| wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html |  104.21.11.61 | 200 OK | 16 kB |
URL User Request GET wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html IP104.21.11.61:443
CertificateIssuerGoogle Trust Services Subjectjdi5.com Fingerprint72:D9:F2:DA:D3:46:76:03:EE:75:95:B5:8F:33:2E:BC:23:32:C9:AD ValiditySun, 02 Mar 2025 20:16:34 GMT - Sat, 31 May 2025 21:15:07 GMT
File typeHTML document, ASCII text, with very long lines (486) Hash1d7904ea94c0c9b3096fc396e141e303 2e5a117883b45342dfc94ec9e718686537411b11 dcdb1e08fa576bfa7e765d77d2a5926b08c6e289860bda2aff7db77bf9be1c4f
GET /download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZSrnVX1aJ49gATPIvRdiRZ13VZwmGNYsG%2BhkxWpPyNGWMvBeQVSX5d8%2FJhrXSiGtddYORzdCpYgrXQBuM9G%2FDJ%2BhSty9r2X4S2UT6qSFuhURLZowi4T%2FyaAVIzfig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91c68ed75e5756c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1106&min_rtt=550&rtt_var=782&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3267&recv_bytes=1436&delivery_rate=7554782&cwnd=245&unsent_bytes=0&cid=e546ba7e9977cb0e&ts=96&x=0"
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/submit.php | 172.67.135.38 | 200 OK | 1.4 kB |
URL GET 1337x1.wb4.xyz/submit.php IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectwb4.xyz Fingerprint05:1F:C8:2C:04:C7:7B:52:1A:46:21:E3:56:78:C8:32:42:5C:ED:64 ValidityTue, 04 Feb 2025 04:01:18 GMT - Mon, 05 May 2025 04:59:42 GMT
File typeHTML document, ASCII text, with very long lines (1550), with no line terminators Hash6e04ae0291ac5a7135a90f8412fc718b 272168b78030b90e73971a3d23198395f34427dc 9b52547de8e5044f81cd0541d0767209ea6f543ac5f59fdea4928533dcd3ff2a
GET /submit.php HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wk.jdi5.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9mDpdtAdpzcfqTcl%2BIduKIslPbQB%2Fgv%2FQ3DYozHG8UnCIYbjBJ2x%2BMIKRWe6uDqzsBF8gK8Rmnw2kwAxvsNLWV6tdrZctLuuO3YBHdlHwlcy8Vh2N7HCxIfBUCTrLj8m2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91c68ee139a51c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5108&min_rtt=619&rtt_var=8989&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3262&recv_bytes=1350&delivery_rate=5738441&cwnd=254&unsent_bytes=0&cid=8708a70931a4c0c9&ts=133&x=0"
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/submit.php | 172.67.135.38 | 200 OK | 1.4 kB |
URL GET 1337x1.wb4.xyz/submit.php IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectwb4.xyz Fingerprint05:1F:C8:2C:04:C7:7B:52:1A:46:21:E3:56:78:C8:32:42:5C:ED:64 ValidityTue, 04 Feb 2025 04:01:18 GMT - Mon, 05 May 2025 04:59:42 GMT
File typeHTML document, ASCII text, with very long lines (1550), with no line terminators Hash6e04ae0291ac5a7135a90f8412fc718b 272168b78030b90e73971a3d23198395f34427dc 9b52547de8e5044f81cd0541d0767209ea6f543ac5f59fdea4928533dcd3ff2a
GET /submit.php HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wk.jdi5.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15fhBuDf%2F7kR%2B%2FzgRgbmtI%2FpEnawV%2F8DSRiId4lgNxSW%2BeCxd8oEcCLcbyFnCCXiM4plx8z9wn9hReXEZgivD6dlgI0xFnsZa3OJqjnorSNzykirj6Kh1t7UusX9bixoWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91c68ee179cb1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4878&min_rtt=619&rtt_var=7202&sent=10&recv=13&lost=0&retrans=0&sent_bytes=4405&recv_bytes=1350&delivery_rate=5738441&cwnd=257&unsent_bytes=0&cid=8708a70931a4c0c9&ts=173&x=0"
X-Firefox-Spdy: h2
|
|
| naupsithizeekee.com/tag.min.js | 188.114.96.1 | 200 OK | 100 kB |
URL GET naupsithizeekee.com/tag.min.js IP188.114.96.1:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerGoogle Trust Services Subjectnaupsithizeekee.com FingerprintA0:2D:FB:33:7F:74:38:2B:3C:61:79:E8:0F:9C:FD:77:BA:A3:48:A6 ValidityFri, 31 Jan 2025 15:23:47 GMT - Thu, 01 May 2025 16:21:22 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size100 kB (100165 bytes) Hashbc19d6147787c9aa036d93a2b1f76a7e adb0e21846422d5028bde11ee8389c64af7dad02 0ada7509d3eacb5b69d969912346099bb743ee9929cf2c157d13862800108204
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: naupsithizeekee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:44 GMT
content-type: application/javascript
x-trace-id: 530f23f69d8dadef72cca81a3ec82806
cache-control: public, max-age=3600, s-maxage=1800
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 246
last-modified: Fri, 07 Mar 2025 02:06:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbqL9fkCrmF8hRJ9At2N14tRQGWpN4pCYA%2BBSd26AWOH08jPL7uZPJwSQXulIIAilbYfVmzk5svnze7YozB7GKX0viIUGIJLiwmte9E%2FzZqfy66nSWaB%2FvffrO79%2BaIhq2g7nnDY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c68ee629cd56b4-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2251&min_rtt=410&rtt_var=3574&sent=42&recv=13&lost=0&retrans=1&sent_bytes=46498&recv_bytes=1143&delivery_rate=4645989&cwnd=253&unsent_bytes=0&cid=1895638f48bc037a&ts=109&x=0"
X-Firefox-Spdy: h2
|
|
| theetheks.com/400/8837581 |  139.45.197.119 | 200 OK | 128 kB |
URL GET theetheks.com/400/8837581 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint3E:3E:80:BB:97:15:F2:50:5E:7D:B3:B1:1E:28:FF:F0:0F:58:13:CF ValiditySun, 02 Feb 2025 05:44:14 GMT - Sat, 03 May 2025 05:44:13 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size128 kB (127611 bytes) Hash1e12d1c31b8bb872e61d4a9972eb19c4 d267ac66fbe87be3f50e5c53ad87ea91a4c709a3 e37b9aa38076b7a85531b3c03dd3f9d472032abd9ff2b47e7787746fddb75f90
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /400/8837581 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:45 GMT
content-type: application/javascript
x-trace-id: d4ae040bddba5a1a2cfbc567d6645bba
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301854067aa499eea64156c1decb914; expires=Sat, 07 Mar 2026 02:10:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=a5b6223c-9af2-49d1-9a15-34282309186a | 139.45.195.252 | 200 OK | 12 B |
URL POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=a5b6223c-9af2-49d1-9a15-34282309186a IP139.45.195.252:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0 ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6949f52318584a4b51c719a9b84a7287 9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905 72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=a5b6223c-9af2-49d1-9a15-34282309186a HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2161
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Fri, 07 Mar 2025 02:10:50 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://1337x1.wb4.xyz
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| www.googletagmanager.com/gtag/js?id=G-49LW6323V3 |  142.250.74.136 | 200 OK | 363 kB |
URL GET www.googletagmanager.com/gtag/js?id=G-49LW6323V3 IP142.250.74.136:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5960) Size363 kB (363044 bytes) Hash26428b6b40ca31ed2af5815415aca3a1 b6e63843e2475ed7e718ab49e76acfd162f2c9de 6559834ade65bfd6978b278c103c02aeccc86c024789c30c3f23c47633103a5f
GET /gtag/js?id=G-49LW6323V3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Mar 2025 02:10:43 GMT
expires: Fri, 07 Mar 2025 02:10:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 120244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ptichoolsougn.net/401/8837469 | 139.45.197.107 | 200 OK | 135 kB |
URL GET ptichoolsougn.net/401/8837469 IP139.45.197.107:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjectptichoolsougn.net FingerprintF4:5D:DD:00:D2:EC:3C:35:5A:52:DF:26:72:E6:B9:53:14:B8:5F:5F ValidityFri, 14 Feb 2025 05:26:11 GMT - Thu, 15 May 2025 05:26:10 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size135 kB (134914 bytes) Hashd18219406b08f659c3df1b0ddb899038 89e5931d5f777a7cd197f7636b1eeb31c50faaf0 bb1bbe3b58649b30600d7ba60e1f9bf25582a29b7f07ff5ecf810a7b2f9d261f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /401/8837469 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:45 GMT
content-type: application/javascript
x-trace-id: a402f80f262493719ca17d0b89ff3970
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=030185f6abe647cbe2d6023ddfb811ef; expires=Sat, 07 Mar 2026 02:10:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 | 142.250.74.10 | 200 OK | 27 kB |
URL GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 IP142.250.74.10:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subjectupload.video.google.com FingerprintF1:11:17:AF:9C:89:34:EE:D5:CB:84:40:84:EA:01:19:A9:F6:ED:C2 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeASCII text, with very long lines (1572) Hashda8ad2595d78edf21895319e7d02fe73 d707ec9d6f68fbcfc0e2ebe711b97ad7d67e9aa9 95bce9ed84dcd1e30d88c5e2b2368d24c4e6c60ca58210293d28b3394d1d629a
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Mar 2025 02:10:53 GMT
date: Fri, 07 Mar 2025 02:10:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| oomaugnaps.net/www/images/10725e5bdf665009302c6f0339658afd.jpg | 104.21.7.134 | 200 OK | 15 kB |
URL GET oomaugnaps.net/www/images/10725e5bdf665009302c6f0339658afd.jpg IP104.21.7.134:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subjectoomaugnaps.net FingerprintCE:54:88:7D:52:37:15:EB:FE:89:3C:2B:00:CA:7D:74:7A:67:67:21 ValidityWed, 22 Jan 2025 09:15:03 GMT - Tue, 22 Apr 2025 10:11:09 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash10725e5bdf665009302c6f0339658afd 5bd415fce58470c41a02eb71ed33c996f8e76353 e56633e7b34b682d8d774abc86edd32fe9dd1b6a4fb9b02b1003e010348caf3a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /www/images/10725e5bdf665009302c6f0339658afd.jpg HTTP/1.1
Host: oomaugnaps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 07 Mar 2025 02:10:53 GMT
content-type: image/jpeg
content-length: 14740
last-modified: Thu, 27 Feb 2025 09:40:08 GMT
etag: "67c032f8-3994"
expires: Fri, 07 Mar 2025 15:23:40 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 38833
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sctmskim8GRmW1rHRN9eU4JOkcxZ2s4Wri22mCr49tbS7V9SQ9J1yOWws1Bvn%2FGBnZhwZmnI0b2vT2%2F2o4UsAaJpXHUWZbNFzEUewyvHguGGq8yacmO0MwRjmwmzV4Ligg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c68f1ccfba568d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6591&min_rtt=4063&rtt_var=3329&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4105&recv_bytes=1210&delivery_rate=146188&cwnd=12000&unsent_bytes=0&cid=a6aeac5c32450c60&ts=2965&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| oomaugnaps.net/www/images/10725e5bdf665009302c6f0339658afd.jpg | 104.21.7.134 | 200 OK | 15 kB |
URL GET oomaugnaps.net/www/images/10725e5bdf665009302c6f0339658afd.jpg IP104.21.7.134:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerGoogle Trust Services Subjectoomaugnaps.net FingerprintCE:54:88:7D:52:37:15:EB:FE:89:3C:2B:00:CA:7D:74:7A:67:67:21 ValidityWed, 22 Jan 2025 09:15:03 GMT - Tue, 22 Apr 2025 10:11:09 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash10725e5bdf665009302c6f0339658afd 5bd415fce58470c41a02eb71ed33c996f8e76353 e56633e7b34b682d8d774abc86edd32fe9dd1b6a4fb9b02b1003e010348caf3a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /www/images/10725e5bdf665009302c6f0339658afd.jpg HTTP/1.1
Host: oomaugnaps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 07 Mar 2025 02:10:53 GMT
content-type: image/jpeg
content-length: 14740
last-modified: Thu, 27 Feb 2025 09:40:08 GMT
etag: "67c032f8-3994"
expires: Fri, 07 Mar 2025 15:23:40 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 38833
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8iXsKla0URnoCemsr49WIeCiPgNO2Hb0NQ%2BhXOu3Wzqv2fig3cL%2BZtcPTFTeQc67K7gs6bXxWIzc8ztadvcqfdg9YRsEKO1rg9IyvFMlX7hh16ZlXZ66QpHOZ5aC4yMsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c68f1e78a7568d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5658&min_rtt=2099&rtt_var=3458&sent=27&recv=11&lost=0&retrans=0&sent_bytes=19993&recv_bytes=2074&delivery_rate=995031&cwnd=24000&unsent_bytes=0&cid=a6aeac5c32450c60&ts=3233&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| www.googletagmanager.com/gtag/js?id=UA-46789381-48 | 142.250.74.136 | 200 OK | 257 kB |
URL GET www.googletagmanager.com/gtag/js?id=UA-46789381-48 IP142.250.74.136:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5268) Size257 kB (257382 bytes) Hash3e1234b39db2880da7c17cc4ee1dc452 759774692acd23e20d12c5b8371c9a5ff8538209 5081a2320548776bf35b0158aa59a407c28ce29ac8da6d8cbcf5db7d0aaf52b2
GET /gtag/js?id=UA-46789381-48 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Mar 2025 02:10:43 GMT
expires: Fri, 07 Mar 2025 02:10:43 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Mar 2025 00:51:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 91316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| adstook.com/webworker.js | 188.114.96.1 | 200 OK | 1 B |
IP188.114.96.1:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectadstook.com Fingerprint23:19:6E:75:86:97:71:6A:29:0B:A5:D6:DD:24:5D:F5:B8:E0:D6:A2 ValidityMon, 10 Feb 2025 10:45:51 GMT - Sun, 11 May 2025 11:45:46 GMT
File typeASCII text, with no line terminators Hash1d78758685e5e2f4efeeb490f8521abd ef7e6794ca9c6a06b54b66f279237fb8daaaeea8 a80e516bfb196e1c48a9acbe39da8fceb6bc82e0d991b8a990b8f3239c7efaed
GET /webworker.js HTTP/1.1
Host: adstook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:43 GMT
content-type: application/javascript
content-length: 1
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "1d0ed781ac185aa16548c9ed7d74304f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9w6EoPLrYBVYqP8r7ppMAc%2BbgPUvoiFEk1TnrsOyBhmpQEsIhgkNrSf7VV%2FVWtqyFR0AC15EisMms%2Fc1Wh9q3jpuBRCMggheoMRHoA9CtShAM64lgN6ovWMPFpMM7MCB0dZT9EZjOyFCjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 91c68edc282b0b3d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6566&min_rtt=607&rtt_var=11579&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3181&recv_bytes=1062&delivery_rate=3191770&cwnd=246&unsent_bytes=0&cid=bcd18fd0de888a55&ts=76&x=0"
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-BXJ1TNEJ97&l=dataLayer&cx=c>m=457e5360za200&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102814060 | 142.250.74.136 | 200 OK | 314 kB |
URL GET www.googletagmanager.com/gtag/js?id=G-BXJ1TNEJ97&l=dataLayer&cx=c>m=457e5360za200&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102814060 IP142.250.74.136:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5960) Size314 kB (313650 bytes) Hashbb41f2f570734aaa2d7e0ab58e6123fc 1207fa570d931802a534395d290bab3e947cb104 234f60171b5b125afabc0c2b11a5c7775e1881153217b7c56f612b083e8348f6
GET /gtag/js?id=G-BXJ1TNEJ97&l=dataLayer&cx=c>m=457e5360za200&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102814060 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Mar 2025 02:10:43 GMT
expires: Fri, 07 Mar 2025 02:10:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 109096
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png | 185.199.110.133 | 200 OK | 564 B |
URL GET raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png IP185.199.110.133:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerDigiCert Inc Subject*.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash865dce1b2a4002b9a85f75ea622f4000 f56c8218b5ca721a9e5a3daec742a6f38c33c075 bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
GET /wapkiz/cdn/master/image/close2.png HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/png
etag: W/"07ab105ccfd60fc2e0eccdd6f43cf3a305a8137d752da013e06d9eba2c8ddc27"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: C049:394B0A:5DC569:6B34A3:67CA55A2
accept-ranges: bytes
date: Fri, 07 Mar 2025 02:10:44 GMT
via: 1.1 varnish
x-served-by: cache-hel1410025-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1741313444.889849,VS0,VE111
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: ac9b5737b7826aebeb6dc26c6dcf67b4e95bf934
expires: Fri, 07 Mar 2025 02:15:44 GMT
source-age: 0
content-length: 564
X-Firefox-Spdy: h2
|
|
| theetheks.com/400/8837581 | 139.45.197.119 | 200 OK | 128 kB |
URL GET theetheks.com/400/8837581 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint3E:3E:80:BB:97:15:F2:50:5E:7D:B3:B1:1E:28:FF:F0:0F:58:13:CF ValiditySun, 02 Feb 2025 05:44:14 GMT - Sat, 03 May 2025 05:44:13 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size128 kB (127609 bytes) Hash0482e0d408a99011f202a0589d00e9d9 55183c928c846bf7caf3b6ffad0ac42a25770c7c 752e93df1f644fcb0ba493c6c9b5e31ee82e7144d8c24169b96a1100122e0472
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /400/8837581 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:45 GMT
content-type: application/javascript
x-trace-id: e54e7bbaf48fc3ce680b2a60362f60b0
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301858821214650fe30a1ec2b2333ba; expires=Sat, 07 Mar 2026 02:10:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c>m=457e5360za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102693808~102717422~102788824~102814060 | 142.250.74.136 | 200 OK | 343 kB |
URL GET www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c>m=457e5360za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102693808~102717422~102788824~102814060 IP142.250.74.136:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5960) Size343 kB (342866 bytes) Hashcb27c5c1bf3df5533636568649acd9f8 066b5ebf3f1b81a57058bfb9a5334159328fb042 67336249151b1a3646a1a38ade1657f85e74773edbacb3e9944c8c9b30c9c539
GET /gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c>m=457e5360za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102693808~102717422~102788824~102814060 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Mar 2025 02:10:44 GMT
expires: Fri, 07 Mar 2025 02:10:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 118449
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js | 185.199.110.133 | 200 OK | 0 B |
URL GET raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js IP185.199.110.133:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerDigiCert Inc Subject*.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wapkiz/cdn/master/js/page_templates_simple.js HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"e10025dca4e9820776b525fc26581e0967381374797a37e2a4228695d3202429"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 4D4E:1D1EE7:5BF79A:68DA3E:67CA504A
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Mar 2025 02:10:43 GMT
via: 1.1 varnish
x-served-by: cache-hel1410025-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1741313443.475589,VS0,VE118
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: a48c22a68073a5c501a016edb189bb0ad09cc5b5
expires: Fri, 07 Mar 2025 02:15:43 GMT
source-age: 0
content-length: 409
X-Firefox-Spdy: h2
|
|
| taleszone.com/submit.php | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /submit.php HTTP/1.1
Host: taleszone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.googletagmanager.com/gtag/js?id=UA-46789381-49 | 142.250.74.136 | 200 OK | 256 kB |
URL GET www.googletagmanager.com/gtag/js?id=UA-46789381-49 IP142.250.74.136:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5268) Size256 kB (255823 bytes) Hashbe668820fe1af96741bbcadbaeac2666 42e5dce96c90adb91b0e8af7d67d6ae66291c79b 2738e68ac5a1b5a738e65ddeb723132135d4fa613bc6721065cbdd9088361c15
GET /gtag/js?id=UA-46789381-49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Mar 2025 02:10:44 GMT
expires: Fri, 07 Mar 2025 02:10:44 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Mar 2025 00:51:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 90687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ptichoolsougn.net/500/8837469?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.107 | 200 OK | 1.3 kB |
URL GET ptichoolsougn.net/500/8837469?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.107:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjectptichoolsougn.net FingerprintF4:5D:DD:00:D2:EC:3C:35:5A:52:DF:26:72:E6:B9:53:14:B8:5F:5F ValidityFri, 14 Feb 2025 05:26:11 GMT - Thu, 15 May 2025 05:26:10 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1323), with no line terminators Hashaaf6b0aee33739b79e46195e05eba11c c5d74cc8f5ddda144fd7ac25783ddede7cd0342f 9bc8a0b743a8f63c79f421670dd335fcf402d15730f1f396c0f4f294e2b7a9bf
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /500/8837469?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Cookie: OAID=030185766cf84510f3528dd9ec8b2ac6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:50 GMT
content-type: application/javascript
x-trace-id: 93f392e571711c25c6bc0c29ba88b766
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801851bbf98490cffecbc36da77443e; expires=Sat, 07 Mar 2026 02:10:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 | 142.250.74.35 | 200 OK | 40 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 IP142.250.74.35:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40128, version 1.0 Hash9a01b69183a9604ab3a439e388b30501 8ed1d59003d0dbe6360481017b44665153665fbe 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:03:46 GMT
expires: Fri, 06 Mar 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 58028
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 | 142.250.74.35 | 200 OK | 40 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 IP142.250.74.35:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40128, version 1.0 Hash9a01b69183a9604ab3a439e388b30501 8ed1d59003d0dbe6360481017b44665153665fbe 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:03:46 GMT
expires: Fri, 06 Mar 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 58028
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d27b4c3c-6e8f-4778-bca9-42cf814d32e9 | 139.45.195.252 | 200 OK | 0 B |
URL POST fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d27b4c3c-6e8f-4778-bca9-42cf814d32e9 IP139.45.195.252:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0 ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d27b4c3c-6e8f-4778-bca9-42cf814d32e9 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1154
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Fri, 07 Mar 2025 02:10:51 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://1337x1.wb4.xyz
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| github.com/wapkiz/cdn/raw/master/image/close2.png |  140.82.121.4 | 302 Found | 564 B |
URL GET github.com/wapkiz/cdn/raw/master/image/close2.png IP140.82.121.4:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerSectigo Limited Subjectgithub.com FingerprintE4:33:71:DD:D6:91:4A:75:B6:1F:9E:4F:74:6D:9B:F0:DD:26:FC:3A ValidityWed, 05 Feb 2025 00:00:00 GMT - Thu, 05 Feb 2026 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wapkiz/cdn/raw/master/image/close2.png HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: GitHub.com
date: Fri, 07 Mar 2025 02:10:43 GMT
content-type: text/html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
x-github-request-id: C27A:2905E8:23E396E:24FE05C:67CA55A3
X-Firefox-Spdy: h2
|
|
| wk.jdi5.com/favicon.ico | 104.21.11.61 | 404 Not Found | 238 B |
IP104.21.11.61:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectjdi5.com Fingerprint72:D9:F2:DA:D3:46:76:03:EE:75:95:B5:8F:33:2E:BC:23:32:C9:AD ValiditySun, 02 Mar 2025 20:16:34 GMT - Sat, 31 May 2025 21:15:07 GMT
File typeHTML document, ASCII text, with no line terminators Hash327e140a6015094f4bc2cc2822706b87 8db50b70e15667506a5694b17c159b4697bb1d6f 42a0b56fe7f0b8315e25a6f84ce03ae321ee0cadc5f4904145de479088a6a9b1
GET /favicon.ico HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html
Cookie: _ga_BXJ1TNEJ97=GS1.1.1741313443.1.0.1741313443.0.0.0; _ga=GA1.1.1782687674.1741313444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 07 Mar 2025 02:10:44 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
x-robots-tag: noindex, nofollow
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BrsIflgm6zckPcoSi6DmKtaZyygKyUK%2F2ud6FXJtEldqXEdeRzmY4CxnRavrE7HYCGsCWuCgWbW6XnhEWqvun3oTxdDNonjOPo%2BxonBJhIJJAMp%2FK4NMl7E7zTspeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c68ee0eff4b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6919&min_rtt=2046&rtt_var=4628&sent=18&recv=10&lost=0&retrans=0&sent_bytes=6522&recv_bytes=1960&delivery_rate=4897&cwnd=12000&unsent_bytes=0&cid=09583f0f0e5d4bda&ts=1519&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| my.rtmark.net/gid.js | 172.64.146.234 | 200 OK | 65 B |
IP172.64.146.234:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint03:52:6A:BD:35:83:43:81:AF:25:BB:A3:26:97:D1:78:25:73:A4:C9 ValidityTue, 04 Mar 2025 10:39:32 GMT - Mon, 02 Jun 2025 11:39:29 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash753110b588b2aa248d294790df0e0ba0 ff32beb3eaeea0fe36c52443f76c685c928dcc70 e2e016b132e39d60e1b87e05395423795fad9522ff3c8807cbaa6191a58e7ccf
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=0801851bbf98490cffecbc36da77443e; expires=Sat, 07 Mar 2026 02:10:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c68eec6c68568b-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.67.193.52 | 200 OK | 18 kB |
IP172.67.193.52:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subjecttzegilo.com Fingerprint8E:DC:31:F6:FF:38:97:24:78:2A:5C:E7:4F:8B:25:4F:18:35:BF:AA ValiditySun, 19 Jan 2025 12:16:23 GMT - Sat, 19 Apr 2025 13:13:31 GMT
File typeJavaScript source, ASCII text, with very long lines (17229) Hash01227f5edc20e0ff4ed643b27cb8bb68 d71a88f7341f2b1bdaa7deb9a66888607bd52598 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:46 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
etag: W/"668fb2be-45d7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
age: 839
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IsV2EGYKU4KTGJ5avtOQ%2FyjumX80VHeIzZJCzkOyUYjvZcYU2hdFrhFihKgCdC7ABi2MHWZL8B9hPCMDbt5UdNWShWjzorxtBaXn%2BdMnUeXlivLtSX3ntACqp8Lz6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c68eefffff0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1385&min_rtt=448&rtt_var=1545&sent=15&recv=11&lost=0&retrans=0&sent_bytes=12122&recv_bytes=1137&delivery_rate=5051162&cwnd=254&unsent_bytes=0&cid=9f07f9ea02c3f5d5&ts=56&x=0"
X-Firefox-Spdy: h2
|
|
| afarkas.github.io/lazysizes/lazysizes.min.js | 185.199.110.153 | 200 OK | 7.9 kB |
URL GET afarkas.github.io/lazysizes/lazysizes.min.js IP185.199.110.153:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerDigiCert Inc Subject*.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8073), with no line terminators Hashb000bc37edd6208e6a67daaf0408d7a9 e8bf50bb4f68d1f4a96e9881c2779cc23bb7a2ea 536eccc9f762ef9357842e0d50d94d98737f6854ed5b81988d6752e07e4a2412
GET /lazysizes/lazysizes.min.js HTTP/1.1
Host: afarkas.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 17 May 2021 09:28:46 GMT
access-control-allow-origin: *
etag: W/"60a2374e-1ed1"
expires: Thu, 27 Feb 2025 16:06:50 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 23F9:2BD7CE:22D8C9:231FB1:67C08B42
accept-ranges: bytes
date: Fri, 07 Mar 2025 02:10:43 GMT
via: 1.1 varnish
age: 395
x-served-by: cache-hel1410030-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1741313443.069713,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 2b6a3b7dd6f26e5d7ee873882a3b4a764525c3d8
content-length: 3497
X-Firefox-Spdy: h2
|
|
| theetheks.com/500/8837581?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 0 B |
URL OPTIONS theetheks.com/500/8837581?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint3E:3E:80:BB:97:15:F2:50:5E:7D:B3:B1:1E:28:FF:F0:0F:58:13:CF ValiditySun, 02 Feb 2025 05:44:14 GMT - Sat, 03 May 2025 05:44:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/8837581?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://1337x1.wb4.xyz/
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| theetheks.com/500/8837581?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 1.3 kB |
URL GET theetheks.com/500/8837581?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint3E:3E:80:BB:97:15:F2:50:5E:7D:B3:B1:1E:28:FF:F0:0F:58:13:CF ValiditySun, 02 Feb 2025 05:44:14 GMT - Sat, 03 May 2025 05:44:13 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1335), with no line terminators Hashdd6fb3d5930f8b3d616d39aa9a8e4073 1be3966b819a4ec280700f8d646ae46e620fbecf b4b05fdb7c2db192afe990bb82c1635b48bd923e158ba395bbf43e9bce88b717
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /500/8837581?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Cookie: OAID=0301854067aa499eea64156c1decb914
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:50 GMT
content-type: application/javascript
x-trace-id: a8d96213baf01251851b812b74963287
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801851bbf98490cffecbc36da77443e; expires=Sat, 07 Mar 2026 02:10:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d27b4c3c-6e8f-4778-bca9-42cf814d32e9 | 139.45.195.252 | 200 OK | 12 B |
URL POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d27b4c3c-6e8f-4778-bca9-42cf814d32e9 IP139.45.195.252:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0 ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6949f52318584a4b51c719a9b84a7287 9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905 72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d27b4c3c-6e8f-4778-bca9-42cf814d32e9 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2153
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Fri, 07 Mar 2025 02:10:50 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://1337x1.wb4.xyz
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| ptichoolsougn.net/impression/WQibMjGJ4nyCZ7iK_SZAkZ1L8b_3at1XqYS6Hy5tkWsZdMV-hvLMkJZnTQty_5CwebDOIoPv6jtB1jXOIloXCDmLOEGOqAD6UtpVVqHzcrJHnvyhcaWbrp4q_m41udLG4yaAWR4UP6UUGmNUbS2R5rUhDGdACzodfD2KmqE2FLnBjgFktqzo263_2p1ggtM4ujIJhycGX6iczqhAKMjrL7OrvcwNA7ur_oSb-qDNdUEk8CIleOSPnJJFJTdH74lRxFyTLHcx79ieD_-eFARf4rxIK6KDwVsAfkmZEOY3WDNbEPQaOCd88GH3gEOZf8ltn7I2l5-BpC1AKeYbrNCUunV8boVIL6X-MRNYiBmRkLAr5vl5m19bj85McK-Dp8BqomlsMPc3DWPYXbuXNarp6A9vdwxT7K0eJ3OejnJhwjBYEUNUIRTbU7DXlw9qzR3KjwEa84tYTNifemex_XF5-_wAxc_wpGWfwVYGCv0ckRvAY3X-6Vla89cKpYaaBVnkf6NusvsZ-NKSrKBtcF-XWAikh-A3-gjcUzO-1FS4Mf8Xn_50EiMQsOjYQIFuT6JmOMTiaVlcLUJHCxdUbt4rwnBBEOs=?_z=8837469&js_build=8&sw_version=v1.559.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.107 | 200 OK | 43 B |
URL GET ptichoolsougn.net/impression/WQibMjGJ4nyCZ7iK_SZAkZ1L8b_3at1XqYS6Hy5tkWsZdMV-hvLMkJZnTQty_5CwebDOIoPv6jtB1jXOIloXCDmLOEGOqAD6UtpVVqHzcrJHnvyhcaWbrp4q_m41udLG4yaAWR4UP6UUGmNUbS2R5rUhDGdACzodfD2KmqE2FLnBjgFktqzo263_2p1ggtM4ujIJhycGX6iczqhAKMjrL7OrvcwNA7ur_oSb-qDNdUEk8CIleOSPnJJFJTdH74lRxFyTLHcx79ieD_-eFARf4rxIK6KDwVsAfkmZEOY3WDNbEPQaOCd88GH3gEOZf8ltn7I2l5-BpC1AKeYbrNCUunV8boVIL6X-MRNYiBmRkLAr5vl5m19bj85McK-Dp8BqomlsMPc3DWPYXbuXNarp6A9vdwxT7K0eJ3OejnJhwjBYEUNUIRTbU7DXlw9qzR3KjwEa84tYTNifemex_XF5-_wAxc_wpGWfwVYGCv0ckRvAY3X-6Vla89cKpYaaBVnkf6NusvsZ-NKSrKBtcF-XWAikh-A3-gjcUzO-1FS4Mf8Xn_50EiMQsOjYQIFuT6JmOMTiaVlcLUJHCxdUbt4rwnBBEOs=?_z=8837469&js_build=8&sw_version=v1.559.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.107:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjectptichoolsougn.net FingerprintF4:5D:DD:00:D2:EC:3C:35:5A:52:DF:26:72:E6:B9:53:14:B8:5F:5F ValidityFri, 14 Feb 2025 05:26:11 GMT - Thu, 15 May 2025 05:26:10 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impression/WQibMjGJ4nyCZ7iK_SZAkZ1L8b_3at1XqYS6Hy5tkWsZdMV-hvLMkJZnTQty_5CwebDOIoPv6jtB1jXOIloXCDmLOEGOqAD6UtpVVqHzcrJHnvyhcaWbrp4q_m41udLG4yaAWR4UP6UUGmNUbS2R5rUhDGdACzodfD2KmqE2FLnBjgFktqzo263_2p1ggtM4ujIJhycGX6iczqhAKMjrL7OrvcwNA7ur_oSb-qDNdUEk8CIleOSPnJJFJTdH74lRxFyTLHcx79ieD_-eFARf4rxIK6KDwVsAfkmZEOY3WDNbEPQaOCd88GH3gEOZf8ltn7I2l5-BpC1AKeYbrNCUunV8boVIL6X-MRNYiBmRkLAr5vl5m19bj85McK-Dp8BqomlsMPc3DWPYXbuXNarp6A9vdwxT7K0eJ3OejnJhwjBYEUNUIRTbU7DXlw9qzR3KjwEa84tYTNifemex_XF5-_wAxc_wpGWfwVYGCv0ckRvAY3X-6Vla89cKpYaaBVnkf6NusvsZ-NKSrKBtcF-XWAikh-A3-gjcUzO-1FS4Mf8Xn_50EiMQsOjYQIFuT6JmOMTiaVlcLUJHCxdUbt4rwnBBEOs=?_z=8837469&js_build=8&sw_version=v1.559.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Cookie: OAID=0801851bbf98490cffecbc36da77443e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:53 GMT
content-type: image/gif
content-length: 43
x-trace-id: 0868d2952215de73c736d6c11dde97ff
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 | 142.250.74.35 | 200 OK | 40 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 IP142.250.74.35:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40128, version 1.0 Hash9a01b69183a9604ab3a439e388b30501 8ed1d59003d0dbe6360481017b44665153665fbe 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:03:46 GMT
expires: Fri, 06 Mar 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 58028
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| theetheks.com/500/8837581?excludes=23133227&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 1.3 kB |
URL GET theetheks.com/500/8837581?excludes=23133227&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint3E:3E:80:BB:97:15:F2:50:5E:7D:B3:B1:1E:28:FF:F0:0F:58:13:CF ValiditySun, 02 Feb 2025 05:44:14 GMT - Sat, 03 May 2025 05:44:13 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1335), with no line terminators Hashd101dc93240bb9a629d7d741bd26c55b 54359215fe6570bb3f9a75ee6bd72532f3d6f0a5 f68e7f26c43544314d5b196174c726e573b026c93c2eba2d8a25eddf1f176104
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /500/8837581?excludes=23133227&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Cookie: OAID=0801851bbf98490cffecbc36da77443e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:56 GMT
content-type: application/javascript
x-trace-id: ca492af541d75f4e9d369a45fc0238e3
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801851bbf98490cffecbc36da77443e; expires=Sat, 07 Mar 2026 02:10:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cank.xyz/red2.php?id=30 | 104.21.45.247 | 302 Found | 1.4 kB |
IP104.21.45.247:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectcank.xyz FingerprintC2:E4:AA:E4:D2:08:4C:0A:1F:DB:05:6E:F7:2B:08:7B:69:FE:4E:71 ValidityTue, 18 Feb 2025 15:17:55 GMT - Mon, 19 May 2025 16:16:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /red2.php?id=30 HTTP/1.1
Host: cank.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 07 Mar 2025 02:10:43 GMT
content-type: text/html; charset=UTF-8
location: https://1337x1.wb4.xyz/submit.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pq7pulJbcVxLtrko7m4vv1gJIjsyqtzswUYgnVtnIvLfEiRKeBJ1JukvyMdYEm2MCVyuRyg6n75DazFqawKn2dw4qtDJxQFo%2F1vkxsRu43SWksDgiLDA%2FDY%2BhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91c68ee00e9856b1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=997&min_rtt=639&rtt_var=393&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3265&recv_bytes=1347&delivery_rate=5918256&cwnd=254&unsent_bytes=0&cid=eb40637dedb061ae&ts=110&x=0"
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/2019/05/nehari-recipe.html | 172.67.135.38 | 200 OK | 3.1 kB |
URL POST 1337x1.wb4.xyz/2019/05/nehari-recipe.html IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectwb4.xyz Fingerprint05:1F:C8:2C:04:C7:7B:52:1A:46:21:E3:56:78:C8:32:42:5C:ED:64 ValidityTue, 04 Feb 2025 04:01:18 GMT - Mon, 05 May 2025 04:59:42 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (3318), with no line terminators Hash5515c8abdd5197132316f312313723a9 132b3c7f6b7c6ce6288f93641f37939d10ae6f7f 23a3fb7e7a69edbe18ad5392a7dbaab4ca94b85bc381c4c3709f72622e063fbe
POST /2019/05/nehari-recipe.html HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 39
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 07 Mar 2025 02:10:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=thPNkX3%2BRNQaoYOoTIA3R0ZsIFov9lTYCeA9944RO12hQIUnqJ5IwjomRRl2pp%2BoVkllzGNn7Hb%2BBRw%2FSJ60cdnTRuqBkdzAjHRqeyC8lfAs6SOFUPt3Z%2BWI4IG3D%2FEHUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91c68ee51d3cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4871&min_rtt=1636&rtt_var=3247&sent=19&recv=12&lost=0&retrans=0&sent_bytes=7668&recv_bytes=2536&delivery_rate=42487&cwnd=12000&unsent_bytes=0&cid=7bd3993a1cc77d71&ts=584&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| zapsauwhouteeks.com/?rb=rsCd79upIKFsZjLi0tH9MKks0gYw0gmHAT_7ZxFepjZ1aTb-or60kzFhXoEBJZJsAa-nliB7qILCKKIA3X9W2o0NFDX7WzAavMFjI0JPW10RG58XqfrWjgIlubLBhSfBJrz-MgaODjbpxaLqBVEyZoqWmC_O65UFS7hGAqdVT5KFpOCMFDL0KFjJ5N7Mw0W0j1PGv2BTD7Nz14uUEVF3UjWsav1ezJuAzhvkUq8SDk9UY49Iw8OsvbK5M9Ndbqj3tkxXFAhTiuGTIzDBIzvEiKE5QUPjJ1bgCMTyrciocuk%3D&request_ab2=0&zoneid=8837420&js_build=iclick-v1.1101.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=270&wiw=300&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=300&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=llvmpipe&js_build=iclick-v1.1101.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=1&bs=31c1b9ac-5e4c-4206-8928-1ca06dbe61ec&userId=0801851bbf98490cffecbc36da77443e&m=link | 139.45.197.242 | 200 OK | 3.1 kB |
URL GET zapsauwhouteeks.com/?rb=rsCd79upIKFsZjLi0tH9MKks0gYw0gmHAT_7ZxFepjZ1aTb-or60kzFhXoEBJZJsAa-nliB7qILCKKIA3X9W2o0NFDX7WzAavMFjI0JPW10RG58XqfrWjgIlubLBhSfBJrz-MgaODjbpxaLqBVEyZoqWmC_O65UFS7hGAqdVT5KFpOCMFDL0KFjJ5N7Mw0W0j1PGv2BTD7Nz14uUEVF3UjWsav1ezJuAzhvkUq8SDk9UY49Iw8OsvbK5M9Ndbqj3tkxXFAhTiuGTIzDBIzvEiKE5QUPjJ1bgCMTyrciocuk%3D&request_ab2=0&zoneid=8837420&js_build=iclick-v1.1101.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=270&wiw=300&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=300&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=llvmpipe&js_build=iclick-v1.1101.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=1&bs=31c1b9ac-5e4c-4206-8928-1ca06dbe61ec&userId=0801851bbf98490cffecbc36da77443e&m=link IP139.45.197.242:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjectzapsauwhouteeks.com FingerprintF9:44:14:F8:EE:0A:16:8E:65:5B:FD:98:6E:D9:48:06:FB:BD:86:C8 ValidityTue, 04 Mar 2025 13:29:14 GMT - Mon, 02 Jun 2025 13:29:13 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3127), with no line terminators Hashc8bb9b206a0b5f9adb02396c833b0b5f 06e32d4642cb07c61d1197008e5ce2dd27cf2fef a5cbac95a28467cf251ac75452ce83c48543ab3981d2c84e90206a7d6e210398
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /?rb=rsCd79upIKFsZjLi0tH9MKks0gYw0gmHAT_7ZxFepjZ1aTb-or60kzFhXoEBJZJsAa-nliB7qILCKKIA3X9W2o0NFDX7WzAavMFjI0JPW10RG58XqfrWjgIlubLBhSfBJrz-MgaODjbpxaLqBVEyZoqWmC_O65UFS7hGAqdVT5KFpOCMFDL0KFjJ5N7Mw0W0j1PGv2BTD7Nz14uUEVF3UjWsav1ezJuAzhvkUq8SDk9UY49Iw8OsvbK5M9Ndbqj3tkxXFAhTiuGTIzDBIzvEiKE5QUPjJ1bgCMTyrciocuk%3D&request_ab2=0&zoneid=8837420&js_build=iclick-v1.1101.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=270&wiw=300&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=300&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=llvmpipe&js_build=iclick-v1.1101.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=1&bs=31c1b9ac-5e4c-4206-8928-1ca06dbe61ec&userId=0801851bbf98490cffecbc36da77443e&m=link HTTP/1.1
Host: zapsauwhouteeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1337x1.wb4.xyz/
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Cookie: OAID=00818550304f4b6fededcd078e7d4af8; oaidts=1741313447
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:51 GMT
content-type: application/json
x-trace-id: d7a8d6032e380e3629312eabf476a707
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0801851bbf98490cffecbc36da77443e; expires=Sat, 07 Mar 2026 02:10:51 GMT; path=/; secure; SameSite=None
oaidts=1741313451; expires=Sat, 07 Mar 2026 02:10:51 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 14 Mar 2025 02:10:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| oomaugnaps.net/www/images/79d4b838ec366600aa8ddf118d0f5ffc.jpg | 104.21.7.134 | 200 OK | 14 kB |
URL GET oomaugnaps.net/www/images/79d4b838ec366600aa8ddf118d0f5ffc.jpg IP104.21.7.134:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerGoogle Trust Services Subjectoomaugnaps.net FingerprintCE:54:88:7D:52:37:15:EB:FE:89:3C:2B:00:CA:7D:74:7A:67:67:21 ValidityWed, 22 Jan 2025 09:15:03 GMT - Tue, 22 Apr 2025 10:11:09 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash79d4b838ec366600aa8ddf118d0f5ffc 62163877b2b3d92ead038a9f316c8a69dde2a12d fc804e50d61e636108e4c242b2efc02d17455cd65c23264aacd3c9337c2da34f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /www/images/79d4b838ec366600aa8ddf118d0f5ffc.jpg HTTP/1.1
Host: oomaugnaps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 07 Mar 2025 02:10:56 GMT
content-type: image/jpeg
content-length: 13638
last-modified: Thu, 27 Feb 2025 09:22:55 GMT
etag: "67c02eef-3546"
expires: Fri, 07 Mar 2025 13:45:56 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 44700
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHZ1z9ln%2BspkDPLmPL5AhdFsUcPoRUCetFHdyXuHKsdYU52MmTjb990cyLZ9T%2Fp3aLkEgCck%2BXZxsO8Zxv24HQrIPcbG95YaI8BVqsR7CFMAKTdePw1YvSo%2FQKvaq1Hb4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c68f2da8a8568d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6518&min_rtt=2099&rtt_var=3463&sent=70&recv=14&lost=0&retrans=0&sent_bytes=67499&recv_bytes=2467&delivery_rate=1328418&cwnd=36300&unsent_bytes=0&cid=a6aeac5c32450c60&ts=5657&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css | 104.18.11.207 | 200 OK | 121 kB |
URL GET maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css IP104.18.11.207:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectbootstrapcdn.com Fingerprint53:78:04:46:B4:48:0A:28:30:67:23:9B:D5:25:73:FE:FA:81:58:19 ValidityThu, 16 Jan 2025 00:27:53 GMT - Wed, 16 Apr 2025 01:27:34 GMT
File typeASCII text, with very long lines (65371) Size121 kB (121260 bytes) Hash2f624089c65f12185e79925bc5a7fc42 8eb176c70b9cfa6871b76d6dc98fb526e7e9b3de eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:42 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "2f624089c65f12185e79925bc5a7fc42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 09/26/2024 10:53:39
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 92ce5a8f9fec211725129bb843866184
cdn-cache: HIT
cf-cache-status: HIT
age: 1643453
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 91c68edaab6956af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wk.jdi5.com/style.css | 104.21.11.61 | 200 OK | 7.1 kB |
IP104.21.11.61:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectjdi5.com Fingerprint72:D9:F2:DA:D3:46:76:03:EE:75:95:B5:8F:33:2E:BC:23:32:C9:AD ValiditySun, 02 Mar 2025 20:16:34 GMT - Sat, 31 May 2025 21:15:07 GMT
File typeASCII text, with very long lines (7299), with no line terminators Hash17e68fb70ce7834f6e936523030a55b5 d2dcc6e3e9469b62f427292a0dddc74f6c90d4a2 d513d9e8cd8629507f8e40775e9c45df1434bb1c12f96992ad52765cc1b14916
GET /style.css HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 07 Mar 2025 02:10:43 GMT
content-type: text/css
last-modified: Wed, 18 Nov 2020 11:16:19 GMT
vary: Accept-Encoding
etag: W/"5fb50283-1ba9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dKDAS%2B7cBZ0%2Fa0hmUNbuaspaLk%2BKWRVzUv2PxHK7hyWfkB5ihmGVCO9oAxrDbT3fUIzxlLeWrtJKhN5neHXQWFDvCPtw95N%2FSqN2OHfAapmzXlAnpzBE0BsxG6K0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91c68eda8d23b51d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7488&min_rtt=2046&rtt_var=4654&sent=14&recv=8&lost=0&retrans=0&sent_bytes=4167&recv_bytes=1387&delivery_rate=287806&cwnd=12000&unsent_bytes=0&cid=09583f0f0e5d4bda&ts=496&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| github.com/wapkiz/cdn/raw/master/js/page_templates_simple.js | 140.82.121.4 | 302 Found | 0 B |
URL GET github.com/wapkiz/cdn/raw/master/js/page_templates_simple.js IP140.82.121.4:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerSectigo Limited Subjectgithub.com FingerprintE4:33:71:DD:D6:91:4A:75:B6:1F:9E:4F:74:6D:9B:F0:DD:26:FC:3A ValidityWed, 05 Feb 2025 00:00:00 GMT - Thu, 05 Feb 2026 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wapkiz/cdn/raw/master/js/page_templates_simple.js HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: GitHub.com
date: Fri, 07 Mar 2025 02:10:43 GMT
content-type: text/html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
x-github-request-id: C27A:2905E8:23E37E5:24FDEAC:67CA55A3
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html | 172.67.135.38 | 200 OK | 3.1 kB |
URL POST 1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectwb4.xyz Fingerprint05:1F:C8:2C:04:C7:7B:52:1A:46:21:E3:56:78:C8:32:42:5C:ED:64 ValidityTue, 04 Feb 2025 04:01:18 GMT - Mon, 05 May 2025 04:59:42 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (3318), with no line terminators Hash155ac6c417264631ca5b121724759603 ea4022c376b8fb7d229f448f6fa0a5e0fdaf8623 8d9770518da5ee8634dc44faf59362ca966484249344158a6d4aa4a5ecb47f13
POST /2019/05/allu-palak-k-pakore.html HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 39
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 07 Mar 2025 02:10:44 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
priority: u=4,i=?0
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: sam=deleted; Path=/; Domain=1337x1.wb4.xyz; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 91c68ee4bd05b524-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| wugroansaghadry.com/401/8837431 | 139.45.197.119 | 200 OK | 135 kB |
URL GET wugroansaghadry.com/401/8837431 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerLet's Encrypt Subjectwugroansaghadry.com FingerprintB3:FC:C2:A6:01:5A:46:7D:C9:6B:03:D1:B8:D9:57:D2:E3:05:F3:DB ValidityFri, 27 Dec 2024 06:16:16 GMT - Thu, 27 Mar 2025 06:16:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size135 kB (134914 bytes) Hashbbacba4811e2665e19eae679cabc8f78 38b21350c71f30b9c282c672f9a7ecac08b599a8 6328c739ef1b8d1da9013b0f0f012c17ce3240f1e8276e05d170eb8a9fb4c0bb
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /401/8837431 HTTP/1.1
Host: wugroansaghadry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:45 GMT
content-type: application/javascript
x-trace-id: 292bfae3849e20da4941b7db157f92e0
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=03018553fc274c13e914f2fd3d1ee134; expires=Sat, 07 Mar 2026 02:10:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| wugroansaghadry.com/500/8837431?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=wugroansaghadry.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 8.2 kB |
URL GET wugroansaghadry.com/500/8837431?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=wugroansaghadry.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjectwugroansaghadry.com FingerprintB3:FC:C2:A6:01:5A:46:7D:C9:6B:03:D1:B8:D9:57:D2:E3:05:F3:DB ValidityFri, 27 Dec 2024 06:16:16 GMT - Thu, 27 Mar 2025 06:16:15 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with very long lines (9872), with no line terminators Hash2d730db432d0cfedefb772b2ab74a933 52058fe56a59dd287b855d9f544a3d228a048ceb 6dc0623128b0d0085055461d534bf4a05c15ecc51a3b23faa73215bc6c26d62e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /500/8837431?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=wugroansaghadry.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: wugroansaghadry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Cookie: OAID=03018553fc274c13e914f2fd3d1ee134
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:50 GMT
content-type: application/javascript
x-trace-id: f4b07f7d8799c7e95e0037e1bdbfb57c
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801851bbf98490cffecbc36da77443e; expires=Sat, 07 Mar 2026 02:10:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| oomaugnaps.net/www/images/273b69c70963ed7cbbbfa9b7a29e26b7.jpg | 104.21.7.134 | 200 OK | 8.3 kB |
URL GET oomaugnaps.net/www/images/273b69c70963ed7cbbbfa9b7a29e26b7.jpg IP104.21.7.134:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subjectoomaugnaps.net FingerprintCE:54:88:7D:52:37:15:EB:FE:89:3C:2B:00:CA:7D:74:7A:67:67:21 ValidityWed, 22 Jan 2025 09:15:03 GMT - Tue, 22 Apr 2025 10:11:09 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash273b69c70963ed7cbbbfa9b7a29e26b7 d0bd2c11e283d78cf2d6e5b25ead9e5b360b7542 da5855e6a8da16e9f9fc5d14af250b863a8992d34f1415eefafb72c419030970
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /www/images/273b69c70963ed7cbbbfa9b7a29e26b7.jpg HTTP/1.1
Host: oomaugnaps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:50 GMT
content-type: image/jpeg
content-length: 8319
last-modified: Thu, 27 Feb 2025 11:31:54 GMT
etag: "67c04d2a-207f"
expires: Fri, 07 Mar 2025 04:13:24 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 79046
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNNfeuAvn0IZSG2bJcH2rxFWbA0TbmXORA0kQ2E2ByrGiFoL1PYXzQeQL9LA7wJGfR9b0dyAMRmhBsK%2BuuXepcv5jpSGlDqFImj9IERUpxP4jPKPOPxST1xTa7h628vAYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c68f0a48ff56c1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1404&min_rtt=948&rtt_var=763&sent=19&recv=12&lost=0&retrans=0&sent_bytes=19019&recv_bytes=1336&delivery_rate=8266412&cwnd=254&unsent_bytes=0&cid=98c45d6e8e091fb6&ts=62&x=0"
X-Firefox-Spdy: h2
|
|
| theetheks.com/500/8837581?excludes=23133227&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 0 B |
URL OPTIONS theetheks.com/500/8837581?excludes=23133227&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint3E:3E:80:BB:97:15:F2:50:5E:7D:B3:B1:1E:28:FF:F0:0F:58:13:CF ValiditySun, 02 Feb 2025 05:44:14 GMT - Sat, 03 May 2025 05:44:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/8837581?excludes=23133227&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://1337x1.wb4.xyz/
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:56 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cank.xyz/red.php?id=35 | 104.21.45.247 | 302 Found | 1.4 kB |
IP104.21.45.247:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectcank.xyz FingerprintC2:E4:AA:E4:D2:08:4C:0A:1F:DB:05:6E:F7:2B:08:7B:69:FE:4E:71 ValidityTue, 18 Feb 2025 15:17:55 GMT - Mon, 19 May 2025 16:16:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /red.php?id=35 HTTP/1.1
Host: cank.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 07 Mar 2025 02:10:43 GMT
content-type: text/html; charset=UTF-8
location: https://1337x1.wb4.xyz/submit.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=938rFUXsp2N6PdYF9fiG8xES%2B6EHtgleGyRKAyK5D%2FGqwnQ8ccEUC0hQJPkZzqrvPGNr17G2a74rLEN1Ec1oiYngDaYVI9M7iXSWCKsRiFRRzhPoCa2UKt6YiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91c68ee00e9756b1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1111&min_rtt=639&rtt_var=523&sent=10&recv=12&lost=0&retrans=0&sent_bytes=3907&recv_bytes=1347&delivery_rate=5918256&cwnd=256&unsent_bytes=0&cid=eb40637dedb061ae&ts=144&x=0"
X-Firefox-Spdy: h2
|
|
| zapsauwhouteeks.com/5/8837420/?oo=1&js_build=iclick-v1.1101.0&dmn=naupsithizeekee.com&tt=2&ix=1 | 139.45.197.242 | 200 OK | 3.9 kB |
URL POST zapsauwhouteeks.com/5/8837420/?oo=1&js_build=iclick-v1.1101.0&dmn=naupsithizeekee.com&tt=2&ix=1 IP139.45.197.242:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjectzapsauwhouteeks.com FingerprintF9:44:14:F8:EE:0A:16:8E:65:5B:FD:98:6E:D9:48:06:FB:BD:86:C8 ValidityTue, 04 Mar 2025 13:29:14 GMT - Mon, 02 Jun 2025 13:29:13 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3933), with no line terminators Hashc54b181ea8abfa48f43639156d19625e 93c877174b0f81514b02bf143f549f632232ebc8 20699ddc438d32aab34222f6a8370b299b8b948db69af7fc92ff35a79381ec94
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /5/8837420/?oo=1&js_build=iclick-v1.1101.0&dmn=naupsithizeekee.com&tt=2&ix=1 HTTP/1.1
Host: zapsauwhouteeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 5813
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:47 GMT
content-type: application/json
x-trace-id: 6b3efb1c7784414f5e817f43787dd804
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00818550304f4b6fededcd078e7d4af8; expires=Sat, 07 Mar 2026 02:10:47 GMT; path=/; secure; SameSite=None
oaidts=1741313447; expires=Sat, 07 Mar 2026 02:10:47 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| wugroansaghadry.com/impression/qZ-uRr91t9OsZUzrAuRoKfvnSdrRQyQAqCgsukxFNBCGpuTYmKE3Myl_4MhP6uD5iLM7ZlpGra1vSSo9ZmZk24wmsfQahMNUTZT2F6wrLE-1IECmkdkGM0WF8M4fLF0j01xJCZp0qhtipM0xldsQkTsLgjiAwdaOwpiiJEudCuvyZV2C8RVU_SJeQ5JPW4vpaKwOkPt8ahudL4ByqKbZdhCuGYFMLR3XUuRDUFk8wlPqsaoALGMjnPBF2n3PRvZSiZMlDjLz1PfIm85UsAJR0CKSfKemEvLtg3tb0GWePXzUZ603KMVLvBSS0qIYEXoV_s5055npm8RvLrd__EUwWu1mm-I7dtmJmJ-B0YqlldpYE6qr8RkuE2YRv8mv6gA32lRv5qz93R-41VpeXintpv1WkmJDVdZpYA5QCWN0GEh9FcCfq7QYbY9NjXFBAtWjPurQe5AqxC55etyK8I8j5AX1ZFCPlvgIoND0x1Ouj0qljb_XEB66csJVw5TWJAFtjl0BIVP6TBp-oF7vD73GvFFhRIG6pJXEzy0k25ssoZyg8HIgAc4uQ06zZOuoSlMdTL50Nu_wiUsiveDjJhcOfZBIQbs=?_z=8837431&js_build=8&sw_version=v1.559.0&dmn=wugroansaghadry.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 43 B |
URL GET wugroansaghadry.com/impression/qZ-uRr91t9OsZUzrAuRoKfvnSdrRQyQAqCgsukxFNBCGpuTYmKE3Myl_4MhP6uD5iLM7ZlpGra1vSSo9ZmZk24wmsfQahMNUTZT2F6wrLE-1IECmkdkGM0WF8M4fLF0j01xJCZp0qhtipM0xldsQkTsLgjiAwdaOwpiiJEudCuvyZV2C8RVU_SJeQ5JPW4vpaKwOkPt8ahudL4ByqKbZdhCuGYFMLR3XUuRDUFk8wlPqsaoALGMjnPBF2n3PRvZSiZMlDjLz1PfIm85UsAJR0CKSfKemEvLtg3tb0GWePXzUZ603KMVLvBSS0qIYEXoV_s5055npm8RvLrd__EUwWu1mm-I7dtmJmJ-B0YqlldpYE6qr8RkuE2YRv8mv6gA32lRv5qz93R-41VpeXintpv1WkmJDVdZpYA5QCWN0GEh9FcCfq7QYbY9NjXFBAtWjPurQe5AqxC55etyK8I8j5AX1ZFCPlvgIoND0x1Ouj0qljb_XEB66csJVw5TWJAFtjl0BIVP6TBp-oF7vD73GvFFhRIG6pJXEzy0k25ssoZyg8HIgAc4uQ06zZOuoSlMdTL50Nu_wiUsiveDjJhcOfZBIQbs=?_z=8837431&js_build=8&sw_version=v1.559.0&dmn=wugroansaghadry.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerLet's Encrypt Subjectwugroansaghadry.com FingerprintB3:FC:C2:A6:01:5A:46:7D:C9:6B:03:D1:B8:D9:57:D2:E3:05:F3:DB ValidityFri, 27 Dec 2024 06:16:16 GMT - Thu, 27 Mar 2025 06:16:15 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impression/qZ-uRr91t9OsZUzrAuRoKfvnSdrRQyQAqCgsukxFNBCGpuTYmKE3Myl_4MhP6uD5iLM7ZlpGra1vSSo9ZmZk24wmsfQahMNUTZT2F6wrLE-1IECmkdkGM0WF8M4fLF0j01xJCZp0qhtipM0xldsQkTsLgjiAwdaOwpiiJEudCuvyZV2C8RVU_SJeQ5JPW4vpaKwOkPt8ahudL4ByqKbZdhCuGYFMLR3XUuRDUFk8wlPqsaoALGMjnPBF2n3PRvZSiZMlDjLz1PfIm85UsAJR0CKSfKemEvLtg3tb0GWePXzUZ603KMVLvBSS0qIYEXoV_s5055npm8RvLrd__EUwWu1mm-I7dtmJmJ-B0YqlldpYE6qr8RkuE2YRv8mv6gA32lRv5qz93R-41VpeXintpv1WkmJDVdZpYA5QCWN0GEh9FcCfq7QYbY9NjXFBAtWjPurQe5AqxC55etyK8I8j5AX1ZFCPlvgIoND0x1Ouj0qljb_XEB66csJVw5TWJAFtjl0BIVP6TBp-oF7vD73GvFFhRIG6pJXEzy0k25ssoZyg8HIgAc4uQ06zZOuoSlMdTL50Nu_wiUsiveDjJhcOfZBIQbs=?_z=8837431&js_build=8&sw_version=v1.559.0&dmn=wugroansaghadry.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: wugroansaghadry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Cookie: OAID=0801851bbf98490cffecbc36da77443e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:53 GMT
content-type: image/gif
content-length: 43
x-trace-id: 11207b389c0c43403a6445d5873d606e
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| theetheks.com/impression/mOPq-ajHkMYhKrVXQlAy1NbpigaRY5eIevFda7eQRL_qsPn2_sUyeS8xRmYPv-H4I2VsjOGhY0ytMqaGlOsEZPt3Uq-bGStiblwDW8qbK1KHG_jNsebSLrZ4nBNpWzmUgXZtQWVX5brVmkb5oAwP0eJUAYEApFG_ChGyB8EnbixUPUSE2_TmluDEs754kcHPbuF7e4VFhYnCDxiQDL0ic2x-5gIqqiB_8YETW7NRp6k4ag2weET9II0EAxZVFHt896lUY1lJsQP4yUvmWWvzdoHe8p_8NiprSolaqmvQ_MrlFD4194peqZ3UR303doZ3MZtP3VqrAnasRiax5l0Y-ocDyZvbt2gT8xvH4SeZDt7qQ8Wd_t3b-ihVYH-GEFqbIH7IIj7zFHizKvi2M65hDdpZeZ_Lv10VugnIIjMULKkJvC8-gvghqoSQGrXpeR_BzehzQlK1x1MzS_cElYAKcc7IPXSmmB10h_iy9QCBy3brPGcnG7CHUKnQGlJ-Eb5NFGnk08pZMdiw60zbdRmpUOvemAVHaXYYsRc_RrD_FJAIpNjaz7sNreEIYly_9_YAwqmv0f7xPeVQP56F0qEzkcWuCdo=?_z=8837581&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 43 B |
URL GET theetheks.com/impression/mOPq-ajHkMYhKrVXQlAy1NbpigaRY5eIevFda7eQRL_qsPn2_sUyeS8xRmYPv-H4I2VsjOGhY0ytMqaGlOsEZPt3Uq-bGStiblwDW8qbK1KHG_jNsebSLrZ4nBNpWzmUgXZtQWVX5brVmkb5oAwP0eJUAYEApFG_ChGyB8EnbixUPUSE2_TmluDEs754kcHPbuF7e4VFhYnCDxiQDL0ic2x-5gIqqiB_8YETW7NRp6k4ag2weET9II0EAxZVFHt896lUY1lJsQP4yUvmWWvzdoHe8p_8NiprSolaqmvQ_MrlFD4194peqZ3UR303doZ3MZtP3VqrAnasRiax5l0Y-ocDyZvbt2gT8xvH4SeZDt7qQ8Wd_t3b-ihVYH-GEFqbIH7IIj7zFHizKvi2M65hDdpZeZ_Lv10VugnIIjMULKkJvC8-gvghqoSQGrXpeR_BzehzQlK1x1MzS_cElYAKcc7IPXSmmB10h_iy9QCBy3brPGcnG7CHUKnQGlJ-Eb5NFGnk08pZMdiw60zbdRmpUOvemAVHaXYYsRc_RrD_FJAIpNjaz7sNreEIYly_9_YAwqmv0f7xPeVQP56F0qEzkcWuCdo=?_z=8837581&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint3E:3E:80:BB:97:15:F2:50:5E:7D:B3:B1:1E:28:FF:F0:0F:58:13:CF ValiditySun, 02 Feb 2025 05:44:14 GMT - Sat, 03 May 2025 05:44:13 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impression/mOPq-ajHkMYhKrVXQlAy1NbpigaRY5eIevFda7eQRL_qsPn2_sUyeS8xRmYPv-H4I2VsjOGhY0ytMqaGlOsEZPt3Uq-bGStiblwDW8qbK1KHG_jNsebSLrZ4nBNpWzmUgXZtQWVX5brVmkb5oAwP0eJUAYEApFG_ChGyB8EnbixUPUSE2_TmluDEs754kcHPbuF7e4VFhYnCDxiQDL0ic2x-5gIqqiB_8YETW7NRp6k4ag2weET9II0EAxZVFHt896lUY1lJsQP4yUvmWWvzdoHe8p_8NiprSolaqmvQ_MrlFD4194peqZ3UR303doZ3MZtP3VqrAnasRiax5l0Y-ocDyZvbt2gT8xvH4SeZDt7qQ8Wd_t3b-ihVYH-GEFqbIH7IIj7zFHizKvi2M65hDdpZeZ_Lv10VugnIIjMULKkJvC8-gvghqoSQGrXpeR_BzehzQlK1x1MzS_cElYAKcc7IPXSmmB10h_iy9QCBy3brPGcnG7CHUKnQGlJ-Eb5NFGnk08pZMdiw60zbdRmpUOvemAVHaXYYsRc_RrD_FJAIpNjaz7sNreEIYly_9_YAwqmv0f7xPeVQP56F0qEzkcWuCdo=?_z=8837581&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Cookie: OAID=0801851bbf98490cffecbc36da77443e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:55 GMT
content-type: image/gif
content-length: 43
x-trace-id: f411d3ac1ad32e69601c38965cf47d33
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| funnyfoto.me/submit.php | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /submit.php HTTP/1.1
Host: funnyfoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c>m=457e5360za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824 | 142.250.74.136 | 200 OK | 314 kB |
URL GET www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c>m=457e5360za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824 IP142.250.74.136:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5960) Size314 kB (313645 bytes) Hash4668c4ff2a153506ddf30e9bed27e563 59edc06e77f4054753692cf2bf6d431f3da363e0 ca9d65fd83545d7797cf194a565a33d4ba65343f1b1a67a320a3b220b62c8dc9
GET /gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c>m=457e5360za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Mar 2025 02:10:46 GMT
expires: Fri, 07 Mar 2025 02:10:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 109018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| my.rtmark.net/gid.js | 172.64.146.234 | 200 OK | 65 B |
IP172.64.146.234:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint03:52:6A:BD:35:83:43:81:AF:25:BB:A3:26:97:D1:78:25:73:A4:C9 ValidityTue, 04 Mar 2025 10:39:32 GMT - Mon, 02 Jun 2025 11:39:29 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash753110b588b2aa248d294790df0e0ba0 ff32beb3eaeea0fe36c52443f76c685c928dcc70 e2e016b132e39d60e1b87e05395423795fad9522ff3c8807cbaa6191a58e7ccf
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Cookie: ID=0801851bbf98490cffecbc36da77443e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 07 Mar 2025 02:10:46 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=0801851bbf98490cffecbc36da77443e; expires=Sat, 07 Mar 2026 02:10:46 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c68eedd81d0b69-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| 1337x1.wb4.xyz/ | 172.67.135.38 | 200 OK | 1.5 kB |
IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectwb4.xyz Fingerprint05:1F:C8:2C:04:C7:7B:52:1A:46:21:E3:56:78:C8:32:42:5C:ED:64 ValidityTue, 04 Feb 2025 04:01:18 GMT - Mon, 05 May 2025 04:59:42 GMT
File typeHTML document, ASCII text, with very long lines (1556), with no line terminators Hash63f52e0e3b7a40c02d4a75ae8cd43d77 3439b9dffc65ee60df7e6f836bf149b9c11e2aa2 b39109fd15ee85679861f86a4cc5db2874939538d5e079af73e5ceb00f8f32f9
POST / HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 35
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 07 Mar 2025 02:10:44 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
priority: u=4,i=?0
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: sam=sam; Path=/; Domain=1337x1.wb4.xyz; Max-Age=2592000; Expires=Sun, 06 Apr 2025 02:10:44 GMT
cf-ray: 91c68ee3cc76b524-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| wugroansaghadry.com/401/8837431 | 139.45.197.119 | 200 OK | 135 kB |
URL GET wugroansaghadry.com/401/8837431 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjectwugroansaghadry.com FingerprintB3:FC:C2:A6:01:5A:46:7D:C9:6B:03:D1:B8:D9:57:D2:E3:05:F3:DB ValidityFri, 27 Dec 2024 06:16:16 GMT - Thu, 27 Mar 2025 06:16:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size135 kB (134918 bytes) Hashfb57e9d9236a1ad150599abd02ebacc5 2815b829b3ba9d444281b334ae1caa295304a24c 4d747c60384c8b88334f3b7359214f574cb0f65f6532f3fe811b2811021224a8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /401/8837431 HTTP/1.1
Host: wugroansaghadry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:45 GMT
content-type: application/javascript
x-trace-id: c544b02bcd08f0bab8c89367f73510d5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=03018568e1fe44d1eea473d483f22d8f; expires=Sat, 07 Mar 2026 02:10:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-46789381-49 | 142.250.74.136 | 200 OK | 256 kB |
URL GET www.googletagmanager.com/gtag/js?id=UA-46789381-49 IP142.250.74.136:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5268) Size256 kB (255792 bytes) Hash0445921f32ec8cb90474e9bbeb04e501 2c1de0bf2c4ecf69c6f7803c297dfc415bc16507 b4c5c18b5a57f7ec134efadef93330a99101989e6226627b571f0100df36c9a3
GET /gtag/js?id=UA-46789381-49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Mar 2025 02:10:44 GMT
expires: Fri, 07 Mar 2025 02:10:44 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Mar 2025 00:51:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 90683
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| oomaugnaps.net/www/images/10725e5bdf665009302c6f0339658afd.jpg | 104.21.7.134 | 200 OK | 15 kB |
URL GET oomaugnaps.net/www/images/10725e5bdf665009302c6f0339658afd.jpg IP104.21.7.134:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subjectoomaugnaps.net FingerprintCE:54:88:7D:52:37:15:EB:FE:89:3C:2B:00:CA:7D:74:7A:67:67:21 ValidityWed, 22 Jan 2025 09:15:03 GMT - Tue, 22 Apr 2025 10:11:09 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash10725e5bdf665009302c6f0339658afd 5bd415fce58470c41a02eb71ed33c996f8e76353 e56633e7b34b682d8d774abc86edd32fe9dd1b6a4fb9b02b1003e010348caf3a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /www/images/10725e5bdf665009302c6f0339658afd.jpg HTTP/1.1
Host: oomaugnaps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:50 GMT
content-type: image/jpeg
content-length: 14740
last-modified: Thu, 27 Feb 2025 09:40:08 GMT
etag: "67c032f8-3994"
expires: Fri, 07 Mar 2025 15:23:40 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 38830
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6%2FPLD5kToy8l%2B6z1t28OXPQNUptFIhGDqvc4KTXHo69zKjH99n7kXOG2Xg4a8qj%2BEK2Y1%2B3ky%2FpD%2F8Y52LPu4fZyUCg3iaBE1hW%2BwULTzF3jfhFhg2nviHSc0kpyYUh6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c68f0a38f256c1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1305&min_rtt=948&rtt_var=751&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3284&recv_bytes=1235&delivery_rate=3500402&cwnd=254&unsent_bytes=0&cid=98c45d6e8e091fb6&ts=52&x=0"
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/ | 172.67.135.38 | 200 OK | 1.5 kB |
IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/28567a2fdb9ff8db3d92dfdc18af5600/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services Subjectwb4.xyz Fingerprint05:1F:C8:2C:04:C7:7B:52:1A:46:21:E3:56:78:C8:32:42:5C:ED:64 ValidityTue, 04 Feb 2025 04:01:18 GMT - Mon, 05 May 2025 04:59:42 GMT
File typeHTML document, ASCII text, with very long lines (1550), with no line terminators Hash05edbb7fe74d06f36f56ecc10ac59752 96b4a4601b3957d2845f3327a4a6d99d1c4ae467 91467f1af2a9274b75d3f9879a0dbfedd59048899c572ad9d8939f42a6b36de9
POST / HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 35
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 07 Mar 2025 02:10:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: sam=sam; expires=Sun, 06-Apr-2025 02:10:44 GMT; Max-Age=2592000; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylorgha7dgG9mV928qmTW6SsWL4P7chiqjLjzJtfv1vJzvM%2FU6q0bNZz2xysRBvdmPp2on3tJ1VPSBlKrnwlhGrrtamm4f9ZYZTgn%2B2dx83U91IKAEoHyUA98IkVWbjByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91c68ee42cb2b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5816&min_rtt=1915&rtt_var=2842&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4865&recv_bytes=1635&delivery_rate=2005&cwnd=12000&unsent_bytes=0&cid=7bd3993a1cc77d71&ts=475&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| zapsauwhouteeks.com/5/8837420/?oo=1&js_build=iclick-v1.1101.0&dmn=naupsithizeekee.com&tt=2&ix=1 | 139.45.197.242 | 200 OK | 3.9 kB |
URL POST zapsauwhouteeks.com/5/8837420/?oo=1&js_build=iclick-v1.1101.0&dmn=naupsithizeekee.com&tt=2&ix=1 IP139.45.197.242:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerLet's Encrypt Subjectzapsauwhouteeks.com FingerprintF9:44:14:F8:EE:0A:16:8E:65:5B:FD:98:6E:D9:48:06:FB:BD:86:C8 ValidityTue, 04 Mar 2025 13:29:14 GMT - Mon, 02 Jun 2025 13:29:13 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3896), with no line terminators Hash62330c2bb650fa73ee52f9d8a4483d6a 24261a572a61b9c385d04f8069d938d665fa2e48 4c82b2f7127c58c8658d7e007293dda9a8194df7027311b65e3e74ed71e03394
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /5/8837420/?oo=1&js_build=iclick-v1.1101.0&dmn=naupsithizeekee.com&tt=2&ix=1 HTTP/1.1
Host: zapsauwhouteeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 5883
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Cookie: OAID=00818550304f4b6fededcd078e7d4af8; oaidts=1741313447
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:47 GMT
content-type: application/json
x-trace-id: b81939822124ed37ec0341146bcc8dbd
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00818550304f4b6fededcd078e7d4af8; expires=Sat, 07 Mar 2026 02:10:47 GMT; path=/; secure; SameSite=None
oaidts=1741313447; expires=Sat, 07 Mar 2026 02:10:47 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| naupsithizeekee.com/tag.min.js | 188.114.96.1 | 200 OK | 100 kB |
URL GET naupsithizeekee.com/tag.min.js IP188.114.96.1:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services Subjectnaupsithizeekee.com FingerprintA0:2D:FB:33:7F:74:38:2B:3C:61:79:E8:0F:9C:FD:77:BA:A3:48:A6 ValidityFri, 31 Jan 2025 15:23:47 GMT - Thu, 01 May 2025 16:21:22 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size100 kB (100165 bytes) Hashbc19d6147787c9aa036d93a2b1f76a7e adb0e21846422d5028bde11ee8389c64af7dad02 0ada7509d3eacb5b69d969912346099bb743ee9929cf2c157d13862800108204
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: naupsithizeekee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:44 GMT
content-type: application/javascript
x-trace-id: 530f23f69d8dadef72cca81a3ec82806
cache-control: public, max-age=3600, s-maxage=1800
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 246
last-modified: Fri, 07 Mar 2025 02:06:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fpbz19m%2BnxgNOlzDAknCB2uDTToKVwsDlcD2xQfCCyRagM5WDc7A06HdYMk6cMovtaCqTP4HRFyoH0duhCY%2Fmzudw28eFujmfBj2%2FqVHe6oFkbAU25ilwhxiY1KG4hj9ag9N6mCY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c68ee5f9b556b4-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=573&min_rtt=410&rtt_var=289&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3221&recv_bytes=1038&delivery_rate=4645989&cwnd=253&unsent_bytes=0&cid=1895638f48bc037a&ts=80&x=0"
X-Firefox-Spdy: h2
|
|
| ptichoolsougn.net/401/8837469 | 139.45.197.107 | 200 OK | 135 kB |
URL GET ptichoolsougn.net/401/8837469 IP139.45.197.107:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerLet's Encrypt Subjectptichoolsougn.net FingerprintF4:5D:DD:00:D2:EC:3C:35:5A:52:DF:26:72:E6:B9:53:14:B8:5F:5F ValidityFri, 14 Feb 2025 05:26:11 GMT - Thu, 15 May 2025 05:26:10 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size135 kB (134922 bytes) Hash931951beb872b94dda6e0ef7fbf96954 532fc4c84def47528f8d36b3cafbbfed117b2704 ea8cd4945518a087437771551bea72eb248a70f0d70e740df4db79a7879a68e6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /401/8837469 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:45 GMT
content-type: application/javascript
x-trace-id: bb323b7266d64a6b1098cd43f2f2a28f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=030185766cf84510f3528dd9ec8b2ac6; expires=Sat, 07 Mar 2026 02:10:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.67.193.52 | 200 OK | 18 kB |
IP172.67.193.52:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerGoogle Trust Services Subjecttzegilo.com Fingerprint8E:DC:31:F6:FF:38:97:24:78:2A:5C:E7:4F:8B:25:4F:18:35:BF:AA ValiditySun, 19 Jan 2025 12:16:23 GMT - Sat, 19 Apr 2025 13:13:31 GMT
File typeJavaScript source, ASCII text, with very long lines (17229) Hash01227f5edc20e0ff4ed643b27cb8bb68 d71a88f7341f2b1bdaa7deb9a66888607bd52598 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Mar 2025 02:10:46 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
etag: W/"668fb2be-45d7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
age: 839
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIc%2FEJBkc1PMWd7Gv4jGeswnc%2FkPRd%2B2ggRbHvyQuZu0thdmQqABgmvJz1DW5ozdBTVwU4RqfvIohMKQu2ewGtpt6TCXKnA5aUOT6dk5%2FfhM6nelzQLh5QJh4CzhQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c68eeff8000b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1385&min_rtt=448&rtt_var=1545&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3195&recv_bytes=1137&delivery_rate=5051162&cwnd=254&unsent_bytes=0&cid=9f07f9ea02c3f5d5&ts=55&x=0"
X-Firefox-Spdy: h2
|
|
| wugroansaghadry.com/500/8837431?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=wugroansaghadry.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 0 B |
URL OPTIONS wugroansaghadry.com/500/8837431?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=wugroansaghadry.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjectwugroansaghadry.com FingerprintB3:FC:C2:A6:01:5A:46:7D:C9:6B:03:D1:B8:D9:57:D2:E3:05:F3:DB ValidityFri, 27 Dec 2024 06:16:16 GMT - Thu, 27 Mar 2025 06:16:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/8837431?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=wugroansaghadry.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: wugroansaghadry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://1337x1.wb4.xyz/
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ptichoolsougn.net/500/8837469?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.107 | 200 OK | 0 B |
URL OPTIONS ptichoolsougn.net/500/8837469?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.107:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjectptichoolsougn.net FingerprintF4:5D:DD:00:D2:EC:3C:35:5A:52:DF:26:72:E6:B9:53:14:B8:5F:5F ValidityFri, 14 Feb 2025 05:26:11 GMT - Thu, 15 May 2025 05:26:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/8837469?excludes=&oaid=0801851bbf98490cffecbc36da77443e&js_build=8&sw_version=v1.559.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fallu-palak-k-pakore.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://1337x1.wb4.xyz/
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://1337x1.wb4.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=a5b6223c-9af2-49d1-9a15-34282309186a | 139.45.195.252 | 200 OK | 0 B |
URL POST fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=a5b6223c-9af2-49d1-9a15-34282309186a IP139.45.195.252:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0 ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=a5b6223c-9af2-49d1-9a15-34282309186a HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1156
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Fri, 07 Mar 2025 02:10:50 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://1337x1.wb4.xyz
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 | 142.250.74.35 | 200 OK | 40 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 IP142.250.74.35:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40128, version 1.0 Hash9a01b69183a9604ab3a439e388b30501 8ed1d59003d0dbe6360481017b44665153665fbe 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:03:46 GMT
expires: Fri, 06 Mar 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 58028
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| theetheks.com/impression/FrzWbeKGYQ8SIKx57qs-DAANZx6xiTC9ZKHFu6uY2N_WPZxSiqxwbv6UZl-B_OPmZtzxKVPlAOGdaMT_12P5qZiu_tyexsj94F7rrrkkBbcV9cyurhkB8El_N8anioHpuuYuohkJWNw_9M4zRR7jkhqlfNO7cLFeobpiDG1qMgpekvQ7It356VVQGnuBBTFmdSJ3EggoShoAL4DyGCu3Uo5cPE32_4MmKVlzMsr-qmVHqUGCmyUs91kplMfwIKo7b5iTzr1G_OsBQ5oIJuwZmmxfYX4j0o1jza8CDk0ydYRpZxFS5KRblWFmNYBJE73tDTeA4nXyIyO6NI8UIZVdXgXMQRKrz-iXN1WORi_weC1VEm_WyaYExT1bvNf7wiRj4x82r6jJzCcKv-RsTOMdDoZ8Pu1D9T14t964tKlWi_4dRamaEvtl1OBYeb3iCUGhUtg2_sqXrItGVZViTelMyElgqY5VkZbxq_eJ-EJdaXp4uul6Yl1k8Hg3869U7iv_LNq7eKhNBIZFOwNqsQ1QGqgEkI-eIfS469gmQCx0Iz3cSV3T1ijatdjcjWgtE02svJpIcmuDorTN_1IYpiXnJL4-vQQ=?_z=8837581&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 43 B |
URL GET theetheks.com/impression/FrzWbeKGYQ8SIKx57qs-DAANZx6xiTC9ZKHFu6uY2N_WPZxSiqxwbv6UZl-B_OPmZtzxKVPlAOGdaMT_12P5qZiu_tyexsj94F7rrrkkBbcV9cyurhkB8El_N8anioHpuuYuohkJWNw_9M4zRR7jkhqlfNO7cLFeobpiDG1qMgpekvQ7It356VVQGnuBBTFmdSJ3EggoShoAL4DyGCu3Uo5cPE32_4MmKVlzMsr-qmVHqUGCmyUs91kplMfwIKo7b5iTzr1G_OsBQ5oIJuwZmmxfYX4j0o1jza8CDk0ydYRpZxFS5KRblWFmNYBJE73tDTeA4nXyIyO6NI8UIZVdXgXMQRKrz-iXN1WORi_weC1VEm_WyaYExT1bvNf7wiRj4x82r6jJzCcKv-RsTOMdDoZ8Pu1D9T14t964tKlWi_4dRamaEvtl1OBYeb3iCUGhUtg2_sqXrItGVZViTelMyElgqY5VkZbxq_eJ-EJdaXp4uul6Yl1k8Hg3869U7iv_LNq7eKhNBIZFOwNqsQ1QGqgEkI-eIfS469gmQCx0Iz3cSV3T1ijatdjcjWgtE02svJpIcmuDorTN_1IYpiXnJL4-vQQ=?_z=8837581&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://1337x1.wb4.xyz/2019/05/nehari-recipe.html CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint3E:3E:80:BB:97:15:F2:50:5E:7D:B3:B1:1E:28:FF:F0:0F:58:13:CF ValiditySun, 02 Feb 2025 05:44:14 GMT - Sat, 03 May 2025 05:44:13 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impression/FrzWbeKGYQ8SIKx57qs-DAANZx6xiTC9ZKHFu6uY2N_WPZxSiqxwbv6UZl-B_OPmZtzxKVPlAOGdaMT_12P5qZiu_tyexsj94F7rrrkkBbcV9cyurhkB8El_N8anioHpuuYuohkJWNw_9M4zRR7jkhqlfNO7cLFeobpiDG1qMgpekvQ7It356VVQGnuBBTFmdSJ3EggoShoAL4DyGCu3Uo5cPE32_4MmKVlzMsr-qmVHqUGCmyUs91kplMfwIKo7b5iTzr1G_OsBQ5oIJuwZmmxfYX4j0o1jza8CDk0ydYRpZxFS5KRblWFmNYBJE73tDTeA4nXyIyO6NI8UIZVdXgXMQRKrz-iXN1WORi_weC1VEm_WyaYExT1bvNf7wiRj4x82r6jJzCcKv-RsTOMdDoZ8Pu1D9T14t964tKlWi_4dRamaEvtl1OBYeb3iCUGhUtg2_sqXrItGVZViTelMyElgqY5VkZbxq_eJ-EJdaXp4uul6Yl1k8Hg3869U7iv_LNq7eKhNBIZFOwNqsQ1QGqgEkI-eIfS469gmQCx0Iz3cSV3T1ijatdjcjWgtE02svJpIcmuDorTN_1IYpiXnJL4-vQQ=?_z=8837581&js_build=8&sw_version=v1.559.0&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wiw=300&wih=270&wfc=6&pl=https%3A%2F%2F1337x1.wb4.xyz%2F2019%2F05%2Fnehari-recipe.html&drf=https%3A%2F%2F1337x1.wb4.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Cookie: OAID=0801851bbf98490cffecbc36da77443e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 07 Mar 2025 02:10:58 GMT
content-type: image/gif
content-length: 43
x-trace-id: 96a622065a0ded2a44ee1dc025937ec2
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
0.0.0.0