024-06-19 20:51:26 Times Seen329 Hash 083c5ca24af8678b16c9bc8ded7977b5 5800d3c90abeaf622704cfa556a768f11c1766dd c118877df597b75ddefc0c3b0bc3aeabf50cc53a76eb5d3eb1539f87eab47092 Loading...

	track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=1e08f60282cd55a61321314ef22873f5	0 B	2023-03-07	2024-07-27
Pretty URL track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=1e08f60282cd55a61321314ef22873f5 IP 104.18.16.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-07-27 03:42:09 Times Seen41184165 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	happy-u.vip/free-spins-ke/	1.6 kB	2023-03-07	2024-06-19
Pretty URL happy-u.vip/free-spins-ke/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:23:43 Last Seen2024-06-19 20:51:26 Times Seen262 Hash d81165fc9afd09ec7c2212dcd1becc2c d8b750ac90bc6e5e551a25c8e023154138b5ec58 e761d68347a1ce54af3ca0bf44d2175ce13c645a013ce18dea26a87faee03240 Loading...

	oungimuk.net/pfe/current/micro.tag.min.js?z=4336991&sw=/sw-check-permissions-77596.js	27 kB	2023-11-02	2024-01-11
Pretty URL oungimuk.net/pfe/current/micro.tag.min.js?z=4336991&sw=/sw-check-permissions-77596.js IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 09:44:53 Last Seen2024-01-11 13:08:53 Times Seen16700 Hash 5ccd2d5882a06f293d07510ac91c92e6 b44dc0eaa03981adb70d3313e728f9359c1d21c1 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba Loading...

	happy-u.vip/free-spins-ke/	290 B	2023-03-08	2024-02-28
Pretty URL happy-u.vip/free-spins-ke/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 08:02:53 Last Seen2024-02-28 05:04:57 Times Seen112 Hash 6cb415debaeb012b69dfbc9878bbdcde 02e4988e47e643442fbe3c70655a4b881fcfb704 42ad5f3b77aff7dea0c553bb0741fc12a438901efe71514dd76b3692f28c5d85 Loading...

	happy-u.vip/free-spins-ke/	497 B	2023-03-08	2024-02-28
Pretty URL happy-u.vip/free-spins-ke/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 08:02:53 Last Seen2024-02-28 05:04:57 Times Seen112 Hash ad3576329a48ac4d4ce70ab79aea01aa 07436b4524d9355b73ede3648db2373a69616689 69126f96b5d99a462a772afd0199b431b7943ee64aeb68adaa4dfec470364649 Loading...

HTTP Transactions (25)

URL IP Response Size

walter-larence.com/c31fd236-727d-4fd2-97b4-8d8ce3e0aef7

18.193.146.82

302 Found

0 B

URL User Request GET HTTP/2
walter-larence.com/c31fd236-727d-4fd2-97b4-8d8ce3e0aef7
IP
18.193.146.82:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectwalter-larence.com
Fingerprint68:03:79:D9:A0:7F:E4:02:56:2B:FE:6D:ED:3E:B4:E7:06:A6:D4:84
ValidityFri, 24 Nov 2023 06:53:56 GMT - Thu, 22 Feb 2024 06:53:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c31fd236-727d-4fd2-97b4-8d8ce3e0aef7 HTTP/1.1
Host: walter-larence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 05 Dec 2023 20:08:09 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://happy-u.vip/free-spins-ke?cep=pyAsU1wlvCYBhI9jKsq7OpyTzQLUBEH8KRiwpS0uO7IqwdGDJcEvTg1dQOoqNItVLh2qh7N-NX099YV8qZzCtq86bH7ssylOs490KINKbaEdhTCqPRICEqmuDuqyFdzU0qF8m7EdyfPMfio20VahtZrVDYJkiY6zC8LWV4Cj2HMy-Ab3Hg1ezKd52qZtZntCiWYKm7-h-dRtY4UH50VKN_JoZ1ucU186fa7s-QUq_WxhjVnpaYf7zFTQMb7xihdeaZo_mVYg3Rvzi_dMsWl6mbmr1Pep_GVP6ypjvxKyOO2UXRRykQ10DtWW4Mq5AEw0RKhAKQYkSZ8k4Xv9QhWAATpMPHiTiR3f8Ajk43Og3LW09Ly_g_TMtWRZu15tK5PY&lptoken=17ba019d802086848999
pragma: no-cache
set-cookie: c31fd236-727d-4fd2-97b4-8d8ce3e0aef7-v4=RSrdnGsgOpvSoX_eJ3aJrqIWKmloRw1Ax1SBEdkn9G4; Max-Age=86400; Expires=Wed, 06-Dec-2023 20:08:09 GMT; Domain=walter-larence.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=35c1wNmc-_BlOK9A1Yp4HKKtS16gsFtbBQZ6p44vm-OmSzdAHsKY_8EFEUeOpEIw4UGcZHKGJvA4ZefeHBjKiMg1_3jwFxO-LA_RuY4qZgID-Kj-2TF-zkKK5awvtwvcHK2CxuO34UtOn3qwiM26s1UIDifwYjwhfnS503abZmS7pgvnQNjWQ-MiSb6T1nvZFfzFQhkAGWKYT7bHW6LovkbEknqo7O4PDiA6fxLtvvj8TGnWOJ-EZQMjd_ENsJQ2e0uRZlE4IubkZKVcPmi50kuOI8zmg7fRWA0ncqUqvehMZNuvJVbSVxKg4vqw7IMQj_DtkCTg59xzb2fhSl435kwy66stAHQHwWunXuj2h7EuFSbTf5GZcLEeF96IdVN6; Max-Age=86400; Expires=Wed, 06-Dec-2023 20:08:09 GMT; Domain=walter-larence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

happy-u.vip/free-spins-ke%2Fimages%2Fslot-spin.gif

188.114.97.1

200 OK

88 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fimages%2Fslot-spin.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
GIF image data, version 89a, 410 x 279\012- data
Size
88 kB (87599 bytes)
Hash
617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e

HTTP Headers

GET /free-spins-ke%2Fimages%2Fslot-spin.gif HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/gif
content-length: 87599
x-amz-id-2: mCh89CwmCzbWod4ck4O3wABtTAli/lNbG0dVvfKhM4+/gzKdlmJGgcKeWuI0Oq4ZLRRCUIp3n8k=
x-amz-request-id: X3RQSTKNRWZ2PYKT
last-modified: Thu, 02 Jun 2022 12:59:34 GMT
etag: "617c16c5e04c8603dd7f157862b1c682"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVkg4%2BoWZWlTQk%2Fo4pX9eDEh3u4qTpDBLGY6hZs6If%2F97peFLmcYsTXq94tWhheUCwB8P5sn2OXNKh9I8OTavbkXvPFDj%2FvgKuCqjnZn6H2GHkxxG8gfFfT9ey%2Bg2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b6f235687-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke%2Fimages%2Fslot-result-1.png

188.114.97.1

200 OK

20 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fimages%2Fslot-result-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
20 kB (20370 bytes)
Hash
1fbd2b26e61236d5bcfdfeb6adbd2c8c
c9034272d28dab018b73f1967a679c734f987a1f
c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963

HTTP Headers

GET /free-spins-ke%2Fimages%2Fslot-result-1.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 20370
x-amz-id-2: HkwJmvNgaOkjw1PA9RpupDjH4UkIsuIFFHorbuyA0s/u8YOJYS/8HbAu7MBYrKW6DR4MMnGLRNo=
x-amz-request-id: CT282MX3CJX4HS43
last-modified: Thu, 02 Jun 2022 12:59:32 GMT
etag: "1fbd2b26e61236d5bcfdfeb6adbd2c8c"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llYsVqPWURnnUZQpr3RczpbBg9WC5AkzwY%2F41PpRyMnrR4LGxlAzQL2ifvM2BZibPfxc1pn62dHoyeGYc7klOHPpjpVk%2FFLEOf%2FGxwrgk09ErDawvXcRnARGbIbKyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b6f275687-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke%2Fimages%2FCA.png

188.114.97.1

200 OK

36 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fimages%2FCA.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (36535 bytes)
Hash
d94d1d2fc9120c693a66d99b01362e24
465d9725e53ec9a6e4bf2a8e26fb4b5b7e01562d
0b5f254d8aba31c96211fbd731c9f5984973c203135435f5430cf05c542b5b70

HTTP Headers

GET /free-spins-ke%2Fimages%2FCA.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 36535
x-amz-id-2: 7HfX9lbJ7Cmg6mH4DLb5XwhU+HjntwxWo8PyphUBBhZMK1nmtIYHOgLhpPiItXeGRQ3iw4snQfo=
x-amz-request-id: 6DWEP1G0E02KWVDZ
last-modified: Thu, 02 Jun 2022 12:59:31 GMT
etag: "d94d1d2fc9120c693a66d99b01362e24"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClVmymExi%2Fw0Hd13Cd7ooDMChGi%2B5S0QiBEMUBcfsys4FsITv4Iku0Tne57H8DaC2fNpDUXu8xs18Fx9ERu%2FhCCO73%2FoA9tveybBrRP5ZdxNZy9NgHbYMO%2Bs8R%2FgZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b6f1d5687-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke?cep=pyAsU1wlvCYBhI9jKsq7OpyTzQLUBEH8KRiwpS0uO7IqwdGDJcEvTg1dQOoqNItVLh2qh7N-NX099YV8qZzCtq86bH7ssylOs490KINKbaEdhTCqPRICEqmuDuqyFdzU0qF8m7EdyfPMfio20VahtZrVDYJkiY6zC8LWV4Cj2HMy-Ab3Hg1ezKd52qZtZntCiWYKm7-h-dRtY4UH50VKN_JoZ1ucU186fa7s-QUq_WxhjVnpaYf7zFTQMb7xihdeaZo_mVYg3Rvzi_dMsWl6mbmr1Pep_GVP6ypjvxKyOO2UXRRykQ10DtWW4Mq5AEw0RKhAKQYkSZ8k4Xv9QhWAATpMPHiTiR3f8Ajk43Og3LW09Ly_g_TMtWRZu15tK5PY&lptoken=17ba019d802086848999

188.114.97.1

302 Found

26 kB

URL User Request GET HTTP/2
happy-u.vip/free-spins-ke?cep=pyAsU1wlvCYBhI9jKsq7OpyTzQLUBEH8KRiwpS0uO7IqwdGDJcEvTg1dQOoqNItVLh2qh7N-NX099YV8qZzCtq86bH7ssylOs490KINKbaEdhTCqPRICEqmuDuqyFdzU0qF8m7EdyfPMfio20VahtZrVDYJkiY6zC8LWV4Cj2HMy-Ab3Hg1ezKd52qZtZntCiWYKm7-h-dRtY4UH50VKN_JoZ1ucU186fa7s-QUq_WxhjVnpaYf7zFTQMb7xihdeaZo_mVYg3Rvzi_dMsWl6mbmr1Pep_GVP6ypjvxKyOO2UXRRykQ10DtWW4Mq5AEw0RKhAKQYkSZ8k4Xv9QhWAATpMPHiTiR3f8Ajk43Og3LW09Ly_g_TMtWRZu15tK5PY&lptoken=17ba019d802086848999
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
data
Size
26 kB (26397 bytes)
Hash
1815c158f3adbe48a73f523b7166db5a
8512ebc3d026dec1e4884304082191a262f3c26c
358ea599e01032804ac559b07e4e1a83518ded1325acb7d096b7bccdac432afd

HTTP Headers

GET /free-spins-ke?cep=pyAsU1wlvCYBhI9jKsq7OpyTzQLUBEH8KRiwpS0uO7IqwdGDJcEvTg1dQOoqNItVLh2qh7N-NX099YV8qZzCtq86bH7ssylOs490KINKbaEdhTCqPRICEqmuDuqyFdzU0qF8m7EdyfPMfio20VahtZrVDYJkiY6zC8LWV4Cj2HMy-Ab3Hg1ezKd52qZtZntCiWYKm7-h-dRtY4UH50VKN_JoZ1ucU186fa7s-QUq_WxhjVnpaYf7zFTQMb7xihdeaZo_mVYg3Rvzi_dMsWl6mbmr1Pep_GVP6ypjvxKyOO2UXRRykQ10DtWW4Mq5AEw0RKhAKQYkSZ8k4Xv9QhWAATpMPHiTiR3f8Ajk43Og3LW09Ly_g_TMtWRZu15tK5PY&lptoken=17ba019d802086848999 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: text/html; charset=utf-8
x-amz-error-code: Found
x-amz-error-message: Resource Found
x-amz-request-id: HBWDMD3VZG6E2FVN
x-amz-id-2: p6iF1Sm6UHMMirGia/jwZGIWtzAPhNWhrK3ZhfaXi8Kxg9uZDy0A+zCL0+mbsyCLkp/WGHATlJ0=
location: /free-spins-ke/
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuWuXxv0QLeTGcciFrsLNoQ7pIT09e0g8CrOFFLFliGMOjLPOdvtzm6010EPrji2AAlRG3L7c0SR1CsLVmqPEahrffUSH8PvKnnzdp2XC5HJ5VUMU3O%2B52vmgoL5%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb670ea756bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

happy-u.vip/free-spins-ke%2Fimages%2Fslot-win.png

188.114.97.1

200 OK

14 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fimages%2Fslot-win.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
14 kB (14391 bytes)
Hash
939b6a73c96383ac0842317037f3a0f0
0654b62431c8ba522833950b8166d7a16e2a6b56
b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837

HTTP Headers

GET /free-spins-ke%2Fimages%2Fslot-win.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 14391
x-amz-id-2: SLS92mdgsZig22sKXdMlx61oNkcnPCOsDPl2yf9nlHeKlmdHBv31DymwVlgV3hZGvUcqibOQ9/w=
x-amz-request-id: X3RSNTGS2ZHA3T7H
last-modified: Thu, 02 Jun 2022 12:59:33 GMT
etag: "939b6a73c96383ac0842317037f3a0f0"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h82d9fhiUFpgNws5YB5LNBjiQWqb4QF5cX6VnRjx5XQ6%2FIuwfs1zN13wBIvy%2FCQzpskbRe%2FsD0Qle23pBJDrRZVobegst0hmVguQD4lpns%2FeJrZX5DMGjWQDf2m0OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b7f2c5687-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke%2Fimages%2Fred-arrow-right.png

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fimages%2Fred-arrow-right.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1362 bytes)
Hash
881bdc037be8895ba5d8d53456890e7e
4e105c89e2a1475520bb74c9c20bf2f9e906fcb3
9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f

HTTP Headers

GET /free-spins-ke%2Fimages%2Fred-arrow-right.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 1362
x-amz-id-2: rA+THcGluV8iaCuG49rRNzuSRWHzh/dl6oeyLu7l/+AtibJSZUzwUDBiwme78ZXP1nxauTteozk=
x-amz-request-id: X3RXXNNTXQ7Z5AB6
last-modified: Thu, 02 Jun 2022 12:59:32 GMT
etag: "881bdc037be8895ba5d8d53456890e7e"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yWdKTpswED%2FXFAQjjyl5iAnA2YiPioVWnVjVEt3g3A%2BQCvKgk8lqVigXd%2FVQp%2BGJlfAjQFJj6eXwWTQzmOumt%2FNOBNEl756TucU73ToXYxGWgVCiMFSZujWcOK7pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b7f365687-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke%2Fimages%2Fslot-result-2.png

188.114.97.1

200 OK

27 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fimages%2Fslot-result-2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
27 kB (26733 bytes)
Hash
b6ca0bfea4d0cec334f128f5c2c44cff
f6dc006902542a929187af718d9f6a244e5472b5
b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435

HTTP Headers

GET /free-spins-ke%2Fimages%2Fslot-result-2.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 26733
x-amz-id-2: hi0o42OuLC7MYdKgPvzsp5RShXJhC1sQhYbhosevLvVtlIowyMG2Jf/lru2Mjv8sYitEmZ0hYAw=
x-amz-request-id: 6SX5QEH8YK3XMCEH
last-modified: Thu, 02 Jun 2022 12:59:32 GMT
etag: "b6ca0bfea4d0cec334f128f5c2c44cff"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbBdXlUMSOB7zSYbyc4rvbDOYu4XGQppvh5WPVEK8%2ByVjbbnaqHDvzDuCt5urj2MYdsRjB4WhDNSPdYusJRUzvXHWM5oKrENnWcBWk%2FMKHdkl6BfXCff%2F8XQHfNsLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b7f2b5687-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke%2Fimages%2Fred-arrow-left.png

188.114.97.1

200 OK

1.3 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fimages%2Fred-arrow-left.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1334 bytes)
Hash
92d3e482cacea857c5dfaf9fa3a21dfb
3f12c410c77d763cc4719ec367a18417b8300758
4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef

HTTP Headers

GET /free-spins-ke%2Fimages%2Fred-arrow-left.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 1334
x-amz-id-2: cuAeLnowYMiq1EmmJ4BhIp+Rt3+z3Um4UQeJGOcYWOF+lsq0OUwBC9nJ4oTmn1HVNSxPdKViVv8=
x-amz-request-id: GP1PCHRTR4CJBEZ0
last-modified: Thu, 02 Jun 2022 12:59:33 GMT
etag: "92d3e482cacea857c5dfaf9fa3a21dfb"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qmZmi449Mnyj6QLdWaAf4iFr9YoXRiFEVOynJ%2B0vJ8hdET077E5Iv8%2B4%2F9bXif5lP%2Bjvps40o1PkL%2FqkdJsqdUv%2Bwbu2gQaBI55L2OCHqFVsyLfUEGzLY99Vp8NJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b7f2f5687-OSL
alt-svc: h3=":443"; ma=86400

assets.landerlab.io/base.css

54.230.111.7

200 OK

8.7 kB

URL GET HTTP/2
assets.landerlab.io/base.css
IP
54.230.111.7:443
ASN
#16509 AMAZON-02

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerAmazon
Subject*.landerlab.io
FingerprintCA:55:A0:91:66:D2:49:1D:74:D9:90:B0:7E:D2:4C:B1:3A:0C:10:78
ValidityWed, 28 Jun 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8731)
Size
8.7 kB (8732 bytes)
Hash
7f6de4e86d84bcbfd919f155e7545439
e7d9a7a418519c3fbce6de3c85775087cba93b49
8d8c59c2712df25a26ecd01739496e49c3514a9341fa3cd21cfa98627ba6efa2

HTTP Headers

GET /base.css HTTP/1.1
Host: assets.landerlab.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 8732
date: Tue, 05 Dec 2023 01:46:23 GMT
last-modified: Sat, 29 May 2021 19:05:04 GMT
etag: "7f6de4e86d84bcbfd919f155e7545439"
x-amz-version-id: 0sEXTlrAazg9KkJm7sv1lqt808WfgxiL
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: auoFWimOW_DcUgVTXa5rB3g_X0TmUQK63i-2yxcLjOXfe0oJSa2_tQ==
age: 66108
X-Firefox-Spdy: h2

happy-u.vip/free-spins-ke%2Fsounds%2Falert.mp3

188.114.97.1

206 Partial Content

8.8 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fsounds%2Falert.mp3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Size
8.8 kB (8802 bytes)
Hash
6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc

HTTP Headers

GET /free-spins-ke%2Fsounds%2Falert.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: audio/mpeg
content-length: 8802
x-amz-id-2: KtKPSsWrStu3HAvinXw+AnJpwB7nKmHCHZ+iolQ4yhYK86G8Q6YoN+XVmv6fCcNgRfOpmQaIb/c=
x-amz-request-id: 6SXA70EQ7852902K
last-modified: Thu, 02 Jun 2022 12:59:33 GMT
etag: "6d2d3da2ea28ace816fa4a138829dc18"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
content-range: bytes 0-8801/8802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqfeKuC76EnstV94X7qLYwxrZnJNuXHHVI3sMQO9nAz3k07%2F2ly29yl9uZMJZLzOv%2BEMS%2Baa9kvxzaHjMp2vKGLefVU0Y8dEUpzMyr5J%2BL9KhWV6rJxE2fQdgDa9uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6e7c135687-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke%2Fsounds%2Fspin.mp3

188.114.97.1

206 Partial Content

51 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fsounds%2Fspin.mp3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, JntStereo\012- data
Size
51 kB (51290 bytes)
Hash
390bca8d165546a8097b8951d2f400d4
1385d88b3aeee07bc51e7955fbcb9ed7586ebdec
cdb080d348cd2222fbe1d5b54da2f9db8fdca881570a9c82899082203b000b78

HTTP Headers

GET /free-spins-ke%2Fsounds%2Fspin.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: audio/mpeg
content-length: 51290
x-amz-id-2: CANkmzF5RFkOGQsEBlljct0vxETiOOOg5xxoxuF9mmxLFo+4lYfLT8W2lffGlbDuRXHvZS2uzk0=
x-amz-request-id: 2EKB7RW82RKJMT05
last-modified: Thu, 02 Jun 2022 12:59:34 GMT
etag: "390bca8d165546a8097b8951d2f400d4"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
content-range: bytes 0-51289/51290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVX0UwQYgt6LOa04sApd782vtPpZxDk3rLzGsMf0GFr6B6hFz%2FG7ZiyB%2Be4C1a5xPxFUDWS3UVlxesVLwtkgIQZ6fBlAX2bJBVwgC0WxuShnEU6Ec%2FUZptnSIFoGgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6e7c185687-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke%2Fsounds%2Fwin.mp3

188.114.97.1

206 Partial Content

22 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fsounds%2Fwin.mp3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Size
22 kB (22067 bytes)
Hash
c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56

HTTP Headers

GET /free-spins-ke%2Fsounds%2Fwin.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: audio/mpeg
content-length: 22067
x-amz-id-2: N5y/38boThQEmPJ70pl/Ze243Y8rl1TYMHEmehKME6KUr+j1zPqcITyLH1UlJWFbWaIh+mT6ZeA=
x-amz-request-id: GQ86GW87FJCCRPF9
last-modified: Thu, 02 Jun 2022 12:59:34 GMT
etag: "c74dca6a3ab16c097234033fec7a8573"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
content-range: bytes 0-22066/22067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6e0TAJENIZPEmc7CLQ91ChFk33%2FsT9oiNDP2Qo5DNGvnIznI6SJR19DOVQbZNnb9CU5GGXwj%2BMY%2BfVD9Lgwc3h0UYZZM5Vw3V4ykUJQ2S0e5Bi1ia%2FgqpvHnFdnaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6e7c145687-OSL
alt-svc: h3=":443"; ma=86400

notix.io/settings?appId=1004e573f6298b494995e0539d8329e&ver=0.15.19

139.45.240.92

200 OK

327 B

URL GET HTTP/2
notix.io/settings?appId=1004e573f6298b494995e0539d8329e&ver=0.15.19
IP
139.45.240.92:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjectnotix.io
Fingerprint68:78:0C:AA:A6:75:6F:E2:65:2D:3B:7E:5B:8A:2B:6B:F6:1A:BF:1D
ValidityFri, 15 Sep 2023 11:38:16 GMT - Thu, 14 Dec 2023 11:38:15 GMT

File type
JSON data\012- , ASCII text, with very long lines (327), with no line terminators
Size
327 B (327 bytes)
Hash
bf0f59f119686c0890d2a8be8df6cb23
f232d08bf915c9010c041dd6500398d997446f70
10af8d0b199fb5fc141f14782014cb5ba7e1bfbfbc8f3459a62ab3024bd28fea

HTTP Headers

GET /settings?appId=1004e573f6298b494995e0539d8329e&ver=0.15.19 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://happy-u.vip/
Origin: https://happy-u.vip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: application/json; charset=utf-8
content-length: 327
access-control-allow-origin: https://happy-u.vip
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

oungimuk.net/zone?&pub=0&zone_id=4336991&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

139.45.197.251

200 OK

0 B

URL POST HTTP/2
oungimuk.net/zone?&pub=0&zone_id=4336991&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjectoungimuk.net
Fingerprint52:49:91:AA:04:62:59:A1:7D:AA:95:42:75:F3:62:7E:D8:66:82:DA
ValiditySun, 24 Sep 2023 05:45:36 GMT - Sat, 23 Dec 2023 05:45:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=4336991&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest HTTP/1.1
Host: oungimuk.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://happy-u.vip
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 20:08:11 GMT
content-length: 0
x-trace-id: 09febbc020239344115720cc5e2b2570
access-control-allow-origin: https://happy-u.vip
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=1e08f60282cd55a61321314ef22873f5

104.18.16.6

200 OK

0 B

URL GET HTTP/2
track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=1e08f60282cd55a61321314ef22873f5
IP
104.18.16.6:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerCloudflare, Inc.
Subjectlanderlab.io
FingerprintE5:19:57:65:1C:8A:4A:59:2F:10:FC:CE:EC:7C:74:C3:C9:6E:04:49
ValidityFri, 07 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/606dc316bd12e800113ca177?lander_id=1e08f60282cd55a61321314ef22873f5 HTTP/1.1
Host: track.landerlab.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 20:08:11 GMT
content-length: 0
cache-control: no-cache
set-cookie: worker_cookie=N4Igdgpg7g+gFgSwC4wQExALhAYwgMzQA4BDAJhwFoBOARiLMoBZbqAGSktAIwmaIDshfO2IBWEiAA0IAG4IAzslQZsbAGxEIaAMzrulHNTQDm6tjs7UxHLjnw4SOHGPVkm0uYuVIEAWwgFJBI/AAcsEDI2MktaRjYxABUozDYiTFpaADoydXUALU95JSQAewAnFQi0NDI0GyY+MSI0amZqI0oiNhIiSlp8MWoubh0dWggyT0cwkgQAczAq7HN1NBxx/TQ4iG62TJ1HWgEBTzBStAgYHDg5sCwAbQBdGUUYSCgsfBIAGwUIAC+QA; Expires=Wed, 06 Dec 2023 20:08:11 GMT; Domain=track.landerlab.io; Path=/; SameSite=None; Secure
__cf_bm=FedjCxufjiVTr_Rh56JWP5eIXIQWm4_3.07RTOuDgX0-1701806891-0-Af4ILWfOW0rViACL5ibQk83Fjy/mcqKqrnxHSc47oE+o8cYYp+O9vH2KuIukgeXP6Rk2t5E3c2v948TwxOc3I2o=; path=/; expires=Tue, 05-Dec-23 20:38:11 GMT; domain=.track.landerlab.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6e59c1b51d-OSL
X-Firefox-Spdy: h2

happy-u.vip/sw-check-permissions-77596.js

188.114.97.1

200 OK

443 B

URL GET HTTP/3
happy-u.vip/sw-check-permissions-77596.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
ASCII text, with very long lines (462), with no line terminators
Size
443 B (443 bytes)
Hash
f0543799885fb5c86ac7c6bc29b508bc
ac3e9ae5ba4844ecfc9865ba1e7a9fbd32903eca
cb3fae5a8368bfba7e04d0df02732899f4edf1fd4e69a99938350a91bf590a32

HTTP Headers

GET /sw-check-permissions-77596.js HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:12 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=566
etag: W/"44d972e91b04c00bb67c0a08024625c4"
last-modified: Wed, 24 Aug 2022 13:50:20 GMT
x-amz-id-2: LniQnjFwRDJGl/Qzaa2mly7RbyC4H4tl4CPXKpoNV9oL1FTvvyS1oqO+27uzpRZRbYnnhToJrYs=
x-amz-request-id: 2EK3NV8G3KFHB4Z7
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41KwAovaaK7F36GW0%2Fofp0TlsAgbXC6Nmr%2B%2Bpe9O1LOyyhrCg9qGnKg1UC6R1O2nBYuKMjDNEiOSVENmNfuBs%2FvTrDZ2Y2cvDPhERFzHIrSHWdBARsL8vHwwznxZVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb72fba15687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

notix.io/ent/current/enot.min.js

139.45.240.92

200 OK

145 kB

URL GET HTTP/2
notix.io/ent/current/enot.min.js
IP
139.45.240.92:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjectnotix.io
Fingerprint68:78:0C:AA:A6:75:6F:E2:65:2D:3B:7E:5B:8A:2B:6B:F6:1A:BF:1D
ValidityFri, 15 Sep 2023 11:38:16 GMT - Thu, 14 Dec 2023 11:38:15 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
145 kB (144887 bytes)
Hash
5ec57c87dbac3f07e59e5d74ae3421e4
70121f1541a1961d7b87544001d612f18ad04243
e1d529afcbb911c99bb039ba39c7fb6716275b97650ae816a90fc03f256542bb

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

HTTP Headers

GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 16:35:15 GMT
etag: W/"65676843-235f7"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

happy-u.vip/free-spins-ke/

188.114.97.1

200 OK

22 kB

URL User Request GET HTTP/2
happy-u.vip/free-spins-ke/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3238)
Size
22 kB (21758 bytes)
Hash
153504c8e5f4dd8f207b65a4e299bb16
6eaa94ee7283551988a0e50fc018d1d262d9d69a
9f2ce1fb98a5f899d3ed7c56fab134ee414f6d4d190b92f59d1bea21add46917

HTTP Headers

GET /free-spins-ke/ HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: text/html
x-amz-id-2: CDs6GMIDfinplf6kRrddbe6a2MTL4awsaQuLveun9kpL45H3CEwpRB/Ki9X6crXsyiKjWslkWbA=
x-amz-request-id: GP1TPKBAJ2ENYY9F
last-modified: Wed, 24 Aug 2022 13:49:50 GMT
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6pAUouu9h4WXCsO4MXY8glGzg1VZKhXA4kEQqy51Xqsge9InzYiky1TJmkWghxsK%2Fa2oGUKJiVmbmEzzdswpKOe5MbiGthD5nk41ciCgEIX6aeLRwATaeqX0hzcug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb68585656bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

happy-u.vip/images/arrow.png

188.114.97.1

404 Not Found

351 B

URL GET HTTP/3
happy-u.vip/images/arrow.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (365), with no line terminators
Size
351 B (351 bytes)
Hash
4372326b1421bf79b07b24d81ace22ad
b45a3fa3f93e2bd52d2419fd8f67c900b58ca3a7
49daa5aab2344e5f7df1eff337d5387b5f49329eb0ca40595cea788296311fef

HTTP Headers

GET /images/arrow.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke%2Fcss%2Fstyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: XM7JSDZ0CYG76386
x-amz-id-2: mqcVFJT+f/Lkp9dQHfHibmcmGxHDmqpTcXNIDc5JFRBXg3+iJK8D0Ca6/IR5ofWH5m+IDRFF7P4=
cache-control: max-age=2592000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZMDb2GotsYu%2BBBUMRB7j7TIzP%2Bj59AVwvfvNmCndEoAKonBDTzhJCEwXnJELHAPIfckFAQ%2FCqFGcJ1d0UzeooHWzo9uSaEwYljwSofTrVJytA6hl9YS7VwKp5Xgjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6d49ff5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke%2Fimages%2Fslot-start.png

188.114.97.1

200 OK

26 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fimages%2Fslot-start.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
26 kB (26084 bytes)
Hash
f491647556e492de92530b48827690aa
6296c44299f5acb17cb2c06e37391a70672b1fd3
efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d

HTTP Headers

GET /free-spins-ke%2Fimages%2Fslot-start.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 26084
x-amz-id-2: HoDHrjce/VcUU2zhtpaxwQMlFMDYwWay3DqWtxcO7JGbjsNHPukTFTtad9pghVuRvpDzJffi4f4=
x-amz-request-id: 419H7YTW900JZRM6
last-modified: Thu, 02 Jun 2022 12:59:33 GMT
etag: "f491647556e492de92530b48827690aa"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9ksK5abbyGY3ptonFHlTp2Poo0GzfazxGRkggH0vjzMi85874UOmKIHPH%2FRkOdQGORpdk57dWk0AH1ozuHxyWJkx27mDqqAliU6D5D481hxZ%2Bjy%2FLVh5NEX3TgvKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b6f1f5687-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/favicon.ico

188.114.97.1

404 Not Found

346 B

URL GET HTTP/3
happy-u.vip/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (360), with no line terminators
Size
346 B (346 bytes)
Hash
43ac88ec8ac88b7525f7cbcc6dad8fe2
640c63303d8f84ff916c6734a4edbcaa0719a6d3
d1d6f03912e7823955fe2e9908f79a5981723b00bc1f0b48874af497e224fd13

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: XM7M24DJJHHNZ2HM
x-amz-id-2: ivZvFuTjxJDzTNi6AuEwTaxm/y8/NUgWeNtm+04aJnr6eU/snxE5aH3DOdRP5dUEm3BeoyA4eEQ=
cache-control: max-age=2592000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5l7qJUI%2BJEoYp7a55p8%2F1PDmNz9UFdiwdbGIOM5rDQu2OP%2B5tqnFIGSXqeoZl34QUbcPCnIycV8pohdEaTfsGBfWtWUkZPBzNNkZiCxpUwoUvOZhPlrTuiXyxsLuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb70f88f5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke%2Fcss%2Fstyle.css

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fcss%2Fstyle.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
ASCII text, with very long lines (10941), with no line terminators
Size
11 kB (10941 bytes)
Hash
cb2e0fe2fe90d7572bf48419ecf1ee65
285568da5113f9203628287222cfbb469d0c2171
b3a3eb6e06b9f50fb0a3434a8c4033a496d5d37b6abaa83eb02b41ec66204de0

HTTP Headers

GET /free-spins-ke%2Fcss%2Fstyle.css HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=13222
etag: W/"538445a521226e69b9c4231a52ad5e79"
last-modified: Thu, 02 Jun 2022 12:59:32 GMT
x-amz-id-2: +tU/BSjpobN5fvgg4wbFtFDaM4FffXnvWyWIt/wRCaXZvbEE8/AYYKyFUHkg8lmafVlTXG8ppho=
x-amz-request-id: CT27F2CRHJX957PP
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0znASVlEYufjJIUu5WyrEPXmK8uvYtRrgRsHle2WFQCrY6aQvB9LAzggOEz2TQwzxwjH48GtpGjFx5cuHgsgNMoD0k0bvYzd5Y7Pgdm1yl0MjUiz%2BhIvISN1mM1rtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b6f185687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

happy-u.vip/free-spins-ke%2Fjs%2Fjquery.min.js

188.114.97.1

200 OK

97 kB

URL GET HTTP/3
happy-u.vip/free-spins-ke%2Fjs%2Fjquery.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT

File type
ASCII text, with very long lines (32063)
Size
97 kB (97099 bytes)
Hash
723e11a50995eef960d59451910e2cb4
76e617c6f9bad2602bdea1c20d50ba7c89a55097
ae34fd2197cffa02b5b7a753c262c1bbb3560afb92e403a1d59e935d8a320b41

HTTP Headers

GET /free-spins-ke%2Fjs%2Fjquery.min.js HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: application/javascript
x-amz-id-2: +Fy3AmIpRj2BKz7Xwpph5k0hSAayTFaobu8Ue470V18b6x3fX1GOfRVAXJoAZ2CvIAtSvPW2DnM=
x-amz-request-id: 6SX6MYRSASCVH1PZ
last-modified: Thu, 02 Jun 2022 12:59:31 GMT
etag: W/"723e11a50995eef960d59451910e2cb4"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eD2Y2CDyuUIstW%2B3FrZvsd1n6TbsaSpO%2B%2BQ3iW35r0ffae97%2FdhAYmR1foJK4Kx6LpMg4AkFA%2B6qEENEPIiktfzWPbUgpRHbuMPZdu3wBKJK0MnF8%2BHwjD%2F4k1UqGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b7f3a5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

oungimuk.net/pfe/current/micro.tag.min.js?z=4336991&sw=/sw-check-permissions-77596.js

139.45.197.251

200 OK

27 kB

URL GET HTTP/2
oungimuk.net/pfe/current/micro.tag.min.js?z=4336991&sw=/sw-check-permissions-77596.js
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/free-spins-ke/
Certificate
IssuerLet's Encrypt
Subjectoungimuk.net
Fingerprint52:49:91:AA:04:62:59:A1:7D:AA:95:42:75:F3:62:7E:D8:66:82:DA
ValiditySun, 24 Sep 2023 05:45:36 GMT - Sat, 23 Dec 2023 05:45:35 GMT

File type
ASCII text, with very long lines (27007), with no line terminators
Size
27 kB (27007 bytes)
Hash
5ccd2d5882a06f293d07510ac91c92e6
b44dc0eaa03981adb70d3313e728f9359c1d21c1
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=4336991&sw=/sw-check-permissions-77596.js HTTP/1.1
Host: oungimuk.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-697f"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash