Report - webbd70.wapkiz.com/filedownload/1202890/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe

Report Overview

Submitted URL
webbd70.wapkiz.com/filedownload/1202890/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-19 11:23:22
Access
public
Website Title
kmp2 9 4 1435 dxva cuda svp 12 08 10 (webbd70.wapkiz.com).exe
Final URL
wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Tags
suspicious
urlquery detections
Suspicious - Anti-debugging code

Detections

urlquery
6
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-03-17	882 B	7.0 kB	140.82.121.4
tinyfast.xyz	unknown	2023-09-14	2023-09-14	2024-03-12	853 B	1.3 kB	104.21.37.27
1337x1.wb4.xyz	unknown	2022-04-16	2022-06-11	2024-02-29	3.4 kB	116 kB	172.67.135.38
jswww.net	474473	2021-12-14	2016-11-19	2024-03-18	985 B	1.8 kB	109.206.168.17
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-03-18	446 B	122 kB	104.18.10.207
webbd70.wapkiz.com	unknown	2017-09-06	2022-06-13	2022-09-13	555 B	4.6 kB	188.114.97.1
wk.jdi5.com	unknown	2021-02-16	2022-06-07	2024-03-19	1.9 kB	16 kB	172.67.165.78
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-03-19	1.8 kB	340 kB	142.250.74.168
afarkas.github.io	106835	2013-03-08	2014-01-15	2024-03-02	332 B	4.2 kB	185.199.111.153
raw.githubusercontent.com	35802	2014-02-06	2014-03-01	2024-03-19	904 B	2.8 kB	185.199.109.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-03-19	medium	1337x1.wb4.xyz/script.js?t=202421911	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html	153 B	2024-03-19	2024-04-23
Pretty URL wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html IP 172.67.165.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-19 04:31:07 Last Seen2024-04-23 11:41:22 Times Seen23 Hash c4ac8c572af377e0a3902e2a1ae9f80f 30f69db91f177a38fb7a4cc888e2f75bbaaee64f 2930e2f9b3bd8ac2a057e109d109aeb7d6fb70ca822fdb782895955d8f4ed3c4 Loading...

	1337x1.wb4.xyz/2019/05/allu-k-samosay.html	1.0 kB	2023-04-10	2024-04-23
Pretty URL 1337x1.wb4.xyz/2019/05/allu-k-samosay.html IP 172.67.135.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-10 21:07:43 Last Seen2024-04-23 11:41:21 Times Seen80 Hash 0e481ace6afebfd56f0fbdb4e2ef4db7 3115a9be4b9d9149584e57a80b20f72415df1883 4b8f417c519dad613a207c9ce71499c042e5e383d1c0ab0231eed4e462e4743a Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 11:01:22 Times Seen342077 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html	981 B	2024-03-19	2024-03-19
Pretty URL wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html IP 172.67.165.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-19 12:23:24 Last Seen2024-03-19 12:23:24 Times Seen1 Hash 6923b097be4029b91ff9b8bbc1960364 6acdd8f3b6063142ce1a0c0ddc5e82be4cb4c113 dfae26ec03b2db516edeeaf436e1e6bd9e9fc19f91f7174bcedd1015801e2957 Loading...

	1337x1.wb4.xyz/2019/05/allu-k-samosay.html	0 B	2023-03-07	2024-04-27
Pretty URL 1337x1.wb4.xyz/2019/05/allu-k-samosay.html IP 172.67.135.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 11:21:53 Times Seen37118773 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/sandbox%20eval%20code	147 B	2023-04-11	2024-04-27
Pretty URL wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 11:01:22 Times Seen342578 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	1337x1.wb4.xyz/2019/05/allu-k-samosay.html	210 B	2023-09-24	2024-04-23
Pretty URL 1337x1.wb4.xyz/2019/05/allu-k-samosay.html IP 172.67.135.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-24 11:47:20 Last Seen2024-04-23 11:41:21 Times Seen65 Hash d05725db51f092f8c0e4ad6fb9a2931a 86b648ceab78878c731a2209524d21f3d3aa430f cac92e0148ff94d20ee230ca292e00b8142f6d8f25457c810bea61981de76016 Loading...

	wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html	625 B	2023-05-07	2024-04-23
Pretty URL wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html IP 172.67.165.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-07 19:56:25 Last Seen2024-04-23 11:41:21 Times Seen55 Hash 967e4d130ed223edd1b9556f89506f35 f1941891d896d1c84196888c93002111c7184479 87e53d522d400c8beaa819f75fdcc2fc6b75bbe7bdb42197367cc4f435c6c942 Loading...

	1337x1.wb4.xyz/script.js?t=202421911	92 kB	2023-08-12	2024-04-23
Pretty URL 1337x1.wb4.xyz/script.js?t=202421911 IP 172.67.135.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 10:06:37 Last Seen2024-04-23 11:41:22 Times Seen120 Hash 3e9ab65e2cdb77cc66db8b8aee3017ed e1619967130ceb5ce9906f3c16cd27c3248fbc67 bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1 Loading...

	www.googletagmanager.com/gtag/js?id=UA-46789381-49	198 kB	2024-03-19	2024-03-19
Pretty URL www.googletagmanager.com/gtag/js?id=UA-46789381-49 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-19 12:23:24 Last Seen2024-03-19 12:23:24 Times Seen2 Hash 9320e5af3ee2914a0eae75ba774090a3 89ca9f7fc8f29fe61d1dff048a8b665d57438668 de42f4cb92cc35a2ff3d86a6f7d9a6e2bed81a907749bec1fd31a825c9d64aa5 Loading...

	wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html	63 B	2023-05-07	2024-04-23
Pretty URL wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html IP 172.67.165.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-07 19:56:25 Last Seen2024-04-23 11:41:21 Times Seen55 Hash c39e2d36d5c42c5b6238bf915d4bcd2c ed39e87925aadfbd7f5ecb8243405d0b435b1a4d ad3f32ba1d3acc12d21b01d9875021f96ab8e8ac8fe3b9c18f2aa032dda41be6 Loading...

	1337x1.wb4.xyz/2019/05/allu-k-samosay.html	169 B	2023-04-10	2024-04-23
Pretty URL 1337x1.wb4.xyz/2019/05/allu-k-samosay.html IP 172.67.135.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-10 21:07:43 Last Seen2024-04-23 11:41:21 Times Seen80 Hash 834fc7c039a13fbba4a03f9aef779b1c c4c84b10a47e9c191eb9997c582e19305c389aa7 28eee164b1920610b7fc3573774ce64b57f0ccdc450843418fc21b52bb83bfcd Loading...

	wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html	58 B	2023-05-07	2024-04-23
Pretty URL wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html IP 172.67.165.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-07 19:56:25 Last Seen2024-04-23 11:41:21 Times Seen55 Hash 41aeac9d70b89083cfd8d99ab881072f e9163b1e1fc27028dbf705700060d3c591ca044a 1992a76247b7dd6c22c15b9d7c874034d63ea0e0c03e70b9068bb07dbf75a669 Loading...

	wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html	4.8 kB	2023-05-07	2024-04-23
Pretty URL wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html IP 172.67.165.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-07 19:56:25 Last Seen2024-04-23 11:41:21 Times Seen55 Hash 9421b8b2703151b9ae93d19d34a72ffa 03f5afcf096cdfdde4468de96f36e81fc671f1bd 4e57c63b43ab2c38524875e34f5874baf5b1ca96fb375ab232bc156a20e26d88 Loading...

	www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c	238 kB	2024-03-19	2024-03-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-19 12:23:24 Last Seen2024-03-19 12:23:24 Times Seen2 Hash a0453a6226ea3b277d0a5b7ca3b30952 365eda9b130c852755feb2add4621f574faed351 e3704d820b40ea5d354c414dfc2e7a1c4d6cd85101b11222b8c4f5baf21fa1e7 Loading...

	jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=972851&t=2056&sid=1337x1.wb4.xyz&r=0.900497383731143	606 B	2024-03-19	2024-03-19
Pretty URL jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=972851&t=2056&sid=1337x1.wb4.xyz&r=0.900497383731143 IP 109.206.168.17 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-19 12:23:24 Last Seen2024-03-19 12:23:24 Times Seen1 Hash dd52ea378ab4825028b60ad94112d02f e4fcc8cbef61268d695ec12c37c05219773f538e 6657702a65c345dec10fbb9f66048164dcfb95176b65b0dd92de1ec6f829a8cf Loading...

	www.googletagmanager.com/gtag/js?id=G-49LW6323V3	289 kB	2024-03-19	2024-03-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-49LW6323V3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-19 12:23:24 Last Seen2024-03-19 12:23:24 Times Seen2 Hash 7c718870e0cc7a525384fc20fd0eb94a 9e78bab4e83973ee7023efb579f480da0f3982fd b0df33afe1eaac48d147ed7e1c0f3929df83d34a49e8953e6146243cf6c5240f Loading...

	afarkas.github.io/lazysizes/lazysizes.min.js	7.9 kB	2023-03-07	2024-04-27
Pretty URL afarkas.github.io/lazysizes/lazysizes.min.js IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:08 Last Seen2024-04-27 09:57:44 Times Seen3258 Hash 45bacd312d5098b4b59f563d8756c15d fa55e2cff078381e5365d95782a95a787d0b7192 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b Loading...

	wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html	1.0 kB	2023-05-07	2024-04-23
Pretty URL wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html IP 172.67.165.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-07 19:56:25 Last Seen2024-04-23 11:41:22 Times Seen55 Hash d90adb6cdd22ff355967ae6423c87e7c 53ec4a3b0c25ab01eae1a373aa526130f99a26b3 3fdf49bc8848922f80b1ccfa4caae1c83b3100fe84b08f968f36256529285218 Loading...

	www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c	238 kB	2024-03-19	2024-03-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-19 12:23:24 Last Seen2024-03-19 12:23:24 Times Seen2 Hash 5c9673dfa92ebcf1cf401744ab494efd 461aa2c90cd9b1f581ea669c6ba346c25c767b2f dd4e3f59edbcbd32268fc812df3dfd5316a5e8c9228daed3ed734140f034111e Loading...

	jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=645222&t=2056&sid=1337x1.wb4.xyz&r=0.41607134386752	606 B	2024-03-19	2024-03-19
Pretty URL jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=645222&t=2056&sid=1337x1.wb4.xyz&r=0.41607134386752 IP 109.206.168.17 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-19 12:23:24 Last Seen2024-03-19 12:23:24 Times Seen2 Hash 1d60f54fb0fc81911d3948317f48b909 d246455b7dc0748b477e67554fc4d5dcf6d845a7 4a3c8c65eddb843466f5db41bf97c1241f7633d125cc725233a27d97d08c4cfb Loading...

HTTP Transactions (24)

URL IP Response Size

webbd70.wapkiz.com/filedownload/1202890/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe

188.114.97.1

302 Found

3.5 kB

URL User Request GET HTTP/2
webbd70.wapkiz.com/filedownload/1202890/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwapkiz.com
Fingerprint0D:B5:D1:2E:77:FE:91:EE:34:82:EC:50:70:1A:75:0E:46:AF:36:90
ValidityWed, 14 Feb 2024 20:41:19 GMT - Tue, 14 May 2024 20:41:18 GMT

File type
gzip compressed data, from Unix
Size
3.5 kB (3549 bytes)
Hash
a4ee0e221cfd40da77a2163d399beda9
2e319c843b4aa328a5fb7226c1c3cc7dccc5f047
8347fb447cd5856cdccc4cb9819a96a852e2af9d96eaeb244127c40d22d42326

HTTP Headers

GET /filedownload/1202890/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe HTTP/1.1
Host: webbd70.wapkiz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 19 Mar 2024 11:22:56 GMT
content-type: text/html; charset=UTF-8
location: http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: BYPASS
set-cookie: webbd70_wapkiz_com=g8fbajn5sl1uur3ql3aglieed3; path=/; domain=webbd70.wapkiz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ieDIiCASE4jw3Y0racTvh4PGpMsTrk5C7AGIqYKZeL3qc43M3b1%2F7YFp3%2FnoZtYHHQU9jqLDYvP8xHtsiWnRx13jcsvXtduavL960%2Fe%2FQ3TZoQvtyRXI%2FD7XHB4UDzXRbOdS7p8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 866d1664feb9b51b-OSL
X-Firefox-Spdy: h2

wk.jdi5.com/style.css

172.67.165.78

200 OK

1.3 kB

URL GET HTTP/1.1
wk.jdi5.com/style.css
IP
172.67.165.78:80
ASN
#13335 CLOUDFLARENET

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html

File type
ASCII text, with very long lines (4592), with no line terminators
Size
1.3 kB (1302 bytes)
Hash
c4b94c72fbf6af7a5b03c888916d0e87
b74ec2fc2807c1bb8cdc13603eab50350bf97fd2
a624a4fdd1e260b9c175cbf7c937796b9c54ea563a655bc5894bc7fc2c59bc4b

HTTP Headers

GET /style.css HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 19 Mar 2024 11:22:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=7081
ETag: W/"1ba9-5b45fbd9366c0"
Last-Modified: Wed, 18 Nov 2020 11:16:19 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5766
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZsaZ4kX38eePLObWz4f9%2F4cklhm%2F4xgk4m757Y5qNHAgL70aH9AwR6xV0FG8hO%2BcIT85g1SiE%2FypDGPzOXX79C8Vw9WXxHieMXVo%2BfxXEPdLmHKfqZL%2BHRrHvUHDJA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 866d166738795685-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.googletagmanager.com/gtag/js?id=G-49LW6323V3

142.250.74.168

200 OK

96 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-49LW6323V3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:26:59:9C:A1:60:FD:C0:F5:F5:D5:8A:5C:D1:32:92:E7:8D:CE:7C
ValidityMon, 19 Feb 2024 08:03:54 GMT - Mon, 13 May 2024 08:03:53 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
96 kB (96365 bytes)
Hash
7c718870e0cc7a525384fc20fd0eb94a
9e78bab4e83973ee7023efb579f480da0f3982fd
b0df33afe1eaac48d147ed7e1c0f3929df83d34a49e8953e6146243cf6c5240f

HTTP Headers

GET /gtag/js?id=G-49LW6323V3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 19 Mar 2024 11:22:56 GMT
expires: Tue, 19 Mar 2024 11:22:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

afarkas.github.io/lazysizes/lazysizes.min.js

185.199.111.153

200 OK

3.5 kB

URL GET HTTP/1.1
afarkas.github.io/lazysizes/lazysizes.min.js
IP
185.199.111.153:80
ASN
#54113 FASTLY

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html

File type
JavaScript source, ASCII text, with very long lines (7862)
Size
3.5 kB (3497 bytes)
Hash
45bacd312d5098b4b59f563d8756c15d
fa55e2cff078381e5365d95782a95a787d0b7192
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

HTTP Headers

GET /lazysizes/lazysizes.min.js HTTP/1.1
Host: afarkas.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3497
Server: GitHub.com
Content-Type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
Last-Modified: Mon, 17 May 2021 09:28:46 GMT
Access-Control-Allow-Origin: *
ETag: W/"60a2374e-1ed1"
expires: Tue, 19 Mar 2024 10:03:08 GMT
Cache-Control: max-age=600
Content-Encoding: gzip
x-proxy-cache: HIT
X-GitHub-Request-Id: C39C:A698E:126C4DC:12BD210:65F960DA
Accept-Ranges: bytes
Date: Tue, 19 Mar 2024 11:22:56 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-hel1410028-HEL
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1710847377.541533,VS0,VE130
Vary: Accept-Encoding
X-Fastly-Request-ID: a08e15dba3e43e4d59e9cd254899dfaa87f40282

github.com/wapkiz/cdn/raw/master/js/page_templates_simple.js

140.82.121.4

302 Found

0 B

URL GET HTTP/2
github.com/wapkiz/cdn/raw/master/js/page_templates_simple.js
IP
140.82.121.4:443
ASN
#36459 GITHUB

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wapkiz/cdn/raw/master/js/page_templates_simple.js HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Tue, 19 Mar 2024 11:20:46 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin: https://render.githubusercontent.com
location: https://raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: D1BB:224B70:4E913F9:4FB6BFE:65F97590
X-Firefox-Spdy: h2

raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js

185.199.109.133

200 OK

409 B

URL GET HTTP/2
raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js
IP
185.199.109.133:443
ASN
#54113 FASTLY

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerDigiCert Inc
Subject*.github.io
FingerprintA1:46:14:C7:2A:1D:52:79:F6:AA:2B:B2:C5:0A:3B:D3:F5:02:06:75
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 20 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
409 B (409 bytes)
Hash
f53687164731cffce276463948dfcbef
0cf35a404a601d49466ae09bc2ba3d9ec1130500
5b3002cada011b91348a429587aa8197d10f3557b68a485195a2dcc1ffcacc6f

HTTP Headers

GET /wapkiz/cdn/master/js/page_templates_simple.js HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"e10025dca4e9820776b525fc26581e0967381374797a37e2a4228695d3202429"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 30F0:245BC9:9C74EF:A3651D:65F95F0B
content-encoding: gzip
accept-ranges: bytes
date: Tue, 19 Mar 2024 11:22:56 GMT
via: 1.1 varnish
x-served-by: cache-hel1410028-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1710847377.755194,VS0,VE1
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 7788e61c24120cd1b7117bab99a54195aa6af3a3
expires: Tue, 19 Mar 2024 11:27:56 GMT
source-age: 130
content-length: 409
X-Firefox-Spdy: h2

github.com/wapkiz/cdn/raw/master/image/close2.png

140.82.121.4

302 Found

0 B

URL GET HTTP/2
github.com/wapkiz/cdn/raw/master/image/close2.png
IP
140.82.121.4:443
ASN
#36459 GITHUB

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wapkiz/cdn/raw/master/image/close2.png HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: GitHub.com
date: Tue, 19 Mar 2024 11:20:47 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin: https://render.githubusercontent.com
location: https://raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: D1BB:224B70:4E91500:4FB6CFE:65F97590
X-Firefox-Spdy: h2

raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png

185.199.109.133

200 OK

564 B

URL GET HTTP/2
raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png
IP
185.199.109.133:443
ASN
#54113 FASTLY

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerDigiCert Inc
Subject*.github.io
FingerprintA1:46:14:C7:2A:1D:52:79:F6:AA:2B:B2:C5:0A:3B:D3:F5:02:06:75
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 20 Mar 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
564 B (564 bytes)
Hash
865dce1b2a4002b9a85f75ea622f4000
f56c8218b5ca721a9e5a3daec742a6f38c33c075
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

HTTP Headers

GET /wapkiz/cdn/master/image/close2.png HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/png
etag: W/"07ab105ccfd60fc2e0eccdd6f43cf3a305a8137d752da013e06d9eba2c8ddc27"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: C974:23AFF1:AA28E6:B19ED3:65F9750F
accept-ranges: bytes
date: Tue, 19 Mar 2024 11:22:56 GMT
via: 1.1 varnish
x-served-by: cache-hel1410028-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1710847377.873201,VS0,VE1
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: a22a277a426cb36c785bcb9b175d62ba53ea554a
expires: Tue, 19 Mar 2024 11:27:56 GMT
source-age: 129
content-length: 564
X-Firefox-Spdy: h2

wk.jdi5.com/favicon.ico

172.67.165.78

404 Not Found

194 B

URL GET HTTP/1.1
wk.jdi5.com/favicon.ico
IP
172.67.165.78:80
ASN
#13335 CLOUDFLARENET

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html

File type
HTML document, ASCII text
Size
194 B (194 bytes)
Hash
907be380261715ab0adf02e3cebb5f2d
83b7a6a6f263c1293d5503900bf6f1bc04974284
7353ec8326ed0133a1fdc0fd25b5cbee2518d3f3429f22058a152b325a1b8654

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Cookie: _ga_49LW6323V3=GS1.1.1710847376.1.0.1710847376.0.0.0; _ga=GA1.1.655993560.1710847377
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 19 Mar 2024 11:22:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
X-Robots-Tag: noindex, nofollow
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 129
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c767ElONIfSYguXiAc81IFHQQDlqXvS3laKZnSNsasLBAyfojxYqZ60WUDClqVv2wWfg6SfpsXrYRTiKaK0zROAhBLgTJm949X6zOuQiT2%2BWiM3xIzY9NsJnlew%2B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 866d16698b025685-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

tinyfast.xyz/red.php?id=35

104.21.37.27

302 Found

0 B

URL GET HTTP/1.1
tinyfast.xyz/red.php?id=35
IP
104.21.37.27:80
ASN
#13335 CLOUDFLARENET

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /red.php?id=35 HTTP/1.1
Host: tinyfast.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 19 Mar 2024 11:22:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.33
location: https://1337x1.wb4.xyz/submit.php
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HzBB%2BxRh5q%2BhNurBGnZ8MsMNv3yUEymBPHCwoPgDSGGGb%2Bkjz4vyQGiEvAgM91aeN0QEim4yrPMT3scRLpCil7I2CsDBz06LxH%2BvdXzcSpOJqg0FQtsNvOT4bGAmkM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 866d1669ea410b69-OSL
alt-svc: h2=":443"; ma=60

tinyfast.xyz/red2.php?id=30

104.21.37.27

302 Found

0 B

URL GET HTTP/1.1
tinyfast.xyz/red2.php?id=30
IP
104.21.37.27:80
ASN
#13335 CLOUDFLARENET

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /red2.php?id=30 HTTP/1.1
Host: tinyfast.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 19 Mar 2024 11:22:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.33
location: https://1337x1.wb4.xyz/submit.php
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVIt2vIj0tN9tZlsxwhQ49270TfRDMoi0Q5TraIlTl9pI%2Fy9pondhQzVDsdWxCupOdT6b2GHzGmCXAuTXcFBYxGVSaTBpj8ngrNLeJLEWJ7z1o%2FXZB4YIHpk9PzAPvA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 866d1669eb93b509-OSL
alt-svc: h2=":443"; ma=60

www.googletagmanager.com/gtag/js?id=UA-46789381-49

142.250.74.168

200 OK

72 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-46789381-49
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:26:59:9C:A1:60:FD:C0:F5:F5:D5:8A:5C:D1:32:92:E7:8D:CE:7C
ValidityMon, 19 Feb 2024 08:03:54 GMT - Mon, 13 May 2024 08:03:53 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
72 kB (71955 bytes)
Hash
9320e5af3ee2914a0eae75ba774090a3
89ca9f7fc8f29fe61d1dff048a8b665d57438668
de42f4cb92cc35a2ff3d86a6f7d9a6e2bed81a907749bec1fd31a825c9d64aa5

HTTP Headers

GET /gtag/js?id=UA-46789381-49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 19 Mar 2024 11:22:57 GMT
expires: Tue, 19 Mar 2024 11:22:57 GMT
cache-control: private, max-age=900
last-modified: Tue, 19 Mar 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

1337x1.wb4.xyz/

172.67.135.38

200 OK

72 kB

URL POST HTTP/3
1337x1.wb4.xyz/
IP
172.67.135.38:443
ASN
#13335 CLOUDFLARENET

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwb4.xyz
Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80
ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT

File type
HTML document, ASCII text
Size
72 kB (72433 bytes)
Hash
175d88b44d60cec343d51c4427502219
a9302a0fe99d5cd5c3cbefcfa07ce6df75dfa867
1d548fe48c46819db7e6cc1bf607b683518c466c15a2b9a0bbb0155f23f0f5ce

HTTP Headers

POST / HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 24
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=sam; expires=Thu, 18-Apr-2024 11:22:57 GMT; Max-Age=2592000; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8l7AOsR5injigWr%2Bb03okbXpqwqQitUfI9mjtP3EWsDVUHzMjTH%2BthZbL7bgyl3Cr0mrOc7e4pds9eTI7xEqQig3Sr9z2o6Czngc8%2BPbPzHOmNo2FGKGgkEuYE%2BrtOSfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166bcbf70b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c

142.250.74.168

200 OK

84 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:26:59:9C:A1:60:FD:C0:F5:F5:D5:8A:5C:D1:32:92:E7:8D:CE:7C
ValidityMon, 19 Feb 2024 08:03:54 GMT - Mon, 13 May 2024 08:03:53 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
84 kB (84513 bytes)
Hash
a0453a6226ea3b277d0a5b7ca3b30952
365eda9b130c852755feb2add4621f574faed351
e3704d820b40ea5d354c414dfc2e7a1c4d6cd85101b11222b8c4f5baf21fa1e7

HTTP Headers

GET /gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 19 Mar 2024 11:22:57 GMT
expires: Tue, 19 Mar 2024 11:22:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84513
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c

142.250.74.168

200 OK

84 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:26:59:9C:A1:60:FD:C0:F5:F5:D5:8A:5C:D1:32:92:E7:8D:CE:7C
ValidityMon, 19 Feb 2024 08:03:54 GMT - Mon, 13 May 2024 08:03:53 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
84 kB (84514 bytes)
Hash
5c9673dfa92ebcf1cf401744ab494efd
461aa2c90cd9b1f581ea669c6ba346c25c767b2f
dd4e3f59edbcbd32268fc812df3dfd5316a5e8c9228daed3ed734140f034111e

HTTP Headers

GET /gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 19 Mar 2024 11:22:57 GMT
expires: Tue, 19 Mar 2024 11:22:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=645222&t=2056&sid=1337x1.wb4.xyz&r=0.41607134386752

109.206.168.17

200 OK

606 B

URL GET HTTP/1.1
jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=645222&t=2056&sid=1337x1.wb4.xyz&r=0.41607134386752
IP
109.206.168.17:443
ASN
#50245 Serverel Inc.

Requested by
https://1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html
Certificate
IssuerLet's Encrypt
Subjectjswww.net
FingerprintEA:C6:01:43:FC:12:4B:59:4D:F4:73:8F:54:85:BF:64:E3:E9:C4:8F
ValidityTue, 06 Feb 2024 19:54:09 GMT - Mon, 06 May 2024 19:54:08 GMT

File type
ASCII text, with very long lines (606), with no line terminators
Size
606 B (606 bytes)
Hash
1d60f54fb0fc81911d3948317f48b909
d246455b7dc0748b477e67554fc4d5dcf6d845a7
4a3c8c65eddb843466f5db41bf97c1241f7633d125cc725233a27d97d08c4cfb

HTTP Headers

GET /w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=645222&t=2056&sid=1337x1.wb4.xyz&r=0.41607134386752 HTTP/1.1
Host: jswww.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: binder-v5.11.2
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/javascript
content-length: 606
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: *
access-control-expose-headers: *
x-response-code: 20204

1337x1.wb4.xyz/script.js?t=202421911

172.67.135.38

200 OK

28 kB

URL GET HTTP/3
1337x1.wb4.xyz/script.js?t=202421911
IP
172.67.135.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x1.wb4.xyz/2019/05/allu-k-samosay.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwb4.xyz
Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80
ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
28 kB (27641 bytes)
Hash
3e9ab65e2cdb77cc66db8b8aee3017ed
e1619967130ceb5ce9906f3c16cd27c3248fbc67
bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

HTTP Headers

GET /script.js?t=202421911 HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: application/javascript
cf-bgj: minify
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cache-control: max-age=14400
cf-cache-status: HIT
age: 129
last-modified: Tue, 19 Mar 2024 11:20:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbRH2g3AAJy7Yh4oVCQMKpGJG%2F9BhZhoDxwgOK2hSgQqLTReEzN2dIRvK322CZSu4gCjUfxMPd1GN4RmftjzP5tkBzYv9n6CjMDW9TPJPhbQUZj5rQ8m9xql7FgXqErwEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166c8c7b0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

1337x1.wb4.xyz/2019/05/allu-k-samosay.html

172.67.135.38

200 OK

6.7 kB

URL POST HTTP/3
1337x1.wb4.xyz/2019/05/allu-k-samosay.html
IP
172.67.135.38:443
ASN
#13335 CLOUDFLARENET

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwb4.xyz
Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80
ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (371)
Size
6.7 kB (6697 bytes)
Hash
0679be4efe2112ce4ebe0c5519dae87c
ad2d8b56f87d2f040dbd6d2f8ecdb702ad9886e2
f099fba29218b2976c3693e5c1d820bb8528297db3eaa77f6e3312f2c22ece21

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code

HTTP Headers

POST /2019/05/allu-k-samosay.html HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 28
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxCF3ZLWSZRLoGyYjUZle24aMW6oFkyxOHTooRRnKLjYP2IjrdWrVl78CCBz2sGcgGK02zHZXp9C%2FbNYeomDX1WIn3igmAjor%2FgRMSD2X4YyF32%2BAYxxnOh8uetS%2BWIKbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166c3c480b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

1337x1.wb4.xyz/submit.php

172.67.135.38

200 OK

1.4 kB

URL GET HTTP/2
1337x1.wb4.xyz/submit.php
IP
172.67.135.38:443
ASN
#13335 CLOUDFLARENET

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwb4.xyz
Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80
ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT

File type
HTML document, ASCII text, with very long lines (1482), with no line terminators
Size
1.4 kB (1388 bytes)
Hash
49d6b7a981c29bd70a89bdf451f25a72
36230a955dd715df2ac0488ce9012de335c45801
51ecca60b724abcf31a8a43729a0789b3734e2642fe74823df853b8c541496dd

HTTP Headers

GET /submit.php HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wk.jdi5.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYqeTvSrm8aotGpVPFFt%2Bwef10L%2B1dwaykQj%2F%2FXybz5OBAZUm1b5gEnrZQr4pBwuMSE0HMphZ4Do%2BqJhLpc7sLB8MhZoWX0%2BlyLfm5QkFmCgjEmk6J5SmvShhoQY04uDVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166aef30b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=972851&t=2056&sid=1337x1.wb4.xyz&r=0.900497383731143

109.206.168.17

200 OK

606 B

URL GET HTTP/1.1
jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=972851&t=2056&sid=1337x1.wb4.xyz&r=0.900497383731143
IP
109.206.168.17:443
ASN
#50245 Serverel Inc.

Requested by
https://1337x1.wb4.xyz/2019/05/allu-k-samosay.html
Certificate
IssuerLet's Encrypt
Subjectjswww.net
FingerprintEA:C6:01:43:FC:12:4B:59:4D:F4:73:8F:54:85:BF:64:E3:E9:C4:8F
ValidityTue, 06 Feb 2024 19:54:09 GMT - Mon, 06 May 2024 19:54:08 GMT

File type
ASCII text, with very long lines (766), with no line terminators
Size
606 B (606 bytes)
Hash
1aadf0933e56457c0d871a06695cdfa9
729be41b4b909717b3f3ff0a502a6029b21eeeb4
a63ee94690440c20fa42aa36c28b6c6174b73cf256b0b42f7f61c3fb201b4182

HTTP Headers

GET /w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=972851&t=2056&sid=1337x1.wb4.xyz&r=0.900497383731143 HTTP/1.1
Host: jswww.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: binder-v5.11.2
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/javascript
content-length: 606
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: *
access-control-expose-headers: *
x-response-code: 20204

maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

104.18.10.207

200 OK

121 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
FingerprintA8:07:0D:35:4B:FC:72:EA:A2:C8:B5:E7:74:66:B7:F4:72:EE:7E:E3
ValiditySun, 28 Jan 2024 00:16:50 GMT - Sat, 27 Apr 2024 00:16:49 GMT

File type
ASCII text, with very long lines (65371)
Size
121 kB (121260 bytes)
Hash
2f624089c65f12185e79925bc5a7fc42
8eb176c70b9cfa6871b76d6dc98fb526e7e9b3de
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

HTTP Headers

GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 19 Mar 2024 11:22:56 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f624089c65f12185e79925bc5a7fc42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 10/31/2023 18:48:20
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 455985e84def5b01c1ff875ffa4ec273
cdn-cache: HIT
cf-cache-status: HIT
age: 9874584
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 866d16678d1eb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html

172.67.135.38

200 OK

2.7 kB

URL POST HTTP/3
1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html
IP
172.67.135.38:443
ASN
#13335 CLOUDFLARENET

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwb4.xyz
Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80
ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2869), with no line terminators
Size
2.7 kB (2704 bytes)
Hash
fa34697276625c96770ebba4f4354fe3
6c9ae676d2ac32903da08507c8565eb22515a4ee
9dcf1d7e301dca1e0aa3316dd5de11e80a3a5cbe5a040f78873929ead2c4e5ee

HTTP Headers

POST /2020/01/rainy-day-meal-sometime-rain-season.html HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 28
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRzeMxE1CcLqQvLC14I2a7crmghHvd%2BP4o%2F2utb%2BGtHfNtfMtW3GbuZMXsSgl1BvhOJZtfZrjUTM9yZBmzinYCFgHO9mvpyN3MydT%2FyzwxxizMme0Of0Ll6SNdg%2BIsl8UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166c1c360b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html

172.67.165.78

200 OK

12 kB

URL User Request GET HTTP/1.1
wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
IP
172.67.165.78:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (407)
Size
12 kB (12394 bytes)
Hash
95484dc88274ccb6a10df20981b9a24b
4f02b2301e2f72eeeabbf13368d42d0903dcb2a4
32df6be4d6ccbec79c1287a87a9be9b8a498ccc6a25cc8338d6a97fb5dba8a33

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code

HTTP Headers

GET /filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 19 Mar 2024 11:22:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qp4c3bgcaK0F9S7wFT%2FA5JhaQFYoUWBeNgEYfPxb9bUT1XMTV2hlVrvNncELqGGHvxIT9YVm8cWM7yOJ34AmC1LRVcbmzvZ9ZFRFbdFK7Qz64MqMTysgeKFWpo2kGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 866d16659ec65685-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

1337x1.wb4.xyz/submit.php

172.67.135.38

200 OK

1.4 kB

URL GET HTTP/2
1337x1.wb4.xyz/submit.php
IP
172.67.135.38:443
ASN
#13335 CLOUDFLARENET

Requested by
http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwb4.xyz
Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80
ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT

File type
HTML document, ASCII text, with very long lines (1482), with no line terminators
Size
1.4 kB (1388 bytes)
Hash
49d6b7a981c29bd70a89bdf451f25a72
36230a955dd715df2ac0488ce9012de335c45801
51ecca60b724abcf31a8a43729a0789b3734e2642fe74823df853b8c541496dd

HTTP Headers

GET /submit.php HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wk.jdi5.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whp9jOXBw%2BPZlCKzoFdtSDa0Jc%2ByQJKWRCz%2F%2BXZPWqssw4frlRUGCdbEVEulof3ci2UP1cjKPvqNGyfqPEnV%2BbbsdkgTLPh6WaRm9EbZ9lDhHCO%2F1Gb9p100heIWSQrDNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166a7eb1b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML