Report - 1y7fa.cc/

Report Overview

URL

1y7fa.cc/
IP

46.137.224.0

ASN

#16509 AMAZON-02
Submitted

2023-06-10T13:23:06Z

Access

public
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

38
Threat Detection Systems

59

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
1y7fa.cc (59)	unknown	2023-05-20 08:05:29	2023-06-04 12:30:00	26254	860019	54.255.148.186
token.im (1)	359301	2017-03-15 07:46:09	2023-06-09 19:51:57	420	2003	104.22.10.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-10T13:22:46Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:46Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:46Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-10T13:22:47Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/
2023-06-09	medium	1y7fa.cc/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (60)

URL IP Response Size

1y7fa.cc/

54.255.148.186

200 OK

6955

URL GET HTTP/2

1y7fa.cc/
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text

Size

6955
Hash

4b2d3b8c10dc17e01a3359fffcc84edb

dd02de669cfefaf8b79aa63463a6ae2ac1eff54d

eef7274f9c2c70b94015c24ad9b6dd4f1a531f1e875d4e08cb513cad7bfac16a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET / HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/html
date: Sat, 10 Jun 2023 13:22:46 GMT
etag: "80a47393ac92d91:0"
last-modified: Tue, 30 May 2023 04:09:49 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 6955
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/swiper.min.css

54.255.148.186

200 OK

4011

URL GET HTTP/2

1y7fa.cc/imTokenCommon/swiper.min.css
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (19513)

Size

4011
Hash

13e3477e9b99b8653e80def106e569e7

34a50a5848aea3d3b6345a2a29fea97d0b48e8c4

cbd3907ccf320bf09a971e16978df6d2293228febdbcffd158ce25011a6d68a1

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/swiper.min.css HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "ebacb831315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:24 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 4011
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/main.4963463c.js

54.255.148.186

200 OK

9754

URL GET HTTP/2

1y7fa.cc/imTokenCommon/main.4963463c.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (25072)

Size

9754
Hash

6e86da99f67bbab847e884f90031548d

50bb537f3f2f9830f372879a5e30ae44c57106a1

4437e8bd6766658472d2e8b715148244c08680ac84c4f6f9296cdac31371e9b1

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/main.4963463c.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "0c17832315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:26 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 9754
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/analytics.js

54.255.148.186

200 OK

20092

URL GET HTTP/2

1y7fa.cc/imTokenCommon/analytics.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (1325)

Size

20092
Hash

fda30e8a22c9bcd954fd8d0fadd0e77c

ae47cd34cbde081a48d7f92fc80aaf06a1381193

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/analytics.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "0c17832315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:26 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 20092
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/hm.js

54.255.148.186

200 OK

11172

URL GET HTTP/2

1y7fa.cc/imTokenCommon/hm.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (618)

Size

11172
Hash

c0f3a73a8993ba4fea94999373534fde

4b072a9945b9d4c17134ef04b90dfd75e98cc58c

51dbd8aa765971060ce45b957a5f483a176971dae746494cc1ed8c48893c22e7

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/hm.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "80571133315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:27 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 11172
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/analysis.js

54.255.148.186

200 OK

686

URL GET HTTP/2

1y7fa.cc/imTokenCommon/analysis.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (696)

Size

686
Hash

1c8e8c36dbbb921bfa3c76a5f189ff74

927c5a8c9ee4ac1e0624b023db736f25b0260dcf

ee935d04b7047e10e5ab56550d96e1f837a60a1263a55bcbc2a0bb0deda70ffc

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/analysis.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "99676f33315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:27 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 686
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/help-zh.js

54.255.148.186

200 OK

636

URL GET HTTP/2

1y7fa.cc/imTokenCommon/help-zh.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (527)

Size

636
Hash

b67459d4e03dfbda11d5cb2da06ddcf7

e88f5fe605ab4aedd0607acac2d414deff7bb8b2

bc85f81edd105cf3bca6ccd726558553f1d931158598bef160fcddd0e47eabb0

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/help-zh.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "79ece33315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:28 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 636
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/scrollreveal.min.js

54.255.148.186

200 OK

3121

URL GET HTTP/2

1y7fa.cc/imTokenCommon/scrollreveal.min.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (9095), with no line terminators

Size

3121
Hash

126cb7c432914f6c726ff146110dcb75

e5358bdb7769288dc7c2dc10508e98387e85b6e2

fd08659fe0f20fd14dcf4c3c5acdde64de96028174f59b0b3dc776b62be789b9

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/scrollreveal.min.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "80571133315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:27 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 3121
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/common.js

54.255.148.186

200 OK

1045

URL GET HTTP/2

1y7fa.cc/imTokenCommon/common.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text

Size

1045
Hash

f82ea3f9225dd45fec3eebd6e63c954c

2d6886dbbb8be31c4b2e4da073ce5230a6bfeb2a

59e2227be4a47a7fb1d43287da5e2df66f60a6dd98e606b7ec6995c46a14126a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/common.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "0eea933315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:28 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 1045
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/484c840239a025432effd6ecc373d498fa764368_CSS.4e604f4b.chunk.css

54.255.148.186

200 OK

15197

URL GET HTTP/2

1y7fa.cc/imTokenCommon/484c840239a025432effd6ecc373d498fa764368_CSS.4e604f4b.chunk.css
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (65536), with no line terminators

Size

15197
Hash

26943ce7723571872e2b202442174f76

725ba1ec11662845e76f792fefa4c2d7e1377063

ac35043f4c19bd76511cb7553a66eeff8f21e4d0c6e518bedbbf3b270b6826e2

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/484c840239a025432effd6ecc373d498fa764368_CSS.4e604f4b.chunk.css HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "ae526534315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:29 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 15197
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/styles.2224a2cf.chunk.css

54.255.148.186

200 OK

3718

URL GET HTTP/2

1y7fa.cc/imTokenCommon/styles.2224a2cf.chunk.css
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (14516), with no line terminators

Size

3718
Hash

faaf5afd32b289c34bc0e1e9f2d43db8

b8e7f8ff0c107f28903e70ec103412afbf8e4d0e

cf23c1a08436aa9ca2cbfdae42eb4979caa56f972b0c80caafe466a64956d6c8

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/styles.2224a2cf.chunk.css HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "dc119634315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:29 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 3718
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/0b502bd7632b779787e7571ed7da626349d4848b_CSS.b97c0dd0.chunk.css

54.255.148.186

200 OK

45356

URL GET HTTP/2

1y7fa.cc/imTokenCommon/0b502bd7632b779787e7571ed7da626349d4848b_CSS.b97c0dd0.chunk.css
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (65536), with no line terminators

Size

45356
Hash

aaf80d6ccff93c1d0b146af2a494c961

ca59012e21b1cc85afaa7309797ac8922ccc4304

2716d3320d4373beda8ea9b00f93b7859595d356f86e03b798c504f75441cf9b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/0b502bd7632b779787e7571ed7da626349d4848b_CSS.b97c0dd0.chunk.css HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "1ac53034315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:28 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 45356
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/framework.7425f7c0f2c0fa6b9f98.js

54.255.148.186

200 OK

40309

URL GET HTTP/2

1y7fa.cc/imTokenCommon/framework.7425f7c0f2c0fa6b9f98.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (65536), with no line terminators

Size

40309
Hash

e1ff77e618abd1dda42076059844b3bd

ef903e1a9fd286d99fd2c12321258d23632ddd12

3b23efa8cbbe6cf291780e1677d4dde9d3e6f1394c1a188ece60c5726df76815

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/framework.7425f7c0f2c0fa6b9f98.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "0fcd03a315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:40 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 40309
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/webpack-d7b2fb72fb7257504a38.js

54.255.148.186

200 OK

972

URL GET HTTP/2

1y7fa.cc/imTokenCommon/webpack-d7b2fb72fb7257504a38.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (1539), with no line terminators

Size

972
Hash

8c19f623e8389f11131a054a7e17ff95

d99fc5df50dc64e49c7fab8fed11709c88577303

26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/webpack-d7b2fb72fb7257504a38.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "ccc8f73a315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:40 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 972
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/a86f4b7efd9de9fd67c117702f5646c6a1b3c61d.fef06ab6fb43411cda49.js

54.255.148.186

200 OK

80251

URL GET HTTP/2

1y7fa.cc/imTokenCommon/a86f4b7efd9de9fd67c117702f5646c6a1b3c61d.fef06ab6fb43411cda49.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (65536), with no line terminators

Size

80251
Hash

9c8c7825994e08851a086391e4c87fe4

bd94c847928af5298e7a0ccf6354979c5d56eab6

656bc3b2ed785360eccfe3f73f6ee6bec4c0bb751dc8583e6e8d17f8f59d4fe7

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/a86f4b7efd9de9fd67c117702f5646c6a1b3c61d.fef06ab6fb43411cda49.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "0fcd03a315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:40 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 80251
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/_app-26afb46c84ae5083d2c8.js

54.255.148.186

200 OK

2876

URL GET HTTP/2

1y7fa.cc/imTokenCommon/_app-26afb46c84ae5083d2c8.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (7944), with no line terminators

Size

2876
Hash

3636ec28433fa1cf50647d0850f3f3fc

895a287647cd5edc53d9b6f758be3381e31513ac

b0dcd8fdc5b3ad0c817bb96054580e449a63f415c952d2abf96038c0951595e1

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/_app-26afb46c84ae5083d2c8.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "8092693b315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:41 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 2876
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/ab7bdd0af29a081632cc65532d6eb4eb4926a6c8.0d9e96011bfadc9b0a01.js

54.255.148.186

200 OK

10950

URL GET HTTP/2

1y7fa.cc/imTokenCommon/ab7bdd0af29a081632cc65532d6eb4eb4926a6c8.0d9e96011bfadc9b0a01.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (38748), with no line terminators

Size

10950
Hash

7e066e22a6a2c3b69b1b3455c3d70577

c5af39dc067ef26e437c1651b2ce36816789bdc3

6134bcb96ea349a385a92afeda300484da848307c1fbea537b5e50af1586ab56

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/ab7bdd0af29a081632cc65532d6eb4eb4926a6c8.0d9e96011bfadc9b0a01.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "8092693b315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:41 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 10950
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/484c840239a025432effd6ecc373d498fa764368_CSS.955cd01b185e91c5e5fc.js

54.255.148.186

200 OK

172

URL GET HTTP/2

1y7fa.cc/imTokenCommon/484c840239a025432effd6ecc373d498fa764368_CSS.955cd01b185e91c5e5fc.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with no line terminators

Size

172
Hash

092922c847857276e09f07690ba228b6

58af57d706abde6c2cfc903e3159f31c56ab92a4

6883cd41cde71a856edc40ec217867277c437fe4c2434a6f78fdc341a3f3de5f

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/484c840239a025432effd6ecc373d498fa764368_CSS.955cd01b185e91c5e5fc.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "3dc22f3d315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:43 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 172
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/0b502bd7632b779787e7571ed7da626349d4848b_CSS.bca366718f045dbe8189.js

54.255.148.186

200 OK

171

URL GET HTTP/2

1y7fa.cc/imTokenCommon/0b502bd7632b779787e7571ed7da626349d4848b_CSS.bca366718f045dbe8189.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with no line terminators

Size

171
Hash

7c1e88c4a68db82bfb3cbc3f81ac70c6

bacb2b2c74b3260235a5d5e950c5daec5fffbd6b

4c3a0d03a71141a5f6bbf5510a2c2f23566d1c9e292be0fe36e36a5fd7ae74eb

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/0b502bd7632b779787e7571ed7da626349d4848b_CSS.bca366718f045dbe8189.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "c4e29c3c315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:43 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 171
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/alarm.svg

54.255.148.186

200 OK

533

URL GET HTTP/2

1y7fa.cc/imTokenCommon/alarm.svg
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (308)

Size

533
Hash

b20df3089e50c545541d8ee900863574

451b3f7e7fd362deed7642033c480082bcb0674a

7c9ca78247b00b98096dc68fc15527fa07e332c5c87c7834e1511786a490af68

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/alarm.svg HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "7cd53235315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:30 GMT
server: Microsoft-IIS/10.0
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 533
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/_buildManifest.js

54.255.148.186

200 OK

1360

URL GET HTTP/2

1y7fa.cc/imTokenCommon/_buildManifest.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with very long lines (4344), with no line terminators

Size

1360
Hash

28de20c4df1b57f74fe5c870e1c821ff

36373ffc33850eaabed0da950d0a3a2316b6a0c2

426ee50dd6fcf9f1e6cf7d038de3fca1b464c80bfc9f2211a62d0e683423f07a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/_buildManifest.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "056333d315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:44 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 1360
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/_ssgManifest.js

54.255.148.186

200 OK

163

URL GET HTTP/2

1y7fa.cc/imTokenCommon/_ssgManifest.js
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

ASCII text, with no line terminators

Size

163
Hash

abee47769bf307639ace4945f9cfd4ff

c0a0dc51ee8a2852baf5ff30c33b1478ff302585

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/_ssgManifest.js HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "8ee8f93d315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:45 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
content-length: 163
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/subscribe.svg

54.255.148.186

200 OK

576

URL GET HTTP/2

1y7fa.cc/imTokenCommon/subscribe.svg
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text

Size

576
Hash

78f86cd737a9a0fcbfc9f23b1478550f

4b36dbf9b0d3e338565618d31c6f7aee0a073d85

5f2206d50773ff3d50037d78573b8b661efb7acc84c1412427b6472f15ef578a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/subscribe.svg HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "3be4573a315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:39 GMT
server: Microsoft-IIS/10.0
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 576
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/globe.svg

54.255.148.186

200 OK

693

URL GET HTTP/2

1y7fa.cc/imTokenCommon/globe.svg
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text

Size

693
Hash

10e9b7298119a70fcdb7ce6ed5430f6e

942e41acc75f1fd1ec6b33dd2cb21b29126c6bff

f55d4b245d10bad8715a66b9fc5461f23ecf2902bdf1c8ff7c6d04b41e0afea5

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/globe.svg HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "58e243a315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:38 GMT
server: Microsoft-IIS/10.0
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 693
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/discord.svg

54.255.148.186

200 OK

1344

URL GET HTTP/2

1y7fa.cc/imTokenCommon/discord.svg
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1240)

Size

1344
Hash

4843ef32f5106881cea9a4da691223cc

6f806744b2e9dc22ac05491301d663c7cd01f219

76e374e9e73d1f9fc28f6d5c31bd17fe07819599a35cb431f16cadba6b71e612

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/discord.svg HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "bb1af939315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:38 GMT
server: Microsoft-IIS/10.0
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 1344
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/medium.svg

54.255.148.186

200 OK

224

URL GET HTTP/2

1y7fa.cc/imTokenCommon/medium.svg
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text

Size

224
Hash

6a49621075d683c755db86def96ca77f

738d6ed4c702623f09a65afeeba6688d229f3f42

077943f1b01d0d63a8becbaa9f8a8af2aee71f368081f6a43576ce1e0da56049

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/medium.svg HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "c7af5539315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:37 GMT
server: Microsoft-IIS/10.0
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 224
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/github.svg

54.255.148.186

200 OK

696

URL GET HTTP/2

1y7fa.cc/imTokenCommon/github.svg
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (592)

Size

696
Hash

4149501d6f5d8ca92ce457bf972ddd58

914af4392becba78bf750a49b9bf2cdf50d3bbb4

77932b8662117bf991a79571d25775103f60a7625edfe9d7151a880144332e0b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/github.svg HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "487cc539315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:38 GMT
server: Microsoft-IIS/10.0
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 696
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/tokenfans(1).svg

54.255.148.186

200 OK

1664

URL GET HTTP/2

1y7fa.cc/imTokenCommon/tokenfans(1).svg
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1560)

Size

1664
Hash

4e04f06c03173fda09427b277300b06a

6929723c8522f86632090ca657e45e132f1ede02

2ffb6220e64d52868c4ac80421efeb49c990bac0af584b00987e76a541b23e6a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/tokenfans(1).svg HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "6f249039315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:37 GMT
server: Microsoft-IIS/10.0
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 1664
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/twitter.svg

54.255.148.186

200 OK

599

URL GET HTTP/2

1y7fa.cc/imTokenCommon/twitter.svg
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (495)

Size

599
Hash

9dbc7890b4c52dff09e7203babc8369a

3da674aa07c53f903cbc779b97f571f9c561f9e0

c3d38f32d68b9dc80f5c549c9cdacc274539b890ea894fccad065d4808e23bfe

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/twitter.svg HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "efe92539315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:37 GMT
server: Microsoft-IIS/10.0
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 599
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/down.svg

54.255.148.186

200 OK

273

URL GET HTTP/2

1y7fa.cc/imTokenCommon/down.svg
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text

Size

273
Hash

d89956a0a8163e9112a1ff134e0192e9

45c6ce6b806c0645ff9e9f4b66a68470a3df093f

88acc67d467b208ae457f5bf642512bdc29a9363ce05ca58806351f506c80ffb

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/down.svg HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "8d67ff38315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:36 GMT
server: Microsoft-IIS/10.0
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 273
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/business.svg

54.255.148.186

200 OK

834

URL GET HTTP/2

1y7fa.cc/imTokenCommon/business.svg
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (326)

Size

834
Hash

5edce84229c2295c6fc6b49a18afcda9

8e93ee77317b040d252bea7e41da9a405d76642f

f3752af7aab239ede54fdd4f23390750ad0d7719e2a60b63ab35166965b6b9c2

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/business.svg HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Sat, 10 Jun 2023 13:22:47 GMT
etag: "60a49738315d91:0"
last-modified: Wed, 21 Dec 2022 06:12:36 GMT
server: Microsoft-IIS/10.0
x-cache: UPDATING
x-powered-by: ASP.NET
content-length: 834
X-Firefox-Spdy: h2

1y7fa.cc/imTokenCommon/app-example.png

54.255.148.186

200 OK

15374

URL GET HTTP/2

1y7fa.cc/imTokenCommon/app-example.png
IP

54.255.148.186:443
ASN

#16509 AMAZON-02

Requested by

https://1y7fa.cc/
Certificate

IssuerLet's Encrypt

Subject1y7fa.cc

Fingerprint8C:69:2C:56:A1:F0:EE:2C:A7:B9:5E:8B:0C:32:8F:EA:5A:0C:01:C0

ValidityTue, 16 May 2023 05:34:04 GMT - Mon, 14 Aug 2023 05:34:03 GMT

Magic

PNG image data, 720 x 316, 8-bit colormap, non-interlaced\012- data

Size

15374
Hash

50dc94f68ed13a76f5ecf3f44a3b4700

79cd47a2e9b02e72884d23c10db40cb9fb5fe107

6d879640fafe9b02ff62caac7fb998f7b8c23bae0a020124054a22dfaf433b55

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /imTokenCommon/app-example.png HTTP/1.1
Host: 1y7fa.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1y7fa.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

```
                                        
```

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

#1 JS:Script (size: 37)

#2 JS:Script (size: 147)

#3 JS:Script (size: 210)

#4 JS:Script (size: 4344)

#5 JS:Script (size: 494383)

#6 JS:Script (size: 2743)

#7 JS:Script (size: 9095)

#8 JS:Script (size: 86659)

#9 JS:Script (size: 1539)

#10 JS:Script (size: 76)

#11 JS:Script (size: 129218)

#12 JS:Script (size: 935)

#13 JS:Script (size: 4691)

#14 JS:Script (size: 50230)

#15 JS:Script (size: 2483)

#16 JS:Script (size: 7944)

#17 JS:Script (size: 299972)

#18 JS:Script (size: 355553)

#19 JS:Script (size: 768)

#20 JS:Script (size: 69)

#21 JS:Script (size: 26119)

#22 JS:Script (size: 25186)

#23 JS:Script (size: 29778)

#24 JS:Script (size: 70)

#25 JS:Script (size: 38748)

#26 JS:Script (size: 55487)

#27 JS:Script (size: 65280)

#28 JS:Script (size: 73852)

HTTP Transactions (60)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

Magic

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

Magic

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

Magic

Size