Report - 0jfwyp.cc/

Report Overview

Submitted URL
0jfwyp.cc/
IP
104.21.24.146
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 16:23:23
Access
public
Website Title
WIF AIRDROP
Final URL
0jfwyp.cc/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
92

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	1.4 kB	43 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.6 kB	95 kB	142.250.74.99
methodical-stylish-patina.solana-mainnet.quiknode.pro	unknown	unknown	No data	No data	553 B	596 B	208.115.203.42
openfpcdn.io	238589	2021-11-10	2021-11-11	2024-05-08	411 B	34 kB	54.230.111.49
0jfwyp.cc	unknown	unknown	No data	No data	10 kB	3.3 MB	172.67.219.64
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-09	424 B	32 kB	142.250.74.138
unpkg.com	11693	2016-01-06	2016-01-08	2024-05-09	860 B	602 kB	104.17.247.203
api.hisol.vip	unknown	unknown	No data	No data	392 B	739 B	188.114.96.1
ipinfo.io	8136	2013-04-23	2013-12-16	2024-05-09	405 B	678 B	34.117.186.192

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 16:22:56	low	Client IP	54.230.111.49	ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)
2024-05-10 16:22:56	low	Client IP	54.230.111.49	ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)
2024-05-10 16:22:57	medium	Client IP	34.117.186.192	ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)
2024-05-10 16:22:57	medium	Client IP	34.117.186.192	ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet
2024-05-10	medium	0jfwyp.cc/	Crypto/Wallet

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed
2024-05-10	medium	0jfwyp.cc	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	0jfwyp.cc/	3.6 kB	2024-04-25	2024-05-19
Pretty URL 0jfwyp.cc/ IP 172.67.219.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 15:54:19 Last Seen2024-05-19 10:35:18 Times Seen11 Hash 364630e94b01a6d6cc9a6c655e882e7a c192289a47e33f55de81fba870c9dad3386bae83 b4189b5ee772a5da10b84445b1fce92e594efd456e36c5497b9e52c01838eec1 Loading...

	0jfwyp.cc/main.wif.js	2.3 MB	2024-05-10	2024-05-19
Pretty URL 0jfwyp.cc/main.wif.js IP 172.67.219.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 18:23:30 Last Seen2024-05-19 09:52:41 Times Seen4 Hash ae8ae148f577527e75a20b3b0141baa2 ec88f3f80383b7ea5daf8ce37ac17d74d10e9ff3 9d7b0ec3a8cf22a23d358c4d03bfe5256755b77f8d33e93d94c5f18999b458fa Loading...

	api.hisol.vip/matomo1.js	0 B	2023-03-07	2024-05-20
Pretty URL api.hisol.vip/matomo1.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 20:13:18 Times Seen37890731 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js	90 kB	2023-03-07	2024-05-20
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:27 Last Seen2024-05-20 20:12:02 Times Seen23989 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	unpkg.com/@solana/web3.js@latest/lib/index.iife.min.js	441 kB	2024-05-10	2024-05-19
Pretty URL unpkg.com/@solana/web3.js@latest/lib/index.iife.min.js IP 104.17.247.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 18:23:31 Last Seen2024-05-19 10:35:19 Times Seen20 Hash e8d6b5fa63689d1e63e1d69926dbb920 2bb08e10b1da32bb41a4cfe7cf464115ebd01e6a ea5647bb314edcc3a33ba4359de0de774fea0922e2ed68f44dbabc7165070b47 Loading...

	openfpcdn.io/fingerprintjs/v3/iife.min.js	34 kB	2023-07-13	2024-05-20
Pretty URL openfpcdn.io/fingerprintjs/v3/iife.min.js IP 54.230.111.49 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-13 06:12:11 Last Seen2024-05-20 01:27:10 Times Seen102 Hash 89bb04cd455db362fd64bfdda3ab4ff8 8349515fb3d7680d0b13a409b645bfeb98d090d0 c0bb57bba1fafcb2dd46631077d28821b1fcca5df19a2715e2c4c720a357331a Loading...

	0jfwyp.cc/	2.1 kB	2024-04-25	2024-05-19
Pretty URL 0jfwyp.cc/ IP 172.67.219.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 15:54:19 Last Seen2024-05-19 10:35:18 Times Seen11 Hash 693b22dd8cf0167c52a3f0a3fcac9b57 40236297a920bae65ae413dda956a906b6afc0df 79c51c5ef4b926ee92fdfe6f87aceef168ef7a7371fe94bda7a9d5d6e6eb22c0 Loading...

HTTP Transactions (36)

URL IP Response Size

0jfwyp.cc/css/blocks.style.build.css

172.67.219.64

200 OK

0 B

URL GET HTTP/3
0jfwyp.cc/css/blocks.style.build.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/blocks.style.build.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
content-length: 0
last-modified: Mon, 04 Mar 2024 13:25:16 GMT
etag: "65e5cbbc-0"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 23634
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E52IT5n2%2FP1A%2BGVQi0W6%2FQSbSIwGdEe%2FOVC2KGEOV7XszvGdSKFqHNmEkiAA4LQg9c021fpPr2c%2BzjRyO%2BGTk%2Fpjh6%2FBdMoJNnvLRYR3aRoonkBNIzSWpWX5OTI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b455b5dfb7127-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31100 bytes)
Hash
00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

HTTP Headers

GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:19 GMT
expires: Fri, 09 May 2025 01:49:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 138817
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Inter:300,regular,500,600&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Inter:300,regular,500,600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1192 bytes)
Hash
bb4ccd2f38bae45b440dd01d03d83d3f
e5d07d7e11bf2a0d3821dac0c7dd36217d9ddcdc
23b67058cf079d22cdff4d6b75ac736cdb1a324eb6c3a9ab32ad3dd373d5e4db

HTTP Headers

GET /css?family=Inter:300,regular,500,600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:22:56 GMT
date: Fri, 10 May 2024 16:22:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2

142.250.74.99

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27824, version 1.0
Size
28 kB (27824 bytes)
Hash
225d39d1d4443e97f2ad20b9d91808fe
518045d265d6c388ac38dde9fdeb364474a90787
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555

HTTP Headers

GET /s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://0jfwyp.cc
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 18:29:15 GMT
expires: Fri, 09 May 2025 18:29:15 GMT
cache-control: public, max-age=31536000
age: 78822
last-modified: Thu, 24 Aug 2023 20:09:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unpkg.com/@solana/web3.js@1.91.8/lib/index.iife.min.js

104.17.247.203

200 OK

160 kB

URL GET HTTP/2
unpkg.com/@solana/web3.js@1.91.8/lib/index.iife.min.js
IP
104.17.247.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
JavaScript source, ASCII text, with very long lines (40512)
Size
160 kB (160428 bytes)
Hash
e8d6b5fa63689d1e63e1d69926dbb920
2bb08e10b1da32bb41a4cfe7cf464115ebd01e6a
ea5647bb314edcc3a33ba4359de0de774fea0922e2ed68f44dbabc7165070b47

HTTP Headers

GET /@solana/web3.js@1.91.8/lib/index.iife.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0jfwyp.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "6ba46-K7COELHaMrtBpM/nz0ZBFevQHmo"
via: 1.1 fly.io
fly-request-id: 01HWZXQ04J7CZWEJ0QM1DZSSX1-arn
cf-cache-status: HIT
age: 594868
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881b455d886b5687-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2

142.250.74.99

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27824, version 1.0
Size
28 kB (27824 bytes)
Hash
225d39d1d4443e97f2ad20b9d91808fe
518045d265d6c388ac38dde9fdeb364474a90787
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555

HTTP Headers

GET /s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://0jfwyp.cc
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 18:29:15 GMT
expires: Fri, 09 May 2025 18:29:15 GMT
cache-control: public, max-age=31536000
age: 78822
last-modified: Thu, 24 Aug 2023 20:09:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

0jfwyp.cc/css/post-16-defaults.css

172.67.219.64

200 OK

987 B

URL GET HTTP/3
0jfwyp.cc/css/post-16-defaults.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
gzip compressed data, from Unix
Size
987 B (987 bytes)
Hash
8b901442fb0844d6b353a90d45c64166
be2b8bddac395ab2a83481d27aa7065c5bedeebf
6039e9040babc92a1b76aa0cb5db1c46bc6ffcde1f5cd1429d7d018d407695a9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/post-16-defaults.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:09 GMT
vary: Accept-Encoding
etag: W/"65e5cbb5-548"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2FuNo3gJiArpKBYv6kou1MGP34A7tMw2CQnKQJDxbLgQJC2LOTBWhl42mrKWhB0flINpEbJVZqaEFJvQaLTXsHl1lD%2FJq9Uj7V0IogFdjLxbBsTWDee8R9BK7ks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b7e1c7127-OSL
alt-svc: h3=":443"; ma=86400

api.hisol.vip/matomo1.js

188.114.96.1

200 OK

0 B

URL GET HTTP/2
api.hisol.vip/matomo1.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjecthisol.vip
Fingerprint01:EE:CD:5E:DA:22:E7:E1:B8:37:C7:4E:F5:AD:FC:DA:13:CB:25:71
ValidityTue, 09 Apr 2024 06:42:12 GMT - Mon, 08 Jul 2024 06:42:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /matomo1.js HTTP/1.1
Host: api.hisol.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:22:57 GMT
content-type: application/javascript
content-length: 0
last-modified: Tue, 09 Apr 2024 07:14:09 GMT
etag: "0-615a4ab0fc09d"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6702
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPd9D%2Fnue5DIk2fcLJDUQxMYHCj76uHh6RUc9hbCA0cGV2l9uj3bkjIbLpWKa4i5AE2H4UZwDVr97KIq2EMyklY1x9P%2BQSYL9fa%2BGER5eGJeaT2bZuHF0iaUbUOweZVQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b45606c747127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=IBM+Plex+Sans:regular,500,600,700&display=swap

142.250.74.106

200 OK

38 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=IBM+Plex+Sans:regular,500,600,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
38 kB (37590 bytes)
Hash
185b41204e813fb595921f5fcf189132
7a3ca8692a4fc46a4546b76028d1b17ee941d0cf
55187b44a41ea869e7803cbe66ffc3b674bbc6efe49d35f19b3d2f2091b3cc53

HTTP Headers

GET /css?family=IBM+Plex+Sans:regular,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:22:56 GMT
date: Fri, 10 May 2024 16:22:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

142.250.74.99

200 OK

37 kB

URL GET HTTP/2
fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 36848, version 1.0
Size
37 kB (36848 bytes)
Hash
3ccd9ab2050b2f26898b77af9148b8e2
7f9f46b2fb3f121f3c0600e1182d725b1be6c176
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94

HTTP Headers

GET /s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://0jfwyp.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 36848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:28:15 GMT
expires: Fri, 09 May 2025 17:28:15 GMT
cache-control: public, max-age=31536000
age: 82482
last-modified: Thu, 21 Mar 2024 23:58:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

0jfwyp.cc/css/style.min.css

172.67.219.64

200 OK

18 kB

URL GET HTTP/3
0jfwyp.cc/css/style.min.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
gzip compressed data, from Unix
Size
18 kB (18448 bytes)
Hash
081157e34c2b2ca659d7498272bc0a88
f6d4bbf4e8c0b361b7eeb9bc873962fb9b106dc7
127e086a5a6b896e2a81c457113db7e8945a21c4eafb80159c4b383c37d6fd0e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/style.min.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:18 GMT
vary: Accept-Encoding
etag: W/"65e5cbbe-1ae43"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCO19QfV2mJsRIe7IxTaVg7jS7skCPVyfoKCRhgJK8dkcfwix8iKM65s20FGlMIkCgy3ti%2FBUnZtdzIZH8qQs69z1ZLa3KD7yXwrKUCy3E5cQAuvFNkKC65Yvk8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b5df67127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/css/post-24.css

172.67.219.64

200 OK

3.0 kB

URL GET HTTP/3
0jfwyp.cc/css/post-24.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (23478), with no line terminators
Size
3.0 kB (2977 bytes)
Hash
54b8566575e138ed2e38d28fbc710e6f
91da5aab12dbe0d9e44a4fb15be50f0d09d71d64
653b5f456b03a7711fbd1fcc3bff0e338e3536dc150cfb2f78f30b6fcfaac5c5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/post-24.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:13 GMT
vary: Accept-Encoding
etag: W/"65e5cbb9-5bb6"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usKWwDDsdVrxbH0tWTWqhN9FtjRPjLA6zUBiyS%2FVZ5h9g%2F9B1GhIFolcBAE%2Bhv69EkeRjo5q2h7cFfoTMAQ5ut9GjUbW4C2etxGN32kD5lNoQ%2FtFhPczGAMDvug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b7e287127-OSL
alt-svc: h3=":443"; ma=86400

methodical-stylish-patina.solana-mainnet.quiknode.pro/7b61a80383c05f9c2a8e7f61e6a9f9d3bd698040/

208.115.203.42

200 OK

189 B

URL POST HTTP/2
methodical-stylish-patina.solana-mainnet.quiknode.pro/7b61a80383c05f9c2a8e7f61e6a9f9d3bd698040/
IP
208.115.203.42:443
ASN
#46475 LIMESTONENETWORKS

Requested by
https://0jfwyp.cc/
Certificate
IssuerLet's Encrypt
Subject*.solana-mainnet.quiknode.pro
Fingerprint92:96:91:52:E9:63:DF:E3:DA:72:3C:3E:DF:30:0E:14:98:07:F7:06
ValidityThu, 25 Apr 2024 15:21:08 GMT - Wed, 24 Jul 2024 15:21:07 GMT

File type
JSON text data
Size
189 B (189 bytes)
Hash
3872004348ae7c44cb5f17ce1ce3a66a
12220e3d5d9c1ec03c7e0c065b0e3b498e1abd36
dc5366f00155e2983b6122ba97726b3d506c9941dc106d41cd91ea784f5c6dd9

HTTP Headers

POST /7b61a80383c05f9c2a8e7f61e6a9f9d3bd698040/ HTTP/1.1
Host: methodical-stylish-patina.solana-mainnet.quiknode.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0jfwyp.cc/
Content-Type: application/json
Content-Length: 92
Origin: https://0jfwyp.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,User-Agent,solana-client
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://0jfwyp.cc
content-type: application/json
vary: Accept-Encoding
x-node-id: solana_solana-mainnet_fra
content-length: 189
date: Fri, 10 May 2024 16:22:57 GMT
X-Firefox-Spdy: h2

ipinfo.io/json

34.117.186.192

200 OK

280 B

URL GET HTTP/2
ipinfo.io/json
IP
34.117.186.192:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://0jfwyp.cc/
Certificate
IssuerLet's Encrypt
Subjectipinfo.io
FingerprintC3:D1:C0:FE:0C:C8:E1:18:4F:C8:22:D0:9C:FF:D9:F4:EF:72:CD:6B
ValidityFri, 19 Apr 2024 20:17:23 GMT - Thu, 18 Jul 2024 20:17:22 GMT

File type
JSON text data
Size
280 B (280 bytes)
Hash
adf22d9a8ca3a97a9ff78909b8702358
f5046826566a7e98d6b5e5c7b0a65677c3bde708
756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3

HTTP Headers

GET /json HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0jfwyp.cc/
Origin: https://0jfwyp.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 10 May 2024 16:22:57 GMT
content-type: application/json; charset=utf-8
content-length: 280
access-control-allow-origin: *
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

0jfwyp.cc/assets/css/main.5da3acfb.css

172.67.219.64

200 OK

9.1 kB

URL GET HTTP/3
0jfwyp.cc/assets/css/main.5da3acfb.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
gzip compressed data, from Unix
Size
9.1 kB (9140 bytes)
Hash
b33ec0f8f875780e06d47e4ef2cbcb9d
a8ef9e2e05a0b3f60ce69be987e22805ec63bb49
54fef11ef0733c8ac4671346f38cb7adb4101e1d7d1003ced6fd9210a1459398

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/main.5da3acfb.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:35:25 GMT
vary: Accept-Encoding
etag: W/"65e5ce1d-2dd4"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qBG1AN7AAeH1QJr928HI0VOXoQHMsczOaZ%2BpUY8iwl082zlSgtbVf8Fcm7a69H5FPttWzJRoZ2GomAnlbRH%2BT8xBXoOu7%2F7ORUK03xxLRBgGXRCaILkQA2CngrQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b5df37127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/assets/css/style.css

172.67.219.64

200 OK

20 kB

URL GET HTTP/3
0jfwyp.cc/assets/css/style.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
gzip compressed data, from Unix
Size
20 kB (20477 bytes)
Hash
cd14ff82cbda79f03fd264b7c466d017
a5b6da48aa5e40a16daa9c5670b652db39225531
c1c76d9be813f6835b190a2d15038f6b0e4deb37752c3de5afdec94381f88847

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/style.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:58:31 GMT
vary: Accept-Encoding
etag: W/"65e5d387-d8b3"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IzJR1SNnF0%2Fr2YPHkCKBIJYgZ%2Fukqq22kephlkvV2SQVdwC8NUsNXMm9NmdbENy%2BlHR95Xhz0xdkwq0RsO23DpkPGorXv09pSE6McKJr3AmEnRFnHS4F6v%2Ff9Dk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b5df27127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/static/img/wif.png

172.67.219.64

200 OK

104 kB

URL GET HTTP/3
0jfwyp.cc/static/img/wif.png
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
JPEG image data, baseline, precision 8, 1125x1117, components 3
Size
104 kB (104008 bytes)
Hash
fd0feec15931378da2ef859aa3ba9f0f
74b5aa87da5b25fabb82f5fa0a5dbcbb08b839fc
2f6762240a8af3ec1c28e4c4e507681475015c0b711a077631b900c42014ab9b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/img/wif.png HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Cookie: ipDetails={"ip":"91.90.42.154","hostname":"s919042154.blix.com","city":"Oslo","region":"Oslo","country":"NO","loc":"59.9127,10.7461","org":"AS50304 Blix Solutions AS","postal":"0001","timezone":"Europe/Oslo","readme":"https://ipinfo.io/missingauth"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 16:23:04 GMT
content-type: image/png
content-length: 104008
last-modified: Mon, 04 Mar 2024 13:57:43 GMT
etag: "65e5d357-19648"
expires: Sun, 09 Jun 2024 16:23:04 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdCEPktauDl2EVaCZldEnY2Ujcrpo0wLFZN3EevXTsUSbrvkaaxnFEwr%2Bxk5DY4MohkZ70DvThuVDLdv41N%2Fq1QGRcfnyZWjbIrmnCai%2F7qonb38F%2F0Ews0C%2FEk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b458868767127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/css/awesome-menu.css

172.67.219.64

200 OK

56 kB

URL GET HTTP/3
0jfwyp.cc/css/awesome-menu.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (55640)
Size
56 kB (55641 bytes)
Hash
3480e77ea4cac8bee063263ffbf44919
f3eaab02d4ff182a9048f62a8726eeace838ff62
b11198878c7b622b9e7ba3efaa54e92fccd7f5f458d19369f08f31c94c34977e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/awesome-menu.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:19 GMT
vary: Accept-Encoding
etag: W/"65e5cbbf-d959"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=McK%2Bgb0nX9PwjFAnZWQCLjs%2F9df0QFl9ccLHFEf2TcK4BEAzcN4Q0kYbNhPqM7R66JTaHLJRfWb6TZdDCxLV2sivhEf%2FF%2F2%2BKc6Eqtn%2BfA0Swjvw%2FqUKW3Ro8kc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b5dfd7127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/css/css2.css

172.67.219.64

200 OK

14 kB

URL GET HTTP/3
0jfwyp.cc/css/css2.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text
Size
14 kB (14229 bytes)
Hash
74cc3edd76876493b43ff069c33443a2
ad312c806ed5ef272ca9b9c3fcfc2f87517ad253
c36893c82319f09a9e35f60b71d23e4000c52710841aebd9e1cf7c4d54c4b541

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/css2.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:06 GMT
vary: Accept-Encoding
etag: W/"65e5cbb2-3795"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPA2kUVCw6HXMOnhgXHbMrfEisRITEyTWDqSLDsrhMlOia0spxrUKYTgWOCOB7l1pusD4FaDSpQLgP3%2FTPlqLWApdtqgoNBLoKlGWBbnPcm5%2Fglf390zV%2BFIbN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b5e027127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/favicon.ico

172.67.219.64

200 OK

152 kB

URL GET HTTP/3
0jfwyp.cc/favicon.ico
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
MS Windows icon resource - 1 icon, -64x-64, 32 bits/pixel
Size
152 kB (152126 bytes)
Hash
7e9f88c9442169c6c8df99e32657e1c5
5ba2396368ab4879779b7f33c5465af164cdb514
e1732a1dfb9be455a172ada0ea0b41b227cd2863cf84368ce01ff967d4dd38f0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Cookie: ipDetails={"ip":"91.90.42.154","hostname":"s919042154.blix.com","city":"Oslo","region":"Oslo","country":"NO","loc":"59.9127,10.7461","org":"AS50304 Blix Solutions AS","postal":"0001","timezone":"Europe/Oslo","readme":"https://ipinfo.io/missingauth"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:59 GMT
content-type: image/x-icon
last-modified: Mon, 04 Mar 2024 14:06:13 GMT
etag: W/"65e5d555-2523e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYSsaG5N3ZxgpWDlMLRr%2B6kSsdr0NkFw5EeTlQEP1IliVfFPC0dpv3bBwCsgQ6cfIpZsl%2B73PWKvru%2BUB4V9oetAu%2Bc7aV6S68rBLsH3vjhtXaVvMySQOahbFkE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b4563188e7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/css/post-16.css

172.67.219.64

200 OK

651 B

URL GET HTTP/3
0jfwyp.cc/css/post-16.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (651), with no line terminators
Size
651 B (651 bytes)
Hash
802a443fc4a7badc8af89f5d50583f79
8ad3d7a7828d2fcdc6efc7a597618a789b50c269
b325f1ffb5c8b920ee0392c2bfe3721a18faa0092ab083bcd823296dd3b43e4a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/post-16.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:14 GMT
etag: W/"65e5cbba-28b"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00HatPv88YVm2dAL8sl6%2BXatUJLpZiOqXhvRnLCyeH0l0szHMJqdXxSyCDpwOC2ODt2T4sd0Wb0kJAW%2FMPTf84zL4g5bnrsyox8TshfZe%2BBuTbTNOGHGxzXZVMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b455b7e2a7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/images/literally-dog-4.svg

172.67.219.64

200 OK

370 B

URL GET HTTP/3
0jfwyp.cc/images/literally-dog-4.svg
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
SVG Scalable Vector Graphics image
Size
370 B (370 bytes)
Hash
772326f22dadcea69fb365793a39e204
e9b06c1b5c429a4b7d50f673f1f0a6921adb43e6
62a71d1a2a870844e4d49a2df6ede34d87de92ee80594a55ec7f740b420ed9cb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/literally-dog-4.svg HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:57 GMT
content-type: image/svg+xml
last-modified: Mon, 04 Mar 2024 13:22:00 GMT
etag: W/"65e5caf8-172"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJdHIo2lQirFop%2FpFAEmjwGKiQtdxM%2FsydYTQbckVGmanI7PmFtGyCPaE8HqqLILdL4BzRx2ENlCSNGn7vHtWTR%2BQaMjMTfCInT9ylhneesPi0X7DzFSkPP%2FJoM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b455b7e2c7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

142.250.74.106

200 OK

2.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (2496), with no line terminators
Size
2.4 kB (2442 bytes)
Hash
2fe914f1aca0f279fbb08f042011e026
d0aaf705499816c42e3f0585b5ce32b7a21172fb
97ec1c36edc47fe7a8e4e2cf47a0edfec8b32d46f91c3cd8b0a998d416658916

HTTP Headers

GET /css2?family=DM+Sans:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:22:56 GMT
date: Fri, 10 May 2024 16:22:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

0jfwyp.cc/assets/b127f522712fbfb0.css

172.67.219.64

200 OK

451 kB

URL GET HTTP/3
0jfwyp.cc/assets/b127f522712fbfb0.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (60575)
Size
451 kB (450823 bytes)
Hash
e9d9d8f3a5d31b17b3e842819b434c72
0fe4036ed61074ac1567e8466141a66438463192
53635eba1e4e2e0dfa7888164d18876fe310688ace220a11913fe5f8a613e351

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/b127f522712fbfb0.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:35:21 GMT
vary: Accept-Encoding
etag: W/"65e5ce19-6e107"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aC%2F4etQ4l%2BOHR1MX7K%2Bu%2FGGQ0oHwoLWRHddyaGLnELlP%2BmRmn%2Brhbo1QQ8YbJw%2FTQ%2B5PmoU2whqWDauRiSfidsmwh3bhe3FJRQPnqEo6B1IUR5w7dc4Tp7rk8Ck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b4df07127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/css/global-settings.css

172.67.219.64

200 OK

40 kB

URL GET HTTP/3
0jfwyp.cc/css/global-settings.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (1101), with CRLF line terminators
Size
40 kB (39508 bytes)
Hash
95d6c94ce89f6b67029dc7402ac3a606
e07ef4a403bd1feaaa3b107203e4960867fdf812
5886c77b9e9d626c7703b2d2eb1e37186528415a32afb7d406b1577e6b1f49a8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/global-settings.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:10 GMT
vary: Accept-Encoding
etag: W/"65e5cbb6-9a54"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6OWesPajtiqqiEWxQeuH1TK7Sx3PtWztQxjH%2FiTQypLibT4FvzU4kif3Zs0Uv%2FuwkudrMXqMLJVSPpxmKSn2AJC%2F68ySA5%2FApu2XvjPovsB%2Fco6vw7mSnnqPsRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b7e1d7127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/css/style2.min.css?_v=20240110074706

172.67.219.64

200 OK

31 kB

URL GET HTTP/3
0jfwyp.cc/css/style2.min.css?_v=20240110074706
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (30942), with no line terminators
Size
31 kB (30942 bytes)
Hash
61d4492565a6893c3826f750b5bfd2a8
4a1d86994e67cbf8f54a17577dbb9791af9a524f
436a4551f29bd087c0c04589f8f29c46e719e8147e0520ec1b63f14dbcfd2844

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/style2.min.css?_v=20240110074706 HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:31:52 GMT
vary: Accept-Encoding
etag: W/"65e5cd48-78de"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZ%2Fgc1olFkw0ij%2F919CjYRckQSzfV8OnlZewrWod8KbgXV74opN5nC3F77J1jwdKEAoWzqWJkC4hp0kPNGkAtB5KImA%2FQQwZIKelrJIp3tTcXw4Kdf6nkrEGPuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b4def7127-OSL
alt-svc: h3=":443"; ma=86400

unpkg.com/@solana/web3.js@latest/lib/index.iife.min.js

104.17.247.203

302 Found

441 kB

URL GET HTTP/2
unpkg.com/@solana/web3.js@latest/lib/index.iife.min.js
IP
104.17.247.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type

Size
441 kB (440902 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@solana/web3.js@latest/lib/index.iife.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@solana/web3.js@1.91.8/lib/index.iife.min.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HXHN07ATKKWRAVES49YNT45Q-arn
cf-cache-status: HIT
age: 29
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881b455bbe3e5687-OSL
X-Firefox-Spdy: h2

0jfwyp.cc/css/post-17.css

172.67.219.64

200 OK

11 kB

URL GET HTTP/3
0jfwyp.cc/css/post-17.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (10636), with no line terminators
Size
11 kB (10636 bytes)
Hash
31fb71d62ae3b5a217cc69fe667f74a6
887a649191074645ed2f58c2215fe4484e7be93a
1f20766ee5451584ee4a901d714e988994f402661c183b3ba9267aea5e79da19

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/post-17.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:12 GMT
vary: Accept-Encoding
etag: W/"65e5cbb8-298c"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bn%2FbTYsx%2BNc5QsUFvXbz%2FPY74P7J3C2psiHcMN2jGU1Q6WGBvX22e%2FoHEtyjh54hLwFbuEsV2wI5x4XBWoH%2FFaS077K9RReirdhwiURDFMx3zj88AC%2B8WuVqFbQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b7e247127-OSL
alt-svc: h3=":443"; ma=86400

openfpcdn.io/fingerprintjs/v3/iife.min.js

54.230.111.49

200 OK

34 kB

URL GET HTTP/2
openfpcdn.io/fingerprintjs/v3/iife.min.js
IP
54.230.111.49:443
ASN
#16509 AMAZON-02

Requested by
https://0jfwyp.cc/
Certificate
IssuerAmazon
Subjectopenfpcdn.io
Fingerprint85:08:B1:53:37:2A:DB:9A:7F:E8:12:9F:4F:B1:8D:39:80:04:2F:D6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sat, 25 Jan 2025 23:59:59 GMT

File type

Size
34 kB (33518 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fingerprintjs/v3/iife.min.js HTTP/1.1
Host: openfpcdn.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: CloudFront
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
date: Fri, 10 May 2024 16:08:52 GMT
cache-control: public, max-age=589271, s-maxage=10310
etag: W/"g0lRX7PXaA0LE6QJtkW/65jQkNA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: w9Eg9M3CUra-XoFACJekVHPRZjFK-r20iEZ4a0wuAXbHxmaVPaABGg==
age: 1079
X-Firefox-Spdy: h2

0jfwyp.cc/css/normalize.min.css

172.67.219.64

200 OK

2.2 kB

URL GET HTTP/3
0jfwyp.cc/css/normalize.min.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (2191), with no line terminators
Size
2.2 kB (2183 bytes)
Hash
d2b484423e17bff921250dab591d921d
443a551f294950ce68c30b4466b12c00d7b5c9b4
d62c42ca6fb70d314bcdf450100788b9abea7e700d9657a832ee8c2ee3b4637e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/normalize.min.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:17 GMT
vary: Accept-Encoding
etag: W/"65e5cbbd-887"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40jwZmkpqgGsDdFo5sMhfDUY%2B5Sh5p%2BxbujYdyPePbK1IbSFtxBaqXXt0qKrvU%2BJ8QD2jUm1aL24vtsqteqQUAh3O3SJBv7219Wqtir4Wo11YH5zKLWIqw94988%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b4deb7127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/css/post-17-defaults.css

172.67.219.64

200 OK

5.0 kB

URL GET HTTP/3
0jfwyp.cc/css/post-17-defaults.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (5002), with no line terminators
Size
5.0 kB (5002 bytes)
Hash
5e320c82fb49b85e832718a342060bb6
a8334169009a88c7831af8f6265e9ee9cb92db20
62c2b1735b9bf5f0d670ced0bf2864276a4ce434e3d043ee8781266d51655234

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/post-17-defaults.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:06 GMT
vary: Accept-Encoding
etag: W/"65e5cbb2-138a"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3nsMvhuDFaZXguxkifEc12hximKntuwBTHcGdiEPpgoE8oslycRzMKGM87t4aZ%2FKa67DpO6hBLbYfPLrcaAVDdBo9OXKCA7dmiKz%2BArApENwImuz%2Fughi%2FoYNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b6e107127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/css/swiper-bundle.min.css

172.67.219.64

200 OK

16 kB

URL GET HTTP/3
0jfwyp.cc/css/swiper-bundle.min.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (15564)
Size
16 kB (15820 bytes)
Hash
d99b925a9420543da2213e8b385b509b
f95469bb826f4cdd938468d66304469f74b1b5b9
9a97aa05415a96ff2abd0d6cdbadf36971122c4f9220d3a1c0eeb19ce78708ed

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/swiper-bundle.min.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:20 GMT
vary: Accept-Encoding
etag: W/"65e5cbc0-3dcc"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bkc6Vjq%2BfquVp8R5hDZChseCrJhSapPO6E4j%2BOtbGvwd%2BaBMSmE94zscgIhMVfaaGazShvkjXtpFH%2BXjQZRUOxki8SkzxSqamDKPjLcGQrYoTCISnH9DFJb8%2BQU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b5dff7127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/main.wif.js

172.67.219.64

200 OK

2.3 MB

URL GET HTTP/3
0jfwyp.cc/main.wif.js
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type

Size
2.3 MB (2304335 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.wif.js HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 23:36:55 GMT
vary: Accept-Encoding
etag: W/"661dba17-23294f"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fd%2FLhpSCO0AerDWHWrh%2B9JG0KIBSP3gbpF6vrMrjHq%2FiTatVC4%2B9juAr1IbIoj%2F9gHEs%2BLtU%2BNPvwPPL%2Fhd82dfSpUHo29da5MybLT8fR5DLohJ3rI9Xtra7O8o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b4ded7127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/css/post-24-defaults.css

172.67.219.64

200 OK

16 kB

URL GET HTTP/3
0jfwyp.cc/css/post-24-defaults.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with very long lines (15915), with no line terminators
Size
16 kB (15915 bytes)
Hash
f9ad9dfb017ab060cf0a3117542be760
a81534098cd4bf134817279ff6d0eaffcb33e2ad
ce8aa45f5e82c30b4ae3bd9c93c3b0e772dde4434ee6da0a433b292fe30460c8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/post-24-defaults.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:07 GMT
vary: Accept-Encoding
etag: W/"65e5cbb3-3e2b"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g4A7ntWnfu76iA3u1aS8nWlVy8fqYluEJGGio1vmC5MRW60J3eXv5QQrRPAMV3BOMFCsoAqGmBf6Se6NWmVi0dVv4iFu0sPQ4E1i4WRaTuPIHidVby9vMHj5r0Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b455b6e117127-OSL
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/css/selectors.css

172.67.219.64

200 OK

99 B

URL GET HTTP/3
0jfwyp.cc/css/selectors.css
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Requested by
https://0jfwyp.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
ASCII text, with no line terminators
Size
99 B (99 bytes)
Hash
d90c87cb7e4b21fa612ff5e68c38fbe9
675d35e2fde23bfaf9cfb7692ee0732672bf236e
ae31a7c0a47b5c84e4608f21ccaa808eb869f7e986df9a1667899fe92aa6481a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/selectors.css HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0jfwyp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 13:25:11 GMT
etag: W/"65e5cbb7-63"
expires: Fri, 10 May 2024 21:49:02 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 23634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kG97YSFgFHN9yHgXyO%2F7AkwBDv68lbITfzJTNwTuzEQxyuqL2YB4x9pqRGA2GWDEBKsPjdmCxM9PRM%2FD5lunPzY3wKecvZAbgTSD5GL%2FdXxIwcLKrEpl1bJhH1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b455b7e1e7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

0jfwyp.cc/

172.67.219.64

200 OK

71 kB

URL User Request GET HTTP/2
0jfwyp.cc/
IP
172.67.219.64:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject0jfwyp.cc
Fingerprint59:BC:E0:3E:C8:39:0C:E1:F4:29:28:E2:74:6E:C0:CD:E0:9E:64:93
ValidityFri, 03 May 2024 02:56:29 GMT - Thu, 01 Aug 2024 02:56:28 GMT

File type
HTML document, ASCII text, with very long lines (484)
Size
71 kB (70971 bytes)
Hash
ef27fa896f6c826243b55d8751028242
a1e90e2d7a9094e3e6dec7396f3ea4aacf6765ee
e681dbd1adecaa4aed5fcf6a6526b28bfaeba1c3c950bd4012e651b98adc60da

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 0jfwyp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:22:56 GMT
content-type: text/html
last-modified: Mon, 04 Mar 2024 14:06:13 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stHGmiypvqU8ecESK%2B3rQ3SEW6qOEg3KMuzmjKheqZX0JKbvssY%2BUlZgfoLrKpkayM8CSgTVP44siUvq8qGK5trSKJjn0RpfJ6iQ1Tm3Q85bd6NE0c8vj5FFM28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881b4555efc356b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (36)

URL GET HTTP/3

IP

ASN

Requested by