www.18luckportal.biz Open in urlscan Pro
2600:9000:2043:4200:b:205a:bc80:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://losugh.com/
Effective URL:
https://www.18luckportal.biz/?affi=2118
Submission: On October 31 via api (October 31st 2018, 11:27:09 am UTC) from DE

Summary HTTP 26 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 12 domains to perform 26 HTTP transactions. The main IP is 2600:9000:2043:4200:b:205a:bc80:93a1, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.18luckportal.biz.
TLS certificate: Issued by Amazon on March 30th 2018. Valid for: a year.

This is the only time www.18luckportal.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	157.52.161.251 157.52.161.251	46573 (GLOBAL-FR...) (GLOBAL-FRAG-NETWORKS - Global Frag Networks)
1	119.146.74.31 119.146.74.31	58543 (CHINATELE...) (CHINATELECOM-GUANGDONG-IDC Guangdong)
2	103.235.46.191 103.235.46.191	55967 (CNNIC-BAI...) (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co.)
2	103.197.70.30 103.197.70.30	134705 (ITACE-AS-...) (ITACE-AS-AP Itace International Limited)
1 1	2606:4700:30:... 2606:4700:30::681b:9f62	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2600:9000:204... 2600:9000:2043:4200:b:205a:bc80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
4	195.27.31.225 195.27.31.225	1273 (CW Vodafo...) (CW Vodafone Group PLC)
2 3	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.222.161.19 52.222.161.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
26	11

7 157.52.161.251 (Los Angeles, United States) 1 redirects

ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US)

losugh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.146.74.31 (Guangzhou, China)

ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN)

zz.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Central District, Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.197.70.30 (Hong Kong)

ASN134705 (ITACE-AS-AP Itace International Limited, HK)

www.yibet888.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:9f62 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

18uk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2043:4200:b:205a:bc80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.18luckportal.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.27.31.225 (Frankfurt Am Main, Germany)

ASN1273 (CW Vodafone Group PLC, GB)

img.xletcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200e (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.161.19 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-161-19.fra54.r.cloudfront.net

www.18lckiii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	losugh.com 1 redirects losugh.com	21 KB
4	xletcdn.com img.xletcdn.com	255 KB
4	18luckportal.biz www.18luckportal.biz	39 KB
3	google-analytics.com 2 redirects www.google-analytics.com	17 KB
2	doubleclick.net stats.g.doubleclick.net	204 B
2	yibet888.com www.yibet888.com	855 B
2	baidu.com hm.baidu.com sp0.baidu.com Failed	10 KB
1	18lckiii.com www.18lckiii.com	606 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	18uk.net 1 redirects 18uk.net	387 B
1	bdstatic.com zz.bdstatic.com	489 B
0	xmkxx.com Failed cdn.xmkxx.com Failed
26	12

	Domain	Requested by
7	losugh.com	1 redirects losugh.com
4	img.xletcdn.com	www.18luckportal.biz
4	www.18luckportal.biz	www.yibet888.com www.18luckportal.biz
3	www.google-analytics.com	2 redirects www.googletagmanager.com
2	stats.g.doubleclick.net	www.18luckportal.biz
2	www.yibet888.com	losugh.com
2	hm.baidu.com	losugh.com
1	www.18lckiii.com	www.18luckportal.biz
1	www.googletagmanager.com	www.18luckportal.biz
1	18uk.net	1 redirects
1	zz.bdstatic.com	losugh.com
0	cdn.xmkxx.com Failed	www.18luckportal.biz
0	sp0.baidu.com Failed	losugh.com
26	13

This site contains links to these domains. Also see Links.

Domain
www.xl18.org
www.18luck18.cc
www.18luck18.biz
www.xl18luck.co
www.xl18luck.club
www.xinli18app.net
www.xinli18sport.com
www.18tiger.net

Subject Issuer	Validity	Valid
losugh.com Let's Encrypt Authority X3	`2018-10-29` - `2019-01-27`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2018-04-03` - `2019-05-26`	a year	crt.sh
yibet888.com TrustAsia TLS RSA CA	`2018-10-20` - `2019-10-20`	a year	crt.sh
*.18luckportal.biz Amazon	`2018-03-30` - `2019-04-30`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
img.xletcdn.com Encryption Everywhere DV TLS CA - G1	`2018-09-17` - `2019-09-17`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-10-09` - `2019-01-01`	3 months	crt.sh
www.18lckiii.com Amazon	`2017-12-18` - `2019-01-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.18luckportal.biz/?affi=2118
Frame ID: BD5D8328137EF4EE4B1395122647FA42
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://losugh.com/ HTTP 301
https://losugh.com/ Page URL
https://www.yibet888.com/to/18luck.html Page URL
http://18uk.net/ HTTP 301
https://www.18luckportal.biz/?affi=2118 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

26
Requests

92 %
HTTPS

45 %
IPv6

12
Domains

13
Subdomains

11
IPs

5
Countries

374 kB
Transfer

548 kB
Size

3
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.xl18.org/?affi=2118

Search URL Search Domain Scan URL

URL: http://www.18luck18.cc/?affi=2118
Title: 备用 01

Search URL Search Domain Scan URL

URL: http://www.18luck18.biz/?affi=2118
Title: 备用 02

Search URL Search Domain Scan URL

URL: http://www.xl18luck.co/?affi=2118
Title: 备用 03

Search URL Search Domain Scan URL

URL: http://www.xl18luck.club/?affi=2118
Title: 备用 04

Search URL Search Domain Scan URL

URL: https://www.xinli18app.net/
Title: 全站手机客户端

Search URL Search Domain Scan URL

URL: https://www.xinli18sport.com/
Title: 体育手机客户端

Search URL Search Domain Scan URL

URL: https://www.18tiger.net/
Title: 老虎城官网网址

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://losugh.com/ HTTP 301
https://losugh.com/ Page URL
https://www.yibet888.com/to/18luck.html Page URL
http://18uk.net/ HTTP 301
https://www.18luckportal.biz/?affi=2118 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://losugh.com/ HTTP 301
https://losugh.com/

Request Chain 20

https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1207174171&t=pageview&_s=1&dl=https%3A%2F%2Fwww.18luckportal.biz%2F%3Faffi%3D2118&ul=en-us&de=UTF-8&dt=%E6%96%B0%E5%88%A918luck%20%E5%9C%A8%E7%BA%BF%E5%A8%B1%E4%B9%90%E7%BD%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=995386267&gjid=1978794437&cid=248507392.1540985218&tid=UA-76828495-4&_gid=1471179567.1540985218&_r=1&gtm=2ouam0&z=1086737881 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-4&cid=248507392.1540985218&jid=995386267&_gid=1471179567.1540985218&gjid=1978794437&_v=j71&z=1086737881

Request Chain 24

https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1207174171&t=event&_s=2&dl=https%3A%2F%2Fwww.18luckportal.biz%2F%3Faffi%3D2118&ul=en-us&de=UTF-8&dt=%E6%96%B0%E5%88%A918luck%20%E5%9C%A8%E7%BA%BF%E5%A8%B1%E4%B9%90%E7%BD%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E7%8D%B2%E5%8F%96%20API&ea=%E7%B3%BB%E7%B5%B1%E4%BA%8B%E4%BB%B6&el=%E9%8C%AF%E8%AA%A4%3A%20%5B0%5D%20undefined&_u=KEBAAUAB~&jid=505386291&gjid=662470986&cid=248507392.1540985218&tid=UA-76828495-4&_gid=1471179567.1540985218&_r=1&gtm=2ouam0&z=399742365 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-4&cid=248507392.1540985218&jid=505386291&_gid=1471179567.1540985218&gjid=662470986&_v=j71&z=399742365

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
losugh.com/
Redirect Chain

http://losugh.com/
https://losugh.com/

12 KB
5 KB

1540ms
308ms

Document
text/html

157.52.161.251
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://losugh.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.52.161.251 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx / PHP/5.5.38
Resource Hash: 5350ba56a51ecaddd508aadcc2c5aae032934ef453a925778ce311fa36fb2091

Request headers

:method: GET
:authority: losugh.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: nginx
date: Wed, 31 Oct 2018 11:26:38 GMT
content-type: text/html
vary: Accept-Encoding
x-powered-by: PHP/5.5.38
content-encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 31 Oct 2018 11:26:37 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://losugh.com/

GET
H2 200 base.css
losugh.com/templets/default/css/ 5 KB
2 KB 155ms
154ms Stylesheet
text/css 157.52.161.251
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://losugh.com/templets/default/css/base.css
Requested by: Host: losugh.com
URL: https://losugh.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.52.161.251 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e085084d65ec74ba11ae93b059ed23e6166ecaa944d4aa4164e75baed69939b

Request headers

:path: /templets/default/css/base.css
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: losugh.com
referer: https://losugh.com/
:scheme: https
:method: GET
Referer: https://losugh.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 11:26:38 GMT
content-encoding: gzip
last-modified: Mon, 03 Sep 2018 16:50:26 GMT
server: nginx
etag: W/"5b8d6652-138f"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=43200
expires: Wed, 31 Oct 2018 23:26:38 GMT

GET
H2 200 index.css
losugh.com/templets/default/css/ 8 KB
2 KB 156ms
155ms Stylesheet
text/css 157.52.161.251
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://losugh.com/templets/default/css/index.css
Requested by: Host: losugh.com
URL: https://losugh.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.52.161.251 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx /
Resource Hash: be2ff4f2cee3ff4dd7373252c1ee4712ceefc5ad4cb12e38139974c86885c0b3

Request headers

:path: /templets/default/css/index.css
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: losugh.com
referer: https://losugh.com/
:scheme: https
:method: GET
Referer: https://losugh.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 11:26:38 GMT
content-encoding: gzip
last-modified: Mon, 03 Sep 2018 16:50:36 GMT
server: nginx
etag: W/"5b8d665c-1f0d"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=43200
expires: Wed, 31 Oct 2018 23:26:38 GMT

GET
H2 200 m.css
losugh.com/templets/default/css/ 3 KB
964 B 156ms
156ms Stylesheet
text/css 157.52.161.251
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://losugh.com/templets/default/css/m.css
Requested by: Host: losugh.com
URL: https://losugh.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.52.161.251 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx /
Resource Hash: e59c54f784792628ea67d8a4a8f08d0966b23fa3404a1e075e4b26131be7d5b2

Request headers

:path: /templets/default/css/m.css
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: losugh.com
referer: https://losugh.com/
:scheme: https
:method: GET
Referer: https://losugh.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 11:26:38 GMT
content-encoding: gzip
last-modified: Mon, 03 Sep 2018 16:50:40 GMT
server: nginx
etag: W/"5b8d6660-a20"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=43200
expires: Wed, 31 Oct 2018 23:26:38 GMT

GET
H2 200 js.js Show response
losugh.com/ 809 B
990 B 157ms
156ms Script
application/javascript 157.52.161.251
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://losugh.com/js.js
Requested by: Host: losugh.com
URL: https://losugh.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.52.161.251 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx /
Resource Hash: da1cc9180275b62d5399fe0e863af7df91ca71bd07d8fcc3d62a0d84451a1dd7

Request headers

:path: /js.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: losugh.com
referer: https://losugh.com/
:scheme: https
:method: GET
Referer: https://losugh.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 11:26:38 GMT
last-modified: Mon, 29 Oct 2018 08:37:22 GMT
server: nginx
etag: "5bd6c6c2-329"
content-type: application/javascript
status: 200
cache-control: max-age=43200
accept-ranges: bytes
content-length: 809
expires: Wed, 31 Oct 2018 23:26:38 GMT

GET
H2 200 4b83000f48d15e239877c71934ec2f69.jpg
losugh.com/templets/default/images/ 10 KB
10 KB 308ms
308ms Image
image/jpeg 157.52.161.251
Global Frag Networks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://losugh.com/templets/default/images/4b83000f48d15e239877c71934ec2f69.jpg
Requested by: Host: losugh.com
URL: https://losugh.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.52.161.251 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx /
Resource Hash: dc44ac5a5aee1d2335cd34ecb3f416553181edf2eb8774d2f7fbe96c0610d0da

Request headers

:path: /templets/default/images/4b83000f48d15e239877c71934ec2f69.jpg
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: losugh.com
referer: https://losugh.com/
:scheme: https
:method: GET
Referer: https://losugh.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 11:26:38 GMT
last-modified: Mon, 03 Sep 2018 18:02:12 GMT
server: nginx
etag: "5b8d7724-28c2"
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10434
expires: Fri, 30 Nov 2018 11:26:38 GMT

GET
S 200 push.js Show response
zz.bdstatic.com/linksubmit/ 308 B
489 B 1324ms
311ms Script
application/javascript 119.146.74.31
CHINATELECOM-GUAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.bdstatic.com/linksubmit/push.js
Requested by: Host: losugh.com
URL: https://losugh.com/js.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.146.74.31 Guangzhou, China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

Referer: https://losugh.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 11:26:55 GMT
content-encoding: gzip
ohc-response-time: 1 0 0 0 0 0
last-modified: Thu, 30 Aug 2018 07:24:35 GMT
server: JSP3/2.0.14
age: 14
etag: "5b5d7f-134-574a1f78812c0"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 254

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 24 KB
9 KB 715ms
308ms Script
application/javascript 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?82d0335ca7a0261415193c7447cf7589

Requested by

Host: losugh.com
URL: https://losugh.com/js.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

d3325da0db7c5113bf2ae3e263236364f6fcb50782911f7925fb0ca73c5a9329

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://losugh.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 31 Oct 2018 11:26:55 GMT
Content-Encoding: gzip
Server: apache
Etag: 8a7cbd91a1da7aeda3c87177dab69150
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 9158

GET
H/1.1 200
OK 18luck.js
www.yibet888.com/js/to/ 104 B
347 B 1475ms
463ms Script
application/javascript 103.197.70.30
ITACE-AS-AP Itace...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yibet888.com/js/to/18luck.js
Requested by: Host: losugh.com
URL: https://losugh.com/js.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.197.70.30 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://losugh.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 31 Oct 2018 11:24:57 GMT
Last-Modified: Thu, 25 Oct 2018 02:02:22 GMT
Server: nginx
ETag: "5bd1242e-68"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
499 B 288ms
287ms Image
image/gif 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1645423587&si=82d0335ca7a0261415193c7447cf7589&v=1.2.34&lv=1&ct=!!&tt=18luck%E8%8F%B2%E5%BE%8B%E5%AE%BE-18luck%E5%AE%98%E7%BD%91-18luck%E6%80%8E%E4%B9%88%E6%A0%B7&sn=60761

Requested by

Host: losugh.com
URL: https://losugh.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://losugh.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Oct 2018 11:26:55 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43

GET s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 0
0

GET
H/1.1 200
OK 18luck.html
www.yibet888.com/to/ 277 B
508 B 215ms
215ms Document
text/html 103.197.70.30
ITACE-AS-AP Itace...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yibet888.com/to/18luck.html
Requested by: Host: losugh.com
URL: https://losugh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.197.70.30 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: www.yibet888.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://losugh.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://losugh.com/

Response headers

Server: nginx
Date: Wed, 31 Oct 2018 11:24:58 GMT
Content-Type: text/html
Content-Length: 277
Last-Modified: Tue, 21 Nov 2017 03:37:50 GMT
Connection: keep-alive
ETag: "5a139f8e-115"
Accept-Ranges: bytes

GET
H2

200

Primary Request / Show response
www.18luckportal.biz/
Redirect Chain

http://18uk.net/
https://www.18luckportal.biz/?affi=2118

3 KB
1 KB

409ms
314ms

Document
text/html

2600:9000:2043:4200:b:205a:bc80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.18luckportal.biz/?affi=2118
Requested by: Host: www.yibet888.com
URL: https://www.yibet888.com/to/18luck.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:4200:b:205a:bc80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65c1940268736e15e4103552c16e28b9f121be657acbbc326dde60b7fd54d746

Request headers

:method: GET
:authority: www.18luckportal.biz
:scheme: https
:path: /?affi=2118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
date: Sun, 21 Oct 2018 11:54:37 GMT
cache-control: no-cache
last-modified: Mon, 01 Oct 2018 03:57:27 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 b541956a3e11a8d6bd72d74e925ca434.cloudfront.net (CloudFront)
x-amz-cf-id: j85x9eGbAZ4Ve1kK6UCEWGYYhVB03r2xRvrzI8P7bVDFJfeDlP_0qg==

Redirect headers

Date: Wed, 31 Oct 2018 11:26:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d0cbf3a80048cfa98e016546090db3e301540985216; expires=Thu, 31-Oct-19 11:26:56 GMT; path=/; domain=.18uk.net; HttpOnly
Location: https://www.18luckportal.biz?affi=2118
Server: cloudflare
CF-RAY: 4725c502b2ea9700-FRA

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
30 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:816::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-76828495-4

Requested by

Host: www.18luckportal.biz
URL: https://www.18luckportal.biz/?affi=2118

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

2dcb1be4f700ae7fcee8b8901da0390b0f00315dda9571163d94b36784a46d53

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.18luckportal.biz/?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 11:26:57 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 30180
x-xss-protection: 1; mode=block
expires: Wed, 31 Oct 2018 11:26:57 GMT

GET
H2 200 main.css
www.18luckportal.biz/styles/ 2 KB
1 KB 291ms
291ms Stylesheet
text/css 2600:9000:2043:4200:b:205a:bc80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.18luckportal.biz/styles/main.css
Requested by: Host: www.18luckportal.biz
URL: https://www.18luckportal.biz/?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:4200:b:205a:bc80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 114e3ceda3d1d1df23281bbe7ebba741ec11aee498a3d8070aac7c75300d9e6e

Request headers

:path: /styles/main.css
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.18luckportal.biz
referer: https://www.18luckportal.biz/?affi=2118
:scheme: https
:method: GET
Referer: https://www.18luckportal.biz/?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 01 Oct 2018 04:05:07 GMT
content-encoding: gzip
last-modified: Mon, 01 Oct 2018 03:57:29 GMT
server: AmazonS3
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css; charset=utf-8
status: 200
cache-control: no-cache
x-amz-cf-id: 9nd_0KkVkwvqOJS6WF0DEw0KRKo1LitZdH21vauJkPyEr9TCUTkb1Q==
via: 1.1 b541956a3e11a8d6bd72d74e925ca434.cloudfront.net (CloudFront)

GET
S 200 img_qr_platform_app.png
img.xletcdn.com/ 27 KB
28 KB 867ms
166ms Image
image/png 195.27.31.225
CW Vodafone Group...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.xletcdn.com/img_qr_platform_app.png
Requested by: Host: www.18luckportal.biz
URL: https://www.18luckportal.biz/?affi=2118
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.27.31.225 Frankfurt Am Main, Germany, ASN1273 (CW Vodafone Group PLC, GB),
Reverse DNS
Software: Tengine /
Resource Hash: d52c76d752150aa48261394cb8f1d588b1b9506cd6b90301aaaa3ed123132675

Request headers

Referer: https://www.18luckportal.biz/?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Oct 2018 16:31:41 GMT
via: cache31.l2sg52[0,200-0,H], cache5.l2sg52[282,0], cache4.de1[0,200-0,H], cache2.de1[146,0]
x-oss-request-id: 5BBB866D0E4917A9A38666C0
content-md5: NJxx4HZU52qkGjzCwqULCQ==
age: 1968917
x-cache: HIT TCP_HIT dirn:2:221702292
status: 200
x-oss-hash-crc64ecma: 7867295944966099730
x-swift-cachetime: 2592000
x-swift-savetime: Tue, 30 Oct 2018 02:17:12 GMT
content-length: 28105
x-oss-object-type: Normal
last-modified: Thu, 27 Sep 2018 05:12:57 GMT
server: Tengine
etag: "349C71E07654E76AA41A3CC2C2A50B09"
ali-swift-global-savetime: 1540865832
content-type: image/png
cache-control: no-cache
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
eagleid: c31b1fca15409852181658991e
x-oss-server-time: 44

GET
S 200 img_qr_sport_app.png
img.xletcdn.com/ 33 KB
33 KB 987ms
289ms Image
image/png 195.27.31.225
CW Vodafone Group...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.xletcdn.com/img_qr_sport_app.png
Requested by: Host: www.18luckportal.biz
URL: https://www.18luckportal.biz/?affi=2118
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.27.31.225 Frankfurt Am Main, Germany, ASN1273 (CW Vodafone Group PLC, GB),
Reverse DNS
Software: Tengine /
Resource Hash: b0b54d74f1d6d39db223176afdaed39198cd8f6da476df7c80ac1ad28ac42312

Request headers

Referer: https://www.18luckportal.biz/?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 27 Sep 2018 10:31:31 GMT
via: cache12.l2hk71[0,200-0,H], cache16.l2hk71[1,0], cache12.de1[0,200-0,H], cache2.de1[261,0]
x-oss-request-id: 5BACB182F71FE347E03FD40F
content-md5: SL0TkMfPYfHM28MpNhrfLw==
age: 2940927
x-cache: HIT TCP_HIT dirn:1:781049770
status: 200
x-oss-hash-crc64ecma: 5106281543149131578
x-swift-cachetime: 2592000
x-swift-savetime: Fri, 26 Oct 2018 15:00:53 GMT
content-length: 33411
x-oss-object-type: Normal
last-modified: Thu, 27 Sep 2018 05:12:58 GMT
server: Tengine
etag: "48BD1390C7CF61F1CCDBC329361ADF2F"
ali-swift-global-savetime: 1540566053
content-type: image/png
cache-control: no-cache
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
eagleid: c31b1fca15409852181748998e
x-oss-server-time: 18

GET
S 200 img_logo_tiger.png
img.xletcdn.com/portal/ 2 KB
2 KB 870ms
172ms Image
image/png 195.27.31.225
CW Vodafone Group...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.xletcdn.com/portal/img_logo_tiger.png
Requested by: Host: www.18luckportal.biz
URL: https://www.18luckportal.biz/?affi=2118
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.27.31.225 Frankfurt Am Main, Germany, ASN1273 (CW Vodafone Group PLC, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 6130ee4c3281bd79aabe6aa1a9f95aefcd8246e10cb33bebe6c3edeeb1f6816b

Request headers

Referer: https://www.18luckportal.biz/?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Oct 2018 09:34:10 GMT
via: cache8.l2sg52[0,200-0,H], cache36.l2sg52[295,0], cache11.de1[0,200-0,H], cache2.de1[138,0]
x-oss-request-id: 5BBB24923D174B1B57E53C0C
content-md5: T9V/sqi1V0Q0xDdkaBrBew==
age: 1993968
x-cache: HIT TCP_HIT dirn:4:658178071
status: 200
x-oss-hash-crc64ecma: 7524444823178252789
x-swift-cachetime: 2592000
x-swift-savetime: Wed, 17 Oct 2018 15:17:05 GMT
content-length: 2141
x-oss-object-type: Normal
last-modified: Wed, 26 Sep 2018 09:46:14 GMT
server: Tengine
etag: "4FD57FB2A8B5574434C43764681AC17B"
ali-swift-global-savetime: 1539789425
content-type: image/png
cache-control: no-cache
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
eagleid: c31b1fca15409852181748996e
x-oss-server-time: 35

GET
H2 200 jquery-1.10.2.min.js Show response
www.18luckportal.biz/scripts/ 98 KB
34 KB 11ms
11ms Script
application/javascript 2600:9000:2043:4200:b:205a:bc80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.18luckportal.biz/scripts/jquery-1.10.2.min.js
Requested by: Host: www.18luckportal.biz
URL: https://www.18luckportal.biz/?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:4200:b:205a:bc80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 534432edfc886e84541a168efe3ddc0e43c2f691424b7f6bf489502f37ec2b4b

Request headers

:path: /scripts/jquery-1.10.2.min.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.18luckportal.biz
referer: https://www.18luckportal.biz/?affi=2118
:scheme: https
:method: GET
Referer: https://www.18luckportal.biz/?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 01 Oct 2018 04:05:07 GMT
content-encoding: gzip
last-modified: Thu, 30 Aug 2018 10:50:47 GMT
server: AmazonS3
age: 23081
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: DRXcuk_SvGB9tqwVPKLbUyhEmBLyu7T6lT57NuojsuzMXCcOF0JDiA==
via: 1.1 b541956a3e11a8d6bd72d74e925ca434.cloudfront.net (CloudFront)

GET
H2 200 main.min.js Show response
www.18luckportal.biz/scripts/ 4 KB
2 KB 293ms
293ms Script
application/javascript 2600:9000:2043:4200:b:205a:bc80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.18luckportal.biz/scripts/main.min.js
Requested by: Host: www.18luckportal.biz
URL: https://www.18luckportal.biz/?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:4200:b:205a:bc80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8a9f2c46754af7a0bd2d903a771f94c3f7e76c1853803da933a5a0f934a3484

Request headers

:path: /scripts/main.min.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.18luckportal.biz
referer: https://www.18luckportal.biz/?affi=2118
:scheme: https
:method: GET
Referer: https://www.18luckportal.biz/?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 01 Oct 2018 04:05:07 GMT
content-encoding: gzip
last-modified: Mon, 01 Oct 2018 03:57:28 GMT
server: AmazonS3
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
x-amz-cf-id: CPiAd0Y0cEt7fQKzTv49Ao3CSqPro1gxtN7BllGLHgveZMmnc_4uGQ==
via: 1.1 b541956a3e11a8d6bd72d74e925ca434.cloudfront.net (CloudFront)

GET
S 200 analytics.js Show response
www.google-analytics.com/ 42 KB
17 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76828495-4

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.18luckportal.biz/?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Oct 2018 19:41:26 GMT
server: Golfe2
age: 3875
date: Wed, 31 Oct 2018 10:22:22 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17301
expires: Wed, 31 Oct 2018 12:22:22 GMT

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1207174171&t=pageview&_s=1&dl=https%3A%2F%2Fwww.18luckportal.biz%2F%3Faffi%3D2118&ul=en-us&de=UTF-8&dt=%E6%96%B0%E5%88%A918luck%20%E5%9C%A8%E...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-4&cid=248507392.1540985218&jid=995386267&_gid=1471179567.1540985218&gjid=1978794437&_v=j71&z=1086737881

35 B
102 B

19ms
19ms

Image
image/gif

2a00:1450:400c:c0c::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-4&cid=248507392.1540985218&jid=995386267&_gid=1471179567.1540985218&gjid=1978794437&_v=j71&z=1086737881

Requested by

Host: www.18luckportal.biz
URL: https://www.18luckportal.biz/?affi=2118

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c0c::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.18luckportal.biz/?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Oct 2018 11:26:57 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Oct 2018 11:26:57 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-4&cid=248507392.1540985218&jid=995386267&_gid=1471179567.1540985218&gjid=1978794437&_v=j71&z=1086737881
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 bg_desktop.png
img.xletcdn.com/portal/ 191 KB
191 KB 439ms
182ms Image
image/png 195.27.31.225
CW Vodafone Group...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.xletcdn.com/portal/bg_desktop.png
Requested by: Host: www.18luckportal.biz
URL: https://www.18luckportal.biz/scripts/jquery-1.10.2.min.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.27.31.225 Frankfurt Am Main, Germany, ASN1273 (CW Vodafone Group PLC, GB),
Reverse DNS
Software: Tengine /
Resource Hash: e7bacf5d15af2a56ff42847d78527f5125e47d441fb92621f518bca84e26ad68

Request headers

Referer: https://www.18luckportal.biz/styles/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 11 Oct 2018 04:54:58 GMT
via: cache29.l2sg52[0,200-0,H], cache8.l2sg52[180,0], cache1.de1[0,200-0,H], cache2.de1[139,0]
x-oss-request-id: 5BBED7A22432E3C75B5F1C92
content-md5: jq3TwG6jZUTDzeO0YJir6g==
age: 1751520
x-cache: HIT TCP_HIT dirn:6:79595242
status: 200
x-oss-hash-crc64ecma: 291727796865221905
x-swift-cachetime: 2592000
x-swift-savetime: Tue, 30 Oct 2018 02:17:12 GMT
content-length: 195563
x-oss-object-type: Normal
last-modified: Thu, 11 Oct 2018 03:55:47 GMT
server: Tengine
etag: "8EADD3C06EA36544C3CDE3B46098ABEA"
ali-swift-global-savetime: 1540865832
content-type: image/png
cache-control: no-cache
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
eagleid: c31b1fca15409852181748997e
x-oss-server-time: 18

POST
S 200 register-ip Show response
www.18lckiii.com/v1/users/self/ 37 B
606 B 1151ms
1032ms XHR
application/json 52.222.161.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.18lckiii.com/v1/users/self/register-ip?affiliateId=2118
Requested by: Host: www.18luckportal.biz
URL: https://www.18luckportal.biz/scripts/jquery-1.10.2.min.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.161.19 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-161-19.fra54.r.cloudfront.net
Software: / ASP.NET
Resource Hash: 2aa3c9127f947ff8f3df3ed3c297fba4bbba55d7c2a57eef8b63dd5c243b5c75

Request headers

Accept: */*
Referer: https://www.18luckportal.biz/?affi=2118
Origin: https://www.18luckportal.biz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 11:26:58 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 37
x-amzn-remapped-date: Wed, 31 Oct 2018 11:27:00 GMT
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
status: 200
x-amz-apigw-id: PoOsbHLNIE0FQaQ=
content-length: 51
x-amz-cf-id: uIJt_enY408VwiazHC7vao_EMm8Ht9w6PN7TGjWCeXFGCXCbDsHMKQ==
request-context: appId=cid-v1:1e87de04-9284-4724-937e-4b25b5a0299c
pragma: no-cache
x-amzn-requestid: e12a58e1-dcff-11e8-8ab1-67cca4de5d47
content-type: application/json; charset=utf-8
via: 1.1 1463b274b31e0310acc7c754b8b5a550.cloudfront.net (CloudFront)
cache-control: no-cache
x-amzn-remapped-server: Microsoft-IIS/8.5
expires: -1

GET env.json
cdn.xmkxx.com/ 0
0

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1207174171&t=event&_s=2&dl=https%3A%2F%2Fwww.18luckportal.biz%2F%3Faffi%3D2118&ul=en-us&de=UTF-8&dt=%E6%96%B0%E5%88%A918luck%20%E5%9C%A8%E7%B...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-4&cid=248507392.1540985218&jid=505386291&_gid=1471179567.1540985218&gjid=662470986&_v=j71&z=399742365

35 B
102 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-4&cid=248507392.1540985218&jid=505386291&_gid=1471179567.1540985218&gjid=662470986&_v=j71&z=399742365

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c0c::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.18luckportal.biz/?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Oct 2018 11:27:02 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Oct 2018 11:27:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-4&cid=248507392.1540985218&jid=505386291&_gid=1471179567.1540985218&gjid=662470986&_v=j71&z=399742365
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 416
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sp0.baidu.com
URL: https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://losugh.com/

Domain: cdn.xmkxx.com
URL: https://cdn.xmkxx.com/env.json

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.18luckportal.biz/	1970-01-18 20:03:05	Name: _gat_gtag_UA_76828495_4 Value: 1
.18luckportal.biz/	1970-01-18 20:04:31	Name: _gid Value: GA1.2.1471179567.1540985218
.18luckportal.biz/	1970-01-19 13:34:17	Name: _ga Value: GA1.2.248507392.1540985218

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18uk.net
cdn.xmkxx.com
hm.baidu.com
img.xletcdn.com
losugh.com
sp0.baidu.com
stats.g.doubleclick.net
www.18lckiii.com
www.18luckportal.biz
www.google-analytics.com
www.googletagmanager.com
www.yibet888.com
zz.bdstatic.com
cdn.xmkxx.com
sp0.baidu.com
103.197.70.30
103.235.46.191
119.146.74.31
157.52.161.251
195.27.31.225
2600:9000:2043:4200:b:205a:bc80:93a1
2606:4700:30::681b:9f62
2a00:1450:4001:816::2008
2a00:1450:4001:816::200e
2a00:1450:400c:c0c::9c
52.222.161.19
114e3ceda3d1d1df23281bbe7ebba741ec11aee498a3d8070aac7c75300d9e6e
1e085084d65ec74ba11ae93b059ed23e6166ecaa944d4aa4164e75baed69939b
2aa3c9127f947ff8f3df3ed3c297fba4bbba55d7c2a57eef8b63dd5c243b5c75
2dcb1be4f700ae7fcee8b8901da0390b0f00315dda9571163d94b36784a46d53
534432edfc886e84541a168efe3ddc0e43c2f691424b7f6bf489502f37ec2b4b
5350ba56a51ecaddd508aadcc2c5aae032934ef453a925778ce311fa36fb2091
6130ee4c3281bd79aabe6aa1a9f95aefcd8246e10cb33bebe6c3edeeb1f6816b
65c1940268736e15e4103552c16e28b9f121be657acbbc326dde60b7fd54d746
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
b0b54d74f1d6d39db223176afdaed39198cd8f6da476df7c80ac1ad28ac42312
be2ff4f2cee3ff4dd7373252c1ee4712ceefc5ad4cb12e38139974c86885c0b3
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3325da0db7c5113bf2ae3e263236364f6fcb50782911f7925fb0ca73c5a9329
d52c76d752150aa48261394cb8f1d588b1b9506cd6b90301aaaa3ed123132675
d8a9f2c46754af7a0bd2d903a771f94c3f7e76c1853803da933a5a0f934a3484
da1cc9180275b62d5399fe0e863af7df91ca71bd07d8fcc3d62a0d84451a1dd7
dc44ac5a5aee1d2335cd34ecb3f416553181edf2eb8774d2f7fbe96c0610d0da
e59c54f784792628ea67d8a4a8f08d0966b23fa3404a1e075e4b26131be7d5b2
e7bacf5d15af2a56ff42847d78527f5125e47d441fb92621f518bca84e26ad68

www.18luckportal.biz Open in urlscan Pro 2600:9000:2043:4200:b:205a:bc80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

92 %HTTPS

45 %IPv6

12 Domains

13 Subdomains

11 IPs

5 Countries

374 kBTransfer

548 kBSize

3 Cookies

8 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

Indicators

www.18luckportal.biz Open in urlscan Pro
2600:9000:2043:4200:b:205a:bc80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

92 %
HTTPS

45 %
IPv6

12
Domains

13
Subdomains

11
IPs

5
Countries

374 kB
Transfer

548 kB
Size

3
Cookies

26 HTTP transactions
0 data transactions