luckywinnershub.com Open in urlscan Pro
172.67.71.110 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://americanews.pro/
Effective URL:
https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d...
Submission: On September 17 via api (September 17th 2024, 2:43:43 am UTC) from HK — Scanned from IT

Summary HTTP 94 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 16 domains to perform 94 HTTP transactions. The main IP is 172.67.71.110, located in United States and belongs to CLOUDFLARENET, US. The main domain is luckywinnershub.com.
TLS certificate: Issued by WE1 on August 23rd 2024. Valid for: 3 months.

This is the only time luckywinnershub.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
33	63.250.43.4 63.250.43.4	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
3	172.240.127.234 172.240.127.234	7979 (SERVERS-COM) (SERVERS-COM)
1	172.67.71.57 172.67.71.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
1	35.157.101.39 35.157.101.39	16509 (AMAZON-02) (AMAZON-02)
1 2	172.240.253.132 172.240.253.132	7979 (SERVERS-COM) (SERVERS-COM)
3	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	172.67.8.141 172.67.8.141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
26	172.67.71.110 172.67.71.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
94	15

33 63.250.43.4 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: ingress-cil.ewp.live

americanews.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.240.127.234 (United States)

ASN7979 (SERVERS-COM, US)

remarkspeaceableviolate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.57 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.101.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-101-39.eu-central-1.compute.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.240.253.132 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

hencesharply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

donationobliged.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

capaciousdrewreligion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.67.71.110 (United States)

ASN13335 (CLOUDFLARENET, US)

luckywinnershub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

viaklera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	americanews.pro americanews.pro	829 KB
26	luckywinnershub.com luckywinnershub.com	185 KB
12	viaklera.com viaklera.com — Cisco Umbrella Rank: 581748	19 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 215	96 KB
3	donationobliged.com donationobliged.com	11 KB
3	remarkspeaceableviolate.com remarkspeaceableviolate.com	62 KB
2	hencesharply.com 1 redirects hencesharply.com	5 KB
2	gstatic.com fonts.gstatic.com	71 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10183	547 B
1	capaciousdrewreligion.com capaciousdrewreligion.com — Cisco Umbrella Rank: 29709	392 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 20789	206 B
1	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 15886	301 B
1	waust.at waust.at — Cisco Umbrella Rank: 47489	8 KB
0	show-sb.com Failed cdn.show-sb.com Failed
0	recordedthereby.com Failed recordedthereby.com Failed
94	16

	Domain	Requested by
33	americanews.pro	americanews.pro
26	luckywinnershub.com	americanews.pro luckywinnershub.com viaklera.com
12	viaklera.com	luckywinnershub.com viaklera.com
4	cdnjs.cloudflare.com	luckywinnershub.com
3	donationobliged.com	americanews.pro remarkspeaceableviolate.com
3	remarkspeaceableviolate.com	americanews.pro
2	hencesharply.com	1 redirects americanews.pro
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	americanews.pro luckywinnershub.com
1	my.rtmark.net	viaklera.com
1	capaciousdrewreligion.com	remarkspeaceableviolate.com
1	whos.amung.us	waust.at
1	proftrafficcounter.com	remarkspeaceableviolate.com
1	waust.at	americanews.pro
0	cdn.show-sb.com Failed	remarkspeaceableviolate.com
0	recordedthereby.com Failed	remarkspeaceableviolate.com
94	16

This site contains no links.

Subject Issuer	Validity	Valid
americanews.pro Sectigo RSA Domain Validation Secure Server CA	`2024-09-14` - `2025-09-14`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
remarkspeaceableviolate.com R11	`2024-09-12` - `2024-12-11`	3 months	crt.sh
waust.at WE1	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
donationobliged.com R11	`2024-08-12` - `2024-11-10`	3 months	crt.sh
amung.us WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
capaciousdrewreligion.com R10	`2024-09-03` - `2024-12-02`	3 months	crt.sh
luckywinnershub.com WE1	`2024-08-23` - `2024-11-21`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
viaklera.com E6	`2024-08-29` - `2024-11-27`	3 months	crt.sh
rtmark.net R11	`2024-08-30` - `2024-11-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Frame ID: 18D4977BADC2843FBEABFD0D36534912
Requests: 94 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Super premio!

Page URL History Show full URLs

http://americanews.pro/ HTTP 307
https://americanews.pro/ Page URL
https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=42193... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

94
Requests

96 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

15
IPs

4
Countries

1288 kB
Transfer

3360 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://americanews.pro/ HTTP 307
https://americanews.pro/ Page URL
https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://americanews.pro/ HTTP 307
https://americanews.pro/

Request Chain 36

https://hencesharply.com/watch.997804262305.js?key=140a9b5ca632080d06d5e0c54ffaeb92&kw=%5B%22americanews%22%2C%22pro%22%5D&refer=https%3A%2F%2Famericanews.pro%2F&tz=2&dev=e&res=14.4127&uuid=dcc63eac-7b0d-43f2-af06-78696727688f%3A3%3A1 HTTP 307
https://hencesharply.com/watch.997804262305.js?dev=e&key=140a9b5ca632080d06d5e0c54ffaeb92&kw=%5B%22americanews%22%2C%22pro%22%5D&pst=1726541076&refer=https%3A%2F%2Famericanews.pro%2F&res=14.4127&rmtc=t&shu=ae1a19a204dc9e7aff1b4f4c78d221cb8de88e937505b753190d544a4236160a96e4c0d99bc837ebcddb5a5bb0ffe71004b1d537a43b4e9f3f12eadaad4695fc7f1c0dac0e57b2fed4ba27537554d4ddc26b33ce3bea2d7cb92b&tz=2&uuid=dcc63eac-7b0d-43f2-af06-78696727688f%3A3%3A1

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
americanews.pro/
Redirect Chain

http://americanews.pro/
https://americanews.pro/

98 KB
13 KB

987ms
537ms

Document
text/html

63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

d97bb9923ab3f0caaa855dde3600b1054c33f1b6d8a943b376d216f8638b5674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

accept-ranges: bytes
age: 45339
cache-control: public
content-encoding: gzip
content-length: 12769
content-type: text/html; charset=UTF-8
date: Mon, 16 Sep 2024 14:07:54 GMT
link: <https://americanews.pro/index.php?rest_route=/>; rel="https://api.w.org/"
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: HIT
x-cacheable: YES
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://americanews.pro/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style.min.css
americanews.pro/wp-includes/css/dist/block-library/ 110 KB
15 KB 289ms
284ms Stylesheet
text/css 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 14841
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:03:00 GMT
server: nginx
etag: W/"66e5cfd4-1b72b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.css
americanews.pro/wp-content/themes/morenews/assets/bootstrap/css/ 118 KB
20 KB 619ms
615ms Stylesheet
text/css 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/bootstrap/css/bootstrap.min.css?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

ebf968e400976b579ea9dcff5f0bc247a2b2371f9ce49c3b5829da4b7179f4f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 19695
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-1d988"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
americanews.pro/wp-content/themes/morenews/ 331 KB
44 KB 325ms
321ms Stylesheet
text/css 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/style.css?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

f4019936f855e5f80e060da10366b0b854af59b9c85f6bbb217a36595f4d2e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 44150
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-52a7e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
americanews.pro/wp-content/themes/centralnews/ 2 KB
2 KB 473ms
469ms Stylesheet
text/css 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/centralnews/style.css?ver=1.0.0

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

4334a3da5cd2bc9d5a65c8aa5facc0df32f0594bb0c7f227468c0911e12d18d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 1036
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:30 GMT
server: nginx
etag: W/"66e5cf7a-8b4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
americanews.pro/wp-content/themes/morenews/assets/icons/ 5 KB
2 KB 475ms
471ms Stylesheet
text/css 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/icons/style.css?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

db4ab28a2831ea1364e0072e74398783dccb14514b93005ea557e306fe8db6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 1298
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-1471"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.css
americanews.pro/wp-content/themes/morenews/assets/slick/css/ 1 KB
993 B 448ms
444ms Stylesheet
text/css 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/slick/css/slick.min.css?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

21b589bbc25d38fbf4c8168b0801ce4cf9d0aa1d372ae1ac773574aaeb10c08d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 479
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-511"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.sidr.dark.css
americanews.pro/wp-content/themes/morenews/assets/sidr/css/ 998 B
938 B 446ms
443ms Stylesheet
text/css 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/sidr/css/jquery.sidr.dark.css?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

4cdd05aeb1a1aacb2b016e3dd6e617b6b4b948c17624749bcbcbdbf17d7de3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 424
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-3e6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific-popup.css
americanews.pro/wp-content/themes/morenews/assets/magnific-popup/ 7 KB
2 KB 616ms
613ms Stylesheet
text/css 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/magnific-popup/magnific-popup.css?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 1816
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-1b27"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 639ms
68ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,700|Open%20Sans:400,400italic,600,700|Oswald:300,400,700&subset=latin,latin-ext

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

4642160d0205d5342780844964271985d249990692b779e8c4f3cb45c1a8708a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Sep 2024 02:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Sep 2024 02:43:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Sep 2024 02:43:35 GMT

GET
H2 200 jquery.min.js Show response
americanews.pro/wp-includes/js/jquery/ 86 KB
30 KB 473ms
471ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 30419
x-xss-protection: 1; mode=block
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
etag: W/"64ecd5ef-15601"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
americanews.pro/wp-includes/js/jquery/ 13 KB
5 KB 617ms
615ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 4872
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
etag: W/"6482bd64-3509"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 59_Happy-V-Day-%E2%9D%A4%EF%B8%8F%E2%80%8D%F0%9F%94%A5%F0%9F%A5%B0-say-it-back-150x150.jpg
americanews.pro/wp-content/uploads/2024/09/ 7 KB
8 KB 623ms
621ms Image
image/jpeg 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/59_Happy-V-Day-%E2%9D%A4%EF%B8%8F%E2%80%8D%F0%9F%94%A5%F0%9F%A5%B0-say-it-back-150x150.jpg

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

4dcc90fa5d7a623ebf5e33e86f75ce58890cd9f3fc23dfcdacdab1f29996ff6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:27:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 44159
x-cache: HIT
content-length: 7190
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:43:20 GMT
server: nginx
etag: "66e6e478-1c16"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-edited-150x150.png
americanews.pro/wp-content/uploads/2024/09/ 48 KB
49 KB 775ms
773ms Image
image/png 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/image-edited-150x150.png

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

44909e64cb276353b60535690459266004ce46e05d289e25809dbf688b8f5fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:27:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 44160
x-cache: HIT
content-length: 49286
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:00:43 GMT
server: nginx
etag: "66e6da7b-c086"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 59_Happy-V-Day-%E2%9D%A4%EF%B8%8F%E2%80%8D%F0%9F%94%A5%F0%9F%A5%B0-say-it-back-590x410.jpg
americanews.pro/wp-content/uploads/2024/09/ 75 KB
76 KB 295ms
291ms Image
image/jpeg 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/59_Happy-V-Day-%E2%9D%A4%EF%B8%8F%E2%80%8D%F0%9F%94%A5%F0%9F%A5%B0-say-it-back-590x410.jpg

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

392f1e6e9bb6d5c9d93fe79e033fc67b032c8b2e0e016c6656471d08de278cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:27:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 44160
x-cache: HIT
content-length: 76870
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:43:21 GMT
server: nginx
etag: "66e6e479-12c46"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-edited-590x410.png
americanews.pro/wp-content/uploads/2024/09/ 387 KB
388 KB 294ms
290ms Image
image/png 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/image-edited-590x410.png

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

86697dd4a1a080b52706aa85fc49b1112dd0f0b32fa012583c4239b4fd4e1559

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:27:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 44160
x-cache: HIT
content-length: 396327
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:00:45 GMT
server: nginx
etag: "66e6da7d-60c27"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 59_Happy-V-Day-%E2%9D%A4%EF%B8%8F%E2%80%8D%F0%9F%94%A5%F0%9F%A5%B0-say-it-back-300x300.jpg
americanews.pro/wp-content/uploads/2024/09/ 26 KB
27 KB 1518ms
1516ms Image
image/jpeg 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/59_Happy-V-Day-%E2%9D%A4%EF%B8%8F%E2%80%8D%F0%9F%94%A5%F0%9F%A5%B0-say-it-back-300x300.jpg

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

3af178453f5355a446eb2133ffe906a7c451dc90105dd7420cbb01e067624c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:14:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 48532
x-cache: HIT
content-length: 26845
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:43:20 GMT
server: nginx
etag: "66e6e478-68dd"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-edited-300x127.png
americanews.pro/wp-content/uploads/2024/09/ 81 KB
82 KB 1526ms
1524ms Image
image/png 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/image-edited-300x127.png

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

19aa88b48d0561eab4ed001b74bc150b96a35ab85513145d6560cb8808cdc9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:14:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 48532
x-cache: HIT
content-length: 83051
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:00:42 GMT
server: nginx
etag: "66e6da7a-1446b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK invoke.js Show response
remarkspeaceableviolate.com/140a9b5ca632080d06d5e0c54ffaeb92/ 23 KB
11 KB 493ms
183ms Script
application/javascript 172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://remarkspeaceableviolate.com/140a9b5ca632080d06d5e0c54ffaeb92/invoke.js

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

510443ce3ddac232a79dec25d99068dc8370f945f3e6053ad854e84f05b75996

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2024 02:43:35 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: remarkspeaceableviolate.com
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 088c6ae6eba3ef0e6c8673b0664d0a35
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 d.js Show response
waust.at/ 14 KB
8 KB 491ms
52ms Script
application/x-javascript 172.67.71.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: americanews.pro
URL: https://americanews.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:35 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1728
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 17:19:30 GMT
server: cloudflare
etag: W/"63c04122-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4e0mfkx34m6r%2F7qGZZob4Bd944vT%2FIqsynitxagLpOpwFwHjwLKyJYAHewY%2FgIb6zH1v1%2B521l9RWePo0Zmhq0yoE%2FNoSYzZuOYdT7ZZCwBKEW%2BJ9dZd50D1"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8c45bfe438054bdf-MXP
expires: Wed, 18 Sep 2024 02:14:47 GMT

GET
H2 200 navigation.js Show response
americanews.pro/wp-content/themes/morenews/js/ 3 KB
2 KB 196ms
192ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/js/navigation.js?ver=20151215

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48853
x-cache: HIT
content-length: 1094
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-b97"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 skip-link-focus-fix.js Show response
americanews.pro/wp-content/themes/morenews/js/ 685 B
945 B 295ms
292ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/js/skip-link-focus-fix.js?ver=20151215

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 417
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-2ad"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.js Show response
americanews.pro/wp-content/themes/morenews/assets/slick/js/ 41 KB
10 KB 463ms
460ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/slick/js/slick.min.js?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 10164
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-a3e1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
americanews.pro/wp-content/themes/morenews/assets/bootstrap/js/ 57 KB
16 KB 462ms
458ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/bootstrap/js/bootstrap.min.js?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

7209e11a45cef119e8d3539afb2689835d17b16a0a22f8334d867cf77a220d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 15404
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-e2af"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.sidr.min.js Show response
americanews.pro/wp-content/themes/morenews/assets/sidr/js/ 7 KB
3 KB 463ms
460ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/sidr/js/jquery.sidr.min.js?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 2624
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-1b7a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
americanews.pro/wp-content/themes/morenews/assets/magnific-popup/ 20 KB
8 KB 462ms
459ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

76fa60ed57bfa134bdc5ebf61c8fc8f34c478abf3ddb5523fe14fed62e2ff8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 7349
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-4efa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.matchHeight.min.js Show response
americanews.pro/wp-content/themes/morenews/assets/jquery-match-height/ 3 KB
2 KB 815ms
813ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 1383
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-d34"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.marquee.js Show response
americanews.pro/wp-content/themes/morenews/assets/marquee/ 22 KB
5 KB 818ms
815ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/marquee/jquery.marquee.js?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

1cdc5272f4719ff59e37324c8c4811884538a31ffe610b7983b94fc376e8a73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 4569
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-5947"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.js Show response
americanews.pro/wp-content/themes/morenews/assets/ 19 KB
4 KB 1518ms
1515ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/script.js?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

b0c04b13f78f5f6822d998fb7d6e04d3c5b6913e9ebee3def82d8cae4bfbf0c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 3407
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-4c6b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK a7efee780abd528c07221b6854b9af40.js Show response
remarkspeaceableviolate.com/a7/ef/ee/ 43 KB
16 KB 498ms
181ms Script
application/javascript 172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://remarkspeaceableviolate.com/a7/ef/ee/a7efee780abd528c07221b6854b9af40.js

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

2fe509a76e2d393d1da29496a5d01270e758fd40db02e8e3d8b68948ae31cabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2024 02:43:35 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: remarkspeaceableviolate.com
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 319d2d43ad1013cc1f5ae5b206a65067
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK 8ec14e9d9710c48f9eb905a9bdd6ebf3.js Show response
remarkspeaceableviolate.com/8e/c1/4e/ 93 KB
34 KB 513ms
205ms Script
application/javascript 172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://remarkspeaceableviolate.com/8e/c1/4e/8ec14e9d9710c48f9eb905a9bdd6ebf3.js

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

60706feef486348858ba02be6706b2d6a842f5c39daa45b877671836ecc64dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2024 02:43:35 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: remarkspeaceableviolate.com
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 26737da105ef66a6b7512bef30df524c
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET 1a7c2642-8e02-4252-b918-2445b0f98fc6
https://americanews.pro/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/ 42 KB
43 KB 483ms
51ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,700|Open%20Sans:400,400italic,600,700|Oswald:300,400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f3.1e100.net

Software

sffe /

Resource Hash

94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://americanews.pro
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 10 Sep 2024 12:04:10 GMT
x-content-type-options: nosniff
age: 571165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43068
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:05:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 12:04:10 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 535ms
104ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,700|Open%20Sans:400,400italic,600,700|Oswald:300,400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f3.1e100.net

Software

sffe /

Resource Hash

e02b48b88352a0c0f5c14ae6cb7949cfa9bffd9743bf53f6ab8fd10459d91179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://americanews.pro
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:51:41 GMT
x-content-type-options: nosniff
age: 571914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28516
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:28:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:51:41 GMT

GET
H2 200 aft-icons.ttf
americanews.pro/wp-content/themes/morenews/assets/icons/fonts/ 19 KB
12 KB 1486ms
1486ms Font
application/x-font-ttf 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-content/themes/morenews/assets/icons/fonts/aft-icons.ttf?e3nek0

Requested by

Host: americanews.pro
URL: https://americanews.pro/wp-content/themes/morenews/assets/icons/style.css?ver=6.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

f498f4de89f8c27d4d56f4d8dd0988da262875d8e4f1fa71bdf2a391b9050523

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/wp-content/themes/morenews/assets/icons/style.css?ver=6.6.2
Origin: https://americanews.pro
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48852
x-cache: HIT
content-length: 11360
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Sep 2024 18:01:31 GMT
server: nginx
etag: W/"66e5cf7b-4b48"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-font-ttf
access-control-allow-origin: https://americanews.pro
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
301 B 461ms
48ms XHR
text/html 35.157.101.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: remarkspeaceableviolate.com
URL: https://remarkspeaceableviolate.com/140a9b5ca632080d06d5e0c54ffaeb92/invoke.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.101.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-101-39.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: fdafa24ffdc69e2d4dc8555fa2315b2b90c2c22b8df90e1e78d99dd29acbd055

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin: https://americanews.pro
date: Tue, 17 Sep 2024 02:43:36 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

watch.997804262305.js
hencesharply.com/
Redirect Chain

https://hencesharply.com/watch.997804262305.js?key=140a9b5ca632080d06d5e0c54ffaeb92&kw=%5B%22americanews%22%2C%22pro%22%5D&refer=https%3A%2F%2Famericanews.pro%2F&tz=2&dev=e&res=14.4127&uuid=dcc63ea...
https://hencesharply.com/watch.997804262305.js?dev=e&key=140a9b5ca632080d06d5e0c54ffaeb92&kw=%5B%22americanews%22%2C%22pro%22%5D&pst=1726541076&refer=https%3A%2F%2Famericanews.pro%2F&res=14.4127&rm...

2 KB
2 KB

244ms
243ms

XHR
text/html

172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://hencesharply.com/watch.997804262305.js?dev=e&key=140a9b5ca632080d06d5e0c54ffaeb92&kw=%5B%22americanews%22%2C%22pro%22%5D&pst=1726541076&refer=https%3A%2F%2Famericanews.pro%2F&res=14.4127&rmtc=t&shu=ae1a19a204dc9e7aff1b4f4c78d221cb8de88e937505b753190d544a4236160a96e4c0d99bc837ebcddb5a5bb0ffe71004b1d537a43b4e9f3f12eadaad4695fc7f1c0dac0e57b2fed4ba27537554d4ddc26b33ce3bea2d7cb92b&tz=2&uuid=dcc63eac-7b0d-43f2-af06-78696727688f%3A3%3A1

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

HTTP/1.1

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Tue, 17 Sep 2024 02:43:37 GMT
Custom-Referer: https://americanews.pro
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: 5c14686a81d82f46ba9f0b5c96dc3a86
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: hencesharply.com
Content-Type: text/html
Access-Control-Allow-Origin: https://americanews.pro
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Tue, 17 Sep 2024 02:43:36 GMT
Custom-Referer: https://americanews.pro
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
X-Request-ID: 291016d76e627515b625c2d34cca5e97
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: hencesharply.com
Content-Type: text/html
Access-Control-Allow-Origin: https://americanews.pro
Location: https://hencesharply.com/watch.997804262305.js?dev=e&key=140a9b5ca632080d06d5e0c54ffaeb92&kw=%5B%22americanews%22%2C%22pro%22%5D&pst=1726541076&refer=https%3A%2F%2Famericanews.pro%2F&res=14.4127&rmtc=t&shu=ae1a19a204dc9e7aff1b4f4c78d221cb8de88e937505b753190d544a4236160a96e4c0d99bc837ebcddb5a5bb0ffe71004b1d537a43b4e9f3f12eadaad4695fc7f1c0dac0e57b2fed4ba27537554d4ddc26b33ce3bea2d7cb92b&tz=2&uuid=dcc63eac-7b0d-43f2-af06-78696727688f%3A3%3A1
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET sfp.js
recordedthereby.com/ 0
0

GET
H/1.1 200
OK purst
donationobliged.com/pixel/ 0
469 B 595ms
268ms Image
text/plain 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donationobliged.com/pixel/purst?dl=0&th=0&sc=0&rs=2343.0999999046326&rd=2343.0999999046326&fd=1268.5&bv=24.8.8162&tmpl=70
Requested by: Host: americanews.pro
URL: https://americanews.pro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Tue, 17 Sep 2024 02:43:37 GMT
Server: nginx/1.21.6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 wp-emoji-release.min.js Show response
americanews.pro/wp-includes/js/ 18 KB
5 KB 197ms
194ms Script
application/javascript 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://americanews.pro/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 48533
x-cache: HIT
content-length: 5056
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
server: nginx
etag: W/"667d6e6f-4926"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
whos.amung.us/pingjs/ 28 B
206 B 913ms
304ms Script
text/javascript 172.67.8.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=dsi4oywmu5&t=americanews.pro&c=d&x=https%3A%2F%2Famericanews.pro%2F&y=&a=0&v=27&r=7648
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8c45bfef3f8f0e6f-MXP
alt-svc: h3=":443"; ma=86400
content-type: text/javascript;charset=UTF-8

GET
H2 200 59_Happy-V-Day-%E2%9D%A4%EF%B8%8F%E2%80%8D%F0%9F%94%A5%F0%9F%A5%B0-say-it-back-150x150.jpg
americanews.pro/wp-content/uploads/2024/09/ 7 KB
0 1ms
1ms Image
image/jpeg 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/59_Happy-V-Day-%E2%9D%A4%EF%B8%8F%E2%80%8D%F0%9F%94%A5%F0%9F%A5%B0-say-it-back-150x150.jpg

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

4dcc90fa5d7a623ebf5e33e86f75ce58890cd9f3fc23dfcdacdab1f29996ff6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:27:35 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 44159
x-cache: HIT
content-length: 7190
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:43:20 GMT
server: nginx
etag: "66e6e478-1c16"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-edited-150x150.png
americanews.pro/wp-content/uploads/2024/09/ 48 KB
0 2ms
2ms Image
image/png 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/image-edited-150x150.png

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

44909e64cb276353b60535690459266004ce46e05d289e25809dbf688b8f5fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:27:34 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 44160
x-cache: HIT
content-length: 49286
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:00:43 GMT
server: nginx
etag: "66e6da7b-c086"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-edited-590x410.png
americanews.pro/wp-content/uploads/2024/09/ 387 KB
0 2ms
2ms Image
image/png 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/image-edited-590x410.png

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

86697dd4a1a080b52706aa85fc49b1112dd0f0b32fa012583c4239b4fd4e1559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:27:34 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 44160
x-cache: HIT
content-length: 396327
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:00:45 GMT
server: nginx
etag: "66e6da7d-60c27"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 59_Happy-V-Day-%E2%9D%A4%EF%B8%8F%E2%80%8D%F0%9F%94%A5%F0%9F%A5%B0-say-it-back-590x410.jpg
americanews.pro/wp-content/uploads/2024/09/ 75 KB
0 2ms
2ms Image
image/jpeg 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/59_Happy-V-Day-%E2%9D%A4%EF%B8%8F%E2%80%8D%F0%9F%94%A5%F0%9F%A5%B0-say-it-back-590x410.jpg

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

392f1e6e9bb6d5c9d93fe79e033fc67b032c8b2e0e016c6656471d08de278cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:27:34 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 44160
x-cache: HIT
content-length: 76870
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:43:21 GMT
server: nginx
etag: "66e6e479-12c46"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-edited-300x127.png
americanews.pro/wp-content/uploads/2024/09/ 81 KB
0 1ms
1ms Image
image/png 63.250.43.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanews.pro/wp-content/uploads/2024/09/image-edited-300x127.png

Requested by

Host: americanews.pro
URL: https://americanews.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.4 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-cil.ewp.live

Software

nginx /

Resource Hash

19aa88b48d0561eab4ed001b74bc150b96a35ab85513145d6560cb8808cdc9e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:14:43 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 48532
x-cache: HIT
content-length: 83051
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2024 13:00:42 GMT
server: nginx
etag: "66e6da7a-1446b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK advertisers.js
capaciousdrewreligion.com/ 0
392 B 572ms
155ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://capaciousdrewreligion.com/advertisers.js

Requested by

Host: remarkspeaceableviolate.com
URL: https://remarkspeaceableviolate.com/8e/c1/4e/8ec14e9d9710c48f9eb905a9bdd6ebf3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2024 02:43:37 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 789defd52b3fed96b2d5c0fe478ba93e
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 Primary Request 0 Show response
luckywinnershub.com/page/2fp7urg/ 51 KB
8 KB 870ms
320ms Document
text/html 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Requested by: Host: americanews.pro
URL: https://americanews.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2695bd5e9dd7ad3ed03eaab1a6c5d94975adf3ff948952b57a3cd90908cd6c1e

Request headers

Referer: https://americanews.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8c45bff05ae35a37-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 17 Sep 2024 02:43:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r57CgKLW%2B8Efad5teP6FiT7aK5SzeRiEQU%2FX6mPM5J8yjhb2h0omFNmrA9fiIW8m8PWfxCA3YDZW1l6jRTP6KiCC46Evo2gadsRWi%2FQxyPisGcoMehkRKY3OgSYOXzN4eG8Sy10%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK sbar.json
donationobliged.com/ 14 KB
10 KB 467ms
362ms XHR
text/plain 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://donationobliged.com/sbar.json?key=a7efee780abd528c07221b6854b9af40&psid=BS-125-5_0&uuid=dcc63eac-7b0d-43f2-af06-78696727688f%3A3%3A1

Requested by

Host: remarkspeaceableviolate.com
URL: https://remarkspeaceableviolate.com/a7/ef/ee/a7efee780abd528c07221b6854b9af40.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Tue, 17 Sep 2024 02:43:37 GMT
Custom-Referer: https://americanews.pro
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: e8d0466c494030c1c3e1f4fe0b00fd96
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://americanews.pro
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET 1632399618.html
cdn.show-sb.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/ 0
0

GET
H/1.1 200
OK ren.gif
donationobliged.com/ 7 B
733 B 140ms
139ms Image
image/gif 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donationobliged.com/ren.gif?sid=H4sIAAAAAAAC%2F2RSPWwcVRd9Y0ffJ9GFhiKApqBIEF7PzO7O7CpC%2BUMJlm2R2EYp4f2N%2FfDbeZP3ZnYcN0REQSkXGqAbn3WIEogiKihAQms6SxSDhOTGokSClh6t48gIbjH359w7uue8%2B%2FFOeUjaKOlBvmy2ldZ0vtsK%2FLNLKiu3zvuXMmGNEn4YnvMv5bmWNyVbVMV8t5202rF%2FdvHtteWlN3ytNqV%2FTfJNc86%2FsmHNQM73o1bQ6nTDbitsh%2F6yYUpLf5Wm1Krjaaj8SdjrtsJ%2BrxVHrX6MLfuvgis9OOpBDA%2FJi1CiOXXr4iIUnyAbPL0mM2kVf74jhuLhu9lmZqoMA%2FEfNLWzSLPHqwNqi%2BsbJpMwriHeJxIme%2Fi8yQx3w7AVgKmGeN%2B%2BCZY9eUbnmADYEP0ITEMVYOIlVMMJpJ5A0Qm4uQslNLjAwhqywYOFgurbzyA6hRryv8%2B%2Bh6oa8v97nyMbPLmmDaPaXzFlIS220hpqawK1PkFe7qHYnoGq9sCLj6DEzyTQ56d%2FXVaaZlDi4DXBedyWlM8lLBBznXYazdE0iOeSXtyPkyiJe730SCylJlDpBFqOQN0sSuehVB7K1EOZexiIA18wEQc8pP1%2ByiOadEQnkGnIRdBL%2BlEqY5R8ymGEIh%2BB6xG4vYPc3sGmGsGWP8Jt1HBiBq5oiHfjQwxFjUoSVI6gogSVIqgKgmpYPxDaRa7%2BUmhXsvDYR8e%2BXY9Nsb5DH5hiXWYE1I5gRb2r8lvuLnjhjbdTR8YmdSs7%2BSE5PRXWs5sXsSkPfJrIVMqkF1AmulGPB0kUhSzudTusT9NOAKceX16dC6PuXPe9AMrNgDoP26ohF880yFVD%2FPovMLoHp%2FfA1cug5SugVQ26UWM7e0oH07OimaxcK7cGwtTIi1Mobns7%2BpCcOXrntV%2FXIPn%2Bhd9u%2FHHv1e9WwG2N3Nb4QP1EsK7vj1dMRXZXTOXIN%2B%2FkhRqobVook60WtJCzjxfl7cpYsfCWGz26xKfANPx6TbpiiWZCZeuOfHVZCSHtVWO5JD8suJuSXS%2FdxuXSZmW%2BdP3K1YVBbqVzymQTUNWQF%2BJH4Kohp19%2F%2F%2Bi%2B57%2FYg7IT2LLGoNwnxwZl9sDzO3D5yf7OEFh90sNyD1VZj23ETopaEWh5klNWw%2F0jZyfx2NLpNFX1jruPdTsDWtxFNqgxtDWGugbVI7hydlzkdv%2FCL%2B0jA9MzY6btzC7TVn96JPP0swSnDvxYBN0ganc7vYRy2aX9OJAdRpMgTPrtKAhQuCb9%2Fc%2BDvwMAAP%2F%2F2IbOZfIEAAA%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://americanews.pro/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2024 02:43:37 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: c8d75200c3c9e1f9a577979edff684d1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ 85 KB
27 KB 464ms
55ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://luckywinnershub.com
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 271376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27446
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64ed75bb-6b36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQ2wbCw1nMnmQBN96Np%2FwsKl1Z3wOmiVbtDrNSutlSIgA%2Fp%2Fi9CULWK8r4SwHzW1bSYpJeGIGbd1gLIJv26o3TjDU%2B%2F723yHfAH6BOSxFSBKBfLX7W5RdR6HotYeK0g8hdS8GRjB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c45bff4fa1c0e8d-MXP
expires: Sun, 07 Sep 2025 02:43:38 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/ 227 KB
23 KB 551ms
143ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css

Requested by

Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://luckywinnershub.com
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 15679118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22709
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65d4c5f6-58b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3m83aK8qgbhG47BnBc7mocJb7KqPWWzOPAzMmura7uuSz8iWOZCab%2FnefWuY8vucH3NWYTRRLCZqxpALcwu3PZFcdxJkoC5B3SfGeu9LwebxNZbhHfVA%2BKdAZRW0nadRQDTOHka"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c45bff4fa180e8d-MXP
expires: Sun, 07 Sep 2025 02:43:38 GMT

GET
H2 200 bootstrap.bundle.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/ 203 KB
36 KB 584ms
176ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js

Requested by

Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a4a11a15db88d5fab08f59c1c34796b03f1f15bb3cc928dd226e1c59f7f59a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://luckywinnershub.com
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 276298
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36257
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65d4c5f6-8da1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ed5MuNtcncVGIp47PAqjIAsFXxNXSKKSRNnTg8T8YG%2Bu74tdA87AyeVtlWN3uq0d9Na97EsngyCGkQdzL4Gq5aIIcT8cGRz7wzN%2Bysv5eGC0s3tyI5ZDeIm0%2B64S1JuFiYh825%2FR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c45bff4fa1b0e8d-MXP
expires: Sun, 07 Sep 2025 02:43:38 GMT

GET
H2 200 style.min.css
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/css/ 8 KB
3 KB 55ms
52ms Stylesheet
text/css 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/css/style.min.css?v=1.27
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4074b6bf35cb8c26bf22a233752bdd5ee17b669163765dba93cdbc014f4ad71a

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2384
etag: W/"66e41090-1f29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HajAc7B8TREQtfDakg3FDW8z%2Bx38LQBUi2V1SCvhbwDGpkHcURyMhjBGlAITLWJT0Yt7C7OveUllFOr1ldrm3K0tNc5DND1PHdFo8Q4VGKCKqIW535Fb1%2BGC9aYVuCuPKplUOg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8c45bff26c105a37-MXP

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 454ms
45ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Requested by

Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

b683a6791c8407bacf82b54f180621cc5975285c14e48aa26cd8270d3d59f1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Sep 2024 02:15:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Sep 2024 02:43:38 GMT

GET
H2 200 functions_p.min.js Show response
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/js/ 8 KB
3 KB 55ms
55ms Script
application/javascript 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/js/functions_p.min.js?v=1.27
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b851be8a63493741a7e096df8552d2df7d2a01cafd681285526182659d272def

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6751
etag: W/"66e41090-2098"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4W7Z4mnuPxf24KOlsIF%2BBkYpSj%2FJkH4oKwbp0Ktq0UL1XlXEwyUQz8vxi7EiTQaUFTUo5ioxYiRI9011QxDoEXcGd8rEYo1PHayRCnbewX4uTRpi6Y%2BaKdbUBz4iIsIAAQcLoRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8c45bff61e365a37-MXP

GET
H2 200 sur3.css
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/templates/sur/ 395 B
531 B 56ms
52ms Stylesheet
text/css 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/templates/sur/sur3.css?v=1.27
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdbeabb5b3aa977fa4416df3852acbf9fadf5755172a059961dc1ba72bb1d345

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6751
etag: W/"66e41090-18b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YwaLvaBwjqAaMdJgHcQ8lsL24Ij6eX75Se%2Bm%2FEoKnwbnCnEWCpu6ANcp5zdlt%2BFtaWp2002Jd6Z5yNZntwSOilHRfpxI2Nl9Nu%2FI%2B%2Bb7LQoOUESIY7%2BSNYg0WiksCc8sUV9XQao%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8c45bff2ac315a37-MXP

GET
H2 200 survey.min.css
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/templates/survey/ 1 KB
815 B 57ms
56ms Stylesheet
text/css 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/templates/survey/survey.min.css?v=1.27
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c714c752c8a7825f5993e5507190117ccf63ade68d44d455efcdd81c85ac7d48

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2385
etag: W/"66e41090-575"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejg%2F3Q3Sopv9PB804Oo6Hs%2BzROYTOxaqaoXagLwILbgrbEb3%2FZObBzQT%2BIlp6iwZZny7GnFnJxrF1zjdWVm2zIOjoSYHIEDjj5zCbRYPxGvQE7CMbq7yKMDCnBYyoHmwTNFlS1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8c45bff2ac325a37-MXP

GET
H2 200 surveys.min.js Show response
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/js/ 3 KB
1 KB 54ms
54ms Script
application/javascript 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/js/surveys.min.js?v=1.27
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d280128d65ef9533b5237c67d89064bfd9910fc31c8fb024782db20b9b78f0ed

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6751
etag: W/"66e41090-c15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1%2FNQ8oIro3ZP%2BzYARvoLcAbM6Ji2IF7DquhOwJc482en1nMq3P%2FAPFgjbpllYHs3kBg2N33vRYI5DhvtC32x0rey4N3vPF2sR6M1eyGNN5b7mAUjdtGExNs4e%2BIOlosTvz%2FZPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8c45bff63e4a5a37-MXP

GET
H2 200 box.css
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/templates/box/ 4 KB
1 KB 55ms
54ms Stylesheet
text/css 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/templates/box/box.css?v=1.27
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967c2a487286ccb51d63128dfa97caae1b5dcfe39a22be90702285aed0f906c8

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6751
etag: W/"66e41090-ead"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UTsDcSMnaK1e2h0lLkEm%2BBoBxh6orc0NYtLkWV%2Bvx9fYoxJ2chVzFf9qVPa38NPOq1QTK9YyKd2ASZ%2Flwcq46Hh7IEsS0%2FxAiTrYSwdFC5dkGc8Qp%2FYSaXGdXB00K0f28GfeXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8c45bff2ac335a37-MXP

GET
H2 200 funct_box.min.js Show response
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/js/ 2 KB
997 B 57ms
57ms Script
application/javascript 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/js/funct_box.min.js?v=1.27
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbdb11ca9a65338558d5a0edb6f181f70b892436130d0c4c59752e3f7ad314f8

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6751
etag: W/"66e41090-9ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o94X%2B1LhwJ2A8koPC%2Fu2Md59bHHWFG%2F4Yn6Y7dvJGi0aHHG%2Fn%2Fs1%2FcBlF%2BdoXLaZqpimCGvazTccrJ70XqjwihhemiazF7FrNmv3fwp5pxLsmVPIO%2BFGofdON2N%2BYmCwdQfmLoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8c45bff64e525a37-MXP

GET
H2 200 comments.min.css
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/templates/comments/ 1 KB
582 B 57ms
56ms Stylesheet
text/css 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/assets/templates/comments/comments.min.css?v=1.27
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee0febbabb76a8bd117697143098287cf4554865902ce18d4aa8cadbf984721f

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2385
etag: W/"66e41090-40e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5N1291%2FjgjZO5XD1KrABZfKecVGhlyqT%2B%2Fkh5k1LAVliyZ5mrULPBVAkj7sYHbvofsYbpKh0wJKUeP%2BKLd3rQqrwfkHiiQ8vr%2BN5ElkOS89uGtuA3NuA9wfHEpcL6SLPNf2lU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8c45bff2ac345a37-MXP

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 487ms
117ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://luckywinnershub.com
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 471534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4osU8SB69zCou2xk%2FyLMJwmglVKuopHcq7NboA7oFDSZxkm%2BcNAfIp0LTSHaOFwfrT3%2Bjjy8eQ7ESqcs4rBPyiBTY5RI0bBu56wGtjFUyEvqWymXqjkVLVkkmycN0Ojj15QDudk%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c45bff4fa190e8d-MXP
expires: Sun, 07 Sep 2025 02:43:38 GMT

GET
H2 200 logo.png
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/themes/pro/2-gPZC/img/ 5 KB
6 KB 62ms
55ms Image
image/png 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/themes/pro/2-gPZC/img/logo.png
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15daf1c9d7a75350201689179ee6a3ee80376e95c89f4a1db038c4d600b9878e

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:24:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3220
etag: "66e412fb-15cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nv9cd7BLMW3Vo3yVZxRHM3fuRN%2FFsSsv5OieWV%2FzHoyGJhBsZIF5jguTC78buTeFHnfkwvtUu%2FFp1Pmqf0nv4Iwuj9kIfEFJ7nx9RwBHukcISUHipcLcyBQ4o77BiTiMjsTdn5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff67e705a37-MXP
content-length: 5583

GET
H2 200 4e12do56e9.png
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/ 1 KB
2 KB 62ms
55ms Image
image/png 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/4e12do56e9.png
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31c149915fd6fa27e9573983a8b0e86807a81f9ce8fcab7eb324cee25ff7afb4

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3220
etag: "66e41090-537"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMdgd2ZXpmcuTNH11LpcZSkBMkfwk61hvY2He0AA2FJ8amXkKXpv0Uj2yAAkCvZxuuf53hw%2FAr9YgYYnotA9cYTpWpPshc0CFPtbSP6qoSpiSrCLLGiTWRCGnOQXJwv9VU7NGuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff67e715a37-MXP
content-length: 1335

GET
H2 200 principal.png
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/themes/pro/1482/ 129 KB
129 KB 80ms
74ms Image
image/png 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/themes/pro/1482/principal.png
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41206a21dea424ede372ad7ff6b899074ba328d9d9b9edef1c96a9c1a930098b

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:24:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3220
etag: "66e412fb-20226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O3Xidddu2Czen1zAl9sGmX5%2B8NHRw9OMYbsbnS8xspiWgLbbBWnMrK6JqwokaQ4uymfgvzYRvMNVjjEtMQQ9rK4Nvqx0kWfhYVESAJUm3dxz%2B1HkgRkwcMwnC78n4BdnfmBXfGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff67e745a37-MXP
content-length: 131622

GET
H2 200 10.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 2 KB
2 KB 63ms
57ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/10.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3220
etag: "66e41090-69b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mo3n2QMLZjRscBGKbEInJiNkawQ6Mywwh6wengbyz%2BfIdehjK4KkBvNBHS69xMjTDaM2Pzji2w4gqwRTDVw37iiVC%2FrLHuyQIVidyIMGt%2FvOYs9%2Bg1fPAbyUpm1fSr2j7M5iHNc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff67e755a37-MXP
content-length: 1691

GET
H2 200 like.png
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/ 466 B
837 B 60ms
54ms Image
image/png 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/like.png
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6751
etag: "66e41090-1d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfZUbWw4dlyRGmnQOQSdBZk3mGW97q493POeAygorW3Ki8Cf0ow%2FjwKhE2mtVZyh0wqW64Ck2mCF34EkK0oqjZbeENY%2F%2BIOKDlHFc%2BjcHhQQ7%2BVseXRmMC5pAWM%2BbFl8%2F6vGrt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff67e775a37-MXP
content-length: 466

GET
H2 200 7.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 4 KB
4 KB 126ms
120ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/7.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 845a5200eb01a02833e74b09ab84d6ec2aab5ee16211ee1a31b7eb6a4bb61ecc

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3219
etag: "66e41090-e74"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=holfHF3CHplqANCsJmzKM7yKHRBwNuZGKlpouId%2BnYnU5NqGviClYEJlKkmEIlJZkqvJLfH%2BwR5w0CnSq%2B%2FKX77hwJ1smmWjU6M4azKCqoxwQ%2Fapse6y7MrTdRkwWGn2E24n03s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff67e785a37-MXP
content-length: 3700

GET
H2 200 2.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 875 B
1 KB 125ms
119ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/2.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3219
etag: "66e41090-36b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKtTsp5OVDBdNGRmg8%2FE1sqj0edXYtpedIrEulnODf%2BXif73x%2ByS8g64dt6g%2B5OE%2FijvxdP0UNYNmOifmCg%2BjNeZ%2BNaxu5XpJWz5nuX9C%2FgDGqMbQgoaN%2B3mr5%2BropJc9Hce%2Bms%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff67e7a5a37-MXP
content-length: 875

GET
H2 200 5.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 2 KB
3 KB 124ms
118ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/5.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182600ef12499261e2e971331530eb1caacd6c2106c4c864d158ac9c4a9a2327

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3219
etag: "66e41090-9bb"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNAoo4E5%2BJTSGSvekOVxWz28hPGYk%2Fvlq0LEYUAuKx5bAMtRrU0EyNz13G1bQBt64gGwGKa8oysI%2FWcILnEOwiQ1zMw1WXOEM%2BkyDnF0sPqazcqlhCzrzgrAzmn%2B1S3oU%2BM31XA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff67e7b5a37-MXP
content-length: 2491

GET
H2 200 11.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 1 KB
2 KB 125ms
120ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/11.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8faa2373bb49912f7d74e626c6fa9cc959c1e75496accc6fa5658a67f0082b73

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3219
etag: "66e41090-586"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IAY5yV7VR0PPCQOrgbzdjOLQnBb2rSEh1ZBWHOZ7tE13F0H40fB3MBp8UM3ptcnniaRg2DbRUaGEXmet%2B2CEejifGGvuxSJkhnU%2Fky9eYvLz8dZI0iKPjpSwD0oRNDHZnIb1u7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff67e7d5a37-MXP
content-length: 1414

GET
H2 200 4.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 2 KB
3 KB 124ms
118ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/4.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ba90609efbf3e11565b8b9005e57d80f53a8837ce693c9023ccb0626461d212

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3219
etag: "66e41090-9ee"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8h%2FIHBJ7Eq9jmLI%2BnWo%2FTXGVnVlASWg84e%2FPC6NloHzezLf%2FBO1VKChMYCMjmC3bsWSSsy3ImxOUIFby6ShdQCUQpzvn0eoeqAFsCHK5s%2BlZv8woEw1tp4o2jp3Ae8BzwCnHpis%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff67e7e5a37-MXP
content-length: 2542

GET
H2 200 6.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 3 KB
3 KB 125ms
119ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/6.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ff0a6dfebce308d517e495941065eb38cc8b37a7b2bf67df272aea25f69c40

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3219
etag: "66e41090-bb5"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6r4Ek9xiuEMpn0eHgWqye%2B00Y%2FraAAlJ5NWlnnGdi6B1AEK5ws0N3eqjZjcz3qHBLPSGDWen0caefjAWiQlRit3eZCZbpoSu6cif2n9v%2FnwjZFf8wA6FAKFqXpB5dmGZ8EA%2BJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff69e865a37-MXP
content-length: 2997

GET
H2 200 1.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 3 KB
4 KB 125ms
120ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/1.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18f551911c68e079ef629648f47ad743c99d47e9d5c0d5a475c7392a1f0ab248

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3219
etag: "66e41090-cd6"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sNY66CYoYgwDpAx8%2B8V49IzTs1zG%2BWjbnF6KizhY749AL7QVcurKb1T1zOobJ0Sncej299I1TqmaFejF%2FWU7k4LYYNo%2ByiysigJdOr9CKbGxwMOIilX4HAPztjK2vEWX98uPKpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff69e875a37-MXP
content-length: 3286

GET
H2 200 8.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 3 KB
3 KB 126ms
121ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/8.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c40a3ef77aea7e48c710fa701af1d074224846ebf30cd9d82b7596c15da2c1

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3219
etag: "66e41090-b4b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynzE55kM58YoONxAJ1xYkLAgL2FUJay4cQo6YCziexpEnibD3AHuQXVXJw3LYqTS2TEpO94QPhJKf4L6RkPDTlWPyx01DwYvvMNhbWR%2FjfECyT1QSPiPYlG2PKJpdZaK0RRnjhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff69e885a37-MXP
content-length: 2891

GET
H2 200 9.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 1 KB
2 KB 125ms
120ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/9.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3219
etag: "66e41090-50c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TTYEXIkSwroaHdbKo4VXJeFkYSyhNfaLWmSlX5Y5zPwR7rX52e5tYTnjix6AdEmqSortzP494S%2Bpfvyr1z2vYDFzY%2BcLbbvctk91MlQEO4coAUDk4y6v5XxuiUwcNBURdSRunyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff69e895a37-MXP
content-length: 1292

GET
H2 200 3.jpg
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/ 2 KB
3 KB 156ms
151ms Image
image/jpeg 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/comments/global/1/3.jpg
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca3bcdc244a011cff113f873678ee9de68479a7f6c7f360b171c3edbc96dd1a

Request headers

Referer: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
server: cloudflare
age: 3219
etag: "66e41090-8ea"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wtotIJnlAWjrBzd%2FvBxZYsmdmJWFk1nL2N0POBLCTJPko71Q3Y2xb0rEPUez2nud2GAbfYg6hc6VkRjMI91GePUuf%2Fn3xpDjZbwp2QP5MVVhgRJo4KE6IcMUsX0a8RHjbhYcbqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff69e8a5a37-MXP
content-length: 2282

GET
H2 200 micro.tag.min.js Show response
viaklera.com/pfe/current/ 44 KB
18 KB 186ms
49ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Requested by: Host: luckywinnershub.com
URL: https://luckywinnershub.com/page/2fp7urg/0?campaign=ThIkJv4&aff_source=24275772&aff_transaction_id=4219396cf4e67d25206eade5d00503bb
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 762cb7845d3d7ad808fb51b756051a36806bdb707bacc8d48a66bf844d2ece9a

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: gzip
last-modified: Fri, 13 Sep 2024 13:23:53 GMT
server: nginx
etag: W/"66e43ce9-af1d"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 25skcfrou7.png
luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/ 301 B
602 B 51ms
51ms Other
image/png 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/assets/7o55hb/itpro0-new_systemchronolimited2fp7urg/0/25skcfrou7.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d6f99da19fb15cd4cc506097dc5fb717f8a7dc116939f2f1cf291ae0c8f0282

Request headers

Referer: https://luckywinnershub.com/2024817
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3189
etag: "66e41090-12d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3GGCtMxcvyEA81BsFX0H40S3aeYGM91IF6vlI%2BvDyQIlb0eGXbwR9uCkq6lSYNWE2joLLtCwRSWf1%2FN3%2Fv0ICBHHz4cuG4iSILKw9iqdQtfCQYVR%2FF86N5Lfse4etHRG07JV5k8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c45bff80f725a37-MXP
content-length: 301

GET
H2 200 sw-check-permissions-82431.js
luckywinnershub.com/ 0
641 B 51ms
51ms Other
application/javascript 172.67.71.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckywinnershub.com/sw-check-permissions-82431.js?zoneId=5759770
Requested by: Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckywinnershub.com/2024817
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2024 10:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3451
etag: W/"66e41090-236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mrA5j8qbvfv1cjEGWIQ7TkvAk1OWE8TAUv5nkujPlPvu6z4tcgwNTJjoRpOE59Yl6Vb5XY0FcWm7u842oharLEOumJw1vSDIS8Blf%2FSFa59b5O6qlx7fpoPxsyisgpUQudyTLCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8c45bff81f755a37-MXP

POST
H2 200 zone
viaklera.com/ 0
338 B 43ms
43ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://viaklera.com/zone?pub=0&zone_id=5759770&is_mobile=true&domain=luckywinnershub.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.557&trace_id=f8813515-49fa-4ca9-8bbe-23993b670e54&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=&drf=https://americanews.pro/

Requested by

Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: nginx
access-control-allow-origin: https://luckywinnershub.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 event
viaklera.com/ 0
0 42ms
40ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viaklera.com/event
Requested by: Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 269ms
96ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5759770&checkDuplicate=true&ymid=&var=&source=pusher

Requested by

Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f81a8d6e04f9bcaf83da78aa390fc3c12773ea7a2a10031f5a7eff4edaed1ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://luckywinnershub.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 event
viaklera.com/ 0
0 53ms
52ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viaklera.com/event
Requested by: Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 event
viaklera.com/ 0
0 53ms
52ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viaklera.com/event
Requested by: Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 event
viaklera.com/ 0
0 54ms
53ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viaklera.com/event
Requested by: Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 event
viaklera.com/ 0
0 53ms
52ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viaklera.com/event
Requested by: Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone Show response
viaklera.com/ 594 B
967 B 44ms
43ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://viaklera.com/zone?pub=0&zone_id=5759770&is_mobile=true&domain=luckywinnershub.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.557&trace_id=f8813515-49fa-4ca9-8bbe-23993b670e54&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d7b2d0f4c637d927e455c1d31d4b20f36d83b81432b34ca45aeaa9a742773d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 17 Sep 2024 02:43:38 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://luckywinnershub.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 594

POST
H2 200 event
viaklera.com/ 0
0 47ms
45ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viaklera.com/event
Requested by: Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 event
viaklera.com/ 0
0 47ms
45ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viaklera.com/event
Requested by: Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 event
viaklera.com/ 0
0 45ms
44ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viaklera.com/event
Requested by: Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 event
viaklera.com/ 0
0 44ms
42ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viaklera.com/event
Requested by: Host: viaklera.com
URL: https://viaklera.com/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckywinnershub.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: americanews.pro
URL: blob:https://americanews.pro/1a7c2642-8e02-4252-b918-2445b0f98fc6

Domain: recordedthereby.com
URL: https://recordedthereby.com/sfp.js

Domain: cdn.show-sb.com
URL: https://cdn.show-sb.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proftrafficcounter.com/	1970-01-21 09:11:41	Name: uid_id2 Value: dcc63eac-7b0d-43f2-af06-78696727688f:3:1
americanews.pro/	1970-01-20 23:45:45	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: dcc63eac-7b0d-43f2-af06-78696727688f%3A3%3A1
hencesharply.com/	1970-01-20 23:37:07	Name: u_pl Value: 24275772
hencesharply.com/	1970-01-20 23:35:41	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI3NTc3MiwiayI6IjE0MGE5YjVjYTYzMjA4MGQwNmQ1ZTBjNTRmZmFlYjkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MjAxNDI2LCJwaWQiOjIxMzgzNTcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6NSwicHQiOjQsInBrIjoicjFobXA0OG56IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc0NTMwODkxLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJHZW5lcmljIEFuZHJvaWQiLCJ2IjoiVW5rbm93biIsIm0iOiJHZW5lcmljIEFuZHJvaWQiLCJmIjozLCJmbiI6IlNtYXJ0UGhvbmUiLCJvaWQiOjEwMjc1Nywib24iOiJBbmRyb2lkIiwib3YiOiIxMS4wIiwiYmlkIjoxMTI0NDUsImJuIjoiQ2hyb21lIE1vYmlsZSIsImJ2IjoiOTIiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjEwOCwiYyI6IklUIiwibiI6Ikl0YWx5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiR2xvYmFsIFJvdXRlciJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYW1lcmljYW5ld3MucHJvLyIsImFyIjpbXX19.LCPC2NMezn3jqfhlvJfBr0xwNhr76ozmoM4bpFFzW40
hencesharply.com/	1970-01-20 23:45:45	Name: uid_id2 Value: dcc63eac-7b0d-43f2-af06-78696727688f:3:1
hencesharply.com/	1970-01-20 23:37:07	Name: iprce1c7837188cd9e5936eeccd068c2b567 Value: 5484586
hencesharply.com/	1970-01-20 23:37:07	Name: pdhtkv Value: true
hencesharply.com/	1970-01-20 23:37:07	Name: uncs Value: 1
hencesharply.com/	1970-01-20 23:37:07	Name: pdhtkv5 Value: true
hencesharply.com/	1970-01-20 23:37:07	Name: uncs5 Value: 1
americanews.pro/	1970-01-20 23:35:48	Name: sb_main_a7efee780abd528c07221b6854b9af40 Value: 1
americanews.pro/	1970-01-20 23:35:48	Name: sb_count_a7efee780abd528c07221b6854b9af40 Value: 1
americanews.pro/	1970-01-20 23:35:48	Name: pp_main_8ec14e9d9710c48f9eb905a9bdd6ebf3 Value: 1
donationobliged.com/	1970-01-20 23:37:07	Name: u_pl Value: 24275776
donationobliged.com/	1970-01-20 23:45:45	Name: uid_id2 Value: dcc63eac-7b0d-43f2-af06-78696727688f:3:1
donationobliged.com/	1970-01-20 23:37:07	Name: pdhtkv Value: true
donationobliged.com/	1970-01-20 23:37:07	Name: uncs Value: 1
donationobliged.com/	1970-01-20 23:37:07	Name: pdhtkv29 Value: true
donationobliged.com/	1970-01-20 23:37:07	Name: uncs29 Value: 1
americanews.pro/	1970-01-20 23:35:41	Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf Value: donationobliged.com
my.rtmark.net/	1970-01-21 08:21:17	Name: ID Value: 0180dac38a714c66f7f7da98ba005435

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

americanews.pro
capaciousdrewreligion.com
cdn.show-sb.com
cdnjs.cloudflare.com
donationobliged.com
fonts.googleapis.com
fonts.gstatic.com
hencesharply.com
luckywinnershub.com
my.rtmark.net
proftrafficcounter.com
recordedthereby.com
remarkspeaceableviolate.com
viaklera.com
waust.at
whos.amung.us
americanews.pro
cdn.show-sb.com
recordedthereby.com
104.17.25.14
139.45.195.8
139.45.197.251
142.250.186.170
172.217.18.99
172.240.127.234
172.240.253.132
172.67.71.110
172.67.71.57
172.67.8.141
192.243.61.225
192.243.61.227
35.157.101.39
63.250.43.4
01ff0a6dfebce308d517e495941065eb38cc8b37a7b2bf67df272aea25f69c40
0ca3bcdc244a011cff113f873678ee9de68479a7f6c7f360b171c3edbc96dd1a
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
15daf1c9d7a75350201689179ee6a3ee80376e95c89f4a1db038c4d600b9878e
182600ef12499261e2e971331530eb1caacd6c2106c4c864d158ac9c4a9a2327
18f551911c68e079ef629648f47ad743c99d47e9d5c0d5a475c7392a1f0ab248
19aa88b48d0561eab4ed001b74bc150b96a35ab85513145d6560cb8808cdc9e4
1cdc5272f4719ff59e37324c8c4811884538a31ffe610b7983b94fc376e8a73f
21b589bbc25d38fbf4c8168b0801ce4cf9d0aa1d372ae1ac773574aaeb10c08d
2695bd5e9dd7ad3ed03eaab1a6c5d94975adf3ff948952b57a3cd90908cd6c1e
2d6f99da19fb15cd4cc506097dc5fb717f8a7dc116939f2f1cf291ae0c8f0282
2fe509a76e2d393d1da29496a5d01270e758fd40db02e8e3d8b68948ae31cabd
31c149915fd6fa27e9573983a8b0e86807a81f9ce8fcab7eb324cee25ff7afb4
392f1e6e9bb6d5c9d93fe79e033fc67b032c8b2e0e016c6656471d08de278cf1
3af178453f5355a446eb2133ffe906a7c451dc90105dd7420cbb01e067624c59
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
4074b6bf35cb8c26bf22a233752bdd5ee17b669163765dba93cdbc014f4ad71a
41206a21dea424ede372ad7ff6b899074ba328d9d9b9edef1c96a9c1a930098b
4334a3da5cd2bc9d5a65c8aa5facc0df32f0594bb0c7f227468c0911e12d18d6
44909e64cb276353b60535690459266004ce46e05d289e25809dbf688b8f5fba
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4642160d0205d5342780844964271985d249990692b779e8c4f3cb45c1a8708a
4ba90609efbf3e11565b8b9005e57d80f53a8837ce693c9023ccb0626461d212
4cdd05aeb1a1aacb2b016e3dd6e617b6b4b948c17624749bcbcbdbf17d7de3aa
4dcc90fa5d7a623ebf5e33e86f75ce58890cd9f3fc23dfcdacdab1f29996ff6f
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
510443ce3ddac232a79dec25d99068dc8370f945f3e6053ad854e84f05b75996
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
60706feef486348858ba02be6706b2d6a842f5c39daa45b877671836ecc64dd5
7209e11a45cef119e8d3539afb2689835d17b16a0a22f8334d867cf77a220d2a
73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa
762cb7845d3d7ad808fb51b756051a36806bdb707bacc8d48a66bf844d2ece9a
76fa60ed57bfa134bdc5ebf61c8fc8f34c478abf3ddb5523fe14fed62e2ff8b9
7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9
845a5200eb01a02833e74b09ab84d6ec2aab5ee16211ee1a31b7eb6a4bb61ecc
86697dd4a1a080b52706aa85fc49b1112dd0f0b32fa012583c4239b4fd4e1559
8faa2373bb49912f7d74e626c6fa9cc959c1e75496accc6fa5658a67f0082b73
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
967c2a487286ccb51d63128dfa97caae1b5dcfe39a22be90702285aed0f906c8
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a4a11a15db88d5fab08f59c1c34796b03f1f15bb3cc928dd226e1c59f7f59a3
9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606
b0c04b13f78f5f6822d998fb7d6e04d3c5b6913e9ebee3def82d8cae4bfbf0c9
b0c40a3ef77aea7e48c710fa701af1d074224846ebf30cd9d82b7596c15da2c1
b683a6791c8407bacf82b54f180621cc5975285c14e48aa26cd8270d3d59f1e1
b851be8a63493741a7e096df8552d2df7d2a01cafd681285526182659d272def
c714c752c8a7825f5993e5507190117ccf63ade68d44d455efcdd81c85ac7d48
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d280128d65ef9533b5237c67d89064bfd9910fc31c8fb024782db20b9b78f0ed
d7b2d0f4c637d927e455c1d31d4b20f36d83b81432b34ca45aeaa9a742773d54
d97bb9923ab3f0caaa855dde3600b1054c33f1b6d8a943b376d216f8638b5674
db4ab28a2831ea1364e0072e74398783dccb14514b93005ea557e306fe8db6bf
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e02b48b88352a0c0f5c14ae6cb7949cfa9bffd9743bf53f6ab8fd10459d91179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf968e400976b579ea9dcff5f0bc247a2b2371f9ce49c3b5829da4b7179f4f9
ee0febbabb76a8bd117697143098287cf4554865902ce18d4aa8cadbf984721f
f4019936f855e5f80e060da10366b0b854af59b9c85f6bbb217a36595f4d2e58
f498f4de89f8c27d4d56f4d8dd0988da262875d8e4f1fa71bdf2a391b9050523
f81a8d6e04f9bcaf83da78aa390fc3c12773ea7a2a10031f5a7eff4edaed1ac1
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fbdb11ca9a65338558d5a0edb6f181f70b892436130d0c4c59752e3f7ad314f8
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31
fdafa24ffdc69e2d4dc8555fa2315b2b90c2c22b8df90e1e78d99dd29acbd055
fdbeabb5b3aa977fa4416df3852acbf9fadf5755172a059961dc1ba72bb1d345

luckywinnershub.com Open in urlscan Pro 172.67.71.110 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

96 %HTTPS

0 %IPv6

16 Domains

16 Subdomains

15 IPs

4 Countries

1288 kBTransfer

3360 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

luckywinnershub.com Open in urlscan Pro
172.67.71.110 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

96 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

15
IPs

4
Countries

1288 kB
Transfer

3360 kB
Size

21
Cookies

94 HTTP transactions
1 data transactions