| 51.89.7.33/gamehelpers/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa | 51.89.7.33 | 302 Moved Temporarily | 138 B |
URL User Request GET HTTP/1.151.89.7.33/gamehelpers/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa IP51.89.7.33:80
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /gamehelpers/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa HTTP/1.1
Host: 51.89.7.33
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 19 Apr 2024 10:11:58 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://1.1.1.1?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa
|
|
| 1.1.1.1/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa | 1.1.1.1 | 302 Found | 143 B |
URL User Request GET HTTP/21.1.1.1/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa IP1.1.1.1:443
CertificateIssuerDigiCert Inc Subjectcloudflare-dns.com FingerprintAE:19:17:2E:6B:EB:DC:B2:49:25:F5:E9:48:57:7A:9E:62:C7:41:71 ValiditySat, 30 Dec 2023 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashcb7b8f439b04c00f4a2d78160ddfee8d 9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4 12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa HTTP/1.1
Host: 1.1.1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 19 Apr 2024 10:11:58 GMT
content-type: text/html
content-length: 143
location: https://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8z0320%2BmClb%2FH%2B6kgEnT2OhlnXxwNxb9jwlhQ648hL8ryMIBuO0w%2F%2Bys%2B7HH2Z7rBuVJ8qTlxcMuhzH8adSFSmJ6DDnDT4O6Pw8%2BtGTtIE117pmecg%2FYATg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c1d1368cb7131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| one.one.one.one/media/warp-desktop.png | 1.1.1.1 | 200 OK | 124 kB |
URL GET HTTP/3one.one.one.one/media/warp-desktop.png IP1.1.1.1:443
Requested byhttps://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa CertificateIssuerGoogle Trust Services LLC Subjectone.one.one Fingerprint89:91:FB:DC:3A:D4:93:CE:3E:ED:10:5A:96:CF:C6:1E:03:E2:EE:F3 ValidityWed, 03 Apr 2024 04:55:58 GMT - Tue, 02 Jul 2024 04:55:57 GMT
File typePNG image data, 2088 x 1583, 8-bit/color RGBA, non-interlaced Size124 kB (124178 bytes) Hash95a41d54ff2403259fafc97c86ce7209 3bee325e6a3a32e77f013a02f1633065addf77f3 8625f613c844d8200581cae23751fc767e74074c96f0023a47fa9b2a9cae72ab
GET /media/warp-desktop.png HTTP/1.1
Host: one.one.one.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:11:58 GMT
content-type: image/png
content-length: 124178
cf-ray: 876c1d15593a1c06-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f9d665a26438ecf5f63b4e368385a0c7"
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| one.one.one.one/media/warp-desktop-3.png | 1.1.1.1 | | 93 kB |
URL one.one.one.one/media/warp-desktop-3.png IP1.1.1.1:0
CertificateIssuerGoogle Trust Services LLC Subjectone.one.one Fingerprint89:91:FB:DC:3A:D4:93:CE:3E:ED:10:5A:96:CF:C6:1E:03:E2:EE:F3 ValidityWed, 03 Apr 2024 04:55:58 GMT - Tue, 02 Jul 2024 04:55:57 GMT
File typePNG image data, 892 x 774, 8-bit/color RGBA, non-interlaced Hash34a0d497f354434aaa971b866f3322f5 672baf42ee6d869b639e131e794b9115ae88c521 7108c64ea8328c1f71614126057a1b95e36f46085e3af4a3e55f4acc2f4a8da5
GET /media/warp-desktop-3.png HTTP/1.1
Host: one.one.one.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:11:58 GMT
content-type: image/png
content-length: 93321
cf-ray: 876c1d15593b1c06-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "4b6059c52ac3dad00437e44fadb45989"
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| one.one.one.one/media/warp-plus.png | 1.1.1.1 | | 78 kB |
URL one.one.one.one/media/warp-plus.png IP1.1.1.1:0
CertificateIssuerGoogle Trust Services LLC Subjectone.one.one Fingerprint89:91:FB:DC:3A:D4:93:CE:3E:ED:10:5A:96:CF:C6:1E:03:E2:EE:F3 ValidityWed, 03 Apr 2024 04:55:58 GMT - Tue, 02 Jul 2024 04:55:57 GMT
File typePNG image data, 892 x 774, 8-bit/color RGBA, non-interlaced Hashf5918313b9fee076343c6a7a538d891c a354dfeb740394ef66847044b4c8fff163d04de3 61d3a20e9ea49ebbe55257a49b91eb2f4780d4bb9d5b600ee558c93b441ce937
GET /media/warp-plus.png HTTP/1.1
Host: one.one.one.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:11:58 GMT
content-type: image/png
content-length: 78099
cf-ray: 876c1d15593c1c06-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ef882c088608d5a74c5469f59a3b4fa3"
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| one.one.one.one/media/warp-desktop-2.png | 1.1.1.1 | 200 OK | 226 kB |
URL GET HTTP/3one.one.one.one/media/warp-desktop-2.png IP1.1.1.1:443
Requested byhttps://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa CertificateIssuerGoogle Trust Services LLC Subjectone.one.one Fingerprint89:91:FB:DC:3A:D4:93:CE:3E:ED:10:5A:96:CF:C6:1E:03:E2:EE:F3 ValidityWed, 03 Apr 2024 04:55:58 GMT - Tue, 02 Jul 2024 04:55:57 GMT
File typePNG image data, 2580 x 2054, 8-bit/color RGBA, non-interlaced Size226 kB (225857 bytes) Hash1ee93fd5b1a52779f92966893d2f2760 4bff0818c851d8aa9df80fc8162f3217a47dc2a0 3770f3dabad588f13acbc193f584f2d4a083dcad03b9c72422d1682c916b3974
GET /media/warp-desktop-2.png HTTP/1.1
Host: one.one.one.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:11:58 GMT
content-type: image/png
content-length: 225857
cf-ray: 876c1d15593f1c06-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "7f34884f4aa7d9998d6063246e35d288"
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| one.one.one.one/media/lighthouse.svg | 1.1.1.1 | 200 OK | 11 kB |
URL GET HTTP/3one.one.one.one/media/lighthouse.svg IP1.1.1.1:443
Requested byhttps://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa CertificateIssuerGoogle Trust Services LLC Subjectone.one.one Fingerprint89:91:FB:DC:3A:D4:93:CE:3E:ED:10:5A:96:CF:C6:1E:03:E2:EE:F3 ValidityWed, 03 Apr 2024 04:55:58 GMT - Tue, 02 Jul 2024 04:55:57 GMT
File typegzip compressed data, from Unix Hash3bb2ad34b4a76990fa7c4e873a09806e 4f37c88f5c341a26ea71547e5d95dc71435d24e8 56acbfaa7ef59c5b59a7b466b3ba93cc57a8856be5501040fb669266699c8bb7
GET /media/lighthouse.svg HTTP/1.1
Host: one.one.one.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:11:58 GMT
content-type: image/svg+xml
cf-ray: 876c1d1559401c06-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"54abbadd6e90b7ccec907f77ec3ba1e6"
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
|
|
| one.one.one.one/favicon.ico | 1.1.1.1 | 200 OK | 15 kB |
URL GET HTTP/3one.one.one.one/favicon.ico IP1.1.1.1:443
Requested byhttps://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa CertificateIssuerGoogle Trust Services LLC Subjectone.one.one Fingerprint89:91:FB:DC:3A:D4:93:CE:3E:ED:10:5A:96:CF:C6:1E:03:E2:EE:F3 ValidityWed, 03 Apr 2024 04:55:58 GMT - Tue, 02 Jul 2024 04:55:57 GMT
File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hash7ec3b35e645de5ae233e3df22f8121da 152f862a99cedac23e274708e093cd80080a87df ddb3316592b68a1f691cd2bf751f405d82c48fd4d194f86ce40f125d70ccccf8
GET /favicon.ico HTTP/1.1
Host: one.one.one.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:11:59 GMT
content-type: image/vnd.microsoft.icon
cf-ray: 876c1d1619a81c06-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"15fc948e1044314bcf16069f19e0dc2b"
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
|
|
| one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa | 1.1.1.1 | 200 OK | 57 kB |
URL User Request GET HTTP/2one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa IP1.1.1.1:443
CertificateIssuerGoogle Trust Services LLC Subjectone.one.one Fingerprint89:91:FB:DC:3A:D4:93:CE:3E:ED:10:5A:96:CF:C6:1E:03:E2:EE:F3 ValidityWed, 03 Apr 2024 04:55:58 GMT - Tue, 02 Jul 2024 04:55:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa HTTP/1.1
Host: one.one.one.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:11:58 GMT
content-type: text/html; charset=utf-8
cf-ray: 876c1d13a8a856c0-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5dd740d0e716a31c1b8437db0263fa93"
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| one.one.one.one/site-c58cb85ce829b35a363c.js | 1.1.1.1 | 200 OK | 95 kB |
URL GET HTTP/3one.one.one.one/site-c58cb85ce829b35a363c.js IP1.1.1.1:443
Requested byhttps://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa CertificateIssuerGoogle Trust Services LLC Subjectone.one.one Fingerprint89:91:FB:DC:3A:D4:93:CE:3E:ED:10:5A:96:CF:C6:1E:03:E2:EE:F3 ValidityWed, 03 Apr 2024 04:55:58 GMT - Tue, 02 Jul 2024 04:55:57 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash779f720b57b326c5be80e7c8aceb812f af6b746bed3bc70c127bb79f85eb68b4f7afff8d ecb7d6f9838bd5d317bc7f88951d51e926d2da1a3efcce926a16de772a54efd0
GET /site-c58cb85ce829b35a363c.js HTTP/1.1
Host: one.one.one.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one.one.one.one/?gamehelpers_testcon&hash=nut7YTJhWsukCmknPXoueeNcuqELYipvhI9lBYmDVkWa
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:11:58 GMT
content-type: application/javascript
cf-ray: 876c1d1559411c06-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"082e920fd5b30422f3a306a083de6ec1"
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
|
|