| webbd70.wapkiz.com/filedownload/1202890/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe | 188.114.97.1 | 302 Found | 3.5 kB |
URL User Request GET HTTP/2webbd70.wapkiz.com/filedownload/1202890/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectwapkiz.com Fingerprint0D:B5:D1:2E:77:FE:91:EE:34:82:EC:50:70:1A:75:0E:46:AF:36:90 ValidityWed, 14 Feb 2024 20:41:19 GMT - Tue, 14 May 2024 20:41:18 GMT
File typegzip compressed data, from Unix Hasha4ee0e221cfd40da77a2163d399beda9 2e319c843b4aa328a5fb7226c1c3cc7dccc5f047 8347fb447cd5856cdccc4cb9819a96a852e2af9d96eaeb244127c40d22d42326
GET /filedownload/1202890/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe HTTP/1.1
Host: webbd70.wapkiz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 19 Mar 2024 11:22:56 GMT
content-type: text/html; charset=UTF-8
location: http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: BYPASS
set-cookie: webbd70_wapkiz_com=g8fbajn5sl1uur3ql3aglieed3; path=/; domain=webbd70.wapkiz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ieDIiCASE4jw3Y0racTvh4PGpMsTrk5C7AGIqYKZeL3qc43M3b1%2F7YFp3%2FnoZtYHHQU9jqLDYvP8xHtsiWnRx13jcsvXtduavL960%2Fe%2FQ3TZoQvtyRXI%2FD7XHB4UDzXRbOdS7p8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 866d1664feb9b51b-OSL
X-Firefox-Spdy: h2
|
|
| wk.jdi5.com/style.css | 172.67.165.78 | 200 OK | 1.3 kB |
IP172.67.165.78:80
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
File typeASCII text, with very long lines (4592), with no line terminators Hashc4b94c72fbf6af7a5b03c888916d0e87 b74ec2fc2807c1bb8cdc13603eab50350bf97fd2 a624a4fdd1e260b9c175cbf7c937796b9c54ea563a655bc5894bc7fc2c59bc4b
GET /style.css HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 19 Mar 2024 11:22:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=7081
ETag: W/"1ba9-5b45fbd9366c0"
Last-Modified: Wed, 18 Nov 2020 11:16:19 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5766
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZsaZ4kX38eePLObWz4f9%2F4cklhm%2F4xgk4m757Y5qNHAgL70aH9AwR6xV0FG8hO%2BcIT85g1SiE%2FypDGPzOXX79C8Vw9WXxHieMXVo%2BfxXEPdLmHKfqZL%2BHRrHvUHDJA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 866d166738795685-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| www.googletagmanager.com/gtag/js?id=G-49LW6323V3 | 142.250.74.168 | 200 OK | 96 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-49LW6323V3 IP142.250.74.168:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint54:26:59:9C:A1:60:FD:C0:F5:F5:D5:8A:5C:D1:32:92:E7:8D:CE:7C ValidityMon, 19 Feb 2024 08:03:54 GMT - Mon, 13 May 2024 08:03:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash7c718870e0cc7a525384fc20fd0eb94a 9e78bab4e83973ee7023efb579f480da0f3982fd b0df33afe1eaac48d147ed7e1c0f3929df83d34a49e8953e6146243cf6c5240f
GET /gtag/js?id=G-49LW6323V3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 19 Mar 2024 11:22:56 GMT
expires: Tue, 19 Mar 2024 11:22:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| afarkas.github.io/lazysizes/lazysizes.min.js | 185.199.111.153 | 200 OK | 3.5 kB |
URL GET HTTP/1.1afarkas.github.io/lazysizes/lazysizes.min.js IP185.199.111.153:80
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
File typeJavaScript source, ASCII text, with very long lines (7862) Hash45bacd312d5098b4b59f563d8756c15d fa55e2cff078381e5365d95782a95a787d0b7192 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
GET /lazysizes/lazysizes.min.js HTTP/1.1
Host: afarkas.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3497
Server: GitHub.com
Content-Type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
Last-Modified: Mon, 17 May 2021 09:28:46 GMT
Access-Control-Allow-Origin: *
ETag: W/"60a2374e-1ed1"
expires: Tue, 19 Mar 2024 10:03:08 GMT
Cache-Control: max-age=600
Content-Encoding: gzip
x-proxy-cache: HIT
X-GitHub-Request-Id: C39C:A698E:126C4DC:12BD210:65F960DA
Accept-Ranges: bytes
Date: Tue, 19 Mar 2024 11:22:56 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-hel1410028-HEL
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1710847377.541533,VS0,VE130
Vary: Accept-Encoding
X-Fastly-Request-ID: a08e15dba3e43e4d59e9cd254899dfaa87f40282
|
|
| github.com/wapkiz/cdn/raw/master/js/page_templates_simple.js | 140.82.121.4 | 302 Found | 0 B |
URL GET HTTP/2github.com/wapkiz/cdn/raw/master/js/page_templates_simple.js IP140.82.121.4:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerSectigo Limited Subjectgithub.com FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wapkiz/cdn/raw/master/js/page_templates_simple.js HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: GitHub.com
date: Tue, 19 Mar 2024 11:20:46 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin: https://render.githubusercontent.com
location: https://raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: D1BB:224B70:4E913F9:4FB6BFE:65F97590
X-Firefox-Spdy: h2
|
|
| raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js | 185.199.109.133 | 200 OK | 409 B |
URL GET HTTP/2raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js IP185.199.109.133:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerDigiCert Inc Subject*.github.io FingerprintA1:46:14:C7:2A:1D:52:79:F6:AA:2B:B2:C5:0A:3B:D3:F5:02:06:75 ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 20 Mar 2024 23:59:59 GMT
Hashf53687164731cffce276463948dfcbef 0cf35a404a601d49466ae09bc2ba3d9ec1130500 5b3002cada011b91348a429587aa8197d10f3557b68a485195a2dcc1ffcacc6f
GET /wapkiz/cdn/master/js/page_templates_simple.js HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"e10025dca4e9820776b525fc26581e0967381374797a37e2a4228695d3202429"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 30F0:245BC9:9C74EF:A3651D:65F95F0B
content-encoding: gzip
accept-ranges: bytes
date: Tue, 19 Mar 2024 11:22:56 GMT
via: 1.1 varnish
x-served-by: cache-hel1410028-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1710847377.755194,VS0,VE1
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 7788e61c24120cd1b7117bab99a54195aa6af3a3
expires: Tue, 19 Mar 2024 11:27:56 GMT
source-age: 130
content-length: 409
X-Firefox-Spdy: h2
|
|
| github.com/wapkiz/cdn/raw/master/image/close2.png | 140.82.121.4 | 302 Found | 0 B |
URL GET HTTP/2github.com/wapkiz/cdn/raw/master/image/close2.png IP140.82.121.4:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerSectigo Limited Subjectgithub.com FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wapkiz/cdn/raw/master/image/close2.png HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: GitHub.com
date: Tue, 19 Mar 2024 11:20:47 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin: https://render.githubusercontent.com
location: https://raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: D1BB:224B70:4E91500:4FB6CFE:65F97590
X-Firefox-Spdy: h2
|
|
| raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png | 185.199.109.133 | 200 OK | 564 B |
URL GET HTTP/2raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png IP185.199.109.133:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerDigiCert Inc Subject*.github.io FingerprintA1:46:14:C7:2A:1D:52:79:F6:AA:2B:B2:C5:0A:3B:D3:F5:02:06:75 ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 20 Mar 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash865dce1b2a4002b9a85f75ea622f4000 f56c8218b5ca721a9e5a3daec742a6f38c33c075 bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
GET /wapkiz/cdn/master/image/close2.png HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/png
etag: W/"07ab105ccfd60fc2e0eccdd6f43cf3a305a8137d752da013e06d9eba2c8ddc27"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: C974:23AFF1:AA28E6:B19ED3:65F9750F
accept-ranges: bytes
date: Tue, 19 Mar 2024 11:22:56 GMT
via: 1.1 varnish
x-served-by: cache-hel1410028-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1710847377.873201,VS0,VE1
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: a22a277a426cb36c785bcb9b175d62ba53ea554a
expires: Tue, 19 Mar 2024 11:27:56 GMT
source-age: 129
content-length: 564
X-Firefox-Spdy: h2
|
|
| wk.jdi5.com/favicon.ico | 172.67.165.78 | 404 Not Found | 194 B |
IP172.67.165.78:80
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
File typeHTML document, ASCII text Hash907be380261715ab0adf02e3cebb5f2d 83b7a6a6f263c1293d5503900bf6f1bc04974284 7353ec8326ed0133a1fdc0fd25b5cbee2518d3f3429f22058a152b325a1b8654
GET /favicon.ico HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Cookie: _ga_49LW6323V3=GS1.1.1710847376.1.0.1710847376.0.0.0; _ga=GA1.1.655993560.1710847377
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 19 Mar 2024 11:22:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
X-Robots-Tag: noindex, nofollow
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 129
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c767ElONIfSYguXiAc81IFHQQDlqXvS3laKZnSNsasLBAyfojxYqZ60WUDClqVv2wWfg6SfpsXrYRTiKaK0zROAhBLgTJm949X6zOuQiT2%2BWiM3xIzY9NsJnlew%2B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 866d16698b025685-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| tinyfast.xyz/red.php?id=35 | 104.21.37.27 | 302 Found | 0 B |
URL GET HTTP/1.1tinyfast.xyz/red.php?id=35 IP104.21.37.27:80
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /red.php?id=35 HTTP/1.1
Host: tinyfast.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 19 Mar 2024 11:22:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.33
location: https://1337x1.wb4.xyz/submit.php
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HzBB%2BxRh5q%2BhNurBGnZ8MsMNv3yUEymBPHCwoPgDSGGGb%2Bkjz4vyQGiEvAgM91aeN0QEim4yrPMT3scRLpCil7I2CsDBz06LxH%2BvdXzcSpOJqg0FQtsNvOT4bGAmkM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 866d1669ea410b69-OSL
alt-svc: h2=":443"; ma=60
|
|
| tinyfast.xyz/red2.php?id=30 | 104.21.37.27 | 302 Found | 0 B |
URL GET HTTP/1.1tinyfast.xyz/red2.php?id=30 IP104.21.37.27:80
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /red2.php?id=30 HTTP/1.1
Host: tinyfast.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 19 Mar 2024 11:22:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.33
location: https://1337x1.wb4.xyz/submit.php
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVIt2vIj0tN9tZlsxwhQ49270TfRDMoi0Q5TraIlTl9pI%2Fy9pondhQzVDsdWxCupOdT6b2GHzGmCXAuTXcFBYxGVSaTBpj8ngrNLeJLEWJ7z1o%2FXZB4YIHpk9PzAPvA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 866d1669eb93b509-OSL
alt-svc: h2=":443"; ma=60
|
|
| www.googletagmanager.com/gtag/js?id=UA-46789381-49 | 142.250.74.168 | 200 OK | 72 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-46789381-49 IP142.250.74.168:443
Requested byhttps://1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint54:26:59:9C:A1:60:FD:C0:F5:F5:D5:8A:5C:D1:32:92:E7:8D:CE:7C ValidityMon, 19 Feb 2024 08:03:54 GMT - Mon, 13 May 2024 08:03:53 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash9320e5af3ee2914a0eae75ba774090a3 89ca9f7fc8f29fe61d1dff048a8b665d57438668 de42f4cb92cc35a2ff3d86a6f7d9a6e2bed81a907749bec1fd31a825c9d64aa5
GET /gtag/js?id=UA-46789381-49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 19 Mar 2024 11:22:57 GMT
expires: Tue, 19 Mar 2024 11:22:57 GMT
cache-control: private, max-age=900
last-modified: Tue, 19 Mar 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 1337x1.wb4.xyz/ | 172.67.135.38 | 200 OK | 72 kB |
IP172.67.135.38:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80 ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT
File typeHTML document, ASCII text Hash175d88b44d60cec343d51c4427502219 a9302a0fe99d5cd5c3cbefcfa07ce6df75dfa867 1d548fe48c46819db7e6cc1bf607b683518c466c15a2b9a0bbb0155f23f0f5ce
POST / HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 24
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=sam; expires=Thu, 18-Apr-2024 11:22:57 GMT; Max-Age=2592000; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8l7AOsR5injigWr%2Bb03okbXpqwqQitUfI9mjtP3EWsDVUHzMjTH%2BthZbL7bgyl3Cr0mrOc7e4pds9eTI7xEqQig3Sr9z2o6Czngc8%2BPbPzHOmNo2FGKGgkEuYE%2BrtOSfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166bcbf70b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 84 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint54:26:59:9C:A1:60:FD:C0:F5:F5:D5:8A:5C:D1:32:92:E7:8D:CE:7C ValidityMon, 19 Feb 2024 08:03:54 GMT - Mon, 13 May 2024 08:03:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hasha0453a6226ea3b277d0a5b7ca3b30952 365eda9b130c852755feb2add4621f574faed351 e3704d820b40ea5d354c414dfc2e7a1c4d6cd85101b11222b8c4f5baf21fa1e7
GET /gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 19 Mar 2024 11:22:57 GMT
expires: Tue, 19 Mar 2024 11:22:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84513
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 84 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint54:26:59:9C:A1:60:FD:C0:F5:F5:D5:8A:5C:D1:32:92:E7:8D:CE:7C ValidityMon, 19 Feb 2024 08:03:54 GMT - Mon, 13 May 2024 08:03:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash5c9673dfa92ebcf1cf401744ab494efd 461aa2c90cd9b1f581ea669c6ba346c25c767b2f dd4e3f59edbcbd32268fc812df3dfd5316a5e8c9228daed3ed734140f034111e
GET /gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 19 Mar 2024 11:22:57 GMT
expires: Tue, 19 Mar 2024 11:22:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=645222&t=2056&sid=1337x1.wb4.xyz&r=0.41607134386752 | 109.206.168.17 | 200 OK | 606 B |
URL GET HTTP/1.1jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=645222&t=2056&sid=1337x1.wb4.xyz&r=0.41607134386752 IP109.206.168.17:443
Requested byhttps://1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html CertificateIssuerLet's Encrypt Subjectjswww.net FingerprintEA:C6:01:43:FC:12:4B:59:4D:F4:73:8F:54:85:BF:64:E3:E9:C4:8F ValidityTue, 06 Feb 2024 19:54:09 GMT - Mon, 06 May 2024 19:54:08 GMT
File typeASCII text, with very long lines (606), with no line terminators Hash1d60f54fb0fc81911d3948317f48b909 d246455b7dc0748b477e67554fc4d5dcf6d845a7 4a3c8c65eddb843466f5db41bf97c1241f7633d125cc725233a27d97d08c4cfb
GET /w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=645222&t=2056&sid=1337x1.wb4.xyz&r=0.41607134386752 HTTP/1.1
Host: jswww.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: binder-v5.11.2
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/javascript
content-length: 606
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: *
access-control-expose-headers: *
x-response-code: 20204
|
|
| 1337x1.wb4.xyz/script.js?t=202421911 | 172.67.135.38 | 200 OK | 28 kB |
URL GET HTTP/31337x1.wb4.xyz/script.js?t=202421911 IP172.67.135.38:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-k-samosay.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80 ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65527), with no line terminators Hash3e9ab65e2cdb77cc66db8b8aee3017ed e1619967130ceb5ce9906f3c16cd27c3248fbc67 bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /script.js?t=202421911 HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: application/javascript
cf-bgj: minify
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cache-control: max-age=14400
cf-cache-status: HIT
age: 129
last-modified: Tue, 19 Mar 2024 11:20:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbRH2g3AAJy7Yh4oVCQMKpGJG%2F9BhZhoDxwgOK2hSgQqLTReEzN2dIRvK322CZSu4gCjUfxMPd1GN4RmftjzP5tkBzYv9n6CjMDW9TPJPhbQUZj5rQ8m9xql7FgXqErwEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166c8c7b0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1337x1.wb4.xyz/2019/05/allu-k-samosay.html | 172.67.135.38 | 200 OK | 6.7 kB |
URL POST HTTP/31337x1.wb4.xyz/2019/05/allu-k-samosay.html IP172.67.135.38:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80 ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (371) Hash0679be4efe2112ce4ebe0c5519dae87c ad2d8b56f87d2f040dbd6d2f8ecdb702ad9886e2 f099fba29218b2976c3693e5c1d820bb8528297db3eaa77f6e3312f2c22ece21
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Anti-debugging code |
POST /2019/05/allu-k-samosay.html HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 28
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxCF3ZLWSZRLoGyYjUZle24aMW6oFkyxOHTooRRnKLjYP2IjrdWrVl78CCBz2sGcgGK02zHZXp9C%2FbNYeomDX1WIn3igmAjor%2FgRMSD2X4YyF32%2BAYxxnOh8uetS%2BWIKbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166c3c480b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1337x1.wb4.xyz/submit.php | 172.67.135.38 | 200 OK | 1.4 kB |
URL GET HTTP/21337x1.wb4.xyz/submit.php IP172.67.135.38:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80 ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT
File typeHTML document, ASCII text, with very long lines (1482), with no line terminators Hash49d6b7a981c29bd70a89bdf451f25a72 36230a955dd715df2ac0488ce9012de335c45801 51ecca60b724abcf31a8a43729a0789b3734e2642fe74823df853b8c541496dd
GET /submit.php HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wk.jdi5.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYqeTvSrm8aotGpVPFFt%2Bwef10L%2B1dwaykQj%2F%2FXybz5OBAZUm1b5gEnrZQr4pBwuMSE0HMphZ4Do%2BqJhLpc7sLB8MhZoWX0%2BlyLfm5QkFmCgjEmk6J5SmvShhoQY04uDVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166aef30b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=972851&t=2056&sid=1337x1.wb4.xyz&r=0.900497383731143 | 109.206.168.17 | 200 OK | 606 B |
URL GET HTTP/1.1jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=972851&t=2056&sid=1337x1.wb4.xyz&r=0.900497383731143 IP109.206.168.17:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-k-samosay.html CertificateIssuerLet's Encrypt Subjectjswww.net FingerprintEA:C6:01:43:FC:12:4B:59:4D:F4:73:8F:54:85:BF:64:E3:E9:C4:8F ValidityTue, 06 Feb 2024 19:54:09 GMT - Mon, 06 May 2024 19:54:08 GMT
File typeASCII text, with very long lines (766), with no line terminators Hash1aadf0933e56457c0d871a06695cdfa9 729be41b4b909717b3f3ff0a502a6029b21eeeb4 a63ee94690440c20fa42aa36c28b6c6174b73cf256b0b42f7f61c3fb201b4182
GET /w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=972851&t=2056&sid=1337x1.wb4.xyz&r=0.900497383731143 HTTP/1.1
Host: jswww.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: binder-v5.11.2
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/javascript
content-length: 606
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: *
access-control-expose-headers: *
x-response-code: 20204
|
|
| maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 121 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css IP104.18.10.207:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com FingerprintA8:07:0D:35:4B:FC:72:EA:A2:C8:B5:E7:74:66:B7:F4:72:EE:7E:E3 ValiditySun, 28 Jan 2024 00:16:50 GMT - Sat, 27 Apr 2024 00:16:49 GMT
File typeASCII text, with very long lines (65371) Size121 kB (121260 bytes) Hash2f624089c65f12185e79925bc5a7fc42 8eb176c70b9cfa6871b76d6dc98fb526e7e9b3de eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wk.jdi5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 19 Mar 2024 11:22:56 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f624089c65f12185e79925bc5a7fc42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 10/31/2023 18:48:20
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 455985e84def5b01c1ff875ffa4ec273
cdn-cache: HIT
cf-cache-status: HIT
age: 9874584
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 866d16678d1eb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html | 172.67.135.38 | 200 OK | 2.7 kB |
URL POST HTTP/31337x1.wb4.xyz/2020/01/rainy-day-meal-sometime-rain-season.html IP172.67.135.38:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80 ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2869), with no line terminators Hashfa34697276625c96770ebba4f4354fe3 6c9ae676d2ac32903da08507c8565eb22515a4ee 9dcf1d7e301dca1e0aa3316dd5de11e80a3a5cbe5a040f78873929ead2c4e5ee
POST /2020/01/rainy-day-meal-sometime-rain-season.html HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 28
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRzeMxE1CcLqQvLC14I2a7crmghHvd%2BP4o%2F2utb%2BGtHfNtfMtW3GbuZMXsSgl1BvhOJZtfZrjUTM9yZBmzinYCFgHO9mvpyN3MydT%2FyzwxxizMme0Of0Ll6SNdg%2BIsl8UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166c1c360b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html | 172.67.165.78 | 200 OK | 12 kB |
URL User Request GET HTTP/1.1wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html IP172.67.165.78:80
File typeHTML document, ASCII text, with very long lines (407) Hash95484dc88274ccb6a10df20981b9a24b 4f02b2301e2f72eeeabbf13368d42d0903dcb2a4 32df6be4d6ccbec79c1287a87a9be9b8a498ccc6a25cc8338d6a97fb5dba8a33
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Anti-debugging code |
GET /filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 19 Mar 2024 11:22:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qp4c3bgcaK0F9S7wFT%2FA5JhaQFYoUWBeNgEYfPxb9bUT1XMTV2hlVrvNncELqGGHvxIT9YVm8cWM7yOJ34AmC1LRVcbmzvZ9ZFRFbdFK7Qz64MqMTysgeKFWpo2kGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 866d16659ec65685-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| 1337x1.wb4.xyz/submit.php | 172.67.135.38 | 200 OK | 1.4 kB |
URL GET HTTP/21337x1.wb4.xyz/submit.php IP172.67.135.38:443
Requested byhttp://wk.jdi5.com/filedownload/G8cEsvIWPY55TKZOtJkkSHn7u7fOdyko59r_p_z5JU4ETf_p_JsfCFgTaai1ZPrK3ZEmPw6pp_p_yZjKvCq48J2Ij0qmmWUAeTMVHmlIHDIgBrfraTKFzQPluEAbKLrGR_p_eTYFyGL0jQS2dH90AhljcRxOtkjSxwILfpw/kmp2-9-4-1435-dxva-cuda-svp-12-08-10-(webbd70.wapkiz.com).exe.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint86:3A:51:80:37:A0:71:E5:78:BD:63:D8:34:65:00:36:3D:FF:8B:80 ValidityFri, 16 Feb 2024 03:02:18 GMT - Thu, 16 May 2024 03:02:17 GMT
File typeHTML document, ASCII text, with very long lines (1482), with no line terminators Hash49d6b7a981c29bd70a89bdf451f25a72 36230a955dd715df2ac0488ce9012de335c45801 51ecca60b724abcf31a8a43729a0789b3734e2642fe74823df853b8c541496dd
GET /submit.php HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wk.jdi5.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 19 Mar 2024 11:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whp9jOXBw%2BPZlCKzoFdtSDa0Jc%2ByQJKWRCz%2F%2BXZPWqssw4frlRUGCdbEVEulof3ci2UP1cjKPvqNGyfqPEnV%2BbbsdkgTLPh6WaRm9EbZ9lDhHCO%2F1Gb9p100heIWSQrDNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 866d166a7eb1b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|