| |  66.29.132.15 | 200 OK | 3.7 kB |
URL User Request GET HTTP/1.1IP66.29.132.15:80
File typeHTML document, ASCII text, with very long lines (9749), with CRLF line terminators Hash0d034e3689685b489420022a891ab625 ef8585cc28616f745f887ce6929a3a5ee816eb1b 39a66543416f336f3d3c5f1952d836830fb316b2c3f614ff81b28674312b88e5
GET /ok/ HTTP/1.1
Host: wow.masina.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
set-cookie: sloth_src=noref; expires=Sun, 12-May-2024 19:49:43 GMT; Max-Age=172800; path=/
sloth_cc=0; expires=Sun, 12-May-2024 19:49:43 GMT; Max-Age=172800; path=/
sloth_sc=0; expires=Sun, 12-May-2024 19:49:43 GMT; Max-Age=172800; path=/
sloth_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sloth_nosend=663e7a57%253A00%253ATnoref%253A; expires=Sun, 12-May-2024 19:49:43 GMT; Max-Age=172800; path=/
content-type: text/html; charset=UTF-8
content-length: 3679
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 10 May 2024 19:49:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
|
|
| fonts.googleapis.com/css?family=Varela | 142.250.74.106 | 200 OK | 344 B |
URL GET HTTP/1.1fonts.googleapis.com/css?family=Varela IP142.250.74.106:80
Requested byhttp://wow.masina.site/ok/
Hashefd89131f42a1ca53cc95cdcd8ae93a4 df2ccef5583b891063eabe54e951fa7ac312ee26 1000a787af0b5d2ded14df4a10a4a8466d9148e05fe62860752c35b23bc69520
GET /css?family=Varela HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 10 May 2024 19:49:44 GMT
Date: Fri, 10 May 2024 19:49:44 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| 195.54.175.99/css/ok/ntm/al/fonts.css |  195.54.175.99 | 200 OK | 4.1 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/fonts.css IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeASCII text, with very long lines (650), with CRLF line terminators Hash5819d56f92c548fb17e6999e1a2eaaaa e2e63ca5c91d558e871715398fe7d9382653464a 5fc7d4a86a7f8ae49e674f342500c75c5fc07c994cdb4a5afff97cf9eb05dc7b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/fonts.css HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Sun, 24 Nov 2019 07:35:58 GMT
ETag: W/"4d85-59812b2abf380"
Content-Encoding: gzip
|
|
| 195.54.175.99/css/ok/ntm/al/default.css | 195.54.175.99 | 200 OK | 1.6 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/default.css IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeASCII text, with CRLF line terminators Hash76d62091b3e422c5a766b165e2494e6c 2984b2e2f49728f1093b265abd5dfd239b9d0d1c bd8a6e07265f198c7156141481e16581f154101139585458fc2b79b8b7249a00
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/default.css HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Sun, 24 Nov 2019 07:35:58 GMT
ETag: W/"2dfb-59812b2abf380"
Content-Encoding: gzip
|
|
| 195.54.175.99/css/ok/ntm/al/60.jpg | 195.54.175.99 | 200 OK | 13 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/60.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 244x277, components 3 Hashc14acf4cf0affbe64963412fcc5d241e a46f17ed1d61a5fb03f721bf201b7fb24a29633b 757a7908b99d3df98617d580065cd774e5a9241e80a74dd65980783a36723818
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/60.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 13279
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "33df-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/20.jpg | 195.54.175.99 | 200 OK | 9.1 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/20.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x180, components 3 Hash2c60245a23b40c8270475e2e2d178197 a4a9f5b2cfb01dc49270504fa92b733f33123c77 8628d17bf624d2a6f448f8e78e04b95d9d491d8c4af81040b054cf4b14c90c59
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/20.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 9054
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "235e-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/18.jpg | 195.54.175.99 | 200 OK | 13 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/18.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 213x310, components 3 Hashafc63da00ac1a4b24541ae4ffcc9a85a dee68f1112306dd1a8b2fe3449079083e6621b8b 0214557f10a92d546330ce5985b38ad9b720a8a4148be67880abe610c0342da1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/18.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 12982
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "32b6-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/11.jpg | 195.54.175.99 | 200 OK | 15 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/11.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 213x310, components 3 Hashc29e425f41f829bc2ad8c2d110dd5ad0 9637bb34a0fb4fbe7b28e772d4001fbdaf2e056a 11c715fdb721c434ed39906d1aaa1ecc4ccf5f4b3a602040dc892ed8c0004642
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/11.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 15026
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "3ab2-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/16.jpg | 195.54.175.99 | 200 OK | 10 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/16.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 251x280, components 3 Hash5f5d37ee611e4a17f7aa13a0152eb09b 3a38ee5c93be76362a8ffc4b085159ac2bb06549 77b5228081f2c028d4119f2470602cd60940044fed2575fcd8615c3aae0ceb75
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/16.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 10427
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "28bb-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/45.jpg | 195.54.175.99 | 200 OK | 8.4 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/45.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 246x259, components 3 Hashb51a4719e8e4c3717ebfbdafbbfc46f3 0f8f695deee6caa9e4eb00a151e912ed06acbc58 4aaab0df15bfa312a99348b8e4230d67e33092e48f3f6465a402a06c68dea609
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/45.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 8423
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "20e7-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/8.jpg | 195.54.175.99 | 200 OK | 15 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/8.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 220x282, components 3 Hash67aad2b9ba5538308cc3e7ec3651f6d9 c121692b9139e2826259f0b3093f1db5dbd92f0b 4cd6ab1c5f7273f49d2da3611de013fe03eaabf8cf82a0ca083996a70286d780
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/8.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 14699
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "396b-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/43.jpg | 195.54.175.99 | 200 OK | 14 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/43.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 244x277, components 3 Hash864f5ecdcd30401c85b4b6a3dae34c7e 32f85133bfd38dd9a5b6bdad5ffeb87b27bfcc3f 7759fb20f8f3a685b6fc1df1867b57aaaa9a5699b2e5bc87942c30c748d84553
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/43.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 14238
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "379e-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/3.jpg | 195.54.175.99 | 200 OK | 13 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/3.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 220x282, components 3 Hash4e8ba291d900cad122566a1c6248d871 7bf12b62ec9366dcd1a4f25d99a1c140f1c91b9e 9e5243c828e9c4e747e8338e85cf67f82c96f8e23190b09889e748aecb01cd2d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/3.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 12851
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "3233-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/7.jpg | 195.54.175.99 | 200 OK | 16 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/7.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 213x310, components 3 Hash4e4d80d8732bc30e2986d241fffd5487 b18944eb78ebf71d100ba999a114bafc44e1c69e 7b4f97188d9967de060aa3cb3ee8f5bbc70e0d16859e8a25133e3207c9cf3c7b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/7.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 16191
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "3f3f-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/37.jpg | 195.54.175.99 | 200 OK | 14 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/37.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 251x280, components 3 Hashc154c38ec88a3d9fc7697e230e818636 1703ea5c0520b2b30b6bc7ce84d1bdc638447006 57c48fbd5b929d7a13234347b13313d73187b28e2f4523fc5703b3726b548ecb
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/37.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 14344
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "3808-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/1.jpg | 195.54.175.99 | 200 OK | 14 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/1.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 220x282, components 3 Hashd21b1b56369ca84f711fb7d5cfd8a7fa 2f386dbe1f7e0df7656abd5b96cc042525489550 b69172b2006a400a8868534dde85af0d55d986c665c6424669dc25e5b8446def
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/1.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 14434
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "3862-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/66.jpg | 195.54.175.99 | 200 OK | 16 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/66.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 251x280, components 3 Hash04d28c9f241c993c60b234e10a351c58 05cf6ac3e10f8bcacd7943372aefefd510060b83 f85329aa76b92925a38f2b1526852f9b7e9ee389b1a38fc4c06e49fbd491a2a8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/66.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 15634
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "3d12-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/9.jpg | 195.54.175.99 | 200 OK | 14 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/9.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 251x280, components 3 Hash856d4776577e3c9d392fee326787a834 5ea3e473f7631662a1e57010cca4558575c1c646 b9dc297e1404167f6bb0cc4e23c0515a1b1c9d9b72bd4876e75f54874836c8de
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/9.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 13944
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "3678-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/25.jpg | 195.54.175.99 | 200 OK | 11 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/25.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x180, components 3 Hash6dea463257f3743ed79b7c0299637c9f 3f8c8a6d358dfc2c673f18f2780c8a8c4bf19e5d 0111aa758c26bff211c9c0ddc26b1ee63285d3f105c1c857c0a9b2ec97240f94
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/25.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 10955
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "2acb-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/b.jpg | 195.54.175.99 | 200 OK | 28 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/b.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 333x496, components 3 Hash60862de198e6fb687d776394e87bab46 0446a2c373d3b3ce63fcc0fdb07bccd3176ea31f 191a4afbbdb82932ecf840ccac0bf3785d28ad2bf382e2cdd51627df717cce28
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/b.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 28315
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "6e9b-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/30.jpg | 195.54.175.99 | 200 OK | 15 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/30.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 246x259, components 3 Hashaf877dac8e32783ab903c911dbfd769e 057c1ef569979e586b731c997d4be6c09ca04ab9 a73ffa7d4de6be8983a79dfb274e0f70a9c10625391cdc0ecbf6b88f08ce70af
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/30.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 15330
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "3be2-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/26.jpg | 195.54.175.99 | 200 OK | 10 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/26.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x180, components 3 Hash6b29c5931f98fbac080b209084e05db4 20740ef939d590cfdcbffca2c1a3f0290f4322f0 9429c820383d9337ce24b7c747edcc2baa49e17d36f8db3e92a4b7a4fadb00d8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/26.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 10367
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "287f-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/1.jpg | 195.54.175.99 | 200 OK | 7.2 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/1.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, progressive, precision 8, 220x166, components 3 Hash64a73d19420805b1c1f5453812b0e55a 517ec6859eb340714711ea8acbbc6e0c6cf97d76 cb5bfba68b550529fcfef1fb03fdad30e633e52b1afb7edfceedaef3809eb3ac
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/1.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 7196
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:12 GMT
ETag: "1c1c-61280d499f110"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/3.jpg | 195.54.175.99 | 200 OK | 7.2 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/3.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, progressive, precision 8, 220x166, components 3 Hash11382f3380b01b92f93dc369b79d74ca 4feaa0b7d3b52115119036526bfa9c3c03f08911 a02fb5765e8bdccfffcbdfa60a90608f3001064b4ac3f6e9ab9b0d67561903e7
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/3.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 7199
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:15 GMT
ETag: "1c1f-61280d4c88ac0"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/2.jpg | 195.54.175.99 | 200 OK | 5.5 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/2.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, progressive, precision 8, 220x164, components 3 Hash946755ca0533faea3ab246c9f99e3f28 b6c6c36402959a7067d78eae5c2e4e38bda0d9de 5ca49ddf9b676ad1f2817aa40d3313b08602447a8f5787697ddfc3d38453cb21
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/2.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 5469
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:13 GMT
ETag: "155d-61280d4b149a0"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ntm/al/48.jpg | 195.54.175.99 | 200 OK | 10 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ntm/al/48.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 213x310, components 3 Hashe7c5e58574ad30b3ac8a70ccc5b3e8de a2e3a159816b4c5ce588a1809f68229d8dd5f364 658b384ed6de7435beb2a01a73ef9fc3bea8e35e0058420101658a8484867f3d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ntm/al/48.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 10478
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 10 Nov 2023 11:28:06 GMT
ETag: "28ee-609ca9d37fd80"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/1_1.jpg | 195.54.175.99 | 200 OK | 8.4 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/1_1.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, progressive, precision 8, 200x150, components 3 Hash7294638716291098f0047152019c72e3 5138ff0d961653c5a24fb61624b3b648572acd1a 5aad71c2c2f8ff93dd67f82b411668d67f2cbe80d814a426c239180471e80a5c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/1_1.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 8399
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:13 GMT
ETag: "20cf-61280d4a994f8"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/s_1.png | 195.54.175.99 | 200 OK | 4.1 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/s_1.png IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typePNG image data, 220 x 105, 8-bit grayscale, non-interlaced Hashbfc200336726e8da8c0df6b0909bd86f 3b501a03461829083821251fa514c3f98bf487ba 0aba70175ce73773db4e2393b79e3ef925808b498c3c7da63cf9d93f3ed0403e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/s_1.png HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/png
Content-Length: 4148
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:18 GMT
ETag: "1034-61280d4f20bc0"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/1_1.png | 195.54.175.99 | 200 OK | 3.5 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/1_1.png IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typePNG image data, 218 x 76, 8-bit grayscale, non-interlaced Hash9d552edf3c5206b534e27ee31d5484d1 a749fa9c6cffa828840d10d20a56f64e4e456da3 35d211be1b30c3fc436aae02954bb17e92a8e52d07159e461232b4782c428107
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/1_1.png HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/png
Content-Length: 3467
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:13 GMT
ETag: "d8b-61280d4ab7d40"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/1.mp4 | 195.54.175.99 | 206 Partial Content | 120 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/1.mp4 IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size120 kB (119463 bytes) Hash70d3a043c833da4579ece68082411010 340969c558fc0ca25f43f628b235eaa7a8730987 cd9bb739554ce5c75f1842a47e369961f95ab60c31d53d0947f31ecc0b1ac0bd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/1.mp4 HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: video/mp4
Content-Length: 119463
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:12 GMT
ETag: "1d2a7-61280d4a37a78"
Accept-Ranges: bytes
Content-Range: bytes 0-119462/119463
|
|
| 195.54.175.99/css/ok/ek/ad/2_1.jpg | 195.54.175.99 | 200 OK | 9.3 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/2_1.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, progressive, precision 8, 200x150, components 3 Hash7ab6a9edf81a61be9a967370ab099ddc d34ad0649eede677b58a184a9bd7a877828ceaed eb4c3b6e698ab5d5bcb4edea5ab9b300687c91b0b21786c4957fecaa65eb07ab
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/2_1.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 9301
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:14 GMT
ETag: "2455-61280d4c0d618"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/2_1.png | 195.54.175.99 | 200 OK | 3.5 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/2_1.png IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typePNG image data, 235 x 78, 8-bit grayscale, non-interlaced Hasha3d2c865e8a18ff25ef4b8b4394a527d 41fe850bb6ada1aadef6201d42f0dfae7e213769 2c9c5116a26ea911dc82e4c10aae42d1c527c0d0a3ec885de5c980753dd237a4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/2_1.png HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/png
Content-Length: 3487
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:14 GMT
ETag: "d9f-61280d4c10cc8"
Accept-Ranges: bytes
|
|
| fonts.gstatic.com/s/varela/v16/DPEtYwqExx0AWHX5Ax4E.woff2 | 216.58.207.227 | 200 OK | 19 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/varela/v16/DPEtYwqExx0AWHX5Ax4E.woff2 IP216.58.207.227:80
Requested byhttp://wow.masina.site/ok/
File typeWeb Open Font Format (Version 2), TrueType, length 18940, version 1.0 Hash6a0d6dc61a1082b2f11610c276478635 b5bc496cfbf3ef5677cb5809e4fbb4d2c927bae9 b113dc88c313c4beefc0c00d42ffc7e8c4124154e55a00c2b3f9e9273dd1dba8
GET /s/varela/v16/DPEtYwqExx0AWHX5Ax4E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wow.masina.site
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 18940
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 08 May 2024 18:00:13 GMT
Expires: Thu, 08 May 2025 18:00:13 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:06:38 GMT
Content-Type: font/woff2
Age: 179371
|
|
| 195.54.175.99/css/ok/ek/ad/3_1.jpg | 195.54.175.99 | 200 OK | 8.4 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/3_1.jpg IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeJPEG image data, progressive, precision 8, 200x150, components 3 Hash493de707ae76b388e7bab9682e07f9d8 5f49653f6ab1b5df1aecce7ad4fd0a827464c13c 2034c3ce22591c69753b0fd0b410d981485cfd1e159d0e424184db45478d8cfc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/3_1.jpg HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/jpeg
Content-Length: 8367
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:16 GMT
ETag: "20af-61280d4d6a808"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/s.png | 195.54.175.99 | 200 OK | 4.1 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/s.png IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typePNG image data, 440 x 46, 8-bit grayscale, non-interlaced Hash44c4acbecf832bd353666c23190db5cd 57d908c3b48ad6538027c15bf474f098c5b41e85 79308cd0aa67cee6808c3861a87315da6f9b1e0646bed0f5b93423f6ee4cd3fa
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/s.png HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/png
Content-Length: 4136
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:17 GMT
ETag: "1028-61280d4eb7058"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/3.png | 195.54.175.99 | 200 OK | 2.5 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/3.png IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typePNG image data, 431 x 21, 8-bit colormap, non-interlaced Hash02f03f7ffde3584d2e62b4dc177ee8cf 9c2dfb40259c56231cc147e31886c61c00b9c834 5d3635dd87b824a5f77bdf18ac9180003481794685f83acad542b247a8ef76cc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/3.png HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/png
Content-Length: 2486
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:15 GMT
ETag: "9b6-61280d4d04350"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/3_1.png | 195.54.175.99 | 200 OK | 2.6 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/3_1.png IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typePNG image data, 200 x 70, 8-bit colormap, non-interlaced Hashfa8adb5d8bdcc8dbc0a6397ee75e47c0 e46011ed39d2664b42b0f20059fc4f3a5bbc245b 07a740203cfbfa7952274a978886de63e32a0ea18eac75397b84f74fba8d7033
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/3_1.png HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/png
Content-Length: 2564
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:16 GMT
ETag: "a04-61280d4d81350"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/1.png | 195.54.175.99 | 200 OK | 3.4 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/1.png IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typePNG image data, 640 x 24, 8-bit grayscale, non-interlaced Hash145f38459ac6fab4f35dcf55b612d6e0 89f73301aefe5f1cd2e6051e3218d2db3a4c1d65 dda7861c0c76e2d3d5cdb8d57079defa3cd24071da82b5401f6f75ebecacede9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/1.png HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/png
Content-Length: 3377
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:12 GMT
ETag: "d31-61280d4a1bd28"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/j.png | 195.54.175.99 | 200 OK | 1.7 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/j.png IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typePNG image data, 120 x 41, 8-bit colormap, non-interlaced Hash408e2cc58913e088551369629f6d71d8 f04535974cbf26ba5d1d8079e5e3e7ff17d01350 69a1e9586470bb17b1d157337a15f365923f77ba617cf64b3a42325e49b03c1a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/j.png HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/png
Content-Length: 1715
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:17 GMT
ETag: "6b3-61280d4e9f570"
Accept-Ranges: bytes
|
|
| 195.54.175.99/css/ok/ek/ad/2.png | 195.54.175.99 | 200 OK | 3.4 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/2.png IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typePNG image data, 637 x 24, 8-bit grayscale, non-interlaced Hash046fa333a0a2ecc8bbac78e311aea555 d6de43e3109da558779e1abb4c67cd99d90c6be1 1f9ff9f17b4b3f86aac1440f8d404d66fd6e55e8c5bb0209d5662705607d802e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/2.png HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: image/png
Content-Length: 3412
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:14 GMT
ETag: "d54-61280d4b92558"
Accept-Ranges: bytes
|
|
| wow.masina.site/favicon.ico | 66.29.132.15 | 404 Not Found | 1.3 kB |
URL GET HTTP/1.1wow.masina.site/favicon.ico IP66.29.132.15:80
Requested byhttp://wow.masina.site/ok/
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash8150f458ed6fb9b1db4e5cfa57a1a281 6e5726854d28687b560d7fdcb5c782c425c7dfb9 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
GET /favicon.ico HTTP/1.1
Host: wow.masina.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/ok/
Cookie: sloth_src=noref; sloth_cc=0; sloth_sc=0; sloth_nosend=663e7a57%253A00%253ATnoref%253A
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
keep-alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1251
date: Fri, 10 May 2024 19:49:44 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
|
|
| 195.54.175.99/css/ok/ek/ad/2.mp4 | 195.54.175.99 | 206 Partial Content | 95 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/2.mp4 IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash55e872bc1606e9eea597d5013f41f0a0 08eebfbfc9aafbccbef7f168e4f5babcb2036603 90e9c3fe2ad9bcb46b747426e170da9404b759d913bede9967368a14af4cc240
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/2.mp4 HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: video/mp4
Content-Length: 130309
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:14 GMT
ETag: "1fd05-61280d4b911d0"
Accept-Ranges: bytes
Content-Range: bytes 0-130308/130309
|
|
| 195.54.175.99/css/ok/ek/ad/3.mp4 | 195.54.175.99 | 206 Partial Content | 45 kB |
URL GET HTTP/1.1195.54.175.99/css/ok/ek/ad/3.mp4 IP195.54.175.99:80
Requested byhttp://wow.masina.site/ok/
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash11af09b02800fa744620f6af438aa5d6 33e5d4579b926de71761bb839800b3efd9b3d6bd fe32ef442aaff3e1763f0a38b05b5aa2b4bae0c0cbb41eb82d985e620aa7706a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ok/ek/ad/3.mp4 HTTP/1.1
Host: 195.54.175.99
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://wow.masina.site/
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx
Date: Fri, 10 May 2024 19:49:38 GMT
Content-Type: video/mp4
Content-Length: 134275
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 29 Feb 2024 08:13:15 GMT
ETag: "20c83-61280d4ced038"
Accept-Ranges: bytes
Content-Range: bytes 0-134274/134275
|
|