| ldconstru.com.br/wp-admin/user/verify.php | 172.67.137.230 | 301 Moved Permanently | 167 B |
URL User Request GET HTTP/2ldconstru.com.br/wp-admin/user/verify.php IP172.67.137.230:443
CertificateIssuerGoogle Trust Services LLC Subjectldconstru.com.br FingerprintA6:03:E8:44:BD:3D:93:63:93:5E:27:B2:70:7A:FA:11:E6:E3:A0:A9 ValidityWed, 03 Apr 2024 05:44:58 GMT - Tue, 02 Jul 2024 05:44:57 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /wp-admin/user/verify.php HTTP/1.1
Host: ldconstru.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 24 Apr 2024 19:02:44 GMT
content-type: text/html
content-length: 167
location: https://1wiipr.xyz/v3/landing-page/casino#xjv9
cache-control: max-age=3600
expires: Wed, 24 Apr 2024 20:02:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJw%2BdijLNvRPDBSfRzYKljmSe7hfRt4WYObJWhUOrUz%2B58OEsDj4MIXUHHsyi%2BeAJwwiPOI0bBw4qR%2BBIUTCi9%2F19vdOsPknNfnwmbi%2F4YbgoMbfyB8PrT65gKz4%2BapIgUyo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8798596f5d24b50b-OSL
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/casino | 190.115.24.78 | | 535 B |
URL 1wtsso.life/v3/landing-page/casino IP190.115.24.78:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators Hash6ebba141fb6efd37dacf9587ae04fed9 cf993fbd3fa0186e27c776ea00c798c26711353d 06bff4da02071b433d0612c972a3579cc56700823d5e4af3b47fc7c2584435d9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/casino HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; Domain=.1wtsso.life; HttpOnly; Path=/; Expires=Thu, 24-Apr-2025 19:02:45 GMT
date: Wed, 24 Apr 2024 19:02:45 GMT
content-type: text/html
content-length: 535
accept-ranges: bytes
content-encoding: gzip
etag: "65f44b85-3ec"
last-modified: Fri, 15 Mar 2024 13:22:13 GMT
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/js/chunk-vendors.7ebfe912.js | 190.115.24.78 | 200 OK | 83 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/js/chunk-vendors.7ebfe912.js IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeJavaScript source, ASCII text, with very long lines (62720) Hashe859181c030d28baf5a04a2a3c3cd937 f5b9848c3cb67c865016cab2865b5bc5b5ab4ac7 2612602d837ce33545740a7c62783b9e61e7a393ff93669e7eb515a5a33eac93
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/js/chunk-vendors.7ebfe912.js HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 22 Apr 2024 21:46:22 GMT
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: W/"65f44b85-41cb3"
last-modified: Fri, 15 Mar 2024 13:22:13 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 162984
content-length: 82955
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/css/index.516ebdd2.css | 190.115.24.78 | 200 OK | 13 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/css/index.516ebdd2.css IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash4abab580f0205fff0d3b534deb2394e3 57a678262fb0c43557a62db6f50d82105632004b c7a23eebf1ea1e3579bea5a928638b877f0797483332a33b4270061b95a05e08
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/css/index.516ebdd2.css HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 22 Apr 2024 16:17:25 GMT
content-type: text/css
accept-ranges: bytes
content-encoding: gzip
etag: "65f44b77-1be3c"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 182720
content-length: 13006
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/js/index.ec29aeae.js | 190.115.24.78 | 200 OK | 26 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/js/index.ec29aeae.js IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64864), with no line terminators Hashb90ed8c8da0660e9be06168cd3212b75 25e32d9668a2fd42735f876532ded75366a5eef5 bf6f9fd68cd16fe1dcd585fdb2836a6a47c162075859dc0e080eafdd8cb8b6bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/js/index.ec29aeae.js HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 22 Apr 2024 05:22:58 GMT
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
last-modified: Fri, 15 Mar 2024 13:22:13 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f44b85-138ce"
age: 221987
content-length: 25929
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/fonts/SFProText-Regular.4384e311.woff2 | 190.115.24.78 | 200 OK | 94 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/fonts/SFProText-Regular.4384e311.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 94424, version 1.0 Hashc7e2854dfcedf02e21c78e34bd7a7141 ae1745c4ddc78c12ce7602469ab5e4d515fabd60 8a1914bcc30c47d6f74e1b6856573bf0c3968c7ae938c6fbfe432212fe03d1da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/fonts/SFProText-Regular.4384e311.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/css/index.516ebdd2.css
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 23 Apr 2024 16:15:36 GMT
content-type: font/woff2
content-length: 94424
accept-ranges: bytes
etag: "65f44b77-170d8"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 96429
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/fonts/SFProText-Bold.e0773a22.woff2 | 190.115.24.78 | 200 OK | 102 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/fonts/SFProText-Bold.e0773a22.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 102320, version 1.0 Size102 kB (102341 bytes) Hash8e175b47e6cc95ff7aa4bf6449f1158d a459387c929ed690d4e0b0331f3650bd40d0066a 87189c7bda240da89b1b1d7373467142d71c103b5f619f8017104c64f4d514f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/fonts/SFProText-Bold.e0773a22.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Wed, 24 Apr 2024 11:26:32 GMT
content-type: font/woff2
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 102341
ddg-cache-status: HIT,HIT
etag: "65f44b77-18fb0"
age: 27373
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/logotype.64c2f4d0.svg | 190.115.24.78 | 200 OK | 1.2 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/logotype.64c2f4d0.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hash806b87081bf22789b38c1d7a2120b744 78a2e8b3646d07f5f2a40b39aab94e9fac9bcbc7 d8d6539f2cc630aac9e9861d72e892eaca2407a947580633b453c89615db3b1a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/logotype.64c2f4d0.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 23 Apr 2024 16:41:52 GMT
content-type: image/svg+xml
content-length: 1241
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
ddg-cache-status: HIT,HIT
etag: "65f44b77-ec9"
age: 94853
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/fonts/SFProText-Semibold.6bed90d9.woff2 | 190.115.24.78 | 200 OK | 104 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/fonts/SFProText-Semibold.6bed90d9.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 104140, version 1.0 Size104 kB (104183 bytes) Hash211b9d5260f9bb835f5635c688c92e6e e6cb231916c7c46f6b8bb30ffd43f8f7ab9f3716 4a9d3fc12296ec7769a6d1863f3de6daa5b7f364ac6ff2f0e9b06bcabf58a929
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/fonts/SFProText-Semibold.6bed90d9.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 22 Apr 2024 13:08:26 GMT
content-type: font/woff2
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f44b77-196cc"
age: 194059
content-length: 104183
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/fonts/SFProText-Regular.4384e311.woff2 | 190.115.24.78 | 200 OK | 94 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/fonts/SFProText-Regular.4384e311.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 94424, version 1.0 Hashc7e2854dfcedf02e21c78e34bd7a7141 ae1745c4ddc78c12ce7602469ab5e4d515fabd60 8a1914bcc30c47d6f74e1b6856573bf0c3968c7ae938c6fbfe432212fe03d1da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/fonts/SFProText-Regular.4384e311.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 23 Apr 2024 18:18:03 GMT
content-type: font/woff2
accept-ranges: bytes
content-encoding: gzip
etag: "65f44b77-170d8"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 89082
content-length: 94463
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/fonts/SFProText-Medium.e58674b8.woff2 | 190.115.24.78 | 200 OK | 104 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/fonts/SFProText-Medium.e58674b8.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 104172, version 1.0 Size104 kB (104119 bytes) Hash09be2e2f35fe3d0117ecea6cc463094e b8e3398500489932507e877cc660dc358144a028 7a3e5a3f97d4a5b7422d73c10e8431e3b7ad971e81b34a671575bd5cce451a4d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/fonts/SFProText-Medium.e58674b8.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 23 Apr 2024 01:55:31 GMT
content-type: font/woff2
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f44b77-196ec"
age: 148034
content-length: 104119
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/fonts/SFProText-Heavy.08af5ba6.woff2 | 190.115.24.78 | 200 OK | 104 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/fonts/SFProText-Heavy.08af5ba6.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 103760, version 1.0 Size104 kB (103736 bytes) Hashe2a1411345a11d7d65621240838347b3 83ef90a72d1f5e138c0ed1c97c4f7fa8ab95681d 21961c9c0cb52a74112af43f4903ab8c80feb7ebed32b192a62dc006c4f3cf74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/fonts/SFProText-Heavy.08af5ba6.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Wed, 24 Apr 2024 11:07:21 GMT
content-type: font/woff2
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f44b77-19550"
age: 28525
content-length: 103736
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
|
|
| 1win.direct/microservice/ask | 134.122.54.186 | 200 OK | 2 B |
URL POST HTTP/21win.direct/microservice/ask IP134.122.54.186:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject*.1win.direct Fingerprint52:A8:ED:F5:F8:3D:CF:F0:55:C1:2A:96:EA:32:49:27:6C:D8:26:27 ValiditySun, 17 Mar 2024 06:46:18 GMT - Sat, 15 Jun 2024 06:46:17 GMT
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wtsso.life/
Origin: https://1wtsso.life
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wtsso.life
access-control-expose-headers: Authorization
access-control-max-age: 7200
content-type: text/plain; charset=utf-8
date: Wed, 24 Apr 2024 19:02:46 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=2b93716ae54563bc; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
|
|
| 1win.direct/microservice/ask | 134.122.54.186 | 200 OK | 74 B |
URL POST HTTP/21win.direct/microservice/ask IP134.122.54.186:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject*.1win.direct Fingerprint52:A8:ED:F5:F8:3D:CF:F0:55:C1:2A:96:EA:32:49:27:6C:D8:26:27 ValiditySun, 17 Mar 2024 06:46:18 GMT - Sat, 15 Jun 2024 06:46:17 GMT
Hashb4be8f14db78bd2eb1a8820a5a13e4de d88133c4241d3b1a798e6c024edbbed0c85e5177 d47019b46d47b0ce65d3684f3c09900be915c62c2aa5cee4131f8e7fb7706c74
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://1wtsso.life/
Content-Type: application/json
Content-Length: 35
Origin: https://1wtsso.life
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wtsso.life
access-control-expose-headers: Authorization
access-control-max-age: 7200
content-type: application/json; charset=utf-8
date: Wed, 24 Apr 2024 19:02:46 GMT
etag: W/"4a-2IEzxCQdOxp5jmwCTtu+0MheUXc"
set-cookie: core-sticky=576d95806e42850e; Path=/; HttpOnly
x-powered-by: Express
content-length: 74
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/favicon.ico | 190.115.24.78 | 200 OK | 419 B |
URL GET HTTP/21wtsso.life/v3/landing-page/favicon.ico IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators Hash6ebba141fb6efd37dacf9587ae04fed9 cf993fbd3fa0186e27c776ea00c798c26711353d 06bff4da02071b433d0612c972a3579cc56700823d5e4af3b47fc7c2584435d9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/favicon.ico HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 23 Apr 2024 17:25:33 GMT
content-type: text/html
accept-ranges: bytes
content-encoding: br
last-modified: Fri, 15 Mar 2024 13:22:13 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f44b85-3ec"
age: 92234
content-length: 419
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/particles.7d34facf.png | 190.115.24.78 | 200 OK | 34 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/particles.7d34facf.png IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typePNG image data, 549 x 588, 8-bit colormap, non-interlaced Hash044544ef523e70e4ddb3a0fc2274c494 b3ae5edf5117003749b572861c684a7ade1c3000 e9cf2795820e837ee372ade244a1129f0f73432815bc395f70806595cdf0ee0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/particles.7d34facf.png HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 22 Apr 2024 11:57:58 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f44b77-867e"
age: 198288
content-length: 34408
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/feature-1.bb624ccc.png | 190.115.24.78 | 200 OK | 12 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/feature-1.bb624ccc.png IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typePNG image data, 192 x 204, 8-bit colormap, non-interlaced Hashc947b3753a625232855b2fb1c2feb391 66df605817cbf01c62a91147212d29f4d48e01cf d23ed50d80fe3620fb15eaae5f068e7a63505e24e6331a485af143b507359094
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/feature-1.bb624ccc.png HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 21 Apr 2024 10:32:44 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
etag: "65f44b77-3038"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 289802
content-length: 12342
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/feature-2.ed27521d.png | 190.115.24.78 | 200 OK | 11 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/feature-2.ed27521d.png IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typePNG image data, 183 x 171, 8-bit colormap, non-interlaced Hashf78a6fc1fcaff83c0cf433ca60566e78 2049067c1f31224b3ac3674f9cb6d40733abcf33 b89a2bfa04ce787c5d7bc6a3988104c3f8b4d85f6ba745e95a3f2494750e841a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/feature-2.ed27521d.png HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Wed, 24 Apr 2024 09:42:55 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 11345
ddg-cache-status: HIT,HIT
etag: "65f44b77-2c35"
age: 33591
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/purple-secondary.24af766f.png | 190.115.24.78 | 200 OK | 82 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/purple-secondary.24af766f.png IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typePNG image data, 3072 x 2188, 8-bit colormap, non-interlaced Hash7e4884f93a0b106932c61d1cdb5cd13a 076f3af0717af31cf14aed24a79f7d6ea5f8c5fe dc5380af4685258b5fd69cdef29d97990a68c910c41c4e96e6512c9da10b4343
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/purple-secondary.24af766f.png HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 21 Apr 2024 19:01:44 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
etag: "65f44b77-16083"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 259262
content-length: 82077
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/pay-methods-opacity.7312e4e8.svg | 190.115.24.78 | 200 OK | 7.8 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/pay-methods-opacity.7312e4e8.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hashb33e0cc7a7867d178488eabae0e0b9c4 2458d8c16c15b9a66cb77a5a457cc77478c34848 16ea5d17562c379424576fec8b20eeae532c525a0e0dd515fd3eee68b7061391
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/pay-methods-opacity.7312e4e8.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 22 Apr 2024 07:14:28 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f44b77-4c69"
age: 215298
content-length: 7771
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/purple-tertiary.fe5ec250.png | 190.115.24.78 | 200 OK | 18 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/purple-tertiary.fe5ec250.png IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typePNG image data, 3072 x 2188, 8-bit colormap, non-interlaced Hash9df738729e4b206526037a5dbf7a0762 3de83db330289d7fc10cde8d2bdd02733fdec495 2cffbca41802841c3108cecbf1ec99d940e31c4601c2d1831f5948f89139a373
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/purple-tertiary.fe5ec250.png HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 22 Apr 2024 04:01:02 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
etag: "65f44b77-62f3"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 226904
content-length: 17882
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/rb.0b490ad8.png | 190.115.24.78 | 200 OK | 17 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/rb.0b490ad8.png IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typePNG image data, 522 x 522, 8-bit colormap, non-interlaced Hash4c098865c6aab749a5b18cf577bb3654 184b8c7c0e394689ce97d0f7851ca0f72d523022 7e0fbdbd3da083be55fdb51dd1e31467554d87de85b37004b4c9704fc0754863
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/rb.0b490ad8.png HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 21 Apr 2024 17:16:26 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
etag: "65f44b77-4334"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 265580
content-length: 17102
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/flags.910216dc.svg | 190.115.24.78 | 200 OK | 46 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/flags.910216dc.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hashf9c22ddf5ac2ad44a29ae74a63f13fa5 cbba24c5ca548b60c9c0ed20a3534fe4a2c6f93a 05fd1848ce92c7e2b9dc978a1eadaa4efb184403c2df45eb5f381a0641be0fe7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/flags.910216dc.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 23 Apr 2024 16:33:08 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: gzip
etag: "65f44b77-2f90d"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 95378
content-length: 45875
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/bg-purple.d59a5952.png | 190.115.24.78 | 200 OK | 272 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/bg-purple.d59a5952.png IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typePNG image data, 2878 x 1800, 4-bit colormap, non-interlaced Size272 kB (272459 bytes) Hashce4679ca054c782e6cb62aef24bb1ec9 d3807a02e6793c8f5716a373c595f97eaa7c713d 879d244ba43a882e3cc142a0d1ba0c82cb6ae11bc4717e0d04a96e177bb0d0b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/bg-purple.d59a5952.png HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/css/index.516ebdd2.css
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 21 Apr 2024 13:50:10 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
etag: "65f44b77-4283f"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 277956
content-length: 272459
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/smoke.8b44b75c.png | 190.115.24.78 | 200 OK | 338 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/smoke.8b44b75c.png IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typePNG image data, 2882 x 1294, 8-bit colormap, non-interlaced Size338 kB (338409 bytes) Hash54167129d46f3d8221b55f379dd1e4e1 972cdfa94eaf02141f3297738e5c2aede38de292 ba8b98a2979f470366ae1afce406f3663b42cbabb7cda6d2b400367eb909e31e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/smoke.8b44b75c.png HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/css/index.516ebdd2.css
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Wed, 24 Apr 2024 07:05:33 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f44b77-52d7d"
age: 43033
content-length: 338409
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/fonts/SFProDisplay-Medium.6ca83f15.woff2 | 190.115.24.78 | 200 OK | 100 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/fonts/SFProDisplay-Medium.6ca83f15.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 99572, version 1.0 Hash52ea0d7008516c101595f81d37225889 6730d0f88794957b23d45148e162773485744235 b8da67821e588e3ee5516083d99f1d9907c23a24fcb52dfb3c57cd38924dcef7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/fonts/SFProDisplay-Medium.6ca83f15.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/css/index.516ebdd2.css
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 23 Apr 2024 16:15:39 GMT
content-type: font/woff2
content-length: 99572
accept-ranges: bytes
etag: "65f44b77-184f4"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 96427
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/fonts/SFProText-Bold.e0773a22.woff2 | 190.115.24.78 | 200 OK | 102 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/fonts/SFProText-Bold.e0773a22.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 102320, version 1.0 Size102 kB (102320 bytes) Hash8e175b47e6cc95ff7aa4bf6449f1158d a459387c929ed690d4e0b0331f3650bd40d0066a 87189c7bda240da89b1b1d7373467142d71c103b5f619f8017104c64f4d514f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/fonts/SFProText-Bold.e0773a22.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/css/index.516ebdd2.css
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 21 Apr 2024 20:18:02 GMT
content-type: font/woff2
content-length: 102320
accept-ranges: bytes
etag: "65f44b77-18fb0"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 254684
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/fonts/SFProDisplay-Heavy.3799ab9c.woff2 | 190.115.24.78 | 200 OK | 100 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/fonts/SFProDisplay-Heavy.3799ab9c.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 100352, version 1.0 Size100 kB (100352 bytes) Hashfee26660875bec06ce508e96057f6efa e3c7a405f8ef14ff2fcc53ca60d5bc1b39a38db4 9c8773b18df092674df6b952c940fdc72cb66c5b6f408851e66866e72743df56
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/fonts/SFProDisplay-Heavy.3799ab9c.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/css/index.516ebdd2.css
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 23 Apr 2024 16:15:39 GMT
content-type: font/woff2
content-length: 100352
accept-ranges: bytes
etag: "65f44b77-18800"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 96427
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/fonts/SFProText-Semibold.6bed90d9.woff2 | 190.115.24.78 | 200 OK | 104 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/fonts/SFProText-Semibold.6bed90d9.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 104140, version 1.0 Size104 kB (104140 bytes) Hash211b9d5260f9bb835f5635c688c92e6e e6cb231916c7c46f6b8bb30ffd43f8f7ab9f3716 4a9d3fc12296ec7769a6d1863f3de6daa5b7f364ac6ff2f0e9b06bcabf58a929
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/fonts/SFProText-Semibold.6bed90d9.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/css/index.516ebdd2.css
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 23 Apr 2024 16:15:39 GMT
content-type: font/woff2
content-length: 104140
accept-ranges: bytes
etag: "65f44b77-196cc"
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 96427
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/casino | 190.115.24.78 | 200 OK | 1.0 kB |
URL User Request GET HTTP/21wtsso.life/v3/landing-page/casino IP190.115.24.78:443
CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1027), with no line terminators Hash0dee357acdbfbb17491e66d54ec008e4 4acd8c12eacd2457ce2d58552bad0f1c6ad05dc5 0bdc08e05a52428145828c3bedd57e6e342d18e194ec8433153f357499dcc386
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/casino HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; Domain=.1wtsso.life; HttpOnly; Path=/; Expires=Thu, 24-Apr-2025 19:02:45 GMT
date: Wed, 24 Apr 2024 19:02:45 GMT
content-type: text/html
content-length: 535
accept-ranges: bytes
content-encoding: gzip
etag: "65f44b85-3ec"
last-modified: Fri, 15 Mar 2024 13:22:13 GMT
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/affiliate:link_visit?partner_key=xjv9&sub_ids=undefined | 190.115.24.78 | 200 OK | 37 B |
URL GET HTTP/21wtsso.life/affiliate:link_visit?partner_key=xjv9&sub_ids=undefined IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash2f6af1a09e6d352c1603fe2326189744 baed183cee7c7fd534e8519a683c9f398e696329 7dbce63a298c62ef7fd9b97b1512bcfc0fb402338670dbd194362e0ffac42458
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /affiliate:link_visit?partner_key=xjv9&sub_ids=undefined HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wtsso.life/v3/landing-page/casino
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
date: Wed, 24 Apr 2024 19:02:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
access-control-max-age: 7200
etag: W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
set-cookie: core-sticky=http://10.233.80.42:80; Path=/; HttpOnly
x-powered-by: Express
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/lang-server/v2?keys=landings.landing-promo&keys=common.currency&langs=en | 190.115.24.78 | 200 OK | 5.3 kB |
URL GET HTTP/21wtsso.life/lang-server/v2?keys=landings.landing-promo&keys=common.currency&langs=en IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with very long lines (5962), with no line terminators Hashd9c64dd3ecec32af4dd21d1da35a810b a199a037d35653379aa047ac5765667c4fc8f894 32d6e1daeb3dad5920f56498721cebaef9c4bed1e4ae97235c7366c206e7be1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lang-server/v2?keys=landings.landing-promo&keys=common.currency&langs=en HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wtsso.life/v3/landing-page/casino
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
date: Wed, 24 Apr 2024 19:02:46 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
age: 18358
etag: W/"14b1-sfTIBoqg8XNeYpKZZh/J9Mj0Jbw"
vary: Origin
cache-control: no-cache, no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/landing-page/img/purple-primary.36160d25.png | 190.115.24.78 | 200 OK | 564 kB |
URL GET HTTP/21wtsso.life/v3/landing-page/img/purple-primary.36160d25.png IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/landing-page/casino#xjv9 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typePNG image data, 3072 x 2188, 8-bit colormap, non-interlaced Size564 kB (564119 bytes) Hashb201cd0b28d17ef0cd4605b224402c89 c3d69af314c96fca65ea0fadd4e22940908d11dc a6ea2ef2406ba603044150213aa3e72f3e02373085827bd6360d695f6eae7c86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/landing-page/img/purple-primary.36160d25.png HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/landing-page/casino
Cookie: __ddg1_=WiuXehSW4aGJNjrtAuNJ; partner_key=xjv9; visit_domain=1wtsso.life; core-sticky=http://10.233.80.42:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
date: Tue, 23 Apr 2024 19:01:16 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:21:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 541328
ddg-cache-status: HIT,HIT
etag: "65f44b77-89b97"
age: 86490
X-Firefox-Spdy: h2
|
|
| 1wiipr.xyz/v3/landing-page/casino | 190.115.24.78 | 301 Moved Permanently | 1.0 kB |
URL User Request GET HTTP/21wiipr.xyz/v3/landing-page/casino IP190.115.24.78:443
CertificateIssuerLet's Encrypt Subject1wiipr.xyz FingerprintF1:98:DE:36:4B:AC:9A:03:00:E9:7A:72:E1:80:4A:EC:63:F1:7B:72 ValidityTue, 16 Apr 2024 09:12:55 GMT - Mon, 15 Jul 2024 09:12:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/landing-page/casino HTTP/1.1
Host: 1wiipr.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: ddos-guard
set-cookie: __ddg1_=UYKso2KI5FwwBXAYplCb; Domain=.1wiipr.xyz; HttpOnly; Path=/; Expires=Thu, 24-Apr-2025 19:02:44 GMT
date: Wed, 24 Apr 2024 19:02:44 GMT
content-type: text/html
location: https://1wtsso.life/v3/landing-page/casino
access-control-allow-origin: *
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|