IP190.115.24.78:0
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hashbad0d4174bec312273029c694f83abf6 84e56f06bd5b90f11f4940249e7faa92bc432b33 9b851d13163697b8d06ddfa1fa8e577f9cbc90cb2022c2063de172cbfdd4a61d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/1.txt?1714792599550
Cookie: __ddg1_=v7aSd8vGbdkL4T3SqVoc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:06:10 GMT
content-type: image/x-icon
last-modified: Tue, 25 Jul 2023 09:29:53 GMT
etag: W/"64bf9611-10be"
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-encoding: gzip
age: 241860
content-length: 497
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
| 1wxht.com/1.txt?1714792599550 | 190.115.24.78 | 200 OK | 8 B |
URL User Request GET HTTP/21wxht.com/1.txt?1714792599550 IP190.115.24.78:443
CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeASCII text, with no line terminators Hash45300fc64b3508897a13baa31fc46129 42df810ef3aef40e621856cf2f23f761acd47a16 d12275dadec507c4335f8da693eaf428b29b70e5009e14a76e3dc4005d1a12b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1.txt?1714792599550 HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=v7aSd8vGbdkL4T3SqVoc; Domain=.1wxht.com; HttpOnly; Path=/; Expires=Sat, 10-May-2025 07:17:10 GMT
date: Fri, 10 May 2024 06:24:30 GMT
content-type: text/plain
last-modified: Wed, 08 May 2024 22:27:12 GMT
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"663bfc40-8"
age: 3160
ddg-cache-status: HIT
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|