| 1wxht.com/v3/aviator-fortune-wheel/assets/index-408f80a0.js | 190.115.24.78 | 200 OK | 36 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/assets/index-408f80a0.js IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (34972) Hash69c49f79471eae6f113108ce6163522d 1e4b2ce7a587aa67d3bc1a893f5b0e8e47a883e7 1683701f6a976fb1f8d1967918cd7e971dc47e4215539d790253761ca933beff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/index-408f80a0.js HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Wed, 08 May 2024 23:42:33 GMT
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
last-modified: Wed, 08 May 2024 11:07:48 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "663b5d04-1eab2"
age: 1623
content-length: 35673
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/assets/index-cc06efd7.css | 190.115.24.78 | 200 OK | 5.3 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/assets/index-cc06efd7.css IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeASCII text, with very long lines (28184) Hash26fba5c73b33a185a6c927c253cbeb0a f9a1248a0226c31a78bef14638094d6b5d46d756 cc06efd7945ad2f59c9d054b91486dc7b1bee0781827d4df11a3aac7188b8f03
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/index-cc06efd7.css HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Wed, 08 May 2024 23:47:39 GMT
content-type: text/css
accept-ranges: bytes
content-encoding: br
last-modified: Wed, 08 May 2024 11:07:48 GMT
vary: Accept-Encoding
access-control-allow-origin: *
etag: "663b5d04-6e19"
age: 1317
content-length: 5262
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/img/logo/logo.svg | 190.115.24.78 | 200 OK | 2.0 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/img/logo/logo.svg IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeSVG Scalable Vector Graphics image Hashba27fb9d4014988fc7265a496e58707f 0f998059be8924deb891e503d0e144834b530da9 b95859d9bb8d6684ec30c19bf00acb5ea323ff30eb155ce2fa30b053c98a011e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/img/logo/logo.svg HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:06:42 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: W/"65f303f7-1453"
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129774
content-length: 2014
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/flags/flags.svg | 190.115.24.78 | 200 OK | 42 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/flags/flags.svg IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeSVG Scalable Vector Graphics image Hasha92bcc34e96e6149bbbf43a1bc9c52d8 cebda3ba8b9260a4de36e6f8ab10e4f192c882bc 46f7c85353be615eb961fca31f10d696cc75f317786b29fc250028fd70a081e7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/flags/flags.svg HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:07:10 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: W/"65f303f7-2f71c"
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129746
content-length: 42045
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/sprites/form-sprite.svg | 190.115.24.78 | 200 OK | 972 B |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/sprites/form-sprite.svg IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeSVG Scalable Vector Graphics image Hash5d84dacb892c665bc273d5135dab8648 3467d74a1b31fca2271e6b3359c39adde9e58c2f 05e953033ae3e658b5446465f2ac81e96fa9cc3104ace6469a18b1655bc56acf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/sprites/form-sprite.svg HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:07:10 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: W/"65f303f7-a3e"
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129746
content-length: 972
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/img/wheel/wheel-sprite.svg | 190.115.24.78 | 200 OK | 1.1 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/img/wheel/wheel-sprite.svg IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeSVG Scalable Vector Graphics image Hash6439fc014b64f52880f54ea4a8f0e822 8980278996b6451c5ebd21a3b9ae6194cd216ab1 d0e462db3b129508fdc18a56fe6e5673546ec1bc65ac41e0aea0322a129d96ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/img/wheel/wheel-sprite.svg HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:06:43 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: W/"65f303f7-b3e"
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129773
content-length: 1054
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/assets/background-body-1b46dd1b.svg | 190.115.24.78 | 200 OK | 505 B |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/assets/background-body-1b46dd1b.svg IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeSVG Scalable Vector Graphics image Hash94d688a46e21e4ebf2e41ff85c97e3e8 680819ade7a866cc379d74c936a89c355ade091a 1b46dd1b6c113a0b15de655eae7244683b3055e38f5b9f7d90fa2f12389d6213
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/background-body-1b46dd1b.svg HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel/assets/index-cc06efd7.css
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; visit_domain=1wxht.com; sub_ids=sub1=xttog663c13e500083c13&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:07:06 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: W/"65f303f8-c36"
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129750
content-length: 505
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/assets/wheel-background-2f0830b2.svg | 190.115.24.78 | 200 OK | 130 B |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/assets/wheel-background-2f0830b2.svg IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeSVG Scalable Vector Graphics image Hash64b88816cf1d30bdd9ae21bcf66fe7ee 9ab1b55af37f24941a622fb99fd54652ed53f011 2f0830b2331c5213c1791b534bc144b1ed0db4623bb42e6041198062eae460a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/wheel-background-2f0830b2.svg HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel/assets/index-cc06efd7.css
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; visit_domain=1wxht.com; sub_ids=sub1=xttog663c13e500083c13&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:07:07 GMT
content-type: image/svg+xml
accept-ranges: bytes
etag: W/"65f303f8-aa"
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: br
age: 129749
content-length: 130
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/assets/plane-background-bfe3a236.svg | 190.115.24.78 | 200 OK | 1.8 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/assets/plane-background-bfe3a236.svg IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeSVG Scalable Vector Graphics image Hashc700c17f6caf6473e6b50d4b6c7ad1b7 ceb12f486b21c00953c28554b0588cd908fde01d bfe3a236f95d439f20c90ca6861e7c6b690b435c19a800c55942e1c74a635fbc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/plane-background-bfe3a236.svg HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel/assets/index-cc06efd7.css
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; visit_domain=1wxht.com; sub_ids=sub1=xttog663c13e500083c13&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:07:09 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: W/"65f303f8-f1f"
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129747
content-length: 1809
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/assets/Inter-Regular-f536bae0.woff2 | 190.115.24.78 | 200 OK | 103 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/assets/Inter-Regular-f536bae0.woff2 IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 103152, version 3.1245 Size103 kB (103152 bytes) Hash5891e05821cbf2402b6dd3f4a84cfe12 43371fc7dd74393cb3f1de7f500164b4156a7a50 f536bae011685cdeb84a3ec10450fd024d62536949d870582f4651cd47404067
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/Inter-Regular-f536bae0.woff2 HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel/assets/index-cc06efd7.css
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; visit_domain=1wxht.com; sub_ids=sub1=xttog663c13e500083c13&
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:08:30 GMT
content-type: font/woff2
content-length: 103152
accept-ranges: bytes
etag: "65f303f8-192f0"
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129666
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/assets/Inter-Medium-aaa02aa0.woff2 | 190.115.24.78 | 200 OK | 111 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/assets/Inter-Medium-aaa02aa0.woff2 IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 111192, version 3.1245 Size111 kB (111192 bytes) Hash823f35a845a9dfbf9800c8a37b635269 c3064c7e34213e30493c6a972f3d66f4d145885b aaa02aa09b0bc5bc5c57095aaa6e15bea07480136e9aab705f69886daa213325
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/Inter-Medium-aaa02aa0.woff2 HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel/assets/index-cc06efd7.css
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; visit_domain=1wxht.com; sub_ids=sub1=xttog663c13e500083c13&
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:08:30 GMT
content-type: font/woff2
content-length: 111192
accept-ranges: bytes
etag: "65f303f8-1b258"
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129666
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/assets/Inter-Bold-b5d5e626.woff2 | 190.115.24.78 | 200 OK | 112 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/assets/Inter-Bold-b5d5e626.woff2 IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 111736, version 3.1245 Size112 kB (111736 bytes) Hash68011c0b032270d83de4f546ce48bf57 d1e442dbf714552c132e26d55da0234d61b305ff b5d5e626a01da63aa252c7c469046a0f31ef2c2c9c09a176213eb0e6290d83f7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/Inter-Bold-b5d5e626.woff2 HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel/assets/index-cc06efd7.css
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; visit_domain=1wxht.com; sub_ids=sub1=xttog663c13e500083c13&
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:08:30 GMT
content-type: font/woff2
content-length: 111736
accept-ranges: bytes
etag: "65f303f8-1b478"
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129666
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/assets/Inter-ExtraBold-9a3b0ab4.woff2 | 190.115.24.78 | 200 OK | 112 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/assets/Inter-ExtraBold-9a3b0ab4.woff2 IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 112048, version 3.1245 Size112 kB (112048 bytes) Hash1cec0b5ab0d8902d2863446f33ce5b63 973753eb1254976025b41946648c53fd6907b71d 9a3b0ab41e62faadd1d744d43c783f5f66b7c58e60cfc37075f153ce4a75351e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/assets/Inter-ExtraBold-9a3b0ab4.woff2 HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel/assets/index-cc06efd7.css
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; visit_domain=1wxht.com; sub_ids=sub1=xttog663c13e500083c13&
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:08:30 GMT
content-type: font/woff2
content-length: 112048
accept-ranges: bytes
etag: "65f303f8-1b5b0"
last-modified: Thu, 14 Mar 2024 14:04:40 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129666
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7 | 142.250.74.168 | 200 OK | 106 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7 IP142.250.74.168:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (50401) Size106 kB (106284 bytes) Hash6fb04dd43dfa720274c228d76a93f4d4 17f339678227881bb0cd1be46e6cb250aeed2790 2fad102750ec23961906fdd125f31af37f6e1d6601576e29e44bba7632362d23
GET /gtm.js?id=GTM-KGKQDC7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:09:36 GMT
expires: Thu, 09 May 2024 00:09:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 106284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/favicon/favicon.svg | 190.115.24.78 | 200 OK | 486 B |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/favicon/favicon.svg IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typeSVG Scalable Vector Graphics image Hashd2260239c47a557dc50312dc01cbad3f dac1c20799be1d52a444de7c1838d4e38fc06c93 da27421d59a3829fd6292f822eed7c6b1b7a745870d6b736dc67220627d9d656
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/favicon/favicon.svg HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; visit_domain=1wxht.com; sub_ids=sub1=xttog663c13e500083c13&; core-sticky=http://10.233.69.200:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:08:41 GMT
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: W/"65f303f7-5b5"
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129656
content-length: 486
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 1wxht.com/v3/aviator-fortune-wheel/favicon/android-icon-512x512.png | 190.115.24.78 | 200 OK | 10 kB |
URL GET HTTP/21wxht.com/v3/aviator-fortune-wheel/favicon/android-icon-512x512.png IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hash822df36448d97877853abf2cce421ddb be6c97c312a28bd1a458e90cdaff592e38163f5e 8707e7b56f89a25ba382128e12ba37988d4afe442f33bc3a5b34a2a04a692667
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel/favicon/android-icon-512x512.png HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; visit_domain=1wxht.com; sub_ids=sub1=xttog663c13e500083c13&; core-sticky=http://10.233.69.200:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 12:08:41 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
etag: "65f303f7-2b40"
last-modified: Thu, 14 Mar 2024 14:04:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
age: 129656
content-length: 10129
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 92 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash2d698d0fcb64f626c2fc42ce5a034bdd 69edea8f0ce07b3156831efca389bea11d78940e f58b18e865d59994bba5c77954212db9e8d081dae738ee95754950d797d50495
GET /gtag/js?id=G-548949LWLW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:09:36 GMT
expires: Thu, 09 May 2024 00:09:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91534
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hash100b7572bb4b8dc3f011373c39f131bc 304fb84ee6e919f0fc5ffe83c3b1dbd437b50ead 46fd8e1cde2ada68c2bd100de0b18990f76a161e2e549609088860a7e3855a6b
GET /gtag/destination?id=DC-12688802&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:09:37 GMT
expires: Thu, 09 May 2024 00:09:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash98254c783665030f70ed592357b4f657 8cfe440b74c0e52521c1fe78047c5fa63609f7f6 6b2c45df124ca66fe9f5a2821920cf36c5e869d3bb67614c91b422467c74152f
GET /gtag/js?id=AW-16482547739&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:09:36 GMT
expires: Thu, 09 May 2024 00:09:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=176281693.1715213377>m=45je4510v894728184z8894400803za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1066820245 | 142.250.74.131 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=176281693.1715213377>m=45je4510v894728184z8894400803za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1066820245 IP142.250.74.131:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=176281693.1715213377>m=45je4510v894728184z8894400803za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1066820245 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 May 2024 00:09:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1715213376386&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=176281693.1715213377&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&dp=%2Fv3%2Faviator-fortune-wheel&sid=1715213377&sct=1&seg=0&dl=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&tfd=1646 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1715213376386&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=176281693.1715213377&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&dp=%2Fv3%2Faviator-fortune-wheel&sid=1715213377&sct=1&seg=0&dl=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&tfd=1646 IP216.239.34.36:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1715213376386&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=176281693.1715213377&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&dp=%2Fv3%2Faviator-fortune-wheel&sid=1715213377&sct=1&seg=0&dl=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&tfd=1646 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wxht.com
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1wxht.com
date: Thu, 09 May 2024 00:09:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1715213376386&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=176281693.1715213377&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=2&dp=%2Fv3%2Faviator-fortune-wheel&sid=1715213377&sct=1&seg=0&dl=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&dt=1win&en=(not_set)&ep.page_url=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&ep.device_type=desktop&ep.platform=en&ep.os=other&ep.domain=1wxht.com&tfd=6661 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1715213376386&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=176281693.1715213377&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=2&dp=%2Fv3%2Faviator-fortune-wheel&sid=1715213377&sct=1&seg=0&dl=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&dt=1win&en=(not_set)&ep.page_url=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&ep.device_type=desktop&ep.platform=en&ep.os=other&ep.domain=1wxht.com&tfd=6661 IP216.239.34.36:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-548949LWLW>m=45je4510v894728184z8894400803za200&_p=1715213376386&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=176281693.1715213377&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=2&dp=%2Fv3%2Faviator-fortune-wheel&sid=1715213377&sct=1&seg=0&dl=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&dt=1win&en=(not_set)&ep.page_url=https%3A%2F%2F1wxht.com%2Fv3%2Faviator-fortune-wheel%3Fbannerid%3D20916525%26campaignid%3D8155850%26connection_type%3Dbroadband%26osversion%3Dwin11%26region%3Dba%26user_activity%3Dlow%26zone_type%3D%257Bzone_type%257D%26SUBID%3D812225988036665402%26zoneid%3D6118780&ep.device_type=desktop&ep.platform=en&ep.os=other&ep.domain=1wxht.com&tfd=6661 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wxht.com
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://1wxht.com
date: Thu, 09 May 2024 00:09:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 | 190.115.24.78 | 200 OK | 42 kB |
URL User Request GET HTTP/21wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 IP190.115.24.78:443
CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; Domain=.1wxht.com; HttpOnly; Path=/; Expires=Fri, 09-May-2025 00:09:36 GMT
date: Thu, 09 May 2024 00:09:36 GMT
content-type: text/html
accept-ranges: bytes
content-encoding: gzip
etag: "663b5d04-a500"
last-modified: Wed, 08 May 2024 11:07:48 GMT
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| 1wtsso.life/v3/aviator-fortune-wheel?SUBID=812225988036665402&bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11®ion=ba&sub1=xttog663c13e500083c13&user_activity=low&zone_type={zone_type}&zoneid=6118780 | 190.115.24.78 | 301 Moved Permanently | 42 kB |
URL User Request GET HTTP/21wtsso.life/v3/aviator-fortune-wheel?SUBID=812225988036665402&bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11®ion=ba&sub1=xttog663c13e500083c13&user_activity=low&zone_type={zone_type}&zoneid=6118780 IP190.115.24.78:443
CertificateIssuerLet's Encrypt Subject1wtsso.life FingerprintB0:01:F6:6F:EF:59:55:42:A1:AD:0A:EB:68:3E:F2:A7:9D:1C:F2:A6 ValidityTue, 07 May 2024 09:20:55 GMT - Mon, 05 Aug 2024 09:20:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v3/aviator-fortune-wheel?SUBID=812225988036665402&bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11®ion=ba&sub1=xttog663c13e500083c13&user_activity=low&zone_type={zone_type}&zoneid=6118780 HTTP/1.1
Host: 1wtsso.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: ddos-guard
set-cookie: __ddg1_=p5ZNogqBGwJhKGNHj3Mf; Domain=.1wtsso.life; HttpOnly; Path=/; Expires=Fri, 09-May-2025 00:09:35 GMT
date: Thu, 09 May 2024 00:09:35 GMT
content-type: text/html
location: https://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780
access-control-allow-origin: *
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1wxht.com/affiliate:link_visit?visit_domain=1wxht.com&sub_ids=sub1%3Dxttog663c13e500083c13%26 | 190.115.24.78 | 200 OK | 37 B |
URL GET HTTP/21wxht.com/affiliate:link_visit?visit_domain=1wxht.com&sub_ids=sub1%3Dxttog663c13e500083c13%26 IP190.115.24.78:443
Requested byhttps://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11&sub1=xttog663c13e500083c13®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780 CertificateIssuerLet's Encrypt Subject1wxht.com Fingerprint55:54:CF:42:C9:BE:AD:EB:59:BB:E2:32:C2:3F:B7:53:B2:E7:A6:65 ValidityTue, 30 Apr 2024 20:38:55 GMT - Mon, 29 Jul 2024 20:38:54 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash2f6af1a09e6d352c1603fe2326189744 baed183cee7c7fd534e8519a683c9f398e696329 7dbce63a298c62ef7fd9b97b1512bcfc0fb402338670dbd194362e0ffac42458
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /affiliate:link_visit?visit_domain=1wxht.com&sub_ids=sub1%3Dxttog663c13e500083c13%26 HTTP/1.1
Host: 1wxht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wxht.com/v3/aviator-fortune-wheel?bannerid=20916525&campaignid=8155850&connection_type=broadband&osversion=win11®ion=ba&user_activity=low&zone_type=%7Bzone_type%7D&SUBID=812225988036665402&zoneid=6118780
Cookie: __ddg1_=5wm8BZ0gN9lPHDcCzi0i; visit_domain=1wxht.com; sub_ids=sub1=xttog663c13e500083c13&
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
date: Thu, 09 May 2024 00:09:36 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
access-control-max-age: 7200
etag: W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
set-cookie: core-sticky=http://10.233.69.200:80; Path=/; HttpOnly
x-powered-by: Express
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|