Report - hnftd.blogspot.am/

Report Overview

Submitted URL
hnftd.blogspot.am/
IP
216.58.207.193
ASN
#15169 GOOGLE
Submitted
2024-03-29 05:13:28
Access
public
Website Title
Тинькофф Доход - дополнительный пассивный заработок
Final URL
g1jm3.shop/tink_chat
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
l2nv8.shop	unknown	2024-03-12	2024-03-12	2024-03-13	518 B	13 kB	172.67.204.254
hnftd.blogspot.am	unknown	2015-08-25	2024-03-07	2024-03-09	472 B	682 B	216.58.207.193
hnftd.blogspot.com	unknown	2000-07-31	2024-03-07	2024-03-09	473 B	16 kB	216.58.207.193
sh4737904.c.had.su	unknown	2017-05-10	2023-11-16	2024-03-28	545 B	489 B	81.91.178.100
g1jm3.shop	unknown	2024-03-24	2024-03-24	2024-03-24	4.7 kB	324 kB	172.67.217.61
code.jquery.com	634	2005-12-10	2012-05-21	2024-03-28	425 B	84 kB	151.101.66.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	hnftd.blogspot.am/	Gazprom

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-29	medium	hnftd.blogspot.am	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	g1jm3.shop/tink_chat	390 B	2024-02-07	2024-03-31
Pretty URL g1jm3.shop/tink_chat IP 172.67.217.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-07 14:36:20 Last Seen2024-03-31 09:50:45 Times Seen1453 Hash 03fe0b8419adf8bdf18225d6050d13b7 e569c24531d194c4339312d057a403dd82906268 9393bfd1b73b2fff27224e2aa1070a66e1ea9ba511d0d6f9b10cf5c6f49b1781 Loading...

	g1jm3.shop/tink_chat	74 B	2024-02-07	2024-03-31
Pretty URL g1jm3.shop/tink_chat IP 172.67.217.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-07 14:36:20 Last Seen2024-03-31 09:50:45 Times Seen1453 Hash 4d6b83f2062c856430aca7e335b728ba 0d012adbb0692a4e4320f3f20bca504d42f01ce0 5a2ece2c48b57cace5f007b19c6f9d41e9e1fb2e03dc51b2592239d3d746e453 Loading...

	code.jquery.com/jquery-3.7.0.js	285 kB	2023-05-19	2024-04-25
Pretty URL code.jquery.com/jquery-3.7.0.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-19 18:31:32 Last Seen2024-04-25 18:37:22 Times Seen4921 Hash bce53304d5d3438acfa5fcfae816769f d70fbf2f6aed2c76801d35fd793bf70a9cc060eb 265a924c42de4784cba8fd0e1bd77133bc833ea5f5a31fc77e08922c18fcfa43 Loading...

	g1jm3.shop/l/tink4/js/typed.min.js	3.6 kB	2023-03-07	2024-04-17
Pretty URL g1jm3.shop/l/tink4/js/typed.min.js IP 172.67.217.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:46:22 Last Seen2024-04-17 20:36:48 Times Seen1721 Hash 48b7705121280701755c046e5c4c7dca ae957a8f68496b1cff497f0cdedc3eaa1cdf37a4 60f6ac8998288909ee6b85c8eb8b3b8463efba2fdeb2fd7b78541b9a131df8a5 Loading...

	g1jm3.shop/tink_chat	986 B	2024-02-07	2024-03-31
Pretty URL g1jm3.shop/tink_chat IP 172.67.217.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-07 14:36:20 Last Seen2024-03-31 09:50:45 Times Seen1453 Hash 5ca4c29c635ac1bf273780e129973803 7d361b7db10c7f7092d52434dfd9ede08b055c46 4881fcdfb996b88798bba08c56b772b264e4a72f2adb2fce63ad9acb3f65da3f Loading...

	g1jm3.shop/tink_chat	735 B	2024-02-07	2024-03-31
Pretty URL g1jm3.shop/tink_chat IP 172.67.217.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-07 14:36:20 Last Seen2024-03-31 09:50:45 Times Seen1453 Hash 49bf34a74096d9a358c14900c7e4c36d 30b8b4e69a18d2648c1985dd9e9e57797f72e45f 65819205003e4c90bab89cd4a5b04fb0bbb5e87f51b638bafb9b9377933929fd Loading...

	g1jm3.shop/l/tink4/js/script.js	7.1 kB	2024-02-07	2024-03-31
Pretty URL g1jm3.shop/l/tink4/js/script.js IP 172.67.217.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-07 14:36:20 Last Seen2024-03-31 09:50:45 Times Seen1623 Hash 564a9b5bd1e043c05922f543e7557078 d683751ef7c34d2084cb7adff4988efce01b8375 20e9d142fa72e5932357f6ead4182302297d3eb2532cec4b7b2ccb7516a2c5f8 Loading...

HTTP Transactions (15)

URL IP Response Size

hnftd.blogspot.am/

216.58.207.193

194 B

URL
hnftd.blogspot.am/
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text
Size
194 B (194 bytes)
Hash
d617224c702c04ce3d65cd2440358081
fecab8e614fa73d79afb8e648e27f6f9713e9935
a2ea278030acb574dbb497d4e588d68bcc568fec7cfcded97eefaa8dc4c21102

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: hnftd.blogspot.am
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://hnftd.blogspot.com/
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 29 Mar 2024 05:13:03 GMT
expires: Fri, 29 Mar 2024 05:13:03 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 194
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hnftd.blogspot.com/

216.58.207.193

15 kB

URL
hnftd.blogspot.com/
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (7139)
Size
15 kB (15008 bytes)
Hash
24b8c851993f38011f264667dc33b9e6
6b2ffd61b800f8008278df0b2f7c107f4fe0ccf1
ff70dfeab6057e79350cf1e2d48ec7f93905044d5364329f89aeaec917bbeee7

HTTP Headers

GET / HTTP/1.1
Host: hnftd.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 29 Mar 2024 05:13:04 GMT
date: Fri, 29 Mar 2024 05:13:04 GMT
cache-control: private, max-age=0
last-modified: Thu, 21 Mar 2024 00:49:27 GMT
etag: W/"e8f5aa863dcf94d89225d21a1d62ecb6f61d82727cc5ad633a11e97b3b5c9863"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15008
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sh4737904.c.had.su/auto_domain1700087633.php?sid=4222

81.91.178.100

302 Found

0 B

URL User Request GET HTTP/2
sh4737904.c.had.su/auto_domain1700087633.php?sid=4222
IP
81.91.178.100:443
ASN
#204601 Zomro B.V.

Certificate
IssuerLet's Encrypt
Subjectsh4737904.c.had.su
Fingerprint5D:B7:8A:F2:18:4B:ED:51:81:12:EC:64:12:69:EB:18:59:04:45:C6
ValidityTue, 05 Mar 2024 09:47:51 GMT - Mon, 03 Jun 2024 09:47:50 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /auto_domain1700087633.php?sid=4222 HTTP/1.1
Host: sh4737904.c.had.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hnftd.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg1_=XDvd3sQ4TDtCZsmuFsWs; Domain=.had.su; HttpOnly; Path=/; Expires=Sat, 29-Mar-2025 05:13:04 GMT
date: Fri, 29 Mar 2024 05:13:04 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.2.16
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
location: https://l2nv8.shop/uUt/go?sid=4222
X-Firefox-Spdy: h2

g1jm3.shop/l/tink4/images/avatar.png

172.67.217.61

200 OK

24 kB

URL GET HTTP/3
g1jm3.shop/l/tink4/images/avatar.png
IP
172.67.217.61:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g1jm3.shop/tink_chat
Certificate
IssuerGoogle Trust Services LLC
Subjectg1jm3.shop
Fingerprint41:C2:2B:F1:CC:67:49:79:C4:CA:B3:55:30:EA:EF:70:17:8D:43:EE
ValiditySun, 24 Mar 2024 12:06:25 GMT - Sat, 22 Jun 2024 12:06:24 GMT

File type
PNG image data, 127 x 127, 8-bit/color RGBA, non-interlaced
Size
24 kB (24545 bytes)
Hash
aa161b49a4b47202894bc37f7ddf3ea2
4cd8b986e4dcd6e410c3c19ef73a0d2f0fa84fc3
548f6a0ae60bdb10390e285825f03fb6298de9afd8763e4a3c805947b4156c73

HTTP Headers

GET /l/tink4/images/avatar.png HTTP/1.1
Host: g1jm3.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g1jm3.shop/tink_chat
Cookie: sid=4222
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:13:06 GMT
content-type: image/png
content-length: 24545
last-modified: Sat, 30 Dec 2023 01:41:16 GMT
etag: "658f753c-5fe1"
expires: Sun, 28 Apr 2024 03:26:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 6410
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gq%2FEKG%2BhQk8rJh065zCy2zx4WQOccBCWNbZa6n%2Br%2B3lr2ENUJa%2BXmy1F37UmXo%2BUuq4FsNuzt4KqW0l%2B%2Be7KfptKcUIbBw8SCbrczDsNNb1REWD9yoMw%2Fr3b1bde"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5e64f944b51e-OSL
alt-svc: h3=":443"; ma=86400

g1jm3.shop/l/tink4/images/message-icon.png

172.67.217.61

200 OK

1.0 kB

URL GET HTTP/3
g1jm3.shop/l/tink4/images/message-icon.png
IP
172.67.217.61:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g1jm3.shop/tink_chat
Certificate
IssuerGoogle Trust Services LLC
Subjectg1jm3.shop
Fingerprint41:C2:2B:F1:CC:67:49:79:C4:CA:B3:55:30:EA:EF:70:17:8D:43:EE
ValiditySun, 24 Mar 2024 12:06:25 GMT - Sat, 22 Jun 2024 12:06:24 GMT

File type
PNG image data, 103 x 96, 8-bit colormap, non-interlaced
Size
1.0 kB (1028 bytes)
Hash
a53faaa8deaaa5eb0888bc0f3baab572
3016cbfc123ebcf05243d0954e55cdc99f8cab26
1ffbc9a3b3cf11bc8747389d39303d43354b4b1e239393548a7e478c161d683a

HTTP Headers

GET /l/tink4/images/message-icon.png HTTP/1.1
Host: g1jm3.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g1jm3.shop/tink_chat
Cookie: sid=4222
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:13:06 GMT
content-type: image/png
content-length: 1028
last-modified: Sat, 30 Dec 2023 01:41:16 GMT
etag: "658f753c-404"
expires: Sun, 28 Apr 2024 03:26:17 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 6409
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7aRTlX7oqoX2HAOQcO947dNBmA1AiVlXF0X2575h7Wlib9AEtW1m9UJXdLn9IeikSWUtTp6MZm8nChQbAInP2ZMsQDVSxuO0aLs8ciw1XQVd8f00hsT3qOUqEal"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5e64f945b51e-OSL
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-3.7.0.js

151.101.66.137

200 OK

84 kB

URL GET HTTP/2
code.jquery.com/jquery-3.7.0.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://g1jm3.shop/tink_chat
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
84 kB (83531 bytes)
Hash
bce53304d5d3438acfa5fcfae816769f
d70fbf2f6aed2c76801d35fd793bf70a9cc060eb
265a924c42de4784cba8fd0e1bd77133bc833ea5f5a31fc77e08922c18fcfa43

HTTP Headers

GET /jquery-3.7.0.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://g1jm3.shop
DNT: 1
Connection: keep-alive
Referer: https://g1jm3.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-45944"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 29 Mar 2024 05:13:06 GMT
age: 16886989
x-served-by: cache-lga13628-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 2, 3300
x-timer: S1711689186.115043,VS0,VE0
vary: Accept-Encoding
content-length: 83531
X-Firefox-Spdy: h2

l2nv8.shop/uUt/go?sid=4222

172.67.204.254

302 Found

12 kB

URL User Request GET HTTP/2
l2nv8.shop/uUt/go?sid=4222
IP
172.67.204.254:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectl2nv8.shop
Fingerprint3C:C3:59:C8:F2:46:67:D3:91:0E:46:09:AB:7B:72:70:C2:C9:F0:C8
ValidityTue, 12 Mar 2024 21:44:20 GMT - Mon, 10 Jun 2024 21:44:19 GMT

File type
data
Size
12 kB (12422 bytes)
Hash
e9ec089c29ce8b1e7df43efb066f718f
1f24d93ece3d8ec304022ef60b0cabe6c9a9680c
69f2685e4f17af03dc34df246b9d7c068270eea2d18c24ac3bd8a8fc4f784036

HTTP Headers

GET /uUt/go?sid=4222 HTTP/1.1
Host: l2nv8.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hnftd.blogspot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 29 Mar 2024 05:13:05 GMT
content-type: text/html; charset=UTF-8
location: https://g1jm3.shop/tink_chat?sid=4222
x-powered-by: PHP/8.2.13
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
pragma: no-cache
expires: -1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=upTc8v4nvCMxAcgzA2Nm6KdvSVGoKcjT%2B0rchIVmR2ZSiRFCT2F1tdsf%2BvzcPQQYn%2BAJNgayFpjl1qSRSQXubbvuGBvD%2FW4INqeo%2B%2FfAj4xgT5pyXjItHPGUK7AP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd5e5deef956aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

g1jm3.shop/tink_chat?sid=4222

172.67.217.61

302 Found

14 kB

URL User Request GET HTTP/2
g1jm3.shop/tink_chat?sid=4222
IP
172.67.217.61:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectg1jm3.shop
Fingerprint41:C2:2B:F1:CC:67:49:79:C4:CA:B3:55:30:EA:EF:70:17:8D:43:EE
ValiditySun, 24 Mar 2024 12:06:25 GMT - Sat, 22 Jun 2024 12:06:24 GMT

File type

Size
14 kB (14380 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tink_chat?sid=4222 HTTP/1.1
Host: g1jm3.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hnftd.blogspot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 29 Mar 2024 05:13:05 GMT
content-type: text/html; charset=UTF-8
location: https://g1jm3.shop/tink_chat
x-powered-by: PHP/8.2.13
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: sid=4222; expires=Tue, 14 Mar 2084 05:13:05 GMT; Max-Age=1892160000; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JzA2cosG%2BXk7E5pSaXTEzxBnHVxlJ7XiGWVJT1A%2FtRt18iTurOJNu7WPI8KgeNmqQdn11MP4q50RmK7R3YP8O1icIBQhilwB9ZvnU%2By4xfZ%2F8uRXUnl31qSO850l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd5e60498356c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

g1jm3.shop/l/tink4/images/logo.svg

172.67.217.61

200 OK

36 kB

URL GET HTTP/3
g1jm3.shop/l/tink4/images/logo.svg
IP
172.67.217.61:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g1jm3.shop/tink_chat
Certificate
IssuerGoogle Trust Services LLC
Subjectg1jm3.shop
Fingerprint41:C2:2B:F1:CC:67:49:79:C4:CA:B3:55:30:EA:EF:70:17:8D:43:EE
ValiditySun, 24 Mar 2024 12:06:25 GMT - Sat, 22 Jun 2024 12:06:24 GMT

File type
SVG Scalable Vector Graphics image
Size
36 kB (35487 bytes)
Hash
babe06b152e3eed1d5803cc35e5d62b3
d8ec86da8d91a1a24bba6ad531df2575a6a5a795
cbf1b7e266dd735edde3ffc3897267004456232e25d0af973d8a26005e2dca1e

HTTP Headers

GET /l/tink4/images/logo.svg HTTP/1.1
Host: g1jm3.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g1jm3.shop/tink_chat
Cookie: sid=4222
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:13:06 GMT
content-type: image/svg+xml
last-modified: Sat, 30 Dec 2023 01:41:16 GMT
etag: W/"658f753c-8a9f"
expires: Sun, 28 Apr 2024 03:26:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 6410
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXblrv56ikwyv4H81j2XVbaWfX1TdsSuyW%2FeqV%2Br6qrm5AV0vL12KGZtBeUhLFbTl%2BBLtXj1pkFskOKbM4C%2Bj71CQoxYx%2FUAL5kYWTG4XhjDSnpXK9gX45X4PnBY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5e64f943b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

g1jm3.shop/l/tink4/css/main.css

172.67.217.61

200 OK

46 kB

URL GET HTTP/3
g1jm3.shop/l/tink4/css/main.css
IP
172.67.217.61:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g1jm3.shop/tink_chat
Certificate
IssuerGoogle Trust Services LLC
Subjectg1jm3.shop
Fingerprint41:C2:2B:F1:CC:67:49:79:C4:CA:B3:55:30:EA:EF:70:17:8D:43:EE
ValiditySun, 24 Mar 2024 12:06:25 GMT - Sat, 22 Jun 2024 12:06:24 GMT

File type
ASCII text
Size
46 kB (46018 bytes)
Hash
66d80d27444f23f244223b1aef888014
62fe58f84376d4ced2c796493ee340cb63c5ec51
597d179af55ddc3566939d303b0af7ef86cbb211fbdb238b5dae00a8534080e1

HTTP Headers

GET /l/tink4/css/main.css HTTP/1.1
Host: g1jm3.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g1jm3.shop/tink_chat
Cookie: sid=4222
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:13:06 GMT
content-type: text/css
last-modified: Sat, 30 Dec 2023 01:41:16 GMT
etag: W/"658f753c-b3c2"
expires: Sun, 28 Apr 2024 03:26:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 6410
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJ6PGTDyqymZxzDTH4euV1cnUgVM7JvWBmw9dZrtyWQRzS%2F7dITij2NCbKriiTw7%2FyZbDS9K99poS%2Fckk%2FCTxy2j56U6L2F1y97wW%2BMZG8Mcgw0rlTdOH%2FWn%2FUnC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5e64f941b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

g1jm3.shop/l/tink4/js/script.js

172.67.217.61

200 OK

7.1 kB

URL GET HTTP/3
g1jm3.shop/l/tink4/js/script.js
IP
172.67.217.61:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g1jm3.shop/tink_chat
Certificate
IssuerGoogle Trust Services LLC
Subjectg1jm3.shop
Fingerprint41:C2:2B:F1:CC:67:49:79:C4:CA:B3:55:30:EA:EF:70:17:8D:43:EE
ValiditySun, 24 Mar 2024 12:06:25 GMT - Sat, 22 Jun 2024 12:06:24 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (6312), with no line terminators
Size
7.1 kB (7051 bytes)
Hash
7589c7a52497091bc3e776dab0928111
f7158adbd14a58078cb485cdec756a6055c50fcc
0beed2c3adf5077f287bfe9e2f03bd2a72b56e1c2576ffa35c1d300873e16cce

HTTP Headers

GET /l/tink4/js/script.js HTTP/1.1
Host: g1jm3.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g1jm3.shop/tink_chat
Cookie: sid=4222
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:13:06 GMT
content-type: application/javascript; charset=utf8
last-modified: Sat, 30 Dec 2023 01:41:16 GMT
etag: W/"658f753c-1b8b"
expires: Sun, 28 Apr 2024 03:26:17 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 6409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tatxdsaqhzZQ3W8NX1NB%2FPcnawGxV%2B1UqQyIow1mwCwJxVsaErIZJVyuXLigYohCzE119gV%2BjjFwhADmJHhjaxF4xYBqDztc6zgI3gplNskqTqkPIOeeyOGKn%2BM5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5e64f946b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

g1jm3.shop/l/tink4/favicon.ico

172.67.217.61

200 OK

4.2 kB

URL GET HTTP/3
g1jm3.shop/l/tink4/favicon.ico
IP
172.67.217.61:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g1jm3.shop/tink_chat
Certificate
IssuerGoogle Trust Services LLC
Subjectg1jm3.shop
Fingerprint41:C2:2B:F1:CC:67:49:79:C4:CA:B3:55:30:EA:EF:70:17:8D:43:EE
ValiditySun, 24 Mar 2024 12:06:25 GMT - Sat, 22 Jun 2024 12:06:24 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.2 kB (4158 bytes)
Hash
b44c41c10492292819a685596dda2d75
66048438be1368d95cc281785876530b5805bb75
ad6a5cd9c24c278a8190d0be1724fafdc3a37d0a3fac6ef1dc98178ba8d8d029

HTTP Headers

GET /l/tink4/favicon.ico HTTP/1.1
Host: g1jm3.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g1jm3.shop/tink_chat
Cookie: sid=4222
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:13:06 GMT
content-type: image/x-icon
last-modified: Sat, 30 Dec 2023 01:41:16 GMT
etag: W/"658f753c-103e"
expires: Sun, 28 Apr 2024 03:26:17 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 6409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IbvP3IadfZCJLyQAGj1vxHJBOLQd0%2BIl%2B%2FG7hCrwiFSSeMKnYCPNQfjFscl86W4GlWiVe4S%2BqSzJSpnhUKWHtIR1xcgaXxEyazfRAaMGQHjquq%2BnrxuoWLqOffAq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5e65e974b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

g1jm3.shop/l/tink4/css/style.css

172.67.217.61

200 OK

166 kB

URL GET HTTP/3
g1jm3.shop/l/tink4/css/style.css
IP
172.67.217.61:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g1jm3.shop/tink_chat
Certificate
IssuerGoogle Trust Services LLC
Subjectg1jm3.shop
Fingerprint41:C2:2B:F1:CC:67:49:79:C4:CA:B3:55:30:EA:EF:70:17:8D:43:EE
ValiditySun, 24 Mar 2024 12:06:25 GMT - Sat, 22 Jun 2024 12:06:24 GMT

File type

Size
166 kB (165930 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /l/tink4/css/style.css HTTP/1.1
Host: g1jm3.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g1jm3.shop/tink_chat
Cookie: sid=4222
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:13:06 GMT
content-type: text/css
last-modified: Sat, 30 Dec 2023 01:41:16 GMT
etag: W/"658f753c-2882a"
expires: Sun, 28 Apr 2024 03:26:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 6410
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=akU0oKEvctljTdgaDQimghF4XpGRgy3lp0%2FfkeZwRxmM5UxJ2XIUSRC9uDtQtmu8qsi4lIKCC7l3VPArVHc%2B7E1L9QPfB4azjhECWfyz%2Boftb1a%2BeKzI8qh669Mk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5e64e940b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

g1jm3.shop/l/tink4/js/typed.min.js

172.67.217.61

200 OK

3.6 kB

URL GET HTTP/3
g1jm3.shop/l/tink4/js/typed.min.js
IP
172.67.217.61:443
ASN
#13335 CLOUDFLARENET

Requested by
https://g1jm3.shop/tink_chat
Certificate
IssuerGoogle Trust Services LLC
Subjectg1jm3.shop
Fingerprint41:C2:2B:F1:CC:67:49:79:C4:CA:B3:55:30:EA:EF:70:17:8D:43:EE
ValiditySun, 24 Mar 2024 12:06:25 GMT - Sat, 22 Jun 2024 12:06:24 GMT

File type
JavaScript source, ASCII text, with very long lines (3688), with no line terminators
Size
3.6 kB (3619 bytes)
Hash
60cb8569dfab3d94313d962afb444347
897e8a1bca9004620b3fe63b62ddee9c63ef38cd
66a3f6dbd6fc33eaf444f261dfbe622b34db80df3cb8d1970bdd48d36d9eade8

HTTP Headers

GET /l/tink4/js/typed.min.js HTTP/1.1
Host: g1jm3.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g1jm3.shop/tink_chat
Cookie: sid=4222
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:13:06 GMT
content-type: application/javascript; charset=utf8
last-modified: Sat, 30 Dec 2023 01:41:16 GMT
etag: W/"658f753c-e23"
expires: Sun, 28 Apr 2024 03:26:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 6410
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L9j1pZEd2KHtCKipd08VQmyS%2BpRwZDjmP7k12ByXTiPO9L4jypNUp2G9IWVpCbeWFY%2BlHLMs%2BlvgVXTvxb5SexQKgmpfSgTazBLwI6aboH0aWj7O9JyiXmAUeC9I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5e64f942b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

g1jm3.shop/tink_chat

172.67.217.61

200 OK

14 kB

URL User Request GET HTTP/2
g1jm3.shop/tink_chat
IP
172.67.217.61:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectg1jm3.shop
Fingerprint41:C2:2B:F1:CC:67:49:79:C4:CA:B3:55:30:EA:EF:70:17:8D:43:EE
ValiditySun, 24 Mar 2024 12:06:25 GMT - Sat, 22 Jun 2024 12:06:24 GMT

File type

Size
14 kB (14380 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tink_chat HTTP/1.1
Host: g1jm3.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hnftd.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: sid=4222
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 05:13:05 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.13
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CV%2BlxDKOTj5hFgYFR%2BIQD%2FpJ9VFm%2FxxUjPASf0vJ6UiSRZJ6a9zRYWFVSUBzWYHMxgX02Tkr9h%2F%2FnLJgLZapeZTYy%2FmA2VQeoNJJidZR3f61qEXSuopKUuCe94RD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd5e621a1a56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL

IP

ASN

File type