| 1win-bk-online.top/img/intro.webp | 172.67.173.33 | 200 OK | 85 kB |
URL GET HTTP/31win-bk-online.top/img/intro.webp IP172.67.173.33:443
Requested byhttps://1win-bk-online.top/ CertificateIssuerGoogle Trust Services LLC Subject1win-bk-online.top Fingerprint3A:2A:FD:5E:78:DB:53:B8:8D:06:21:FB:C6:22:E7:F1:C3:FD:3D:C7 ValiditySat, 23 Mar 2024 00:05:02 GMT - Fri, 21 Jun 2024 00:05:01 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1440x1306, Scaling: [none]x[none], YUV color, decoders should clamp Hash91b67c94f94b0fa3485a5da320e7af8c fb1bfcf33e7303d30a34a162c286ca8f28eb5184 4b55cb3bd71cb0e780bc32f9a37d48374f42efced206886d69602c5b4366fb82
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/intro.webp HTTP/1.1
Host: 1win-bk-online.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1win-bk-online.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 18:41:01 GMT
content-type: image/webp
content-length: 84556
last-modified: Sat, 23 Mar 2024 01:22:37 GMT
etag: "65fe2edd-14a4c"
expires: Thu, 09 May 2024 18:41:01 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IAP8WvTaFGaNUHiIXTv9F45%2F4IA9fSjBVmRjKvEWEE5hYf%2F2B3lo8ERFiExGwYos30etb7xPGjSLS4s7oQ%2F5TALDqsne7kxlsC1Hp71MiScrpwyoO5zVk2swoWbglwmlJW%2BlNp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b94e23a6cb4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.ampproject.org/v0.js | 142.250.74.65 | 200 OK | 73 kB |
IP142.250.74.65:443
Requested byhttps://1win-bk-online.top/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64654) Hash3b2111f019d104164d5a800eeae7abf9 019b3e772fada2bb1772df0f8ff3de71ccf392aa b3d6c26e864ccd4da281f37b50f9acf8508c504780be13a0e8094ae3e557ac8a
GET /v0.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1win-bk-online.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 73084
date: Wed, 08 May 2024 18:41:01 GMT
expires: Wed, 08 May 2024 18:41:01 GMT
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "5fd6afb7d4b2d5d6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0/amp-sidebar-0.1.js | 142.250.74.65 | 200 OK | 9.6 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-sidebar-0.1.js IP142.250.74.65:443
Requested byhttps://1win-bk-online.top/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (31247) Hashe60142d9cc427304f82966ffdfe50f04 f74f873a42a95ae0f6fc4326ec84591f55e024d6 7c7c3c41459bb5e0deed5ebc2f12aea19f4fcf93a726c5b6d944e1dd25731667
GET /v0/amp-sidebar-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1win-bk-online.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 9643
date: Wed, 08 May 2024 18:41:01 GMT
expires: Wed, 08 May 2024 18:41:01 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "0b2bf20751623deb"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0/amp-analytics-0.1.js | 142.250.74.65 | 200 OK | 32 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-analytics-0.1.js IP142.250.74.65:443
Requested byhttps://1win-bk-online.top/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (65534) Hash6ef4028f1fcaa60e5bdcf409fcbb0919 6a2383f9feb3632f64cd09e8906758874fa12b26 dbb051616bead73c41c4507d1214d5e14e06e1fa6dc93b084596047a61f66896
GET /v0/amp-analytics-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1win-bk-online.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 32196
date: Wed, 08 May 2024 18:41:02 GMT
expires: Wed, 08 May 2024 18:41:02 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "be8b49f71f839540"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/rtv/012404230718000/v0/amp-auto-lightbox-0.1.js | 142.250.74.65 | 200 OK | 3.0 kB |
URL GET HTTP/3cdn.ampproject.org/rtv/012404230718000/v0/amp-auto-lightbox-0.1.js IP142.250.74.65:443
Requested byhttps://1win-bk-online.top/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (7690) Hash2f5409797573545ef00da57189731689 20ac241032e56151958c680707209c9c298868e3 9c2ac126d439f7e51f5ab6961f5a4d567bcad323ee2450998df29515cf0ad765
GET /rtv/012404230718000/v0/amp-auto-lightbox-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1win-bk-online.top
DNT: 1
Connection: keep-alive
Referer: https://1win-bk-online.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 2976
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 09:50:15 GMT
expires: Thu, 08 May 2025 09:50:15 GMT
cache-control: public, max-age=31536000
etag: "7e4a961a3c2d0fa7"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 31847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 1win-bk-online.top/assets/img/icon.svg | 172.67.173.33 | 404 Not Found | 724 B |
URL GET HTTP/31win-bk-online.top/assets/img/icon.svg IP172.67.173.33:443
Requested byhttps://1win-bk-online.top/ CertificateIssuerGoogle Trust Services LLC Subject1win-bk-online.top Fingerprint3A:2A:FD:5E:78:DB:53:B8:8D:06:21:FB:C6:22:E7:F1:C3:FD:3D:C7 ValiditySat, 23 Mar 2024 00:05:02 GMT - Fri, 21 Jun 2024 00:05:01 GMT
File typeHTML document, ASCII text Hash6190dfe00c029e716da89c99d17e947c acab5179f4ac619063466e3f8a51813580c9fcba f77cbb5fcc3e72c5636d48f881f0dbae945b59c4839ea86fccbf5de5210b6a3b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/icon.svg HTTP/1.1
Host: 1win-bk-online.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1win-bk-online.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 18:41:02 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQ9ngO%2BOlr2iI%2F%2Bz83IOaioXaNbanDfXhwUrnsBeIC39BVTVVuPZMZ6Fhwp93vmtJGXQoCeoPmRic3rIgZTchnZhDO7EiMcIk8sZr2L4rXQHC9Ut6b5J6ltJUUjx%2Flg13MbF%2BLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b94e7ff37b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 172.67.173.33 | 200 OK | 52 kB |
URL User Request GET HTTP/2IP172.67.173.33:443
CertificateIssuerGoogle Trust Services LLC Subject1win-bk-online.top Fingerprint3A:2A:FD:5E:78:DB:53:B8:8D:06:21:FB:C6:22:E7:F1:C3:FD:3D:C7 ValiditySat, 23 Mar 2024 00:05:02 GMT - Fri, 21 Jun 2024 00:05:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 1win-bk-online.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:41:01 GMT
content-type: text/html
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e7AxHXYZqIgGGHUp41TSG4m5ajyB1cGTuo5xJLZtqEU%2Bkb48FX10R%2BXkN4HaMvQA7vzzBEI6gua5fQbMeDP9I0KGKWJ5tV6PT%2FVoBE4OYnmn5VKikhSzWOL6akhdev8zQclOcU8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880b94dfbf2d5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1win-bk-online.top/img/logo.svg | 172.67.173.33 | 200 OK | 9.6 kB |
URL GET HTTP/31win-bk-online.top/img/logo.svg IP172.67.173.33:443
Requested byhttps://1win-bk-online.top/ CertificateIssuerGoogle Trust Services LLC Subject1win-bk-online.top Fingerprint3A:2A:FD:5E:78:DB:53:B8:8D:06:21:FB:C6:22:E7:F1:C3:FD:3D:C7 ValiditySat, 23 Mar 2024 00:05:02 GMT - Fri, 21 Jun 2024 00:05:01 GMT
File typeSVG Scalable Vector Graphics image Hash9d29b78603c2f15cdc802a4c20f35335 7970c40bba8d3608298a82eca2bdcfcd5e788a01 3ba7737ec14f8a06b84bf889ba46efecb3d7c567e2750d49a517d169cd840a8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/logo.svg HTTP/1.1
Host: 1win-bk-online.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1win-bk-online.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 18:41:01 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Mar 2024 15:19:02 GMT
etag: W/"65fda166-25a5"
expires: Thu, 09 May 2024 18:41:01 GMT
cache-control: max-age=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJzMNo9vYuUYkkkNlNNMQ3aozMcRAQfAikBUK5vZpB8Y%2FjMoSi6zFn7ek7IR90zn%2FxU25KBRVIz8oLBiCCUVWL9A1r5yvrZVEa6LfEFf90RvxPgnL2VFYnbq%2Fhi%2BteBD6jsnTc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b94e21a36b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1win-bk-online.top/save-referrer.php?referrer=&url=https%3A%2F%2Fwww.elektrozavod.ru%2F | 172.67.173.33 | 200 OK | 0 B |
URL POST HTTP/31win-bk-online.top/save-referrer.php?referrer=&url=https%3A%2F%2Fwww.elektrozavod.ru%2F IP172.67.173.33:443
Requested byhttps://1win-bk-online.top/ CertificateIssuerGoogle Trust Services LLC Subject1win-bk-online.top Fingerprint3A:2A:FD:5E:78:DB:53:B8:8D:06:21:FB:C6:22:E7:F1:C3:FD:3D:C7 ValiditySat, 23 Mar 2024 00:05:02 GMT - Fri, 21 Jun 2024 00:05:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /save-referrer.php?referrer=&url=https%3A%2F%2Fwww.elektrozavod.ru%2F HTTP/1.1
Host: 1win-bk-online.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://1win-bk-online.top
DNT: 1
Connection: keep-alive
Referer: https://1win-bk-online.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Wed, 08 May 2024 18:41:02 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UO20VFyLJENWtM7umsqd54OPMAcfs8uyPDinsu1tibmDrGNjs330jmAyhVQAZ5hX5CzlaVJR6byjc8nZutzOMpDX4DrrQK86ifOPw6qRuetv4g0IhNyNNt5lmc249t%2FsLS9%2FZ9o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880b94e80f80b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|