luckytemptations.com Open in urlscan Pro
2606:4700:3032::6815:5bd6  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response luckytemptations.com/	5 KB 3 KB	604ms 265ms	Document text/html	2606:4700:3032::6815:5bd6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5bd6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b93a444edc0603c117ef050e5a1ba760c5282d53babb9048c06e4aa80476b62 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET,POST,OPTIONS,PUT,DELETE,PATCH alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 86260c228c6a9052-FRA content-encoding br content-type text/html; charset=UTF-8 date Sun, 10 Mar 2024 20:27:47 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vExpH%2FgqIWk5M4RZKoJ4ehE%2BXyD4R8iCzbNnokd1q56%2FZF3as5d%2FEVy9F7HKCi36hgHCvxamqb5KgAuuJJkW2M3q9nNvf37e%2Fk3rgMZ0RTVFyhwgG6h6CXIaTbfXdOLMdwmRIc24WKoWgd5Rx6Zn%2BNEKsw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	style.css luckytemptations.com/src/css/	64 KB 13 KB	39ms 38ms	Stylesheet text/css	2606:4700:3032::6815:5bd6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://luckytemptations.com/src/css/style.css Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5bd6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa0efdedfe855c3b3d87b62e005fee9c660102942b933d329d527877d2a666ad Request headers accept-language de-DE,de;q=0.9 Referer https://luckytemptations.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:27:47 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3642 alt-svc h3=":443"; ma=86400 last-modified Tue, 03 Oct 2023 09:38:24 GMT server cloudflare etag W/"651be110-100f3" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS,PUT,DELETE,PATCH content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQub9avlTqslECmkuL8aq0gFcGQZTphTx4mLuolC14VboQfidKmNbfKLi091yCyRak3%2B8%2FrGNbsY6DDTzeONKJ2QhpiJam9MspvZRpUIjd94%2BbsnzurMxDZF%2FbX8JYWQLupr2MZdMoV5wHNajcLKNhZM6g%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 86260c243ebe9052-FRA access-control-allow-headers Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	style_models.css luckytemptations.com/src/css/	3 KB 1 KB	36ms 35ms	Stylesheet text/css	2606:4700:3032::6815:5bd6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://luckytemptations.com/src/css/style_models.css Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5bd6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1538907dada9485d8903915d237a006e5de34b34641ad8085161cc2036449923 Request headers accept-language de-DE,de;q=0.9 Referer https://luckytemptations.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:27:47 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2857 alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 12:55:50 GMT server cloudflare etag W/"651eb256-d78" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS,PUT,DELETE,PATCH content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGLHDHuQbcTbKxZwV3JIhdpoEW3zi2es66vt%2BN6nFh1bXuVOwRQqXAF3QJDwlZt980eeMTWy9GH4hCqDZdvU5li90StbhDrkEotIc9vgoTxwyIzgTEQ5Qdn7mIjxv7Z7MGb8weBvL4fi4YvtDX%2B%2BMXDNjw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 86260c243ec09052-FRA access-control-allow-headers Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	ionic.esm.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	22 KB 6 KB	92ms 39ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bbe7a0a1a82a0d740407b1bcb33c70e8286cde7d1ba3badc02d8158131d9094 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://luckytemptations.com/ Origin https://luckytemptations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:27:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2882 x-jsd-version 7.7.4 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-etou8220033-FRA, cache-lga21922-LGA x-jsd-version-type version server cloudflare etag W/"58bb-wrwNgam4C2cJntE0Vq0uYp/6gOo" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yd9%2F%2FHeMXuz7oX6z54djQRjieUv3WNNed0Okn7243k93p5hTgqB32KbxdmeULKUEEv8WLlLgr7hsA0UyWwipyNuGNlYJtz%2BqVnKJsv1MWr9PInemOzPftLtzcA2Dg%2Bz2%2FT5t4z139igHasg8g0k%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 86260c24892a8fce-FRA
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.4.1/	86 KB 31 KB	28ms 8ms	Script text/javascript	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://luckytemptations.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 14:38:03 GMT content-encoding gzip x-content-type-options nosniff age 539384 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30774 x-xss-protection 0 last-modified Mon, 13 May 2019 14:37:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Mar 2025 14:38:03 GMT
GET H2	200	css2 fonts.googleapis.com/	5 KB 1 KB	36ms 16ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700;900&display=swap Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3ca9c18b2923195ed9726dd08f5d858282b13f72721ba21903ce7b95a44e5cca Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://luckytemptations.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 10 Mar 2024 20:27:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 10 Mar 2024 20:24:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 10 Mar 2024 20:27:47 GMT
GET H2	200	script.js Show response luckytemptations.com/src/js/	15 KB 5 KB	37ms 37ms	Script application/javascript	2606:4700:3032::6815:5bd6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://luckytemptations.com/src/js/script.js Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5bd6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1812e975b8dff1639264c17b8d952dcc47f03dc2fdc4fe6b0dd29649db10a26 Request headers accept-language de-DE,de;q=0.9 Referer https://luckytemptations.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:27:47 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2857 alt-svc h3=":443"; ma=86400 last-modified Mon, 02 Oct 2023 13:18:25 GMT server cloudflare etag W/"651ac321-3c5b" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS,PUT,DELETE,PATCH content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vETDXpfHNbiEq31xdUxjIIHWtMgR9frGZN3McBJYXGYWYsH1PfQFcDENqC6aBJ2vgy8qwzCckfDoannezCkf%2F8l9DI17rh2D7Ow9ICrC%2B9nm%2BkOIpqpHby47R0cIuFjtFWNrlz8cKSfsaAzEYXyKP2UsQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 86260c243ec29052-FRA access-control-allow-headers Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	seetrue.js Show response luckytemptations.com/src/js/	698 B 681 B	39ms 39ms	Script application/javascript	2606:4700:3032::6815:5bd6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://luckytemptations.com/src/js/seetrue.js Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5bd6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0dd1a84dccabf68aef50dfb0d864b563b7113bde7dfcbe9b90bf550a0d6011fa Request headers accept-language de-DE,de;q=0.9 Referer https://luckytemptations.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:27:47 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2857 alt-svc h3=":443"; ma=86400 last-modified Thu, 03 Nov 2022 09:02:30 GMT server cloudflare etag W/"636383a6-2ba" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS,PUT,DELETE,PATCH content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVL8fi%2FPkakHOKw0kgy17aplPCeKdfT2kC53rEfBCAwvHXwP9mHJjl4u2AhNc4rrq3100DEudsl2ZiKRmgNn1416Eh%2Fi%2FPuz4vH%2BQWiXWvD5Qem9OQzf%2B4u4T4pabCAmmHT%2BmUb%2B59tFxSiDUiMCVOrCGw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 86260c243ec39052-FRA access-control-allow-headers Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	at.js Show response rigill.com/script/	110 KB 38 KB	123ms 40ms	Script text/javascript	2606:4700:3031::ac43:8476 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rigill.com/script/at.js Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8476 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cf300ab8218fd1a0a385ef0ef2d3c6c3d3fd41415c8722eb8c634af8c18e5bb Request headers accept-language de-DE,de;q=0.9 Referer https://luckytemptations.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:27:47 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 931 x-guploader-uploadid ABPtcPr3fP4_vOLQjadRP3xb7oaT4a6pZu2Raqbxq2UyhXGlaYMBPtfkkdYAWhsWfgBGsH7Qv4g x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Mon, 26 Feb 2024 11:51:53 GMT server cloudflare etag W/"97714961d1a5202d1d5d5c393de2792d" vary Accept-Encoding x-goog-hash crc32c=gnfUgA==, md5=l3FJYdGlIC0dXVw5PeJ5LQ== x-goog-generation 1708948313480375 content-type text/javascript access-control-allow-origin * cache-control public, max-age=14400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tx9epkJYNp%2FS7Tc4snoI2QSdR9t8k3Awaurqp%2BOxAaiUXT71Bf8fVwI%2Bi1uMy6%2FOucsAevMDdXFNVa7V8xFH7yikf8b2mwLrs7CQKOBUcFpGyW0uGr69mBtpcviQ2vmNKKVkfh601Ea8"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 112237 cf-ray 86260c24bd529bb6-FRA expires Sun, 10 Mar 2024 20:18:29 GMT
GET H2	200	p-60efe117.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	17 KB 8 KB	37ms 36ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-60efe117.js Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7b10501e5ba3ce1e932de7fadaf4577187ed8d92adf69496c7b02695e303787 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Origin https://luckytemptations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:27:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 24842 x-jsd-version 7.7.4 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-etou8220097-FRA, cache-lga21975-LGA x-jsd-version-type version server cloudflare etag W/"4444-eF48eX2qUx3ChCFkFWFH9RiHM7A" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUJVCZy4AAc%2FNoCBaLKiASqfEtlnpbmBdMfE%2F4WfLJk1uIoa%2BjRBOzs6mUrtqQOZBO88DBGq6F%2BKuDJgZyZJzNwZjA6oypdqe1bf9BwotnFSMJ3pq8%2BwiBHPV%2BvObvVfH%2BspFYQ0Hy%2FOktItC64%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 86260c24c96a8fce-FRA
GET H2	200	p-1fa738c4.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	121 B 480 B	35ms 34ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-1fa738c4.js Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75c5f14af91018cad76706b165928bc3fd61c3189b37f64734a362bc71d9ca4d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Origin https://luckytemptations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:27:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 24842 x-jsd-version 7.7.4 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-etou8220055-FRA, cache-lga21953-LGA x-jsd-version-type version server cloudflare etag W/"79-dj4qBi8wkzAC5zhLs0FlQ7rizeY" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cu%2B%2Fwn7GWo2S0N5ZM6Wfk0sa6RtbgzreSm21p3NzehyHUDb2h1a%2ByZBb8VSDMNwoKFBS%2BO7%2FpJwLABjga7FZIqyaYFi5s%2Bka6tAAZOBO5Vwybx5NmsXjeOPWom%2F%2FmydSaLSzw3pXSFY2omw8Vuk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 86260c24c96f8fce-FRA
GET H2	200	p-5aa60929.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	3 KB 2 KB	35ms 35ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-5aa60929.js Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 373d612fbf2944fde3903676a58227b603a5306bee2c7c2d28005ff2d9327c14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Origin https://luckytemptations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:27:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 24842 x-jsd-version 7.7.4 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-etou8220085-FRA, cache-lga21953-LGA x-jsd-version-type version server cloudflare etag W/"cca-Rq75UzOpjKR2ABsRbUhXnmvkSOo" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2mUmCe526vXP9yqOS09AvDqH3J6uc3rOgCNIG0I7DQ6aLIFxm5UrTFz4SXaGSfsEsm%2B6xvUvXZmvX%2FRz6bl2MOZo38vxE3%2FUJ165dsgGimspQ351B1WVglZ2hAZWGc42mN6Ghgln07m5usYkTM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 86260c24c9708fce-FRA
GET H/1.1	200 OK	ip Show response ntwkbc21.com/	14 B 254 B	364ms 116ms	Fetch text/plain	104.198.50.50 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ntwkbc21.com/ip Requested by Host: rigill.com URL: https://rigill.com/script/at.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.198.50.50 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 50.50.198.104.bc.googleusercontent.com Software openresty / Resource Hash 0dcd3c1d29093188f5ae62a2daf172e3b3dc2464ab26ddd2658578029d081dab Request headers accept-language de-DE,de;q=0.9 Referer https://luckytemptations.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 10 Mar 2024 20:27:47 GMT Content-Encoding gzip Server openresty Connection keep-alive Transfer-Encoding chunked Content-Type text/plain
GET H/1.1	200 OK	ip Show response ntwkbc42.com/	37 B 276 B	353ms 113ms	Fetch text/plain	2600:1900:4000:9862:8000:1:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ntwkbc42.com/ip Requested by Host: rigill.com URL: https://rigill.com/script/at.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1900:4000:9862:8000:1:: Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software openresty / Resource Hash dd40a23072f1f70b8e99577eb6388a9b1ddbd0229eaddcd703da838751b9c680 Request headers accept-language de-DE,de;q=0.9 Referer https://luckytemptations.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 10 Mar 2024 20:27:47 GMT Content-Encoding gzip Server openresty Connection keep-alive Transfer-Encoding chunked Content-Type text/plain
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	27ms 8ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://luckytemptations.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 17:34:04 GMT x-content-type-options nosniff age 528823 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Mar 2025 17:34:04 GMT
GET H2	400	.js eiteribesshaints.com/d/	0 0	64ms 8ms	Script text/html	3.72.158.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eiteribesshaints.com/d/.js?lpref=&lpurl=https%3A%2F%2Fluckytemptations.com%2F&lpt=Lucky%20Temptations&vtm=1710102467377 Requested by Host: luckytemptations.com URL: https://luckytemptations.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.72.158.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-72-158-57.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://luckytemptations.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers
POST H2	204	aft.php quesid.com/ut/	0 409 B	234ms 152ms	Ping text/plain	2606:4700:3036::6815:3d3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quesid.com/ut/aft.php?cab=0.194499476159649021710102467474pcVSGIP3wYpSEXK7FCYm5MW1U5Ho1organic Requested by Host: rigill.com URL: https://rigill.com/script/at.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://luckytemptations.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain; charset=utf-8 Response headers date Sun, 10 Mar 2024 20:27:47 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mI772WLFyDz%2B7Gaj3dk%2Bu2vTb2UIPN9cSGd%2F2n%2BxZogT6fBOxakcUthRZpdmOG39nO%2F3ja%2BmuF%2FpG1P0FCfNPhWeqhwsZvriWqQpqaLFQVFIS6SaNNEtKmTxZC6%2B2hUnnVCUMo6eArq"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 86260c263a182c39-FRA alt-svc h3=":443"; ma=86400

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| getCookie function| cookieParam function| changeState function| updateGain function| decimalToAmerican function| getTotalOdd function| addOdds function| UpdateActive function| logClick object| regeneratorRuntime string| rgxngibqxq object| UFET function| getQueryParams object| params function| dtpCallback object| Ionic

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			luckytemptations.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qgbmjf3l6rkoc4ai205i4e8300
			luckytemptations.com/	1970-01-21 03:47:18	Name: state Value: ontario

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://eiteribesshaints.com/d/.js?lpref=&lpurl=https%3A%2F%2Fluckytemptations.com%2F&lpt=Lucky%20Temptations&vtm=1710102467377 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
eiteribesshaints.com
fonts.googleapis.com
fonts.gstatic.com
luckytemptations.com
ntwkbc21.com
ntwkbc42.com
quesid.com
rigill.com
104.198.50.50
2600:1900:4000:9862:8000:1::
2606:4700:3031::ac43:8476
2606:4700:3032::6815:5bd6
2606:4700:3036::6815:3d3
2606:4700::6810:5714
2a00:1450:4001:809::2003
2a00:1450:4001:813::200a
2a00:1450:4001:81c::200a
3.72.158.57
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0dcd3c1d29093188f5ae62a2daf172e3b3dc2464ab26ddd2658578029d081dab
0dd1a84dccabf68aef50dfb0d864b563b7113bde7dfcbe9b90bf550a0d6011fa
1538907dada9485d8903915d237a006e5de34b34641ad8085161cc2036449923
373d612fbf2944fde3903676a58227b603a5306bee2c7c2d28005ff2d9327c14
3ca9c18b2923195ed9726dd08f5d858282b13f72721ba21903ce7b95a44e5cca
3cf300ab8218fd1a0a385ef0ef2d3c6c3d3fd41415c8722eb8c634af8c18e5bb
6b93a444edc0603c117ef050e5a1ba760c5282d53babb9048c06e4aa80476b62
75c5f14af91018cad76706b165928bc3fd61c3189b37f64734a362bc71d9ca4d
9bbe7a0a1a82a0d740407b1bcb33c70e8286cde7d1ba3badc02d8158131d9094
a7b10501e5ba3ce1e932de7fadaf4577187ed8d92adf69496c7b02695e303787
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
dd40a23072f1f70b8e99577eb6388a9b1ddbd0229eaddcd703da838751b9c680
e1812e975b8dff1639264c17b8d952dcc47f03dc2fdc4fe6b0dd29649db10a26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa0efdedfe855c3b3d87b62e005fee9c660102942b933d329d527877d2a666ad