| 1wtsso.life/v3/aviator-fortune-wheel/assets/index-b1b91dcf.js | 190.115.24.78 | 200 OK | 36 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/assets/index-b1b91dcf.js IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (34972) Hashf069ef747497342a0adf68fe1b9a33bc 9bbc97a443f85786d3b9e02e883e66a522ab6821 1171263498bddd50798a6554bcc3bb54c637262c33a589af96cd49828aca7e14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/index-b1b91dcf.js HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:52:57 GMT
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f8-1e9e9"
age: 4128
content-length: 35825
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/assets/index-998fd568.css | 190.115.24.78 | 200 OK | 5.2 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/assets/index-998fd568.css IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeASCII text, with very long lines (27986) Hash50af75fca359d93e7f01fb2b583f623a 9ad180241305d47697ded21bbbe4c77c65d28a3d 998fd568b39eaeee0442fdcebcf9d91045854b2bb4cec3e4607f9941856856a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/index-998fd568.css HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:44:43 GMT
content-type: text/css
accept-ranges: bytes
content-encoding: br
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f8-6d53"
age: 4621
content-length: 5237
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/img/logo/logo.svg | 190.115.24.78 | 200 OK | 2.0 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/img/logo/logo.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hashba27fb9d4014988fc7265a496e58707f 0f998059be8924deb891e503d0e144834b530da9 b95859d9bb8d6684ec30c19bf00acb5ea323ff30eb155ce2fa30b053c98a011e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/img/logo/logo.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:44:43 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f7-1453"
age: 4621
content-length: 2014
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/flags/flags.svg | 190.115.24.78 | 200 OK | 42 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/flags/flags.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hasha92bcc34e96e6149bbbf43a1bc9c52d8 cebda3ba8b9260a4de36e6f8ab10e4f192c882bc 46f7c85353be615eb961fca31f10d696cc75f317786b29fc250028fd70a081e7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/flags/flags.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:44:44 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f7-2f71c"
age: 4620
content-length: 41917
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/img/wheel/wheel-sprite.svg | 190.115.24.78 | 200 OK | 1.1 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/img/wheel/wheel-sprite.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hash6439fc014b64f52880f54ea4a8f0e822 8980278996b6451c5ebd21a3b9ae6194cd216ab1 d0e462db3b129508fdc18a56fe6e5673546ec1bc65ac41e0aea0322a129d96ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/img/wheel/wheel-sprite.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:44:44 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f7-b3e"
age: 4620
content-length: 1054
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/sprites/form-sprite.svg | 190.115.24.78 | 200 OK | 972 B |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/sprites/form-sprite.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hash5d84dacb892c665bc273d5135dab8648 3467d74a1b31fca2271e6b3359c39adde9e58c2f 05e953033ae3e658b5446465f2ac81e96fa9cc3104ace6469a18b1655bc56acf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/sprites/form-sprite.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:44:44 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f7-a3e"
age: 4620
content-length: 972
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/assets/background-body-1b46dd1b.svg | 190.115.24.78 | 200 OK | 505 B |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/assets/background-body-1b46dd1b.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hash94d688a46e21e4ebf2e41ff85c97e3e8 680819ade7a866cc379d74c936a89c355ade091a 1b46dd1b6c113a0b15de655eae7244683b3055e38f5b9f7d90fa2f12389d6213
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/background-body-1b46dd1b.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel/assets/index-998fd568.css
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:44:44 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f8-c36"
age: 4620
content-length: 505
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/assets/plane-background-bfe3a236.svg | 190.115.24.78 | 200 OK | 1.8 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/assets/plane-background-bfe3a236.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hashc700c17f6caf6473e6b50d4b6c7ad1b7 ceb12f486b21c00953c28554b0588cd908fde01d bfe3a236f95d439f20c90ca6861e7c6b690b435c19a800c55942e1c74a635fbc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/plane-background-bfe3a236.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel/assets/index-998fd568.css
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:45:37 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f8-f1f"
age: 4567
content-length: 1809
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/assets/wheel-background-2f0830b2.svg | 190.115.24.78 | 200 OK | 130 B |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/assets/wheel-background-2f0830b2.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hash64b88816cf1d30bdd9ae21bcf66fe7ee 9ab1b55af37f24941a622fb99fd54652ed53f011 2f0830b2331c5213c1791b534bc144b1ed0db4623bb42e6041198062eae460a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/wheel-background-2f0830b2.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel/assets/index-998fd568.css
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:44:43 GMT
content-type: image/svg+xml
accept-ranges: bytes
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: br
etag: "65f303f8-aa"
age: 4621
content-length: 130
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/assets/Inter-Regular-f536bae0.woff2 | 190.115.24.78 | 200 OK | 103 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/assets/Inter-Regular-f536bae0.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 103152, version 3.1245 Size103 kB (103152 bytes) Hash5891e05821cbf2402b6dd3f4a84cfe12 43371fc7dd74393cb3f1de7f500164b4156a7a50 f536bae011685cdeb84a3ec10450fd024d62536949d870582f4651cd47404067
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/Inter-Regular-f536bae0.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel/assets/index-998fd568.css
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM; visit_domain=1wtsso.life; sub_ids=sub1=3997762a67a9db66d0396a23ad8d06f1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Apr 2024 21:48:23 GMT
content-type: font/woff2
content-length: 103152
accept-ranges: bytes
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f8-192f0"
age: 324802
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/assets/Inter-ExtraBold-9a3b0ab4.woff2 | 190.115.24.78 | 200 OK | 112 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/assets/Inter-ExtraBold-9a3b0ab4.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 112048, version 3.1245 Size112 kB (112048 bytes) Hash1cec0b5ab0d8902d2863446f33ce5b63 973753eb1254976025b41946648c53fd6907b71d 9a3b0ab41e62faadd1d744d43c783f5f66b7c58e60cfc37075f153ce4a75351e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/Inter-ExtraBold-9a3b0ab4.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel/assets/index-998fd568.css
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM; visit_domain=1wtsso.life; sub_ids=sub1=3997762a67a9db66d0396a23ad8d06f1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Apr 2024 21:26:10 GMT
content-type: font/woff2
content-length: 112048
accept-ranges: bytes
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f8-1b5b0"
age: 326135
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7 | 142.250.74.168 | 200 OK | 106 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7 IP142.250.74.168:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (50345) Size106 kB (106330 bytes) Hash0c1443858d8b4bf5862df8e4528dded6 a64e5752d9b236df96b9d362371037a810f52c1a de9ad9725cd37a13b39498a2f559a660d46b7a9bc86390470b23e97744808594
GET /gtm.js?id=GTM-KGKQDC7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 16:01:45 GMT
expires: Sat, 04 May 2024 16:01:45 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 106330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/assets/Inter-Bold-b5d5e626.woff2 | 190.115.24.78 | 200 OK | 112 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/assets/Inter-Bold-b5d5e626.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 111736, version 3.1245 Size112 kB (111736 bytes) Hash68011c0b032270d83de4f546ce48bf57 d1e442dbf714552c132e26d55da0234d61b305ff b5d5e626a01da63aa252c7c469046a0f31ef2c2c9c09a176213eb0e6290d83f7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/Inter-Bold-b5d5e626.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel/assets/index-998fd568.css
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM; visit_domain=1wtsso.life; sub_ids=sub1=3997762a67a9db66d0396a23ad8d06f1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Wed, 01 May 2024 17:16:43 GMT
content-type: font/woff2
content-length: 111736
accept-ranges: bytes
etag: "65f303f8-1b478"
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 254702
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/assets/Inter-Medium-aaa02aa0.woff2 | 190.115.24.78 | 200 OK | 111 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/assets/Inter-Medium-aaa02aa0.woff2 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 111192, version 3.1245 Size111 kB (111192 bytes) Hash823f35a845a9dfbf9800c8a37b635269 c3064c7e34213e30493c6a972f3d66f4d145885b aaa02aa09b0bc5bc5c57095aaa6e15bea07480136e9aab705f69886daa213325
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/Inter-Medium-aaa02aa0.woff2 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel/assets/index-998fd568.css
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM; visit_domain=1wtsso.life; sub_ids=sub1=3997762a67a9db66d0396a23ad8d06f1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Wed, 01 May 2024 00:36:23 GMT
content-type: font/woff2
content-length: 111192
accept-ranges: bytes
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f8-1b258"
age: 314723
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/favicon/android-icon-512x512.png | 190.115.24.78 | 200 OK | 10 kB |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/favicon/android-icon-512x512.png IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hash822df36448d97877853abf2cce421ddb be6c97c312a28bd1a458e90cdaff592e38163f5e 8707e7b56f89a25ba382128e12ba37988d4afe442f33bc3a5b34a2a04a692667
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/favicon/android-icon-512x512.png HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM; visit_domain=1wtsso.life; sub_ids=sub1=3997762a67a9db66d0396a23ad8d06f1; core-sticky=http://10.233.80.55:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:46:12 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f7-2b40"
age: 4533
content-length: 10129
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel/favicon/favicon.svg | 190.115.24.78 | 200 OK | 486 B |
URL GET HTTP/21wtsso.life/v3/aviator-fortune-wheel/favicon/favicon.svg IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typeSVG Scalable Vector Graphics image Hashd2260239c47a557dc50312dc01cbad3f dac1c20799be1d52a444de7c1838d4e38fc06c93 da27421d59a3829fd6292f822eed7c6b1b7a745870d6b736dc67220627d9d656
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/favicon/favicon.svg HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM; visit_domain=1wtsso.life; sub_ids=sub1=3997762a67a9db66d0396a23ad8d06f1; core-sticky=http://10.233.80.55:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 14:46:32 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "65f303f7-5b5"
age: 4513
content-length: 486
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 87 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashddeaab27f8f5b49485c0156a3f0a6b7f dae835121e51545d54ac4bd90f499291dbaeb4cc 767ac7029ac821fb34dac1cda4dd1a9ab9626040096fb27bae3d8f38b164eed6
GET /gtag/js?id=AW-16482547739&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 16:01:45 GMT
expires: Sat, 04 May 2024 16:01:45 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 92 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash332ca6b9a4e30af55889f808fc16b149 e9ea432020140a52ce492a629ea66cc0aa2bcc61 f41b2d88bac14f9952a3b01f567719d88b2f0ad0bf5a4cbcbc621e6c8927b79e
GET /gtag/js?id=G-548949LWLW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 16:01:45 GMT
expires: Sat, 04 May 2024 16:01:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91465
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hashb7b4dfa2902cc45ef641e7de5db34470 c08378c1676ad5e65ec2b586c516c4662ac4ccf5 1e42f720571dfd381191c89578f572a2125cd13a4a36c108719cc8cce5f8ff41
GET /gtag/destination?id=DC-12688802&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 16:01:45 GMT
expires: Sat, 04 May 2024 16:01:45 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 1wtsso.life/affiliate:link_visit?visit_domain=1wtsso.life&sub_ids=sub1%3D3997762a67a9db66d0396a23ad8d06f1 | 190.115.24.78 | 200 OK | 521 B |
URL GET HTTP/21wtsso.life/affiliate:link_visit?visit_domain=1wtsso.life&sub_ids=sub1%3D3997762a67a9db66d0396a23ad8d06f1 IP190.115.24.78:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
File typegzip compressed data, from Unix Hashd64839ec0b831738b1a016739717a0da 1f2471e6d615eb7677d2ac5a7bf6dcf30141394d 1c9c003546a5231355ffd1f2faa1a8a2da65cab092a46fa54ae43872ada1fe0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /affiliate:link_visit?visit_domain=1wtsso.life&sub_ids=sub1%3D3997762a67a9db66d0396a23ad8d06f1 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/v3/aviator-fortune-wheel?
Cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM; visit_domain=1wtsso.life; sub_ids=sub1=3997762a67a9db66d0396a23ad8d06f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sat, 04 May 2024 16:01:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
access-control-max-age: 7200
etag: W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
set-cookie: core-sticky=http://10.233.80.55:80; Path=/; HttpOnly
x-powered-by: Express
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=433977750.1714838506>m=45je4510v894728184z8894400803za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=660106282 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=433977750.1714838506>m=45je4510v894728184z8894400803za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=660106282 IP142.250.74.163:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=433977750.1714838506>m=45je4510v894728184z8894400803za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=660106282 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 May 2024 16:01:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1714838504806&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=433977750.1714838506&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=%2Fv3%2Faviator-fortune-wheel&sid=1714838505&sct=1&seg=0&dl=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel%3F&tfd=1416 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1714838504806&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=433977750.1714838506&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=%2Fv3%2Faviator-fortune-wheel&sid=1714838505&sct=1&seg=0&dl=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel%3F&tfd=1416 IP216.239.32.36:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1714838504806&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=433977750.1714838506&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=%2Fv3%2Faviator-fortune-wheel&sid=1714838505&sct=1&seg=0&dl=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel%3F&tfd=1416 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wtsso.life
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1wtsso.life
date: Sat, 04 May 2024 16:01:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1714838504806&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=433977750.1714838506&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&dp=%2Fv3%2Faviator-fortune-wheel&sid=1714838505&sct=1&seg=0&dl=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel&dt=1win&en=(not_set)&ep.page_url=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel%3F&ep.device_type=desktop&ep.platform=en&ep.os=other&ep.domain=1wtsso.life&tfd=6425 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1714838504806&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=433977750.1714838506&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&dp=%2Fv3%2Faviator-fortune-wheel&sid=1714838505&sct=1&seg=0&dl=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel&dt=1win&en=(not_set)&ep.page_url=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel%3F&ep.device_type=desktop&ep.platform=en&ep.os=other&ep.domain=1wtsso.life&tfd=6425 IP216.239.32.36:443
Requested byhttps://1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1714838504806&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=433977750.1714838506&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&dp=%2Fv3%2Faviator-fortune-wheel&sid=1714838505&sct=1&seg=0&dl=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel&dt=1win&en=(not_set)&ep.page_url=https%3A%2F%2F1wtsso.life%2Fv3%2Faviator-fortune-wheel%3F&ep.device_type=desktop&ep.platform=en&ep.os=other&ep.domain=1wtsso.life&tfd=6425 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wtsso.life
DNT: 1
Connection: keep-alive
Referer: https://1wtsso.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://1wtsso.life
date: Sat, 04 May 2024 16:01:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 1wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 | 190.115.24.78 | 200 OK | 42 kB |
URL User Request GET HTTP/21wtsso.life/v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 IP190.115.24.78:443
CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintED:11:A9:B8:48:3F:E0:84:9D:82:E4:25:9F:C9:0D:03:D8:E4:CC:C0 ValidityFri, 19 Apr 2024 07:02:26 GMT - Thu, 18 Jul 2024 07:02:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel?sub1=3997762a67a9db66d0396a23ad8d06f1 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=zX40Z7Ti7Vp7Wv754sDM; Domain=.1wtsso.life; HttpOnly; Path=/; Expires=Sun, 04-May-2025 16:01:44 GMT
date: Sat, 04 May 2024 16:01:44 GMT
content-type: text/html
accept-ranges: bytes
content-encoding: gzip
etag: "65f303f8-a500"
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|