| tg1.leetgems.h1n.ru/img/LogoBig_1x.png | 81.90.181.60 | 200 OK | 1.6 kB |
URL GET HTTP/2tg1.leetgems.h1n.ru/img/LogoBig_1x.png IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
File typePNG image data, 131 x 31, 8-bit/color RGBA, non-interlaced Hash22aae336e78f75ab0ff2534cf975ed4a bbc0d011f640673b811d07ea30fbfec0415530a4 7bb14dc217f7f5ac7104b4838132dd370e1b808f7df6ccb4fdfd0227de5159bc
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /img/LogoBig_1x.png HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/png
content-length: 1635
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: "6389c0ca-663"
expires: Sat, 26 Apr 2025 04:17:16 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tg1.leetgems.h1n.ru/img/cparip.png | 81.90.181.60 | 200 OK | 2.3 MB |
URL GET HTTP/2tg1.leetgems.h1n.ru/img/cparip.png IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
File typePNG image data, 4096 x 4096, 8-bit/color RGB, non-interlaced Size2.3 MB (2288360 bytes) Hash0664cb29e7663889c52dc98b43ecbefb 8db35f4da81d644fb290b4c3793b1aa2a910ac07 5aa23070b3cf7ceb7e942c4b1c57da80c6bf78e140b53196bbf17eb0d0ed5600
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /img/cparip.png HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/png
content-length: 2288360
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: "6389c0ca-22eae8"
expires: Sat, 26 Apr 2025 04:17:16 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| unitraffic.net/banner.php?user=2718 | 85.208.187.144 | | 852 B |
URL GET unitraffic.net/banner.php?user=2718 IP85.208.187.144:0
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectunitraffic.net FingerprintD6:0F:0E:A2:F9:DF:D0:C4:2A:5E:8F:94:00:76:B1:DF:9C:83:13:DE ValidityThu, 25 Apr 2024 23:35:08 GMT - Wed, 24 Jul 2024 23:35:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1522), with no line terminators Hash30dfa3e94d434603dab6eabfd975493a 83392bcb475e598afd467327fd5832d665e3e515 32f62215553a5471236cc7af22c30c2a5f5ac00db3fbf4ea0a60c25a310142d5
GET /banner.php?user=2718 HTTP/1.1
Host: unitraffic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 04:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=ndacg5ak4994qsiluo4s7qt6mg; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
|
|
| webtrafic.ru/img/banner_empty.gif | 104.21.68.251 | 200 OK | 34 kB |
URL GET HTTP/3webtrafic.ru/img/banner_empty.gif IP104.21.68.251:443
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeGIF image data, version 89a, 468 x 60 Hashad8c7c5a9aa7d752407f1bd9911493d4 31caa83c93fae3797de238975d81e8e3f66fe43e 32cc157d7035835c6c380bd706d0e33294afd6aa61c320c400488b34c66d9e79
GET /img/banner_empty.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/gif
content-length: 33550
etag: "640f1fd0-830e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 3338685
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLH2zWAibqw2XDdDlO1j8BNvw%2FCWi8WwaagiHJzNPt36%2Fd53qc4z%2Bogynkz67LQq%2Fsf6rCZBuURWYk556U7G27Bii52hLNw8fVeGeQfTO10mn%2B7xVYGW56XcBIqWus4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c31d3c7e5693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| unitraffic.net/img/banner_empty.png | 85.208.187.144 | 200 OK | 5.4 kB |
URL GET HTTP/1.1unitraffic.net/img/banner_empty.png IP85.208.187.144:443
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectunitraffic.net FingerprintD6:0F:0E:A2:F9:DF:D0:C4:2A:5E:8F:94:00:76:B1:DF:9C:83:13:DE ValidityThu, 25 Apr 2024 23:35:08 GMT - Wed, 24 Jul 2024 23:35:07 GMT
File typePNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced Hash28d818cd8b5ea617d336300ca726663b d1286a3f06f719fe7c410e41760a81cee39d4c86 8c9960fa2ab2600dad21e8bc1ad0062120067252c7920e8492df81808c2b0af4
GET /img/banner_empty.png HTTP/1.1
Host: unitraffic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 04:17:16 GMT
Content-Type: image/png
Content-Length: 5392
Last-Modified: Sun, 17 Apr 2022 06:44:13 GMT
Connection: keep-alive
ETag: "625bb73d-1510"
Expires: Sat, 27 Apr 2024 04:17:16 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
|
|
| 1rash.ru/q/bsk.php | 89.208.145.166 | 200 OK | 2.4 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeHTML document, ISO-8859 text Hash1d1e270a0f9d9c11a8f7a082dde1e866 2781df8c3216a701dfa7fb861de330a487b7c4f2 a775c29735b3c32570192577829788da259e2594889db941b50701fa81d10fac
GET /q/bsk.php HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: text/html; charset=windows-1251
Content-Length: 2434
Connection: keep-alive
Server: Apache
|
|
| neon.today/context/get/100439/28769/1/468/60 | 213.183.48.30 | 200 OK | 580 B |
URL GET HTTP/1.1neon.today/context/get/100439/28769/1/468/60 IP213.183.48.30:443
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectneon.today FingerprintF9:C9:45:2E:BF:94:50:19:BE:3C:64:8A:BE:97:0C:2B:D6:AE:C9:7A ValidityTue, 02 Apr 2024 22:30:27 GMT - Mon, 01 Jul 2024 22:30:26 GMT
File typeHTML document, Unicode text, UTF-8 text Hashda65f822317970d5451f4fbee8553480 e6c6086836bedff7e03f70ba343482b9a7e5c2b5 c0f3bbb2f7a2a4f769e2683aa587cd9e21e4de3dffd14e286780b50f27faf149
GET /context/get/100439/28769/1/468/60 HTTP/1.1
Host: neon.today
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 04:17:16 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 580
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| 1rash.ru/q/i/i22.jpg | 89.208.145.166 | 200 OK | 1.1 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash09d00cd5cf090d3daf70d5e213688b4c 9022599fd1c9d38bfec8fae286962db248f1f722 a135fceb668a6804c45b9b2a2cac063d3211f517411ebb87ad13e29ed11cd6d2
GET /q/i/i22.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1082
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fb-43a-4a176377d1600"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i21.jpg | 89.208.145.166 | 200 OK | 1.3 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashedcd6cd2af814f8f30bd55e6e1686b6c 687202c4759ba4e1c94b8f62c4be961656cabd28 4c94f6ce0bc99d807ef5ad1c81ffe5c89c1665c751c6aa95baf9179275d19111
GET /q/i/i21.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1287
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1fa-507-4a176376dd3c0"
Accept-Ranges: bytes
|
|
| webtrafic.ru/img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png | 104.21.68.251 | 200 OK | 866 B |
URL GET HTTP/3webtrafic.ru/img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typePNG image data, 25 x 25, 8-bit colormap, non-interlaced Hash38d180fd271c03dc195834c4f6460108 777cda920a9ca1f764cba72f69471a592ba74498 d8f87cc6d28b1e3affe0e051740259bea0d9dcc5591badebd44ecb63ee671373
GET /img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/png
content-length: 866
link: <http://webtrafic.ru/img/pe.png>; rel="canonical"
expires: Thu, 28 Nov 2024 14:17:07 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 29 Nov 2023 14:17:07 GMT
x-original-content-length: 9792
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 12836986
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3P856DFnPj1T9q%2Bj%2FJFiZ4Mml3FT8fYkuiv%2FLH54YhyxMRq7CL6lI%2FpcheGykN3zTts0gpof2lXxiyACAnEgFdJTAZzN3dwc1lzXsIIwpmZi8RtFkyiGkcdbYNFs00o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c3208eb85693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png | 104.21.68.251 | 200 OK | 1.5 kB |
URL GET HTTP/3webtrafic.ru/img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typePNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced Hashb6068d14a1756e0e41052584059ecaac d5836694aa54334f2ae81ad908192970d7ad1590 d31fee4b1d850d79de5748d3b82a5706f6c92e90a4fced70266ae0ae92ed2fd2
GET /img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/png
content-length: 1504
link: <http://webtrafic.ru/img/cart.png>; rel="canonical"
expires: Thu, 28 Nov 2024 14:17:07 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 29 Nov 2023 14:17:07 GMT
x-original-content-length: 24626
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 12836986
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cs%2F7jKgHzzU5QE3KInLAmCja2Vi2mqRhHl9y9DJWiVlWmiVHFv7VsLgNKcC%2FBLDHYzvXalQzFFwRN8xIQt730sHdEmK3N8AKPzQ2DRp6z%2BiXy6VSFz98FuTvXl6Zn%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c3208eba5693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png | 104.21.68.251 | 200 OK | 1.1 kB |
URL GET HTTP/3webtrafic.ru/img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typePNG image data, 25 x 25, 8-bit colormap, non-interlaced Hashabb0364ceccfd96f043c089281b7e8c3 a22a6747139991930c63de9f7fb36ac19998e216 aa2e91454bb83b548d9e01685127a73eda1291cb81899ccc3354e24567a53ace
GET /img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/png
content-length: 1079
link: <http://webtrafic.ru/img/sp.png>; rel="canonical"
expires: Thu, 28 Nov 2024 14:17:07 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 29 Nov 2023 14:17:07 GMT
x-original-content-length: 11788
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 12836986
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jonU30CSwFSQ1IUWaA%2BO2vUEL4DWiU20lMd1QrJ3MGBBNe8o%2BIYFgSI9nuptP2VOD4Cjo7WPyNLJNiNEqzuKHPe3JNo3f4EeMpj1dTAfvbSDLdeRQuizeXEYl1weOaE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c3208ebb5693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1rash.ru/q/i/i29.jpg | 89.208.145.166 | 200 OK | 808 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hasha8bb6266b787520230e26df801086e12 5556ebc578a6b87b9e2113dda0a719740d5ff645 7217c5b17c8499f134de4a5de3af9ae9acb1adaa9a0da6f21ece6fd770bdb09d
GET /q/i/i29.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 808
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:05:18 GMT
ETag: "13c1ff-328-4a5d31520db80"
Accept-Ranges: bytes
|
|
| cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js | 151.101.129.229 | 200 OK | 1.2 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js IP151.101.129.229:443
CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (1623) Hash11d89af3414c7a4dc324be89b1a5ce2c d68a4d4193af0419784b91622ebc4af5abd1042b d37a7d61b33b7277b794fc7be203b20292ec5b9fb091dd3112603c8c48c5a7f6
GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"848-1opNQZOvBBl4S5FiLrxK9avRBCs"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 04:17:16 GMT
age: 24439
x-served-by: cache-fra-eddf8230099-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1217
X-Firefox-Spdy: h2
|
|
| neon.today/logo_small.png | 213.183.48.30 | 200 OK | 19 kB |
URL GET HTTP/1.1neon.today/logo_small.png IP213.183.48.30:443
Requested byhttps://neon.today/context/get/100439/28769/1/468/60 CertificateIssuerLet's Encrypt Subjectneon.today FingerprintF9:C9:45:2E:BF:94:50:19:BE:3C:64:8A:BE:97:0C:2B:D6:AE:C9:7A ValidityTue, 02 Apr 2024 22:30:27 GMT - Mon, 01 Jul 2024 22:30:26 GMT
File typePNG image data, 50 x 15, 8-bit/color RGBA, non-interlaced Hashe8f264874aa64e38756e575d1d6452ba 015287540c0fe06723408a117daac30afc9efefe c86c4eb33d4edbc00eaf4ad4d5afdc7bd9a5e6e311d3e54399590911b6d8b684
GET /logo_small.png HTTP/1.1
Host: neon.today
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neon.today/context/get/100439/28769/1/468/60
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 04:17:16 GMT
Content-Type: image/png
Content-Length: 18858
Last-Modified: Sat, 20 Aug 2022 08:28:35 GMT
Connection: keep-alive
ETag: "63009b33-49aa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i16.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash8b1d04d8a287d40e166d52b8851c9f37 59968678f97de41ea4d1191537db925a72026c94 7eef92ac0490c7d9f62bdf74deaf01a4beee430ebee7eb6fdba8a2a1043e2763
GET /q/i/i16.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1247
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f4-4df-4a176375e9180"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i1.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashc7fa97c8911aca393ddb4217cc075321 584ef670b8982eba7d9853c3047f47e91d7a8c35 f1e6f586e4cb3e5633175f10c60274d54451a3e1ed4a42d9563b3f0d80c60e9b
GET /q/i/i1.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1170
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1ed-492-4a176377d1600"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i10.jpg | 89.208.145.166 | 200 OK | 1.1 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash0ac0624c642f13116fab03f97d48fae9 1b790e1320dfd80ed7337d077f357c39a599dd62 2266f2f329c08b77641df314c7ecb2256ad0b539ae4484269d8eacb6c1e182a2
GET /q/i/i10.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1099
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1ee-44b-4a176374f4f40"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i28.jpg | 89.208.145.166 | 200 OK | 844 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hash412b8d68806a6f1eaae33ab61408e5b6 3cf120f4ac25cb37d03690ed4f4f99e8c10f6549 28e3bab9f1c604044ef0b744978ed7a94986b406fae3f5dc48daab90ddafe571
GET /q/i/i28.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 844
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 11:56:55 GMT
ETag: "13c1fe-34c-4a5d2f725afc0"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i27.jpg | 89.208.145.166 | 200 OK | 852 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hashfa3c317272839ce74e946168cc1f0256 e7ea8d93a2b3df81c5224a5d197672b0f9880ac0 2f9a28e0948fe7428bb68ba67a815438f3723915d5e745421333293ae26fcb27
GET /q/i/i27.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 852
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fd-354-4a176377d1600"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i32.jpg | 89.208.145.166 | 200 OK | 787 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hash2f5b2fa04eb1c03fa76e0f4ee3ba867d c779636e1641ce5543ab7d4ceb8315f50ebf6fe0 3c4761799cfb5faf650cf9b5ee7dcb6323f5ea88a025ab4f2ca45f9ad26aa2a8
GET /q/i/i32.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 787
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:25:42 GMT
ETag: "13c203-313-4a5d35e159d80"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i6.jpg | 89.208.145.166 | 200 OK | 949 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash599ecaaf31ded9febc399f253c6850ac 8b757aafb5f1b3ed40882e6edf81a5a7ceb70cd6 d002b4d408b10bc8993f7f980cfbb85198659e92f345bbe1a812612194925dac
GET /q/i/i6.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 949
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c206-3b5-4a176379b9a80"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i8.jpg | 89.208.145.166 | 200 OK | 1.3 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash2ab385dd42c7301aa0d69bfd3bcb71a2 f5d68e166c75ddbec5ddcfb08b976c559ef75a26 39e01baf23094c9244c4b8babfd1c0faa1aa0648ca1bf3325148b1daa9e78843
GET /q/i/i8.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1264
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c208-4f0-4a176379b9a80"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i7.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash9f1eddb947f9d468e54408d52a1831b0 98e3141fb66605f969c990827c1730e29c92123d ca3346a44f7619fa1928c810fb1f1d2b78ed01eaf28bc2f9ec884555627e25f5
GET /q/i/i7.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1240
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c207-4d8-4a176379b9a80"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i9.jpg | 89.208.145.166 | 200 OK | 1.1 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash4651716c2e8a82e38e57e9c3f88b69fe ed1f6eb5729e01eaff6224d0d676e5d6f74acb5f 848244e41780fd3cf681351db6a399063842f49f6dbcc72a7219e156fe184d26
GET /q/i/i9.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1121
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:59 GMT
ETag: "13c209-461-4a17637aadcc0"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i11.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash8c216347028037af3b531687fb40f5ad 93c87e3bb567c48618a2503123f4f42cb232102a 3f3c39233984706be1fd358a3e17a1f938a562cf287e9f4bd819f005242a79e9
GET /q/i/i11.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1160
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1ef-488-4a176374f4f40"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i12.jpg | 89.208.145.166 | 200 OK | 1.3 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash974908a0d5d6aec321ea6ceadeabcc89 f9ecc635349dec18f5789f0afc667db32389cc0e 0bfdcf90455eb460deee1f94df548fa8ff6cd91a96ac5305515756b3a5e13c84
GET /q/i/i12.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1310
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1f0-51e-4a176374f4f40"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i20.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash20ac0c63e1b8cd918e142669cadf7073 da110a8fa35192d02702cda67816cbea3ab60cef 58eb04e77c4a3b31d18b8ac0b7a33ecff1fe892a8b1871619b9c5ae134a7777a
GET /q/i/i20.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1244
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f9-4dc-4a176376dd3c0"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i03.jpg | 89.208.145.166 | 200 OK | 860 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hash43ad002dd395011a36e0004faff95040 4123a3ed39f1319dd6c4fa1eaaa14734c518abbe 49d9c3f15ae2db284cfd2bb31f1e1fe40d8cc4f833e6ce4118256c5d551b1f01
GET /q/i/i03.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 860
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c1ec-35c-4a176378c5840"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i30.jpg | 89.208.145.166 | 200 OK | 863 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hash82b7028d77310c4a39c48ca5bdb1873a b799bfc4397d54f423d7f20e2779308fd714ef7e 096d226948285a2d84390d1d89388743ab773debc9daf91bdd678d07ab55f2ae
GET /q/i/i30.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 863
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:12:40 GMT
ETag: "13c201-35f-4a5d32f793e00"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i13.jpg | 89.208.145.166 | 200 OK | 1.0 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash0999c2f6b7fb91a5e39884824762e07c ced0d0cc4b7ca1a912b427c4366588737c188380 ce852c75b278249ff2d327b256f20b25d37519ce145b089045fbfe03e566e3d7
GET /q/i/i13.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1035
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f1-40b-4a176375e9180"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i23.jpg | 89.208.145.166 | 200 OK | 869 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hasha0c3f9db170b509064860d331477aac0 caf1270d767791eea4b4e8423adbe4f23156ef2d 30159bc97ad2456ba29092d508d6fc23026066583dad0b10e66a6b94df28c41d
GET /q/i/i23.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 869
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fc-365-4a176377d1600"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i14.jpg | 89.208.145.166 | 200 OK | 1.4 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash0278675b031052695f83ed7285ad5168 e85bd2517e48351474aec32edcf5d1a475fe89f5 81fe9a4decee6ba1e8ababab5bd3afe2fdbcf72c92b0e81d7d8ddaa2f545abc3
GET /q/i/i14.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1378
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f2-562-4a176375e9180"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i15.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash716cf0372a9e3549dd0c8228104e5a8a c25f1da1ecf3c1e1687b356885ed143bdadc529c 99b968d7b2ce9008b2ac8d312e355c7ed61c671b53b70f0694eefb9c20692fb3
GET /q/i/i15.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1213
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f3-4bd-4a176375e9180"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i17.jpg | 89.208.145.166 | 200 OK | 1.3 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash201fb6a4a3b9fc2fd5e96108e79c14e1 2800cf177bac5bbbcaa35b3ac8beb534b264bd0d 8e8b314683c3f3d30a41248101c0d55f0a53ce3f50a198e28033bcc38edef44d
GET /q/i/i17.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1296
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f5-510-4a176375e9180"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i3.jpg | 89.208.145.166 | 200 OK | 1.1 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashc0cd32ad99537e47a0359f7f765a9063 452e77efcfb1852e5dc9d6ba26eca99cf9adb75f d29bad3ad73a49ad955bd610396a9ea4808392fd016f56204108adaf3ebdc511
GET /q/i/i3.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1054
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c200-41e-4a176378c5840"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i18.jpg | 89.208.145.166 | 200 OK | 1.1 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashbd49a082045314b5913de74e31601db1 979096d8183c8a0c0fe16611a822e6b83989a19d 9d59f5df3eec72870aef48178d02ac36f28cfc3975dcf81477d39fc5aef24380
GET /q/i/i18.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1074
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f6-432-4a176376dd3c0"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i19.jpg | 89.208.145.166 | 200 OK | 1.3 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashe4b0a3b3be399e14b790be247368fcf8 2fe771d6660fd4ef5dc313df6f4b2fb8315746d8 92d49c679788eb22633820c9e3e74ac71b23da5cb019f7fd7771a59ba24275b7
GET /q/i/i19.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1275
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f7-4fb-4a176376dd3c0"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i00.jpg | 89.208.145.166 | 200 OK | 914 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hashf0500a756946bd6216a353c755640f62 1d9038b9d476757ca222d3cf22e5e6372083750f e61fa050fcc0d73160370b92428fc300df065aec14b86236b3513afda2a0db05
GET /q/i/i00.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 914
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1eb-392-4a176377d1600"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i2.jpg | 89.208.145.166 | 200 OK | 957 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashcc094b5369d872ff2148ad86ef788d38 0c25a58ebe84c1b141f4d9398eb311abf1968b76 e83a294df92a56d5363eb6299ee547b41809b72dc94d04e6674e1e46fe4a3dea
GET /q/i/i2.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 957
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c1f8-3bd-4a176378c5840"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i4.jpg | 89.208.145.166 | 200 OK | 854 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash10bd409f25fbfbab424662c87ffd8149 fe31d44c2625da598bbaeb110567f74c91f20709 bd03aa9a97b29315975ce1949d8d6d7e8712e264c80234c5c2916a5b29eaae0d
GET /q/i/i4.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 854
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c204-356-4a176379b9a80"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i31.jpg | 89.208.145.166 | 200 OK | 867 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hash0a328a40864cc03d0495cd59273c0831 604badc1551096e40d9076bb9e8861790f8e4912 e87e329c040bb403d5045bfbb4148d96960aa0a27f6f1347a341f38a316c34e1
GET /q/i/i31.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 867
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:17:39 GMT
ETag: "13c202-363-4a5d3414b9ec0"
Accept-Ranges: bytes
|
|
| translate.google.com/translate_a/element.js?cb=TranslateInit | 216.58.211.14 | 200 OK | 31 kB |
URL GET HTTP/2translate.google.com/translate_a/element.js?cb=TranslateInit IP216.58.211.14:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typegzip compressed data, max compression Hashfabd4f78fdbad5411eff03614ec57ec6 4ea034bdb232b9e62e03174348a24325b760c282 95350e1e1ee1d17ffc244f1198b97d6dfdfeaaa91ed34b98f6d2f98e7122fef2
GET /translate_a/element.js?cb=TranslateInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 04:17:17 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tg1.leetgems.h1n.ru/img/telegram_logo_icon.ico | 81.90.181.60 | 200 OK | 68 kB |
URL GET HTTP/2tg1.leetgems.h1n.ru/img/telegram_logo_icon.ico IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
File typeMS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel Hash4f123b8081a681da829b4b034dd4b7bc 02e58fa28ede37a412174ac17cc9883f9378d4ae d7bbaeffe46c40d1b069c527d3138b7e2a0c831a4e3a9ca0ca9350b0d8ec332a
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /img/telegram_logo_icon.ico HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: image/x-icon
content-length: 67646
last-modified: Sun, 05 Mar 2023 08:58:29 GMT
etag: "640459b5-1083e"
expires: Sat, 26 Apr 2025 04:17:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.21.68.251 | 200 OK | 77 kB |
URL GET HTTP/3webtrafic.ru/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: application/octet-stream
content-length: 77160
last-modified: Mon, 13 Mar 2023 13:06:22 GMT
etag: "640f1fce-12d68"
cache-control: max-age=14400, s-maxage=10
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJBgThY7FUQZxJJ%2Fyk%2FWlmgkw2rJjnvNAODTTsC1vHtoZcTr8R1IR%2BsOy43s8MG%2FOLwbc94MCnS0h4fVJiN1EuvhXQnP61Wt2g43skXLqreOAFO8R6YTpR8SVXqvUlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c32358515693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/banners/629ced855a6914574f931bac67d05e45.gif | 104.21.68.251 | 200 OK | 12 kB |
URL GET HTTP/3webtrafic.ru/banners/629ced855a6914574f931bac67d05e45.gif IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeGIF image data, version 89a, 468 x 60 Hasheb7081779805c635152a8a63bae69403 be0698fa005acd021695105c0d4caef92018a7c9 fbc4d8237ae780f3f03b8b3a7f11a636ab24fcab13e208c4a42a790cc18bce11
GET /banners/629ced855a6914574f931bac67d05e45.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: image/gif
content-length: 11826
etag: "65f1a2fd-2e32"
expires: Thu, 25 Apr 2024 19:47:50 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ONAdnA5QHuWgETtsl5r5q7SQYeyT%2FoD51Q%2FO0HfEvrSxDDj4cuc7qgtnmaM%2BqyX%2BO5fYDljU9E1VTB%2F2XqKD5%2Fgw1zrPsFv2nAm%2B83%2BIEG%2FhnBM5QpFHLzEw%2BIZog0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c32358575693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/banners/79e80939853df95135f890ebc1f07946.gif | 104.21.68.251 | 200 OK | 18 kB |
URL GET HTTP/3webtrafic.ru/banners/79e80939853df95135f890ebc1f07946.gif IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeGIF image data, version 89a, 468 x 60 Hasha2959d05e627aa8f83fa414bb10c503e 38f2d1984f8f271baa3ad82cd2572a2a348da464 6b919a2d0d74de1d77aa4b10a6cd9b81cc08d0bf8e1837c68d7556e8eb6bb743
GET /banners/79e80939853df95135f890ebc1f07946.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: image/gif
content-length: 17858
etag: "6628f3d8-45c2"
expires: Wed, 24 Apr 2024 20:29:31 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FCBJ4hMT2eGEpVmOG7bfknlRzoMn8CnnpJjVvs%2Fb5zbAi%2FzxCdiV8S5c3viNs%2FClF9%2FjGn1z3yi9DhyS9xd16oeaorWx6TNI2XCi1puuuRlKDYAUJVxDWikz6a%2BDN0M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c32358565693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css | 142.250.74.99 | | 4.0 kB |
URL GET www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css IP142.250.74.99:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 09:56:49 GMT
expires: Wed, 23 Apr 2025 09:56:49 GMT
cache-control: public, max-age=31536000
age: 238828
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| payeer.com/?session=2103954 | 149.202.17.208 | 200 OK | 621 B |
URL GET HTTP/1.1payeer.com/?session=2103954 IP149.202.17.208:443
CertificateIssuerSectigo Limited Subject*.payeer.com Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06 ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (621), with no line terminators Hashe3b84da190f58394835cfc9c9a6025e1 37015e4a3cfb0fb360c3fede7dcbb626830ff5fa a74127092386132de3e78a066c45cdeaddc010b9f81adb536d6c25ea8c243395
GET /?session=2103954 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: iCore Proxy Module
Date: Fri, 26 Apr 2024 04:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store, max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
|
|
| rekizar.com/bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3 | 172.67.174.5 | | 1.4 kB |
URL GET rekizar.com/bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3 IP172.67.174.5:0
CertificateIssuerGoogle Trust Services LLC Subjectrekizar.com Fingerprint95:55:B7:B7:61:FE:55:F7:F1:E1:F8:82:C8:A6:C5:3B:3B:39:54:BD ValidityTue, 02 Apr 2024 11:49:39 GMT - Mon, 01 Jul 2024 11:49:38 GMT
File typeHTML document, Unicode text, UTF-8 text Hashd930ae9d8479391c014c63330da99b4d db0d5951971bf065f416221cd2065f426e1b8a51 535b183a35efad2ea6ee91e65a1836316cce97984f26a47a9c94266ac68650e1
GET /bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3 HTTP/1.1
Host: rekizar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=378utmsgea1jsqbaiebcvn9jrg; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilbHUhqcGizztI13f1XXqcD%2F1sb1Gwq75Ht24TrVVR0jdkGr364t9Yvy92YJs09T%2F7W1mfm31tkxoKF5r%2BGWFKRFN%2F0%2BT77hbiJ32ppwyJb2AFRvyzAW0EZdo%2BDE3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c323b8815693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| payeer.com/iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0 | 149.202.17.208 | 302 Found | 0 B |
URL GET HTTP/1.1payeer.com/iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0 IP149.202.17.208:443
CertificateIssuerSectigo Limited Subject*.payeer.com Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06 ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payeer.com/?session=2103954
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: iCore Proxy Module
Date: Fri, 26 Apr 2024 04:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store, max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: /?session=2103954
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qSFe8Zd40bk.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfq92X1o0HH0hndEbECGlbI-dOTnmg/m=el_main | 142.250.74.74 | 200 OK | 73 kB |
URL GET HTTP/2translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qSFe8Zd40bk.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfq92X1o0HH0hndEbECGlbI-dOTnmg/m=el_main IP142.250.74.74:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (2297) Hash12487a9b7a04b957648956d8e195e2fa db8c446b1516d76be812ba7bc1ebf455c090ef01 b005774fd9d7ddf333c0c90b728c59db1a08be979a9d64a267e00c5fc37686c2
GET /_/translate_http/_/js/k=translate_http.tr.no.qSFe8Zd40bk.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfq92X1o0HH0hndEbECGlbI-dOTnmg/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 72714
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 18:43:58 GMT
expires: Thu, 24 Apr 2025 18:43:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Apr 2024 17:10:37 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 120799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| informer.yandex.ru/informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews | 87.250.251.119 | 200 OK | 1.5 kB |
URL GET HTTP/2informer.yandex.ru/informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews IP87.250.251.119:443
CertificateIssuerGlobalSign nv-sa Subjectmc.yandex.ru FingerprintDB:EC:6C:00:83:6B:5E:03:B2:DE:D1:CA:D1:7B:50:9B:E3:E8:57:65 ValidityTue, 26 Dec 2023 16:32:23 GMT - Wed, 05 Jun 2024 20:59:59 GMT
File typePNG image data, 80 x 31, 8-bit/color RGBA, non-interlaced Hash16510afa9865ee176c64f80150d15a24 ebe655708d04f3faffb5f369d96df52f49d69557 769d779e317513bc9852a9c079c0d6514eb87f44dc44a9d352aa343ea9665f17
GET /informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews HTTP/1.1
Host: informer.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 1463
last-modified: Fri, 26-Apr-2024 04:17:17 GMT
content-type: image/png
pragma: no-cache
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Fri, 26-Apr-2024 04:17:17 GMT
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/images/lang/lang__ru.png | 104.21.68.251 | 200 OK | 899 B |
URL GET HTTP/3webtrafic.ru/images/lang/lang__ru.png IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typePNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced Hashfa57d43ba1417bf41ad68ba291c3e9b3 7936bf1f4ae4a8d24c0cb1789651b68725fbc1f9 73ba093d2e134bee9f470147aad2521ef9ee5d6a48e32dc6377553546a7ce628
GET /images/lang/lang__ru.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: image/png
content-length: 899
last-modified: Mon, 13 Mar 2023 13:06:23 GMT
etag: "640f1fcf-383"
cache-control: max-age=14400
expires: Fri, 26 Apr 2024 04:09:07 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCSqargYje1wG%2BzaudkfEk5PLtOg1uXw0N9x2EhdiPBgStrL5522aS%2FRXkrRjAEcd0jgGEHklWNr35fqMVZYJ2kZmAQa9IaSPJF5K%2BjhfFxm%2FOo5GF0hJba8irvKi%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c326b99a5693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| payeer.com/?session=2103954 | 149.202.17.208 | 200 OK | 0 B |
URL GET HTTP/1.1payeer.com/?session=2103954 IP149.202.17.208:443
CertificateIssuerSectigo Limited Subject*.payeer.com Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06 ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?session=2103954 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://payeer.com/?session=2103954
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: iCore Proxy Module
Date: Fri, 26 Apr 2024 04:17:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=65
Set-Cookie: BITRIX_SM_SALE_AFFILIATE=2103954; expires=Sun, 26-May-2024 04:17:17 GMT; Max-Age=2592000; path=/
BITRIX_SM_SALE_AFFILIATE=2103954; expires=Sun, 26-May-2024 04:17:17 GMT; Max-Age=2592000; path=/; domain=payeer.com
BITRIX_SM_SALE_AFFILIATE=2103954; expires=Sun, 26-May-2024 04:17:17 GMT; Max-Age=2592000; path=/; domain=.payeer.com
Location: /en/
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback | 142.250.74.74 | | 1.4 kB |
URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP142.250.74.74:0
Hasha3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 26 Apr 2024 04:17:17 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=513=bhsLYjQHpWLdFcwb2osXL-XpyA68NmoqpNzIO-tZp6Lnpf6orIss300oDnA54rg44PjRBJ-vrnlDgFuZm7JfVAcpFKrZyi3wYkvrjVzcSFRBPCKkLRjkBoadRYz-sCDG61pu4B_aKMDwT7J16L1FfIFeQv4Jm8NFafNq_MMeJBs; expires=Sat, 26-Oct-2024 04:17:17 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Fri, 26 Apr 2024 04:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| payeer.com/en/ | 149.202.17.208 | 200 OK | 13 kB |
IP149.202.17.208:443
CertificateIssuerSectigo Limited Subject*.payeer.com Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06 ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (430) Hashf333d95beccb008a3481560678004631 bb2bdc86a648e247ecc97cfee243ba8c5992e5d8 d128a0ce734f1bad2af2da9da2d50ea7327f821b725c0ba7c68153ee04532319
GET /en/ HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://payeer.com/?session=2103954
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: iCore Proxy Module
Date: Fri, 26 Apr 2024 04:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=65
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=n6jm4hq05irt299kklp4gkttq7u155b7haitnt8o2h49j9mjs54fjfeeps02qpp10nof017a0s3e3b278u26c82stjjq5b06k17lpk1; path=/; samesite=None; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.99 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.99:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 14:33:33 GMT
expires: Fri, 25 Apr 2025 14:33:33 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 49425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.google.com/gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240423 | 216.58.211.14 | 204 No Content | 0 B |
URL GET HTTP/3translate.google.com/gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240423 IP216.58.211.14:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240423 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 04:17:18 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-ixpMck2BDXbKhnXZTGAjdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjEtDikmJw15BicEqfwRoExELcHOeurtnIJvCg9zInAGnKCRI"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=19.SE=S9dvSeWGdsjF9M4qh9ciyaW-j0RANHKjyxuhCL0VUXK4Yz6i-nDSLdVW6FBz3YkSXAbEXuLWor54fWtauc18bsshhqwat32W9UxSMAH0dsDn8qPuBB4FbTdEde2m1_JTp_84HQDURCMsYPTGUt7wJN1KapM66v-M0d_zHxwcy2g; expires=Mon, 26-May-2025 20:35:36 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| linkslot.pro/bancode.php?id=1 | 104.21.31.204 | | 4.5 kB |
URL GET linkslot.pro/bancode.php?id=1 IP104.21.31.204:0
CertificateIssuerCloudflare, Inc. Subjectlinkslot.pro Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96 ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1536) Hash0e53b2eb465649e5aaed82e4a83f35c8 72534b716717a1ae9195f9373101d8fa1ebec835 f88e779d29b06620a850969ac985c0e1203fd492099e6c47882636d4d1e25072
GET /bancode.php?id=1 HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: PHPSESSID=6dgbn3jn6k2tmpaam2isv2rav7; path=/; domain=.linkslot.pro
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQ2PK8LXXEZVeYAQ63RrCwh8fOqR5gdjgpmznDGF3wfzy0bQAyIAJKXr%2FWBUAJRTkuADOnUUaCRs%2F%2B5EdvMtlcu5ywoZ2jFEhPkTq26XLYouwn8ZG9jK0vogdR6%2BbTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c323fd0a569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| linkslot.pro/uploads/a7e19b9fb14c0d090df0cb7c8a6bafc0.gif | 104.21.31.204 | 200 OK | 340 kB |
URL GET HTTP/3linkslot.pro/uploads/a7e19b9fb14c0d090df0cb7c8a6bafc0.gif IP104.21.31.204:443
CertificateIssuerCloudflare, Inc. Subjectlinkslot.pro Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96 ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 468 x 60 Size340 kB (339985 bytes) Hashc0aaeafa7cd8a122ac9e17e4a3344f19 64cc190ed5540606bdc9c3fbf270f40ff65c971b c5612f33a8f39a5eac1b79cd53ba0c82e944458a7e3848e02d0397c18075c4eb
GET /uploads/a7e19b9fb14c0d090df0cb7c8a6bafc0.gif HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:18 GMT
content-type: image/gif
content-length: 339985
last-modified: Thu, 25 Apr 2024 13:20:37 GMT
etag: "662a58a5-53011"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 4654
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBX11XFmcX%2FnXdlNlowrDg9XLATl9ZTRU7rr8EXeiDsSYNz16LccqhhfZvtWC2zuAgYpBtPU4CHJx7d1Xy6758RgIA%2FLUlvWmimuaXiVhBHiExrzBiYeIPEePBLuU0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c327ccac5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| linkslot.pro/img/buyb.png | 104.21.31.204 | 200 OK | 2.6 kB |
URL GET HTTP/3linkslot.pro/img/buyb.png IP104.21.31.204:443
CertificateIssuerCloudflare, Inc. Subjectlinkslot.pro Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96 ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typePNG image data, 127 x 16, 8-bit/color RGBA, non-interlaced Hash6623622f5954708d814fc46180f75b9f 7bd68ddbb91875e815e73fa937efc259e56fad47 5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
GET /img/buyb.png HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:18 GMT
content-type: image/png
content-length: 2585
last-modified: Thu, 06 Apr 2023 09:20:44 GMT
etag: "642e8eec-a19"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 2619
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FhtI9qQWGrC4IxWk3BcytBvTwkognti1FUP6PF%2FCfUFVqa5NJAK8Y7LWJX32yKwtaaxBrlJkvNKe9CdmM9XobslImA9CgvBh33WHNSZcrpLj1b%2FY7QtBscAuU4n6wk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c327dcae5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.74 | 200 OK | 0 B |
URL POST HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.74:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://webtrafic.ru/
Origin: https://webtrafic.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://webtrafic.ru
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 26 Apr 2024 04:17:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.74 | 200 OK | 131 B |
URL POST HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.74:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webtrafic.ru/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1073
Origin: https://webtrafic.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://webtrafic.ru
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 26 Apr 2024 04:17:27 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| linkslot.link/img/buyb.png | 104.21.15.5 | 200 OK | 2.6 kB |
URL GET HTTP/3linkslot.link/img/buyb.png IP104.21.15.5:443
CertificateIssuerGoogle Trust Services LLC Subjectlinkslot.link FingerprintB8:D7:B6:CD:DE:AC:A1:C0:8F:BB:6A:DD:85:0F:6D:90:52:E0:96:CB ValidityWed, 06 Mar 2024 10:01:08 GMT - Tue, 04 Jun 2024 10:01:07 GMT
File typePNG image data, 127 x 16, 8-bit/color RGBA, non-interlaced Hash6623622f5954708d814fc46180f75b9f 7bd68ddbb91875e815e73fa937efc259e56fad47 5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
GET /img/buyb.png HTTP/1.1
Host: linkslot.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:32 GMT
content-type: image/png
content-length: 2585
last-modified: Sun, 10 Mar 2024 02:58:08 GMT
etag: "65ed21c0-a19"
expires: Fri, 26 Apr 2024 23:33:15 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 17057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MRLifGlt41C4%2FS3JOWsU1dSKlRervFenpCDPJ7wixjKNMu3rigTHp%2BnYNqz0oxHsmZgOPsmhihIsee%2BFIUDqg3m%2BmcUMgjc3RFYlsx067kEkfudDcE%2FnqjLzRaR9zccb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c382ac80b503-OSL
alt-svc: h3=":443"; ma=86400
|
|
| linkslot.link/bancode_new.php?id=358863 | 104.21.15.5 | | 34 kB |
URL GET linkslot.link/bancode_new.php?id=358863 IP104.21.15.5:0
CertificateIssuerGoogle Trust Services LLC Subjectlinkslot.link FingerprintB8:D7:B6:CD:DE:AC:A1:C0:8F:BB:6A:DD:85:0F:6D:90:52:E0:96:CB ValidityWed, 06 Mar 2024 10:01:08 GMT - Tue, 04 Jun 2024 10:01:07 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2423) Hashab1ec8f182faa550a4870de4ccd4d3d6 a66488c7725745c48bb9732cf0e75d68986f0d94 28b01dc185c984741f000d587f63798f0d3206b5a253eb46af160315a05e4de4
GET /bancode_new.php?id=358863 HTTP/1.1
Host: linkslot.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:32 GMT
content-type: text/html;charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYpS2%2FvFRswo4jMKpsfIslV7nUH2bfDAJ0wNLPwz0%2FzQdUfMBHhRDMfyKunBnmLIv4l1LADsGerdsdCRIYXuNmkw%2BcCwFBT9ypOzJdvzs9bruKp6FA3%2BsiChQC38Iaj9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3819a40b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/banners/3dfa85a815352bcb53b5c3e9ae345974.jpg | 104.21.68.251 | 200 OK | 5.2 kB |
URL GET HTTP/3webtrafic.ru/banners/3dfa85a815352bcb53b5c3e9ae345974.jpg IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 468x60, components 3 Hash9c5ff5ef151f901d20d94ce7c8453dab cde31b3bd651d2c1e9a06010774c813b77ba3e0f a5b159e6c4581641806110bc101cb4c550604bb4b15090d001c0b92c421ae666
GET /banners/3dfa85a815352bcb53b5c3e9ae345974.jpg HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:37 GMT
content-type: image/jpeg
content-length: 5195
x-original-content-length: 10687
etag: W/"PSA-aj-nF_17xUfkB"
expires: Fri, 26 Apr 2024 04:21:05 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9AUKt%2FypRcSf2R5JERcTPNGfDGxYCZ42zlGTevTJ4cTlt6Y7dUShuegP3%2Bwt6IjV6cl0c%2FNm5tDHW0IR%2FAknEdPLL60oH2ZNx6e1TospDrWZxzWv55c5ks%2FvhrddhI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c3a06b835693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/banners/899bca1fbac3067ad78b45da65256bb8.gif | 104.21.68.251 | 200 OK | 130 kB |
URL GET HTTP/3webtrafic.ru/banners/899bca1fbac3067ad78b45da65256bb8.gif IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeGIF image data, version 89a, 468 x 60 Size130 kB (129821 bytes) Hash4c8860751e58a3b98bfc949422a2a475 8b88af491c1a4c032a3f84d166bfe020c059ac1b d91d92766813ffdf21a641b174af2951fbc3104ab3f0e98ffed91306a5ba6e24
GET /banners/899bca1fbac3067ad78b45da65256bb8.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:37 GMT
content-type: image/gif
content-length: 129821
etag: "662a719e-1fb1d"
cache-control: max-age=14400
expires: Fri, 26 Apr 2024 04:22:07 GMT
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRRve0HioluUZoh5y29iQ9crSSiE%2BvNBAhhFoJNnCPUpycT15VyFly85mZv4hMsbzNtPxgCSKBrVnchZ%2BGGJIIUp9s24knJs3gCA38cq%2FEbK0mTNke2bCyquQdsnu1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c3a05b825693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/js/socket.io.min.js | 104.21.68.251 | 200 OK | 64 kB |
URL GET HTTP/3webtrafic.ru/js/socket.io.min.js IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeJavaScript source, ASCII text, with very long lines (64366), with no line terminators Hash63241b78a09366c1220125b1c8a5ff20 91d14b8a343afbb645bcd157200555816519ced3 f01fea38541229b697b158619451884a0b355c477a7da949411f0aa6852fab89
GET /js/socket.io.min.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: application/javascript
x-original-content-length: 64504
vary: Accept-Encoding
etag: W/"PSA-aj-YyQbeKCTZs"
expires: Tue, 23 Apr 2024 15:49:07 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 576
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bo4lLV8QnnYIuDGQrRyLWHLkPW%2B%2FYyoM%2F596wLu05BLt9ITe55DoLVjMeClIaPKHeT66TeUVNMqICApjTXoWWimJhUPoqrBCRXBZwBVhKSVske8mKzG%2FDTFfwpDbbFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3207eb55693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js | 104.21.68.251 | 200 OK | 88 kB |
URL GET HTTP/3webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb4999cbb6a73a9b312f635cff75e5a53 c7b683fc72d06eac129185c3e60362f5c1adc2a8 736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302
GET /js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"0"
expires: Mon, 25 Nov 2024 05:53:12 GMT
last-modified: Sun, 26 Nov 2023 05:53:12 GMT
vary: Accept-Encoding
x-original-content-length: 88145
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 13127006
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUzBXxj8l4LexhJAnm7tQf6tHf2KXOF0yq4sqR0ZCyzP%2BNv75zDJJnKP6TC4d9bRuT8yCT%2FuamqwECb%2BNXp3pF3%2BmVUuIxG9ZA6wT5cNMHi%2FJ6BBhfa%2FMBerY%2BYXWk4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3207eb25693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| linkslot.ru/uploads/cd64ace35d93b2ca176ceaa7bdcf8cb4.gif | 172.67.223.195 | 200 OK | 31 kB |
URL GET HTTP/2linkslot.ru/uploads/cd64ace35d93b2ca176ceaa7bdcf8cb4.gif IP172.67.223.195:443
CertificateIssuerLet's Encrypt Subjectlinkslot.ru FingerprintB7:EA:87:79:45:4A:E5:99:FC:25:D1:DA:AC:D6:B9:AB:30:8C:09:D5 ValidityTue, 16 Apr 2024 15:06:13 GMT - Mon, 15 Jul 2024 15:06:12 GMT
File typeGIF image data, version 89a, 468 x 60 Hashcd64ace35d93b2ca176ceaa7bdcf8cb4 513b9d28f1682e46c967283e21d4d4d0cfbfad1a 3260385da46f95328a7f20243f96f5daa51bcb7e5cbd09f7ffce9e9d2963fc84
GET /uploads/cd64ace35d93b2ca176ceaa7bdcf8cb4.gif HTTP/1.1
Host: linkslot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:32 GMT
content-type: image/gif
content-length: 30711
last-modified: Thu, 25 Apr 2024 23:25:09 GMT
etag: "662ae655-77f7"
cache-control: max-age=14400, s-maxage=10
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVwCY%2BMIeN4OkBEyZ4FJeJXNZ7U2olxDI%2BF2VzsDjqT%2Fe%2FB%2FXXWqz%2BnG7WAPNbroYvqeB4ENCd8KhEYyq5WGbHGYpkHuviDgN82VFJpzHuBx3kBDvC6Q0ZCiAHzImw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c382ed2756c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg | 216.58.207.227 | 200 OK | 6.2 kB |
URL GET HTTP/2fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeSVG Scalable Vector Graphics image Hasha1a4ffbc52fa4bd18e2f9f7c45ba71fc 0df81f908c859204ae9748c21ad2a4219381b2e4 151e69c94e1f500a46c405df3a0c60043651b22aec7b4ae33d5df3bc9fd82737
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 18:58:28 GMT
expires: Mon, 21 Apr 2025 18:58:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 379130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js | 104.21.68.251 | 200 OK | 81 kB |
URL GET HTTP/3webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash070da11284349ddb4498fa8c51e1e103 e5d71d44333fd20376909a4b7b12a9201108d59a 4139a3b34657fa34eb91cdaf03375da63742bcefb317aa3f585cc3b2737d8220
GET /bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"0"
expires: Thu, 21 Nov 2024 02:12:32 GMT
last-modified: Wed, 22 Nov 2023 02:12:32 GMT
vary: Accept-Encoding
x-original-content-length: 81084
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 13485773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDn42X%2BB0gfFxeL9Jsh0VHX36jSBT0gdUemu3wnq89dCVxOQP3XYoLbAO07IWujqS7rXKO8MvluVbeYcFSHa9lPls4tCE0OJj4ko2L8nPPam4Y%2FOoY6dJmAu7Qr6uTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3207eb35693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css | 104.21.68.251 | 200 OK | 230 kB |
URL GET HTTP/3webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
Size230 kB (230290 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=231427
etag: W/"0"
expires: Mon, 25 Nov 2024 05:55:28 GMT
last-modified: Sun, 26 Nov 2023 05:55:28 GMT
vary: Accept-Encoding
x-original-content-length: 292525
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 13126838
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JLFkNfI%2FyTmzL5eMu6GTR19m6h8jDlhvBq%2BXQUXReKmcmuZzqPFffNWUn4SnsS4v4EcqO6G2lzHbjGINX06hxFhW4i7AUGxQv2zqi3X8QHRKJhBQ0VcPGvPuHaaEquw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3207eb15693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 81.90.181.60 | 200 OK | 6.3 kB |
URL User Request GET HTTP/2IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6000), with no line terminators Hash9643a8f96e190fea93003b4d37047de1 0e6d0c0318ae2236dc33817f1fc6c1223c45d9de 13d84b9f1c1745d92973a04667b689f57682ac00722dc0903625e169e64d09ab
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET / HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:15 GMT
content-type: text/html; charset=UTF-8
last-modified: Sat, 28 Oct 2023 19:12:20 GMT
etag: W/"18ad-608cb95862a94"
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| tg1.leetgems.h1n.ru/css/bootstrap.min.css | 81.90.181.60 | 200 OK | 141 kB |
URL GET HTTP/2tg1.leetgems.h1n.ru/css/bootstrap.min.css IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
File typeASCII text, with very long lines (65319), with CRLF line terminators Size141 kB (140942 bytes) Hash62907ef14a08ac2199b60610b616d0e5 7ccf464455d57e73be3acf820ba77ee92ad4fc13 3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /css/bootstrap.min.css HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: text/css
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: W/"6389c0ca-2268e"
expires: Sat, 26 Apr 2025 04:17:16 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tg1.leetgems.h1n.ru/css/detect.js | 81.90.181.60 | 200 OK | 52 kB |
URL GET HTTP/2tg1.leetgems.h1n.ru/css/detect.js IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /css/detect.js HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: W/"6389c0ca-cadb"
expires: Sat, 26 Apr 2025 04:17:16 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/ads.php?uid=8247 | 0.0.0.0 | | 0 B |
URL GET webtrafic.ru/ads.php?uid=8247 IP0.0.0.0:0
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads.php?uid=8247 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qq197Fxc%2FI99rUOzLeJOmLtxqLquXhvaGGahlpNNXEnXXuPaanIjRneK65ceTASST%2BrMH%2FY%2FQHCHGnpKsoniLxALsjc4AuILQ5meu9Tv9Ef%2Fo3NfO%2FCfClUgcgXKPiA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c31b7bd956bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/ | 104.21.68.251 | 200 OK | 43 kB |
IP104.21.68.251:443
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=fm05losuttc9bgtnvtt506kq4v; path=/
pragma: no-cache
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKQ4Ttr6THIbql5rGTbYSHM8m%2BPa5Ss7u%2FMsYjFt%2BEsStIRuUSXD1YA3zwWDURQ%2FCg7B5c2IatnyPL5840C%2FB%2F%2BEI0x96yMX6snQQ2j9NUQjvkfnOx7tvXHcXvQhr0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c31d3c7d5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/ads.php?uid=8247 | 0.0.0.0 | | 0 B |
URL GET webtrafic.ru/ads.php?uid=8247 IP0.0.0.0:0
Requested byhttps://tg1.leetgems.h1n.ru/ CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads.php?uid=8247 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7fPsS22GhL20tb9DardJwTeMiw4vYb48DxxLDvXS%2FNgUdgbCjE%2BlLyQkdvBmqSLHUHj00Y1DNN3vuwpC6%2Bn92ycKBeOIBtE8xyUQFpU20hdWH4R7%2BpLtAdpERSTMiPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c31c1c9a56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js | 104.21.68.251 | 200 OK | 35 kB |
URL GET HTTP/3webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=34954
etag: W/"0"
expires: Sat, 23 Nov 2024 06:11:58 GMT
last-modified: Fri, 24 Nov 2023 06:11:58 GMT
vary: Accept-Encoding
x-original-content-length: 49566
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 13298519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUhFWjyLQrhdEraQrXdPUxBHi5V3Ydfarbu8sCtRr4KGmUDij2560hWvwR8r7HKUBu7q3E9ipcY4r3SbjW00Sz5n1x5I12hIZtTbc%2B5vyCcGrI%2BUYp8rrVzwb5tFLZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3207eb45693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|