Report - 19981201.com/wap/index.html

Report Overview

Submitted URL
19981201.com/wap/index.html
IP
3.35.200.198
ASN
#16509 AMAZON-02
Submitted
2024-04-26 17:41:01
Access
public
Website Title
Bet365
Final URL
19981201.com/wap/index.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
84

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
19981201.com	unknown	2022-09-29	2024-01-18	2024-04-10	7.5 kB	2.0 MB	3.35.200.198
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-25	512 B	1.2 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	19981201.com/wap/index.html	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365
2024-04-25	medium	19981201.com/	Bet365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed
2024-04-26	medium	19981201.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	19981201.com/wap/js/main.js?v=2	5.1 kB	2024-01-18	2024-05-04
Pretty URL 19981201.com/wap/js/main.js?v=2 IP 3.35.200.198 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-18 15:54:57 Last Seen2024-05-04 20:13:29 Times Seen42 Hash c8c2d37ffcbf4c93c7dac739e53e7b51 924d4cebf49674094d1929a2e77dfc55e7d799cf 4e00bfaaf6fbf68623e4bb9f17b1aaf7062cf848cccc6d073ba9cd7945637412 Loading...

	19981201.com/wap/index.html	0 B	2023-03-07	2024-05-07
Pretty URL 19981201.com/wap/index.html IP 3.35.200.198 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 08:46:42 Times Seen37398010 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	19981201.com/wap/js/jquery.min.js	86 kB	2023-03-07	2024-05-05
Pretty URL 19981201.com/wap/js/jquery.min.js IP 3.35.200.198 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:18 Last Seen2024-05-05 17:39:40 Times Seen4146 Hash b354cc9d56a1da6b0c77604d1b153850 a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732 fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46 Loading...

	19981201.com/wap/js/swiper.js	139 kB	2023-03-10	2024-05-04
Pretty URL 19981201.com/wap/js/swiper.js IP 3.35.200.198 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:34:53 Last Seen2024-05-04 20:13:29 Times Seen228 Hash 8a786c84ade8135da43e0317cd7cac60 dd1e65dd2ab79a3700ba054ec2e80af3e2cca251 b6a25bf723d8a4ad7dfd01a3124cf6866c3cecc58d43b106bf83618a53d16a6f Loading...

HTTP Transactions (22)

URL IP Response Size

19981201.com/wap/index.html

3.35.200.198

2.6 kB

URL User Request GET
19981201.com/wap/index.html
IP
3.35.200.198:0
ASN
#16509 AMAZON-02

File type
HTML document, Unicode text, UTF-8 text
Size
2.6 kB (2610 bytes)
Hash
2a44a8445b6b739eac1bc63266701cb6
31a887dd6893c6e00ca8da0f54d6ae21ec757de9
d8458b54fb7dba5f8c5ff1f7fd9d7e3027e9297aa001cbe230bcd9a113c652e4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/index.html HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:37 GMT
Content-Type: text/html
Last-Modified: Wed, 06 Dec 2023 10:56:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6570534c-2116"
Content-Encoding: gzip

19981201.com/wap/css/reset.css

3.35.200.198

200 OK

626 B

URL GET HTTP/1.1
19981201.com/wap/css/reset.css
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
ASCII text
Size
626 B (626 bytes)
Hash
ba1d59b0e53d380b12b3e97a428b3314
5fa4f471bf16e9cdf78c7446b59cce638093772c
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/css/reset.css HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:37 GMT
Content-Type: text/css
Last-Modified: Sat, 09 Apr 2022 11:48:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6251729d-444"
Expires: Sat, 27 Apr 2024 05:40:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

19981201.com/wap/css/swiper.css

3.35.200.198

200 OK

4.9 kB

URL GET HTTP/1.1
19981201.com/wap/css/swiper.css
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
ASCII text, with very long lines (15564)
Size
4.9 kB (4881 bytes)
Hash
8fa8ac8055c74bf212da77e3ffb81c73
436987189ee691ab192413f69ba662bdaf8c4f3b
b135eb62e9001e4b083a4ab1e4c97118b1c4bfa1de5fdaeb57d7f3d6c355f581

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/css/swiper.css HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:37 GMT
Content-Type: text/css
Last-Modified: Wed, 13 Apr 2022 15:04:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6256e68f-3dc9"
Expires: Sat, 27 Apr 2024 05:40:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

19981201.com/wap/css/main.css

3.35.200.198

200 OK

1.5 kB

URL GET HTTP/1.1
19981201.com/wap/css/main.css
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
ASCII text
Size
1.5 kB (1462 bytes)
Hash
306024e3a120f1c66c0cfa37003afdb3
fbc3fa5c751e3aa0b51610a87e76492bb3665811
29cc642a276fdf7f874567897213f7e40f94438ba0a2c405f0be03a70fc9b289

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/css/main.css HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: text/css
Last-Modified: Tue, 31 Oct 2023 08:37:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6540bcac-1111"
Expires: Sat, 27 Apr 2024 05:40:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

19981201.com/wap/js/main.js?v=2

3.35.200.198

200 OK

1.5 kB

URL GET HTTP/1.1
19981201.com/wap/js/main.js?v=2
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
JavaScript source, Unicode text, UTF-8 text
Size
1.5 kB (1501 bytes)
Hash
c8c2d37ffcbf4c93c7dac739e53e7b51
924d4cebf49674094d1929a2e77dfc55e7d799cf
4e00bfaaf6fbf68623e4bb9f17b1aaf7062cf848cccc6d073ba9cd7945637412

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/js/main.js?v=2 HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: application/javascript
Last-Modified: Fri, 01 Dec 2023 08:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"656995e6-13ed"
Expires: Sat, 27 Apr 2024 05:40:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

19981201.com/wap/images/icon-cs.png

3.35.200.198

200 OK

741 B

URL GET HTTP/1.1
19981201.com/wap/images/icon-cs.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
741 B (741 bytes)
Hash
e18866af2f9e36b04d958a0fa635dd2b
7c5400b0766ea789c3de47c56c622389b9379f50
b463943ad7032bc1cfe0ffa3ae88d6d9bdd387a5eb5d20289492b9684bbe9e61

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/icon-cs.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: image/png
Content-Length: 741
Last-Modified: Thu, 07 Apr 2022 08:36:34 GMT
Connection: keep-alive
ETag: "624ea292-2e5"
Expires: Sun, 26 May 2024 17:40:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/images/icon-ie.png

3.35.200.198

200 OK

719 B

URL GET HTTP/1.1
19981201.com/wap/images/icon-ie.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
719 B (719 bytes)
Hash
fe5c149e1520f8768cbf9ca824a35b53
6cdcd462b354ed1d78a1ccfb653a7bdaf0bc080d
8238e76b53aba82e4d8b02dcf05cd9303a8edfdd5530ac7bff759943e4be55c1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/icon-ie.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: image/png
Content-Length: 719
Last-Modified: Thu, 07 Apr 2022 08:37:38 GMT
Connection: keep-alive
ETag: "624ea2d2-2cf"
Expires: Sun, 26 May 2024 17:40:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/js/jquery.min.js

3.35.200.198

200 OK

34 kB

URL GET HTTP/1.1
19981201.com/wap/js/jquery.min.js
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
34 kB (33575 bytes)
Hash
b354cc9d56a1da6b0c77604d1b153850
a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/js/jquery.min.js HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: application/javascript
Last-Modified: Wed, 13 Apr 2022 16:04:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6256f4a5-14e49"
Expires: Sat, 27 Apr 2024 05:40:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

19981201.com/wap/js/swiper.js

3.35.200.198

200 OK

45 kB

URL GET HTTP/1.1
19981201.com/wap/js/swiper.js
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
JavaScript source, ASCII text, with very long lines (65283)
Size
45 kB (45003 bytes)
Hash
8a786c84ade8135da43e0317cd7cac60
dd1e65dd2ab79a3700ba054ec2e80af3e2cca251
b6a25bf723d8a4ad7dfd01a3124cf6866c3cecc58d43b106bf83618a53d16a6f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/js/swiper.js HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: application/javascript
Last-Modified: Wed, 13 Apr 2022 15:05:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6256e69d-22088"
Expires: Sat, 27 Apr 2024 05:40:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

19981201.com/wap/images/world.png

3.35.200.198

200 OK

136 kB

URL GET HTTP/1.1
19981201.com/wap/images/world.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 625 x 283, 8-bit/color RGBA, non-interlaced
Size
136 kB (135588 bytes)
Hash
8ed0756309b2126e404c3aa9a35709bf
4b860bf11d837a1ccae42426e1b1ee65019f812d
13cd5c525e28f38280fece52f9f51dfd0d6cd721867172c0ade73ae0f466e205

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/world.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: image/png
Content-Length: 135588
Last-Modified: Thu, 07 Apr 2022 08:41:00 GMT
Connection: keep-alive
ETag: "624ea39c-211a4"
Expires: Sun, 26 May 2024 17:40:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/images/background.jpg

3.35.200.198

200 OK

115 kB

URL GET HTTP/1.1
19981201.com/wap/images/background.jpg
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
JPEG image data, baseline, precision 8, 750x1103, components 3
Size
115 kB (115399 bytes)
Hash
1801f9346646d8ac6f28facc7f4d3893
faa3e5c69e57e1024b26a463dcae5fc5c4af4809
f953343f552d11f8df9f7ae266164776de1f004e35c3385bf03d08192624e58b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/background.jpg HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: image/jpeg
Content-Length: 115399
Last-Modified: Tue, 12 Apr 2022 08:13:18 GMT
Connection: keep-alive
ETag: "6255349e-1c2c7"
Expires: Sun, 26 May 2024 17:40:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/images/app-download.png

3.35.200.198

200 OK

6.4 kB

URL GET HTTP/1.1
19981201.com/wap/images/app-download.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 400 x 80, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6402 bytes)
Hash
72e85348cb1647aef08e4237f8fe2eb6
c4edbd535b9b6f87804c411b32174de1608c9dec
d6dc35efaa5673076ad2148a28c1d5a2849dafa89959b467a7950c8314e5639b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/app-download.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:39 GMT
Content-Type: image/png
Content-Length: 6402
Last-Modified: Thu, 07 Apr 2022 08:39:08 GMT
Connection: keep-alive
ETag: "624ea32c-1902"
Expires: Sun, 26 May 2024 17:40:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/images/banner4.png

3.35.200.198

200 OK

232 kB

URL GET HTTP/1.1
19981201.com/wap/images/banner4.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 750 x 440, 8-bit/color RGBA, non-interlaced
Size
232 kB (232271 bytes)
Hash
857ad61d53afb73d77676ddf64626528
0d149394e8392de7eb3b090c0e9a36fd3bb45827
487bb0ca6569e28759c9f0487b364185c58b510d94516bb23b02251de6ba337a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/banner4.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: image/png
Content-Length: 232271
Last-Modified: Thu, 07 Apr 2022 09:07:22 GMT
Connection: keep-alive
ETag: "624ea9ca-38b4f"
Expires: Sun, 26 May 2024 17:40:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/images/17365.com.png

3.35.200.198

200 OK

6.4 kB

URL GET HTTP/1.1
19981201.com/wap/images/17365.com.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 225 x 32, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6383 bytes)
Hash
134e4e4a962a4f53d1373c1eb0f942ea
3fbe28f2670e1daefd22d37dadcb94748dac9116
1b581b837cba254699f6a2663c3af67e657d04944d0a639547b4079624773dec

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/17365.com.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:39 GMT
Content-Type: image/png
Content-Length: 6383
Last-Modified: Mon, 02 May 2022 07:00:47 GMT
Connection: keep-alive
ETag: "626f819f-18ef"
Expires: Sun, 26 May 2024 17:40:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/images/banner3.png

3.35.200.198

200 OK

279 kB

URL GET HTTP/1.1
19981201.com/wap/images/banner3.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 769 x 443, 8-bit/color RGBA, non-interlaced
Size
279 kB (278867 bytes)
Hash
6c9930a0fef87874d80a9837b5fa4db8
66f7a89754912248b6c117310a7592c275ec5c5c
0f4f25bab208915983ecdf6f88ee076c79295e051359ac246ca2ef50132b02d1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/banner3.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: image/png
Content-Length: 278867
Last-Modified: Fri, 04 Nov 2022 10:32:11 GMT
Connection: keep-alive
ETag: "6364ea2b-44153"
Expires: Sun, 26 May 2024 17:40:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/images/banner1.png

3.35.200.198

200 OK

241 kB

URL GET HTTP/1.1
19981201.com/wap/images/banner1.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 750 x 440, 8-bit/color RGBA, non-interlaced
Size
241 kB (240830 bytes)
Hash
d1abaad6758ad52f4ccfab416c8c2271
e23191472b227f762501ad7815b6f1c455870863
5d07329621796948951e2ea27323c07d2c927f10f77405c996091c1a9921d916

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/banner1.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:39 GMT
Content-Type: image/png
Content-Length: 240830
Last-Modified: Thu, 07 Apr 2022 09:06:48 GMT
Connection: keep-alive
ETag: "624ea9a8-3acbe"
Expires: Sun, 26 May 2024 17:40:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/images/banner2.png

3.35.200.198

200 OK

245 kB

URL GET HTTP/1.1
19981201.com/wap/images/banner2.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 750 x 440, 8-bit/color RGBA, non-interlaced
Size
245 kB (244573 bytes)
Hash
0d61ed620abb468a677557693e2bd0aa
d97a5f1bef6ae0f8d5517d918fcdbb693b3d6714
e5c7a143c8ba4ea193ef0e8a7154f408696479226bf68adcd9389a22cf462b8e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/banner2.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:38 GMT
Content-Type: image/png
Content-Length: 244573
Last-Modified: Thu, 07 Apr 2022 09:07:02 GMT
Connection: keep-alive
ETag: "624ea9b6-3bb5d"
Expires: Sun, 26 May 2024 17:40:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/img/Pagcor.png

3.35.200.198

200 OK

96 kB

URL GET HTTP/1.1
19981201.com/wap/img/Pagcor.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 498 x 501, 8-bit/color RGBA, non-interlaced
Size
96 kB (95751 bytes)
Hash
a25cf5bad7c30a8b84aec22d84d42073
e7a068297d7366bab25d189c511978d6f7436dd2
073d4231b38a6aa3b6e4eee50b68702018501d21d2ce9d92404825fe9f9833b2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/img/Pagcor.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:39 GMT
Content-Type: image/png
Content-Length: 95751
Last-Modified: Tue, 31 Oct 2023 07:54:17 GMT
Connection: keep-alive
ETag: "6540b2a9-17607"
Expires: Sun, 26 May 2024 17:40:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/images/banner5.png

3.35.200.198

200 OK

292 kB

URL GET HTTP/1.1
19981201.com/wap/images/banner5.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 750 x 440, 8-bit/color RGBA, non-interlaced
Size
292 kB (292106 bytes)
Hash
3084b603e7bf5e3f6c47f8f767a5a99c
61216b09e9d697ae1f2f240561de702c20e938f6
38b3292e638e8cc5f7caec184ae66cf740d77d86106f76fba573006b96971e6e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/banner5.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:39 GMT
Content-Type: image/png
Content-Length: 292106
Last-Modified: Thu, 07 Apr 2022 09:07:32 GMT
Connection: keep-alive
ETag: "624ea9d4-4750a"
Expires: Sun, 26 May 2024 17:40:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/wap/images/banner6.png

3.35.200.198

200 OK

274 kB

URL GET HTTP/1.1
19981201.com/wap/images/banner6.png
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
PNG image data, 750 x 440, 8-bit/color RGBA, non-interlaced
Size
274 kB (274131 bytes)
Hash
b9fbbf0828a0dd2760ece32f417c1cff
5c23376291f4acb2094ece3cb3582c6dcd575f1b
459fdd5ba366f8ec7dc138186766c0280e48ae14fb7648ca9489b3eeeff59b89

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wap/images/banner6.png HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:40:40 GMT
Content-Type: image/png
Content-Length: 274131
Last-Modified: Tue, 12 Apr 2022 08:03:18 GMT
Connection: keep-alive
ETag: "62553246-42ed3"
Expires: Sun, 26 May 2024 17:40:40 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

19981201.com/favicon.ico

3.35.200.198

404 Not Found

146 B

URL GET HTTP/1.1
19981201.com/favicon.ico
IP
3.35.200.198:80
ASN
#16509 AMAZON-02

Requested by
http://19981201.com/wap/index.html

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 19981201.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://19981201.com/wap/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 26 Apr 2024 17:40:40 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=aDG2k5SN8vu1wurr1mF8Ab6kQR7CAxEsfP2hf4tGZYCzE06UZrnh7tZXqGrpeMTjmnio9hN7sLQ95zDpwv1v6wgaOGufnLoGpchHwosRYvJH66AAcSKrwRqZiSsdxE1H
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 26 Apr 2024 17:40:43 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 11
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (22)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections