www.secure.lucky4u.ru Open in urlscan Pro
185.178.208.167 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.secure.lucky4u.ru/
Submission: On November 08 via automatic, source certstream-suspicious (November 8th 2020, 5:03:41 am UTC)

Summary HTTP 58 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 58 HTTP transactions. The main IP is 185.178.208.167, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is www.secure.lucky4u.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 18th 2020. Valid for: 3 months.

This is the only time www.secure.lucky4u.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	185.178.208.167 185.178.208.167	57724 (DDOS-GUARD) (DDOS-GUARD)
21	2606:4700:303... 2606:4700:3034::ac43:d4ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	95.142.30.138 95.142.30.138	20645 (PUREPEAK-ASN) (PUREPEAK-ASN)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3032::681b:b6f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
2	107.154.132.27 107.154.132.27	19551 (INCAPSULA) (INCAPSULA)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	2606:4700:10:... 2606:4700:10::ac43:de3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	95.142.30.132 95.142.30.132	20645 (PUREPEAK-ASN) (PUREPEAK-ASN)
58	16

8 185.178.208.167 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

www.secure.lucky4u.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3034::ac43:d4ad (United States)

ASN13335 (CLOUDFLARENET, US)

fortunablog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.30.138 (Amsterdam, Netherlands)

ASN20645 (PUREPEAK-ASN, IL)
PTR: ip-95-142-30-138.purepeak.com

www.thelotter-affiliates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::681b:b6f2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lottery-win.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.154.132.27 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.27.ip.incapdns.net

webapi.thelotter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:de3 (United States)

ASN13335 (CLOUDFLARENET, US)

call.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chat.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.30.132 (Amsterdam, Netherlands)

ASN20645 (PUREPEAK-ASN, IL)
PTR: ip-95-142-30-132.purepeak.com

www.tl-res.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	fortunablog.ru fortunablog.ru	172 KB
8	lucky4u.ru www.secure.lucky4u.ru	479 KB
5	lottery-win.org www.lottery-win.org	7 KB
4	yandex.ru 1 redirects mc.yandex.ru	96 KB
4	gstatic.com fonts.gstatic.com	31 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	72 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	chatra.io call.chatra.io chat.chatra.io	10 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	thelotter.com webapi.thelotter.com	856 B
2	google.com apis.google.com	68 KB
1	tl-res.com www.tl-res.com	8 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	thelotter-affiliates.com www.thelotter-affiliates.com	1 KB
1	jquery.com code.jquery.com	33 KB
58	15

	Domain	Requested by
21	fortunablog.ru	www.secure.lucky4u.ru fortunablog.ru
8	www.secure.lucky4u.ru	www.secure.lucky4u.ru
5	www.lottery-win.org	www.thelotter-affiliates.com
4	mc.yandex.ru	1 redirects www.secure.lucky4u.ru
4	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	counter.yadro.ru	1 redirects www.secure.lucky4u.ru
2	webapi.thelotter.com	ajax.googleapis.com
2	ajax.googleapis.com	www.thelotter-affiliates.com
2	fonts.googleapis.com	fortunablog.ru www.lottery-win.org
2	apis.google.com	www.secure.lucky4u.ru apis.google.com
1	www.tl-res.com	www.secure.lucky4u.ru
1	chat.chatra.io	call.chatra.io
1	call.chatra.io	www.secure.lucky4u.ru
1	www.googletagmanager.com	www.secure.lucky4u.ru
1	www.thelotter-affiliates.com	www.secure.lucky4u.ru
1	code.jquery.com	www.secure.lucky4u.ru
58	17

This site contains links to these domains. Also see Links.

Domain
fortunablog.ru
smarturl.it
vk.com
www.instagram.com
twitter.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
secure.lucky4u.ru Let's Encrypt Authority X3	`2020-08-18` - `2020-11-16`	3 months	crt.sh
*.fortunablog.ru Let's Encrypt Authority X3	`2020-09-24` - `2020-12-23`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
www.thelotter-affiliates.com COMODO RSA Domain Validation Secure Server CA	`2019-01-13` - `2021-01-12`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-07` - `2021-08-07`	a year	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
counter.yadro.ru Let's Encrypt Authority X3	`2020-10-29` - `2021-01-27`	3 months	crt.sh
*.thelotter.com GeoTrust TLS RSA CA G1	`2020-01-06` - `2022-01-05`	2 years	crt.sh
*.tl-res.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-22` - `2022-01-21`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.secure.lucky4u.ru/
Frame ID: DAB82D091A1FDD145C55B96BE5F917BA
Requests: 56 HTTP requests in this frame

Frame: https://chat.chatra.io/
Frame ID: BCD24B32B283EF340BBD2FDDE9C75131
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

58
Requests

100 %
HTTPS

69 %
IPv6

15
Domains

17
Subdomains

16
IPs

4
Countries

1034 kB
Transfer

1891 kB
Size

6
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://fortunablog.ru/

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/category/loterei/
Title: Лотереи

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/category/totalizatory/
Title: Беттинг

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/category/promo/
Title: Бонусы и акции

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/sekrety-kartochnyh-fokusov/
Title: Секреты карточных фокусов

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/category/karty/
Title: Настольные карточные игры

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/sekrety-kartochnyh-fokusov/#more-319
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/sekrety-kartochnyh-fokusov/#comments
Title: 9 комментариев

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/promokod-1xstavka/
Title: Промокод 1хСтавка на сегодня

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/promokod-1xstavka/#more-396632
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/promokod-1xstavka/#comments
Title: 23 комментария

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/chto-takoe-fribet-v-stavkah-na-sport-ot-bk/
Title: Что такое фрибет в ставках на спорт от БК?

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/chto-takoe-fribet-v-stavkah-na-sport-ot-bk/#more-399900
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/chto-takoe-fribet-v-stavkah-na-sport-ot-bk/#respond
Title: Добавить комментарий

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/avansovye-stavki/
Title: Авансовая ставка на спорт [доверительный беттинг]: шанс выиграть или слив банкролла?

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/avansovye-stavki/#more-399880
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/avansovye-stavki/#respond
Title: Добавить комментарий

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/instagram-v-stavkah-na-sport/
Title: Instagram в ставках на спорт

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/instagram-v-stavkah-na-sport/#more-399859
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/instagram-v-stavkah-na-sport/#comments
Title: 2 комментария

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/myscore-futbol-onlajn-translyatsii-i-rezultaty/
Title: MyScore футбол онлайн трансляции и результаты

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/myscore-futbol-onlajn-translyatsii-i-rezultaty/#more-399847
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/myscore-futbol-onlajn-translyatsii-i-rezultaty/#respond
Title: Добавить комментарий

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/promokod-bonus-kod-leon/
Title: Бонус код Леон при регистрации на ноябрь 2020

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/promokod-bonus-kod-leon/#more-396681
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/promokod-bonus-kod-leon/#comments
Title: 4 комментария

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/stoit-li-igrat-v-lotereyu/
Title: Стоит ли играть в лотерею

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/stoit-li-igrat-v-lotereyu/#more-399773
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/stoit-li-igrat-v-lotereyu/#comments
Title: 2 комментария

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/strategiya-stavok-na-sistemy/
Title: Стратегия ставок на системы

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/strategiya-stavok-na-sistemy/#more-399764
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/strategiya-stavok-na-sistemy/#comments
Title: 2 комментария

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/russkoe-loto-ekspress/
Title: Русское лото экспресс

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/russkoe-loto-ekspress/#more-399744
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/russkoe-loto-ekspress/#respond
Title: Добавить комментарий

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/bormotun-osnovatel-tehniki-podmeny-stavok/
Title: Бормотун – основатель техники подмены ставок

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/category/uncategorized/
Title: Разное

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/bormotun-osnovatel-tehniki-podmeny-stavok/#more-399735
Title: Далее…

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/bormotun-osnovatel-tehniki-podmeny-stavok/#respond
Title: Добавить комментарий

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/page/2/
Title: Следующая страница →

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/category/forex/
Title: Биржевая торговля

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/category/igromaniya/
Title: Игромания

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/category/moshennichestvo/
Title: Мошенничество

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/category/fortuna/
Title: Про удачу

Search URL Search Domain Scan URL

URL: https://smarturl.it/theBig_Play?tl_affid=8910&tl_bannerid=57ab9396&chan=
Title: € 130 миллионов Играть

Search URL Search Domain Scan URL

URL: https://vk.com/fortunablog

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fortunablog/

Search URL Search Domain Scan URL

URL: https://twitter.com/fortunablogru

Search URL Search Domain Scan URL

URL: https://fortunablog.ru/kto-takoj-pit-boss-v-igrovyh-zavedeniyah/
Title: Кто такой пит-босс в игровых заведениях

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://counter.yadro.ru/hit?t24.4;r;s1600*1200*24;uhttps%3A//www.secure.lucky4u.ru/;0.5215800164159841 HTTP 302
https://counter.yadro.ru/hit?q;t24.4;r;s1600*1200*24;uhttps%3A//www.secure.lucky4u.ru/;0.5215800164159841

Request Chain 55

https://mc.yandex.ru/watch/33345663?wmode=7&page-url=https%3A%2F%2Fwww.secure.lucky4u.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604811797740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108060324%3Aet%3A1604811805%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A192860614214%3Arqn%3A1%3Arn%3A57919125%3Ahid%3A143586507%3Ads%3A22%2C42%2C50%2C0%2C1%2C0%2C0%2C6743%2C34%2C%2C%2C%2C6860%3Afp%3A6703%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604811805%3Au%3A1604811805515179926%3At%3A%D0%A4%D0%BE%D1%80%D1%82%D1%83%D0%BD%D0%B0%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%A1%D0%B0%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D0%BE%D0%B5%20%D0%B2%20%D1%8D%D1%82%D0%BE%D0%B9%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%20%D1%81%20%D0%BD%D0%B0%D0%BC%D0%B8%20%D0%BF%D1%80%D0%BE%D0%B8%D1%81%D1%85%D0%BE%D0%B4%D0%B8%D1%82%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D0%BD%D0%BE HTTP 302
https://mc.yandex.ru/watch/33345663/1?wmode=7&page-url=https%3A%2F%2Fwww.secure.lucky4u.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604811797740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108060324%3Aet%3A1604811805%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A192860614214%3Arqn%3A1%3Arn%3A57919125%3Ahid%3A143586507%3Ads%3A22%2C42%2C50%2C0%2C1%2C0%2C0%2C6743%2C34%2C%2C%2C%2C6860%3Afp%3A6703%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604811805%3Au%3A1604811805515179926%3At%3A%D0%A4%D0%BE%D1%80%D1%82%D1%83%D0%BD%D0%B0%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%A1%D0%B0%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D0%BE%D0%B5%20%D0%B2%20%D1%8D%D1%82%D0%BE%D0%B9%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%20%D1%81%20%D0%BD%D0%B0%D0%BC%D0%B8%20%D0%BF%D1%80%D0%BE%D0%B8%D1%81%D1%85%D0%BE%D0%B4%D0%B8%D1%82%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D0%BD%D0%BE

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.secure.lucky4u.ru/ 37 KB
10 KB 114ms
50ms Document
text/html 185.178.208.167
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.167 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard / PHP/7.4.9RC1

Resource Hash

f1fdebed7d24c3d1c37da8c2ea367afc8be22b7b2ae13aff3faa4d374390c082

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:method: GET
:authority: www.secure.lucky4u.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1=YEgavRSH9Vs3cqbpqJZZ; Domain=.lucky4u.ru; HttpOnly; Path=/; Expires=Mon, 08-Nov-2021 05:03:17 GMT
date: Sun, 08 Nov 2020 05:04:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding,Cookie
x-powered-by: PHP/7.4.9RC1
cache-control: max-age=3, must-revalidate
content-encoding: gzip

GET
H2 200 style.css
fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/ 15 KB
4 KB 112ms
42ms Stylesheet
text/css 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5105afc72520603d3f2e9147fffc6a3869afa2c8bfcd52529b3d7a5b94f4724c

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 0647d5cdab00002b122701a000000001
last-modified: Sat, 01 Feb 2020 14:01:53 GMT
server: cloudflare
etag: W/"5e3584d1-3d54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YgeOeeLWK4Zjhf%2FS8a2SJmzdg7T6HLZ6gOP4sVesFj%2FCzNCqD93Yxk8OQo76Z3%2B2DnAObwcQnCgn8H38xmK0nExPoHn6mHy0xJrs6y4Iu7o1WXDdYcM4SzXeBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5eecbf2919c62b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 64ms
43ms Script
application/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7J/akuFlO2TPG+O9rrh8jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "3e801f1b1d67e6ea720d7c6a799ff679"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-7J/akuFlO2TPG+O9rrh8jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 08 Nov 2020 05:03:17 GMT

GET
H2 200 widget.css
fortunablog.ru/wp-content/plugins/yet-another-related-posts-plugin/style/ 623 B
571 B 107ms
36ms Stylesheet
text/css 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunablog.ru/wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=5.5.3
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc73d188090ccf54462917db72c1cc11fc803e1ef26b1ef397d542690bed3fdf

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 0647d5cdac00002b1207bd3000000001
last-modified: Wed, 23 Sep 2020 12:40:12 GMT
server: cloudflare
etag: W/"5f6b422c-26f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EH9UUlNnvlx60eD5k7MZnX8B6Ey4xfgCQcFaQL6tRKJ7Yb6JZ7owued7F1o4ZSpZHusishL3mtukeZuvA5nh7hVxuv9t5oCSd%2F%2FzW2kzGuQuOHpTqgZU7iufNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5eecbf2919c72b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
fortunablog.ru/wp-includes/css/dist/block-library/ 53 KB
8 KB 108ms
38ms Stylesheet
text/css 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunablog.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 0647d5cdac00002b1268b0b000000001
last-modified: Wed, 02 Sep 2020 05:52:40 GMT
server: cloudflare
etag: W/"5f4f3328-d293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lnth3agt6n8bu1DAL21hGz8F66p1BvdFdFPViXGxqSbWeUsvMOBGKdYidKdf%2Fn2qNX2y4cKjgWKQAi0i7GEUhXC%2B%2Byg6nSPX0j237WOv%2Btuqj7TCk%2BFZZJoyiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5eecbf2919c82b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
fortunablog.ru/wp-content/plugins/dw-question-answer/templates/assets/css/ 12 KB
3 KB 105ms
35ms Stylesheet
text/css 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunablog.ru/wp-content/plugins/dw-question-answer/templates/assets/css/style.css?ver=180720161357
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06196888fca0d8ba3ad02629d388c2da938011f0f2c539fce8c843b9ee8c0820

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 0647d5cdac00002b12021cd000000001
last-modified: Thu, 09 Apr 2020 12:35:46 GMT
server: cloudflare
etag: W/"5e8f16a2-3112"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H75Ak72pKuiZgldSRrzrAliISM%2BknEVo%2BSxtixvK%2Bwj4Q6GjN0mHraLNuFY3KyFZE7X7Bg%2BFUrJPBFdPMY6LUQuSUN00r7rPE8ilnNRWe43Mq8kQCXEYQb8UlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5eecbf2919c92b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rtl.css
fortunablog.ru/wp-content/plugins/dw-question-answer/templates/assets/css/ 1 KB
554 B 106ms
36ms Stylesheet
text/css 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunablog.ru/wp-content/plugins/dw-question-answer/templates/assets/css/rtl.css?ver=180720161357
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20bbee8d920f8affb51d68d64e44eab60ab24d0e3b9e826d0f1b732f7dc7ac39

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 0647d5cdac00002b125c1b9000000001
last-modified: Thu, 09 Apr 2020 12:35:46 GMT
server: cloudflare
etag: W/"5e8f16a2-404"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ALSL800fFu6uGiFRGHlevnDQd1nXNbm4O1U3XBua77IMnYuIvAGKpZv0xU%2BYdAJKzfSb0cHw2gZWtqyO8DgQtol6N59uiK%2FPFprhBYdpy8XCLUeFPvlxJE7WNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 5eecbf2919ca2b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
fortunablog.ru/wp-includes/js/jquery/ 95 KB
32 KB 129ms
59ms Script
application/javascript 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunablog.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 0647d5cdac00002b12223a3000000001
last-modified: Tue, 14 Apr 2020 11:03:41 GMT
server: cloudflare
etag: W/"5e95988d-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xeHFAZKVb0rslE7sEsKOTDchOjW7PCMib89I5byxPbs6%2BVlHrOONcPQnUfu06RdhsvO9AEnGoKaHTKfPDI9DbrJD6x2oLSqpvsNMsUnVd%2BzGfAdk59qBVwkb7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5eecbf2919cc2b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-1.8.0.min.js Show response
code.jquery.com/ 90 KB
33 KB 6517ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.8.0.min.js
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
status: 200
etag: W/"54499a47-1698b"
vary: Accept-Encoding
x-hw: 1604811804.dop002.fr8.t,1604811804.cds257.fr8.hn,1604811804.cds204.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33039

GET
H2 200 clipboard.min.js Show response
fortunablog.ru/js/ 10 KB
3 KB 106ms
37ms Script
application/javascript 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunablog.ru/js/clipboard.min.js
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 0647d5cdac00002b122510e000000001
last-modified: Thu, 01 Mar 2018 06:07:10 GMT
server: cloudflare
etag: W/"5a97988e-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FNdWFqCY2SeALwuJr3Y2jImyEYss376HaU5hWkLg%2FFmXizLS%2BnTTjpFTu9kvt%2BldlOi5awmyqPl1XNI1k1jYNqVOtPVOfNm6%2FOIKwe6vWLX1xpnwnUkqVks9jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 5eecbf2919ce2b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fortunablog-logo.png
www.secure.lucky4u.ru/images/ 5 KB
5 KB 23ms
22ms Image
image/png 185.178.208.167
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secure.lucky4u.ru/images/fortunablog-logo.png

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.167 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

896ef0f23e48a5a0680fa7d8a7901b024790208f91fca74cc7c417b95213d4f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 22 Apr 2019 18:45:10 GMT
server: ddos-guard
etag: "1216-58722de31d980"
content-type: image/png
status: 200
date: Sun, 08 Nov 2020 05:04:15 GMT
accept-ranges: bytes
content-length: 4630

GET
H2 200 focus.jpg
www.secure.lucky4u.ru/images/blog/ 217 KB
217 KB 27ms
27ms Image
image/jpeg 185.178.208.167
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secure.lucky4u.ru/images/blog/focus.jpg

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.167 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

a9e5fcf55f4e784bdca630e97f7d608b689a947d870854f68ceefdfe5e7ab464

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 16 Jun 2018 17:35:25 GMT
server: ddos-guard
etag: "363ca-56ec5c1f19140"
content-type: image/jpeg
status: 200
date: Sun, 08 Nov 2020 05:04:15 GMT
accept-ranges: bytes
content-length: 222154

GET
H2 403 freebet.png
fortunablog.ru/images/blog/2020/08/ 0
0 11ms
11ms Image
text/html 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/images/blog/2020/08/freebet.png
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 403 avans.jpg
fortunablog.ru/images/blog/2020/08/ 0
0 10ms
9ms Image
text/html 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/images/blog/2020/08/avans.jpg
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 403 instagram-3319588_1280.jpg
fortunablog.ru/images/blog/2020/08/ 0
0 9ms
9ms Image
text/html 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/images/blog/2020/08/instagram-3319588_1280.jpg
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 403 myscore-present.png
fortunablog.ru/images/blog/2020/08/ 0
0 10ms
9ms Image
text/html 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/images/blog/2020/08/myscore-present.png
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 leon.jpg
www.secure.lucky4u.ru/images/blog/ 15 KB
15 KB 25ms
25ms Image
image/jpeg 185.178.208.167
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secure.lucky4u.ru/images/blog/leon.jpg

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.167 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

b2d79874756244d3eda0a69dbd2c0b67b97d40d5d30ea7d1899b480a931cde1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 Oct 2017 20:20:52 GMT
server: ddos-guard
etag: "3d95-55cdd7dd21100"
content-type: image/jpeg
status: 200
date: Sun, 08 Nov 2020 05:04:15 GMT
accept-ranges: bytes
content-length: 15765

GET
H2 403 stoit-li-igrat-v-loterey.jpg
fortunablog.ru/images/blog/2020/06/ 0
0 10ms
9ms Image
text/html 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/images/blog/2020/06/stoit-li-igrat-v-loterey.jpg
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 403 stavki-na-sistemy.png
fortunablog.ru/images/blog/2020/06/ 0
0 9ms
9ms Image
text/html 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/images/blog/2020/06/stavki-na-sistemy.png
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 403 russkoe-loto-ekspress-1.png
fortunablog.ru/images/blog/2020/06/ 0
0 18ms
18ms Image
text/html 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/images/blog/2020/06/russkoe-loto-ekspress-1.png
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 403 bormotun.png
fortunablog.ru/images/blog/2020/06/ 0
0 9ms
9ms Image
text/html 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/images/blog/2020/06/bormotun.png
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK banner.php Show response
www.thelotter-affiliates.com/scripts/ 2 KB
1 KB 115ms
44ms Script
application/x-javascript 95.142.30.138
PUREPEAK-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelotter-affiliates.com/scripts/banner.php?tl_affid=8910&tl_bannerid=57ab9396
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 95.142.30.138 Amsterdam, Netherlands, ASN20645 (PUREPEAK-ASN, IL),
Reverse DNS: ip-95-142-30-138.purepeak.com
Software: Microsoft-IIS/8.5 / PHP/5.5.36, ASP.NET
Resource Hash: d4248294ebc601f6750696b19b378aba1d302fb3fdcbc0a4130b202b47e52f10

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 05:03:18 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/5.5.36, ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-cache, no-store, max-age=0
Server-Name: shield
Content-Length: 897
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 two_new_bonuses_300x250.gif
www.secure.lucky4u.ru/images/ 205 KB
206 KB 24ms
23ms Image
image/gif 185.178.208.167
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secure.lucky4u.ru/images/two_new_bonuses_300x250.gif

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.167 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

b6618579228ae5737b910feffaf6992a36080bf72f2381261f357f8eafe4daa5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 17 Jul 2020 12:57:08 GMT
server: ddos-guard
etag: "335d5-5aaa2b1cd5100"
content-type: image/gif
status: 200
date: Sun, 08 Nov 2020 05:04:15 GMT
accept-ranges: bytes
content-length: 210389

GET
H2 200 vk.png
www.secure.lucky4u.ru/images/social/ 6 KB
6 KB 25ms
25ms Image
image/png 185.178.208.167
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secure.lucky4u.ru/images/social/vk.png

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.167 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

9aa0eef4c7e71f98dfc22f3fbf77dc996ee84cec7684b08db95f0cbbbc429e76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 08 Jun 2019 09:46:51 GMT
server: ddos-guard
etag: "172f-58accd390d8c0"
content-type: image/png
status: 200
date: Sun, 08 Nov 2020 05:04:15 GMT
accept-ranges: bytes
content-length: 5935

GET
H2 200 insta.png
www.secure.lucky4u.ru/images/social/ 14 KB
14 KB 31ms
31ms Image
image/png 185.178.208.167
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secure.lucky4u.ru/images/social/insta.png

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.167 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

16a99e26f882fc7c089346ce18d40e2b698907704a366c6f15c47c5312a4a879

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 08 Jun 2019 09:58:46 GMT
server: ddos-guard
etag: "36a7-58accfe2ee180"
content-type: image/png
status: 200
date: Sun, 08 Nov 2020 05:04:15 GMT
accept-ranges: bytes
content-length: 13991

GET
H2 200 twi.png
www.secure.lucky4u.ru/images/social/ 7 KB
7 KB 24ms
24ms Image
image/png 185.178.208.167
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secure.lucky4u.ru/images/social/twi.png

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.167 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

741797e27872cf62fbdfe666b359a4b1d0ee505a80e767f3ea5fbf36626b88bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 08 Jun 2019 10:02:22 GMT
server: ddos-guard
etag: "1a09-58acd0b0ec780"
content-type: image/png
status: 200
date: Sun, 08 Nov 2020 05:04:15 GMT
accept-ranges: bytes
content-length: 6665

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 52ms
33ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-123032205-1

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cfd9c56647a62263d1a394a53118db3d1a456ad953736a560c7307366d916f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38328
x-xss-protection: 0
last-modified: Sun, 08 Nov 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Nov 2020 05:03:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 35ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans&subset=latin,cyrillic

Requested by

Host: fortunablog.ru
URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3692865cdf538647a7e331e5d58e1d7379ad86cc1f8468bb53547f084a2db200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Nov 2020 05:03:18 GMT
server: ESF
date: Sun, 08 Nov 2020 05:03:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Nov 2020 05:03:18 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 138 KB
49 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 456498
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49481
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:00 GMT

GET
H2 200 white-scratch-lines.png
fortunablog.ru/images/ 60 KB
60 KB 54ms
54ms Image
image/png 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/images/white-scratch-lines.png
Requested by: Host: fortunablog.ru
URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f293596507ca2a840b70b2f210fb94b5510b8edd15d6ee1a04b5a1e9f6a49a83

Request headers

Referer: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 61396
cf-request-id: 0647d5e6f500002b1230902000000001
last-modified: Mon, 17 Dec 2018 17:31:07 GMT
server: cloudflare
etag: "5c17dd5b-efd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e7%2FESCcEQJ8fFd2d4X7UH0BCzc6DtPao%2BBZanHiN1cqg1OgE12Rhl7ESTASCXdjBDsughzVlAQjGrSq95cMabSvj9HW94wBuYXVKkWXIs8CHpG4pYAC48IUrZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5eecbf5189942b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 header-bg.jpg
fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/images/ 39 KB
40 KB 49ms
48ms Image
image/jpeg 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/images/header-bg.jpg
Requested by: Host: fortunablog.ru
URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69d28e8eaa4c6186b74cdcf9fb66ba4fc3334471466108d73af98e4bcd1eeafd

Request headers

Referer: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 40268
cf-request-id: 0647d5e6f500002b1216372000000001
last-modified: Wed, 17 Sep 2014 10:23:28 GMT
server: cloudflare
etag: "54196120-9d4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=76hdgBWnIYfhD55ocCr25DLNJcA9cb2Utn5sHaHbK3nsMf100T6l%2BA6opYtEfxWLnMKHRHGoBJIbybAoe7VaL4pVH0szGMMye%2BgKLAe6yW%2FiUMrZQzw4oQvpQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5eecbf5189972b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page-bg.jpg
fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/images/ 8 KB
8 KB 36ms
36ms Image
image/jpeg 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/images/page-bg.jpg
Requested by: Host: fortunablog.ru
URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f313e1872003c5c382e55ef9df6b92f5cf07a329756dbbbd0f96a33e4aa72203

Request headers

Referer: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 7832
cf-request-id: 0647d5e6f900002b122c3b4000000001
last-modified: Sun, 18 Jul 2010 20:07:00 GMT
server: cloudflare
etag: "4c435ee4-1e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MPhQ4gSXJb%2F%2Bul3EYIMRhkHe2jJd2UJN9Znjhr194w354EUnE0IxOipA%2FEAdbQ%2BXEFHdOLywdCNW3uhIpXEjxEjandgKt6lUXQJKfbBfd1mt3e2WtW9pAAIZFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5eecbf5189a22b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-date-bg.jpg
fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/images/ 3 KB
3 KB 38ms
38ms Image
image/jpeg 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/images/post-date-bg.jpg
Requested by: Host: fortunablog.ru
URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a974ca13e998007f7aa0e7490861c32b2e34d355358ad35502bbc84a536e19

Request headers

Referer: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 3260
cf-request-id: 0647d5e6f900002b125605e000000001
last-modified: Sun, 18 Jul 2010 20:07:02 GMT
server: cloudflare
etag: "4c435ee6-cbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L1%2FPjY%2FG4UGva5QuohtalA4E0yZDHiellPYjDcP5moMuHakQpmYgG%2BeiIIZRyyFUjUQ0qOCfL2TdjKWhJ6tMjsX56UOsMxsxGGD0Sb4eQSnPz%2FySQpFQPJ5NKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5eecbf5189a32b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sidebar-header-bg.jpg
fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/images/ 7 KB
8 KB 34ms
33ms Image
image/jpeg 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/images/sidebar-header-bg.jpg
Requested by: Host: fortunablog.ru
URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 489c47c74f80091e691d4ed98c5bb0df6e5b28bd556e8ead03ac7ef6c3e5c59c

Request headers

Referer: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 7453
cf-request-id: 0647d5e6fa00002b125cbf7000000001
last-modified: Sun, 18 Jul 2010 20:07:02 GMT
server: cloudflare
etag: "4c435ee6-1d1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7vK21%2Bq3vi1jbt1m2jKko9jmQMf7b9eJuMdKCwvl31ezqAbeYia5MPEQw3Ls2JOwmY6NIxH7ujsWiwQnlxz2cXvwNhL1L4q%2FRAkh1zjyR0vmlxxF6YX74X0Wfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5eecbf5189a72b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sidebar-li-bg.jpg
fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/images/ 904 B
1 KB 34ms
34ms Image
image/jpeg 2606:4700:3034::ac43:d4ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/images/sidebar-li-bg.jpg
Requested by: Host: fortunablog.ru
URL: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7751a0d770c9dfad3b2b6cc2a693e4d27a77b4959f1b96a69fca9355f640b962

Request headers

Referer: https://fortunablog.ru/wp-content/themes/golden-rule-wordpress-theme/style.css?15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 904
cf-request-id: 0647d5e6fa00002b125c332000000001
last-modified: Sun, 18 Jul 2010 20:07:04 GMT
server: cloudflare
etag: "4c435ee8-388"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cvHp59oJFZhNzASDWSwMsXsQm23Q4ktlFmus9fIiyBhTa7RNAyH6PdGA5R7jWzDUObeOeWZSxipAare2szNj7YvKSj2QlBpZE8qHZrbItxw2%2BGNHshUbUfPZ%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5eecbf5199aa2b12-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr4TRASf6M7VBj.woff2
fonts.gstatic.com/s/notosans/v11/ 6 KB
6 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr4TRASf6M7VBj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55530a3893a0e530a44e3e073d3c255b5745b460138e00fc2e43fcaf160e4ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secure.lucky4u.ru
Referer: https://fonts.googleapis.com/css?family=Noto+Sans&subset=latin,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:23:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:50:55 GMT
server: sffe
age: 150000
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5908
x-xss-protection: 0
expires: Sat, 06 Nov 2021 11:23:24 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v11/ 10 KB
10 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secure.lucky4u.ru
Referer: https://fonts.googleapis.com/css?family=Noto+Sans&subset=latin,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 16:55:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:50:56 GMT
server: sffe
age: 130093
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10292
x-xss-protection: 0
expires: Sat, 06 Nov 2021 16:55:11 GMT

GET
H2 200 ResponsiveToaster.css
www.lottery-win.org/Css/ 2 KB
972 B 81ms
51ms Stylesheet
text/css 2606:4700:3032::681b:b6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lottery-win.org/Css/ResponsiveToaster.css
Requested by: Host: www.thelotter-affiliates.com
URL: https://www.thelotter-affiliates.com/scripts/banner.php?tl_affid=8910&tl_bannerid=57ab9396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 70a22b30d8d0d685986b0fba00ac003f8b20a611ed1e7e0b4342378d3dc8c802

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
status: 200
server-name: simba6
cf-request-id: 0647d5e732000006017cb66000000001
last-modified: Wed, 22 Mar 2017 09:28:50 GMT
server: cloudflare
etag: W/"ba73f2b6eea2d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iLvY1axmbMHKJUUd481O3LnRv7hok6l1kiaZyjGVjlshpgscNTr55%2FehJMfg7oTjrYkYXScC%2FL3R13XlrxXPouGtXS%2FzCIBLPtpUt8%2BRXCTBfCrzqdC5fLqChJp9FEa1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-polished: origSize=3128
cf-ray: 5eecbf51ef0d0601-FRA
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.thelotter-affiliates.com
URL: https://www.thelotter-affiliates.com/scripts/banner.php?tl_affid=8910&tl_bannerid=57ab9396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 07 Nov 2020 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30527
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Nov 2021 20:34:37 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.2.14/ 100 KB
37 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.2.14/angular.min.js

Requested by

Host: www.thelotter-affiliates.com
URL: https://www.thelotter-affiliates.com/scripts/banner.php?tl_affid=8910&tl_bannerid=57ab9396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73a2774d049cd352b26f6b605d2a0ea7e5322c2c985b2f3a288136b6ded2545a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 06 Nov 2020 21:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113184
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37976
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Nov 2021 21:37:00 GMT

GET
H2 200 App.js Show response
www.lottery-win.org/Scripts/TheLotter/ 7 KB
2 KB 41ms
11ms Script
application/javascript 2606:4700:3032::681b:b6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lottery-win.org/Scripts/TheLotter/App.js
Requested by: Host: www.thelotter-affiliates.com
URL: https://www.thelotter-affiliates.com/scripts/banner.php?tl_affid=8910&tl_bannerid=57ab9396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 086d417a0b0daa230ceb0e99f6b2c9dd81088fe6d3c7d250e2a88470402c615b

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4979
x-powered-by: ASP.NET
status: 200
server-name: simba6
cf-request-id: 0647d5e732000006019f990000000001
last-modified: Mon, 13 Mar 2017 13:32:29 GMT
server: cloudflare
etag: W/"dc48bb42fe9bd21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zdD9kyp44ra7eRu80VGjfPn7F3TNbQCZAiddDK8VVUhl0ddCuf2oa5v6BaX564JHCRzOi%2F02TGNUv9vpGiVOOm0wajCxKuUqVimPsjJ1Xx3JhXOVsTuFPC9T8RH8Dxdw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-polished: origSize=16461
cf-ray: 5eecbf51ef110601-FRA
cf-bgj: minify

GET
H2 200 Utils.js Show response
www.lottery-win.org/Scripts/TheLotter/ 2 KB
1 KB 41ms
12ms Script
application/javascript 2606:4700:3032::681b:b6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lottery-win.org/Scripts/TheLotter/Utils.js
Requested by: Host: www.thelotter-affiliates.com
URL: https://www.thelotter-affiliates.com/scripts/banner.php?tl_affid=8910&tl_bannerid=57ab9396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 13ce7d8a337f83173a2ae44f30a70e5140b634746f3f10db2d352912d6784fb5

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4979
x-powered-by: ASP.NET
status: 200
server-name: simba6
cf-request-id: 0647d5e73200000601912a6000000001
last-modified: Mon, 13 Mar 2017 13:32:29 GMT
server: cloudflare
etag: W/"3caabd42fe9bd21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FvWoS1orweCjgg26dNiXRLXCbtcID5IYzP8AiV6FQN3EabVU76weBGEz%2FI246z7our5exXqs9K2iaX2vmTzxI72cNzc0JVsL1UWCC3UvnY3SIuRNpzU51JbqRYj%2BYeLC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-polished: origSize=5640
cf-ray: 5eecbf51ef130601-FRA
cf-bgj: minify

GET
H2 200 DrawTimer.js Show response
www.lottery-win.org/Scripts/TheLotter/ 2 KB
1 KB 40ms
11ms Script
application/javascript 2606:4700:3032::681b:b6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lottery-win.org/Scripts/TheLotter/DrawTimer.js
Requested by: Host: www.thelotter-affiliates.com
URL: https://www.thelotter-affiliates.com/scripts/banner.php?tl_affid=8910&tl_bannerid=57ab9396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 06bb0e095ea69c36d1de29ff26b3daf99afb94d3b704a30e7d7aa6636ee15b6b

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4979
x-powered-by: ASP.NET
status: 200
server-name: simba6
cf-request-id: 0647d5e73200000601b5209000000001
last-modified: Mon, 13 Mar 2017 13:32:29 GMT
server: cloudflare
etag: W/"3caabd42fe9bd21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ANUNNEvBV%2BvKSC4voTWF%2F%2ByGznU2KJOBo3D8vjFEjPjbuaY%2BFM5AA1EsQ1AHIr9tPFMXJIiHkQeF76PEXZMVSGAh0bGGuWf9aTbcKoJtA%2F6%2BEFUdg3%2BM%2BBPiGJH7gr1H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-polished: origSize=3959
cf-ray: 5eecbf51ef160601-FRA
cf-bgj: minify

GET
H2 200 Translations.js Show response
www.lottery-win.org/Scripts/TheLotter/ 5 KB
2 KB 82ms
55ms Script
application/javascript 2606:4700:3032::681b:b6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lottery-win.org/Scripts/TheLotter/Translations.js
Requested by: Host: www.thelotter-affiliates.com
URL: https://www.thelotter-affiliates.com/scripts/banner.php?tl_affid=8910&tl_bannerid=57ab9396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 285cef4e24139a8150fc3f719ed5fcaf7b0cb6a05bf3f3fb4d445775f7e605f3

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
status: 200
server-name: simba6
cf-request-id: 0647d5e733000006018525d000000001
last-modified: Thu, 17 May 2018 13:09:30 GMT
server: cloudflare
etag: W/"0e15d4ae0edd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w62smDfeuIb8KBZmPA46Zy55wi%2FRkO7NVMoL1I4A%2Fj4du2FNTWGHt4bIR5iV5BGj73ojyKWZdPsP%2FWRymHW39wENbdM6XdKz2ds%2FjUUb%2FV%2B3TzO3VU1gfHxZAx6n0U4X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5eecbf51ef170601-FRA

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
1001 B 45ms
32ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.lottery-win.org
URL: https://www.lottery-win.org/Css/ResponsiveToaster.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.lottery-win.org/Css/ResponsiveToaster.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Nov 2020 03:09:08 GMT
server: ESF
date: Sun, 08 Nov 2020 05:03:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Nov 2020 05:03:24 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secure.lucky4u.ru
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:20:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 150169
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 06 Nov 2021 11:20:35 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 5 KB
6 KB 23ms
20ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secure.lucky4u.ru
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:20:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:19 GMT
server: sffe
age: 150160
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5608
x-xss-protection: 0
expires: Sat, 06 Nov 2021 11:20:44 GMT

OPTIONS
H2 200 /
webapi.thelotter.com/api/v1/lotterycards/ Frame 0
0 87ms
35ms Other 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.thelotter.com/api/v1/lotterycards/
Protocol: H2
Server: 107.154.132.27 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.27.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.secure.lucky4u.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/8.5
access-control-allow-origin: *
access-control-allow-headers: authorization,content-type
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
server-name: simba6
date: Sun, 08 Nov 2020 05:03:24 GMT
content-length: 0
x-cdn: Incapsula
x-iinfo: 4-66556731-66556732 NNNN CT(1 12 0) RT(1604811804204 0) q(0 0 0 0) r(0 0) U6

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 153ms
53ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
content-encoding: br
last-modified: Thu, 05 Nov 2020 10:01:25 GMT
status: 200
etag: "5fa3cd75-175fc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 95740
expires: Sun, 08 Nov 2020 06:03:24 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t24.4;r;s1600*1200*24;uhttps%3A//www.secure.lucky4u.ru/;0.5215800164159841
https://counter.yadro.ru/hit?q;t24.4;r;s1600*1200*24;uhttps%3A//www.secure.lucky4u.ru/;0.5215800164159841

119 B
573 B

58ms
58ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t24.4;r;s1600*1200*24;uhttps%3A//www.secure.lucky4u.ru/;0.5215800164159841

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

f60dc5cb9a8c15bccaa07ab3fb1e82a08d8bf00fe33259b61f1a9a0f4c004451

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Nov 2020 05:03:24 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 119
Expires: Fri, 08 Nov 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 08 Nov 2020 05:03:24 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t24.4;r;s1600*1200*24;uhttps%3A//www.secure.lucky4u.ru/;0.5215800164159841
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 08 Nov 2019 21:00:00 GMT

GET
H2 200 chatra.js Show response
call.chatra.io/ 37 KB
10 KB 36ms
19ms Script
application/x-javascript 2606:4700:10::ac43:de3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://call.chatra.io/chatra.js
Requested by: Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:de3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb42313a311eeb14679401e7f255b5e280c8a7581b157bc7d07d1ec68a00a40

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Oct 2020 10:25:12 GMT
server: cloudflare
age: 1650
etag: W/"9267-175790a2f40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1800
cf-ray: 5eecbf52ddee1f25-FRA
cf-request-id: 0647d5e7ca00001f25a2039000000001

POST
H2 201 / Show response
webapi.thelotter.com/api/v1/lotterycards/ 810 B
856 B 37ms
37ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.thelotter.com/api/v1/lotterycards/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.2.14/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.27 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.27.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3695be950a85266ce9798dd095313454a42a9cf85746da8b5e0e9b1ac2f6c817

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.secure.lucky4u.ru/
Authorization: Basic YW5kcmVzZjphTmRyM3Mh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 08 Nov 2020 05:03:24 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 201
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-66556733-66556732 PNYN RT(1604811804240 0) q(0 0 0 -1) r(0 0) U6
cache-control: no-cache
server-name: simba6
x-cdn: Incapsula
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123032205-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6456
date: Sun, 08 Nov 2020 03:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 08 Nov 2020 05:15:48 GMT

GET
H2 200 /
chat.chatra.io/ Frame BCD2 0
0 18ms
17ms Document
text/html 2606:4700:10::ac43:de3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatra.io/

Requested by

Host: call.chatra.io
URL: https://call.chatra.io/chatra.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:de3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; block-all-mixed-content; frame-src 'none'

Strict-Transport-Security

max-age=31536000

Request headers

:method: GET
:authority: chat.chatra.io
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.secure.lucky4u.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.secure.lucky4u.ru/

Response headers

status: 200
date: Sun, 08 Nov 2020 05:03:24 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d7fc2d178c1a00641e57b5014ba007cc91604811804; expires=Tue, 08-Dec-20 05:03:24 GMT; path=/; domain=.chatra.io; HttpOnly; SameSite=Lax
content-security-policy: default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; block-all-mixed-content; frame-src 'none'
strict-transport-security: max-age=31536000
cache-control: public, max-age=300, s-maxage=300
etag: W/"appV18450.8936.28111"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1668
cf-request-id: 0647d5e7f300001f25d4a3e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5eecbf531e3e1f25-FRA
content-encoding: br

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
413 B 46ms
13ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1416594890&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secure.lucky4u.ru%2F&ul=en-us&de=UTF-8&dt=%D0%A4%D0%BE%D1%80%D1%82%D1%83%D0%BD%D0%B0%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%A1%D0%B0%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D0%BE%D0%B5%20%D0%B2%20%D1%8D%D1%82%D0%BE%D0%B9%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%20%D1%81%20%D0%BD%D0%B0%D0%BC%D0%B8%20%D0%BF%D1%80%D0%BE%D0%B8%D1%81%D1%85%D0%BE%D0%B4%D0%B8%D1%82%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D0%BD%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=135794424&gjid=1785333355&cid=523867563.1604811805&tid=UA-123032205-1&_gid=772126725.1604811805&_r=1&gtm=2ouas1&z=48358302

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Nov 2020 05:03:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.secure.lucky4u.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 14749
www.tl-res.com/api/images/ 8 KB
8 KB 102ms
26ms Image
image/png 95.142.30.132
PUREPEAK-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tl-res.com/api/images/14749

Requested by

Host: www.secure.lucky4u.ru
URL: https://www.secure.lucky4u.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.142.30.132 Amsterdam, Netherlands, ASN20645 (PUREPEAK-ASN, IL),

Reverse DNS

ip-95-142-30-132.purepeak.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

ced108f73fb0082688df66a874ebbb2c9881109870dbe38bcdbfc63090c72d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Sun, 08 Nov 2020 05:03:24 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public, max-age=31536000
Date: Sun, 08 Nov 2020 05:03:23 GMT
Server-Name: simba5
Content-Length: 8137
Expires: Mon, 08 Nov 2021 05:03:24 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/33345663/
Redirect Chain

https://mc.yandex.ru/watch/33345663?wmode=7&page-url=https%3A%2F%2Fwww.secure.lucky4u.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604811797740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216...
https://mc.yandex.ru/watch/33345663/1?wmode=7&page-url=https%3A%2F%2Fwww.secure.lucky4u.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604811797740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2...

186 B
340 B

56ms
56ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/33345663/1?wmode=7&page-url=https%3A%2F%2Fwww.secure.lucky4u.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604811797740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108060324%3Aet%3A1604811805%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A192860614214%3Arqn%3A1%3Arn%3A57919125%3Ahid%3A143586507%3Ads%3A22%2C42%2C50%2C0%2C1%2C0%2C0%2C6743%2C34%2C%2C%2C%2C6860%3Afp%3A6703%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604811805%3Au%3A1604811805515179926%3At%3A%D0%A4%D0%BE%D1%80%D1%82%D1%83%D0%BD%D0%B0%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%A1%D0%B0%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D0%BE%D0%B5%20%D0%B2%20%D1%8D%D1%82%D0%BE%D0%B9%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%20%D1%81%20%D0%BD%D0%B0%D0%BC%D0%B8%20%D0%BF%D1%80%D0%BE%D0%B8%D1%81%D1%85%D0%BE%D0%B4%D0%B8%D1%82%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D0%BD%D0%BE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a4e670bfe03fe784a4435e7f7e66758466b7c08814444bcb8b12ec4e3420a72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Nov 2020 05:03:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 08-Nov-2020 05:03:25 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.secure.lucky4u.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Sun, 08-Nov-2020 05:03:25 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Nov 2020 05:03:24 GMT
last-modified: Sun, 08-Nov-2020 05:03:24 GMT
status: 302
location: /watch/33345663/1?wmode=7&page-url=https%3A%2F%2Fwww.secure.lucky4u.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604811797740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108060324%3Aet%3A1604811805%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A192860614214%3Arqn%3A1%3Arn%3A57919125%3Ahid%3A143586507%3Ads%3A22%2C42%2C50%2C0%2C1%2C0%2C0%2C6743%2C34%2C%2C%2C%2C6860%3Afp%3A6703%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604811805%3Au%3A1604811805515179926%3At%3A%D0%A4%D0%BE%D1%80%D1%82%D1%83%D0%BD%D0%B0%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%A1%D0%B0%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D0%BE%D0%B5%20%D0%B2%20%D1%8D%D1%82%D0%BE%D0%B9%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%20%D1%81%20%D0%BD%D0%B0%D0%BC%D0%B8%20%D0%BF%D1%80%D0%BE%D0%B8%D1%81%D1%85%D0%BE%D0%B4%D0%B8%D1%82%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D0%BD%D0%BE
access-control-allow-origin: https://www.secure.lucky4u.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 08-Nov-2020 05:03:24 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 52ms
52ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.secure.lucky4u.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 05:03:24 GMT
last-modified: Fri, 06 Nov 2020 15:42:20 GMT
status: 200
etag: "5f9c117e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 08 Nov 2020 06:03:24 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lucky4u.ru/	1970-01-19 13:46:51	Name: _gat_gtag_UA_123032205_1 Value: 1
.lucky4u.ru/	1970-01-19 22:32:27	Name: _ym_d Value: 1604811805
.lucky4u.ru/	1970-01-19 22:32:27	Name: _ym_uid Value: 1604811805515179926
.lucky4u.ru/	1970-01-19 13:48:18	Name: _gid Value: GA1.2.772126725.1604811805
.lucky4u.ru/	1970-01-20 07:18:03	Name: _ga Value: GA1.2.523867563.1604811805
.lucky4u.ru/	1970-01-19 22:32:27	Name: __ddg1 Value: YEgavRSH9Vs3cqbpqJZZ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.lottery-win.org/Scripts/TheLotter/App.js(Line 4) Message: https://www.onlinebooths.net/ru/loto-onlain/super-rozigrish-evromillionov/?player=0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
call.chatra.io
chat.chatra.io
code.jquery.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
fortunablog.ru
mc.yandex.ru
webapi.thelotter.com
www.google-analytics.com
www.googletagmanager.com
www.lottery-win.org
www.secure.lucky4u.ru
www.thelotter-affiliates.com
www.tl-res.com
107.154.132.27
185.178.208.167
2001:4de0:ac19::1:b:3b
2606:4700:10::ac43:de3
2606:4700:3032::681b:b6f2
2606:4700:3034::ac43:d4ad
2a00:1450:4001:806::200a
2a00:1450:4001:814::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::200a
2a02:6b8::1:119
88.212.201.204
95.142.30.132
95.142.30.138
06196888fca0d8ba3ad02629d388c2da938011f0f2c539fce8c843b9ee8c0820
06bb0e095ea69c36d1de29ff26b3daf99afb94d3b704a30e7d7aa6636ee15b6b
086d417a0b0daa230ceb0e99f6b2c9dd81088fe6d3c7d250e2a88470402c615b
0fb42313a311eeb14679401e7f255b5e280c8a7581b157bc7d07d1ec68a00a40
130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa
13ce7d8a337f83173a2ae44f30a70e5140b634746f3f10db2d352912d6784fb5
16a99e26f882fc7c089346ce18d40e2b698907704a366c6f15c47c5312a4a879
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141
20bbee8d920f8affb51d68d64e44eab60ab24d0e3b9e826d0f1b732f7dc7ac39
24a974ca13e998007f7aa0e7490861c32b2e34d355358ad35502bbc84a536e19
285cef4e24139a8150fc3f719ed5fcaf7b0cb6a05bf3f3fb4d445775f7e605f3
3692865cdf538647a7e331e5d58e1d7379ad86cc1f8468bb53547f084a2db200
3695be950a85266ce9798dd095313454a42a9cf85746da8b5e0e9b1ac2f6c817
44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9
489c47c74f80091e691d4ed98c5bb0df6e5b28bd556e8ead03ac7ef6c3e5c59c
5105afc72520603d3f2e9147fffc6a3869afa2c8bfcd52529b3d7a5b94f4724c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55530a3893a0e530a44e3e073d3c255b5745b460138e00fc2e43fcaf160e4ded
69d28e8eaa4c6186b74cdcf9fb66ba4fc3334471466108d73af98e4bcd1eeafd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70a22b30d8d0d685986b0fba00ac003f8b20a611ed1e7e0b4342378d3dc8c802
73a2774d049cd352b26f6b605d2a0ea7e5322c2c985b2f3a288136b6ded2545a
741797e27872cf62fbdfe666b359a4b1d0ee505a80e767f3ea5fbf36626b88bb
7751a0d770c9dfad3b2b6cc2a693e4d27a77b4959f1b96a69fca9355f640b962
896ef0f23e48a5a0680fa7d8a7901b024790208f91fca74cc7c417b95213d4f4
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9aa0eef4c7e71f98dfc22f3fbf77dc996ee84cec7684b08db95f0cbbbc429e76
9cfd9c56647a62263d1a394a53118db3d1a456ad953736a560c7307366d916f3
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
a4e670bfe03fe784a4435e7f7e66758466b7c08814444bcb8b12ec4e3420a72b
a9e5fcf55f4e784bdca630e97f7d608b689a947d870854f68ceefdfe5e7ab464
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b2d79874756244d3eda0a69dbd2c0b67b97d40d5d30ea7d1899b480a931cde1d
b6618579228ae5737b910feffaf6992a36080bf72f2381261f357f8eafe4daa5
bc73d188090ccf54462917db72c1cc11fc803e1ef26b1ef397d542690bed3fdf
ced108f73fb0082688df66a874ebbb2c9881109870dbe38bcdbfc63090c72d98
d4248294ebc601f6750696b19b378aba1d302fb3fdcbc0a4130b202b47e52f10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
f1fdebed7d24c3d1c37da8c2ea367afc8be22b7b2ae13aff3faa4d374390c082
f293596507ca2a840b70b2f210fb94b5510b8edd15d6ee1a04b5a1e9f6a49a83
f313e1872003c5c382e55ef9df6b92f5cf07a329756dbbbd0f96a33e4aa72203
f60dc5cb9a8c15bccaa07ab3fb1e82a08d8bf00fe33259b61f1a9a0f4c004451

www.secure.lucky4u.ru Open in urlscan Pro 185.178.208.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

69 %IPv6

15 Domains

17 Subdomains

16 IPs

4 Countries

1034 kBTransfer

1891 kBSize

6 Cookies

50 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.secure.lucky4u.ru Open in urlscan Pro
185.178.208.167 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

69 %
IPv6

15
Domains

17
Subdomains

16
IPs

4
Countries

1034 kB
Transfer

1891 kB
Size

6
Cookies

58 HTTP transactions
0 data transactions