Report - tg1.leetgems.h1n.ru/

Report Overview

Submitted URL
tg1.leetgems.h1n.ru/
IP
81.90.181.60
ASN
#50340 OOO Network of data-centers Selectel
Submitted
2024-04-26 04:17:44
Access
public
Website Title
Telegram
Final URL
tg1.leetgems.h1n.ru/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
webtrafic.ru	336414	2020-09-01	2020-09-01	2024-02-13	9.0 kB	834 kB	104.21.68.251
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-25	424 B	2.0 kB	151.101.129.229
translate.google.com	1156	1997-09-15	2012-05-30	2024-04-25	909 B	34 kB	216.58.211.14
linkslot.ru	369467	2012-11-13	2013-01-07	2024-03-14	450 B	31 kB	172.67.223.195
informer.yandex.ru	54908	1997-09-23	2015-07-19	2024-04-24	462 B	1.8 kB	87.250.251.119
tg1.leetgems.h1n.ru	unknown	unknown	No data	No data	2.7 kB	2.6 MB	81.90.181.60
unitraffic.net	unknown	2022-04-13	2022-04-16	2024-04-09	847 B	7.0 kB	85.208.187.144
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-25	1.1 kB	7.3 kB	142.250.74.99
payeer.com	132117	2012-07-17	2014-10-07	2024-02-26	2.1 kB	16 kB	149.202.17.208
linkslot.link	unknown	unknown	No data	No data	842 B	38 kB	104.21.15.5
1rash.ru	unknown	2019-05-26	2019-06-10	2023-09-15	13 kB	42 kB	89.208.145.166
neon.today	175799	2017-08-10	2017-08-17	2024-03-28	984 B	20 kB	213.183.48.30
rekizar.com	unknown	unknown	No data	No data	428 B	2.1 kB	172.67.174.5
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04	2024-04-25	526 B	2.2 kB	142.250.74.74
translate.googleapis.com	1005	2005-01-25	2012-05-31	2024-04-25	1.7 kB	75 kB	142.250.74.74
linkslot.pro	unknown	2015-09-02	2016-01-01	2024-02-22	1.3 kB	349 kB	104.21.31.204
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	451 B	7.1 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	tg1.leetgems.h1n.ru/	Telegram
2024-04-25	medium	tg1.leetgems.h1n.ru/	Telegram
2024-04-25	medium	tg1.leetgems.h1n.ru/	Telegram
2024-04-25	medium	tg1.leetgems.h1n.ru/	Telegram
2024-04-25	medium	tg1.leetgems.h1n.ru/	Telegram
2024-04-25	medium	tg1.leetgems.h1n.ru/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (58)

	URL	Size	First Seen	Last Seen
	webtrafic.ru/	31 B	2023-10-27	2024-04-26
Pretty URL webtrafic.ru/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 20:05:53 Last Seen2024-04-26 06:17:51 Times Seen10 Hash 67a8c744a44f48b0cc69093ed229e333 0aaf66c16454ac2f6d2d0e5cb5bb089f9c7d1c48 2aa4b93c47e657fba68f6590cf6ac0e261450c54d1b1b751ec255a8add5560b9 Loading...

	linkslot.pro/bancode.php?id=1	2.6 kB	2024-04-26	2024-04-26
Pretty URL linkslot.pro/bancode.php?id=1 IP 104.21.31.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:17:51 Last Seen2024-04-26 06:17:53 Times Seen2 Hash 0e53b2eb465649e5aaed82e4a83f35c8 72534b716717a1ae9195f9373101d8fa1ebec835 f88e779d29b06620a850969ac985c0e1203fd492099e6c47882636d4d1e25072 Loading...

	tg1.leetgems.h1n.ru/	24 B	2024-04-07	2024-04-26
Pretty URL tg1.leetgems.h1n.ru/ IP 81.90.181.60 ASN #50340 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-07 06:38:01 Last Seen2024-04-26 06:17:51 Times Seen3 Hash 60230aae070e5df9f2df03d2d12813cd b772ee21a38890648826ee3a2ea1bf514c486cb4 bf58c12f5745285d986dbb544c70b00a852369c14ba1434c675fe08524e5c662 Loading...

	unitraffic.net/banner.php?user=2718	1.6 kB	2024-04-07	2024-04-26
Pretty URL unitraffic.net/banner.php?user=2718 IP 85.208.187.144 ASN #204601 Zomro B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-07 06:38:01 Last Seen2024-04-26 06:17:53 Times Seen6 Hash 30dfa3e94d434603dab6eabfd975493a 83392bcb475e598afd467327fd5832d665e3e515 32f62215553a5471236cc7af22c30c2a5f5ac00db3fbf4ea0a60c25a310142d5 Loading...

	webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js	81 kB	2023-03-08	2024-04-26
Pretty URL webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:34:53 Last Seen2024-04-26 06:17:53 Times Seen21 Hash 070da11284349ddb4498fa8c51e1e103 e5d71d44333fd20376909a4b7b12a9201108d59a 4139a3b34657fa34eb91cdaf03375da63742bcefb317aa3f585cc3b2737d8220 Loading...

	webtrafic.ru/	31 B	2023-10-27	2024-04-26
Pretty URL webtrafic.ru/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 20:05:53 Last Seen2024-04-26 06:17:52 Times Seen10 Hash 845d738167249ba64cdd0a16c1c3cee8 f395bd091bd3ec77005333406d938818c4af0eef 7b96d45981d628780fb1d4ab28152c9163494fa3de2879ee865ff31cd0d868e3 Loading...

	webtrafic.ru/	42 B	2023-10-27	2024-04-26
Pretty URL webtrafic.ru/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 20:05:53 Last Seen2024-04-26 06:17:52 Times Seen9 Hash e62cbb0165fffa03a5fcb4b9dafe7a49 ccb398093c462746cb2795fb3d0ca630c853a701 7ba9426262deec9cce9934f26648b23d653f3a1d786268a5ff873122da47b385 Loading...

	tg1.leetgems.h1n.ru/css/detect.js	52 kB	2023-07-02	2024-04-30
Pretty URL tg1.leetgems.h1n.ru/css/detect.js IP 81.90.181.60 ASN #50340 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-02 18:56:09 Last Seen2024-04-30 19:30:58 Times Seen33 Hash 1a6562fb89417e06cc801d5f3c5771c1 4a83ce13216db8f6f792cb312df869685d5ed367 40ccd872ab672d693655c3478e46248417330f584342852d4431ea62fc89e03f Loading...

	webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js	88 kB	2023-03-07	2024-04-28
Pretty URL webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:29 Last Seen2024-04-28 21:07:12 Times Seen400 Hash b4999cbb6a73a9b312f635cff75e5a53 c7b683fc72d06eac129185c3e60362f5c1adc2a8 736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302 Loading...

	unknown	9 B	2023-03-07	2024-05-06
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-06 15:47:46 Times Seen16312 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

	tg1.leetgems.h1n.ru/	0 B	2023-03-07	2024-05-06
Pretty URL tg1.leetgems.h1n.ru/ IP 81.90.181.60 ASN #50340 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 15:58:42 Times Seen37379712 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	webtrafic.ru/ads.php?uid=8247	1.2 kB	2024-04-26	2024-04-26
Pretty URL webtrafic.ru/ads.php?uid=8247 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:17:52 Last Seen2024-04-26 06:17:52 Times Seen1 Hash 4897fb8003e87f672918587e3f7fe44b 25df6bb29f6e7059635726a51134dfcefc9e98f3 c086b674db664b99c87a3f52edefedc2d43b83bd1bb42b308353884401e18afa Loading...

	webtrafic.ru/js/socket.io.min.js	64 kB	2023-10-27	2024-04-26
Pretty URL webtrafic.ru/js/socket.io.min.js IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-27 20:05:53 Last Seen2024-04-26 06:17:53 Times Seen16 Hash 63241b78a09366c1220125b1c8a5ff20 91d14b8a343afbb645bcd157200555816519ced3 f01fea38541229b697b158619451884a0b355c477a7da949411f0aa6852fab89 Loading...

	webtrafic.ru/	1.7 kB	2023-10-27	2024-04-26
Pretty URL webtrafic.ru/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 20:05:53 Last Seen2024-04-26 06:17:52 Times Seen9 Hash 68c5191cf1dfcd866d6ee19463cbb0df 3db6e711a08e6d3214b0d2dba61aba1b9c2d3452 5b05bd63d422fbbfc4f730622804e9263ecd9b017b5f35d6e0dbe2e93913b368 Loading...

	1rash.ru/q/bsk.php	2.8 kB	2024-04-26	2024-04-26
Pretty URL 1rash.ru/q/bsk.php IP 89.208.145.166 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:17:52 Last Seen2024-04-26 06:17:52 Times Seen1 Hash 652f0e0d7144754582cc5dcb80b670a1 952b8075130358f7a4664b2d5eabde3da27520e8 9c835247e1cc0462ffd52a8cd209aa37fc0bbd62f985d584fb406884e42c1737 Loading...

	cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js	2.1 kB	2024-01-23	2024-05-04
Pretty URL cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-23 06:58:57 Last Seen2024-05-04 00:15:47 Times Seen216 Hash 11d89af3414c7a4dc324be89b1a5ce2c d68a4d4193af0419784b91622ebc4af5abd1042b d37a7d61b33b7277b794fc7be203b20292ec5b9fb091dd3112603c8c48c5a7f6 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qSFe8Zd40bk.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfq92X1o0HH0hndEbECGlbI-dOTnmg/m=el_main	211 kB	2024-04-24	2024-04-29
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qSFe8Zd40bk.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfq92X1o0HH0hndEbECGlbI-dOTnmg/m=el_main IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 21:36:57 Last Seen2024-04-29 10:46:57 Times Seen154 Hash 12487a9b7a04b957648956d8e195e2fa db8c446b1516d76be812ba7bc1ebf455c090ef01 b005774fd9d7ddf333c0c90b728c59db1a08be979a9d64a267e00c5fc37686c2 Loading...

	linkslot.link/bancode_new.php?id=358863	7.4 kB	2024-04-26	2024-04-26
Pretty URL linkslot.link/bancode_new.php?id=358863 IP 104.21.15.5 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:17:52 Last Seen2024-04-26 06:17:53 Times Seen2 Hash ab1ec8f182faa550a4870de4ccd4d3d6 a66488c7725745c48bb9732cf0e75d68986f0d94 28b01dc185c984741f000d587f63798f0d3206b5a253eb46af160315a05e4de4 Loading...

	webtrafic.ru/	451 B	2023-10-27	2024-04-26
Pretty URL webtrafic.ru/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 20:05:53 Last Seen2024-04-26 06:17:52 Times Seen8 Hash 19f40970247d1f2ae3cd80be5610c744 e6d65ec231ddcc241ce0ee1f74744a26eeaa129c 6a026493e335d68e9e9d4291ed6e4dc3eeb868fe7f7cdfb274222b8617b74aa0 Loading...

	webtrafic.ru/	14 kB	2024-04-26	2024-04-26
Pretty URL webtrafic.ru/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 06:17:52 Last Seen2024-04-26 06:17:52 Times Seen1 Hash 8a671815e4b7a53c4933cd4332b51635 1c6e3e851bbe8888ca6c1a910c14a21dedbe8342 241ba981c7cfbc1837064a4d9e3497d9dd595dd052548080d51d8f1d2c31955c Loading...

	webtrafic.ru/	1.6 kB	2024-04-26	2024-04-26
Pretty URL webtrafic.ru/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 06:17:52 Last Seen2024-04-26 06:17:52 Times Seen1 Hash 545fb217bde57ec66811f569913ffd0e 8b00569b7bc10dbac3793ded12cd0700f4ca1e5f 635765782ddf20d3a6d6d536cf38ab125b18b456373f0afcb19f737d319df276 Loading...

	webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js	35 kB	2023-10-27	2024-04-26
Pretty URL webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-27 20:05:53 Last Seen2024-04-26 06:17:52 Times Seen13 Hash b7006bac1eeccbe0ec299a000b74ca6c 31ff92b3182dd07c596865a5f1921ba986534c58 431f76135cb011943b3db7812ae22ac8c4d469626ed7930829738f775bae4087 Loading...

	webtrafic.ru/_/translate_http/_/js/k=translate_http.tr.no.qSFe8Zd40bk.O/am=wA/d=1/rs=AN8SPfr-WTiahqzjCeDZHBviGCwN0BZuxA/m=el_conf	89 kB	2024-04-26	2024-04-26
Pretty URL webtrafic.ru/_/translate_http/_/js/k=translate_http.tr.no.qSFe8Zd40bk.O/am=wA/d=1/rs=AN8SPfr-WTiahqzjCeDZHBviGCwN0BZuxA/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:17:52 Last Seen2024-04-26 06:17:52 Times Seen1 Hash 96f5bf55e3041b76ca1d6fd6ab69bfe8 393ab1bc5226e2b29a3c6390392d8439b2dafa4b e802d59df8a61fc04dd9f23d05c32d2fc3f9a7b77c71e6cde9f7492c4fa46690 Loading...

		Size	First Seen	Last Seen
	#1 Eval - e09f59764dcdd50f38d8949739c7bbe5	22 kB	2023-10-27	2024-04-26
Pretty Observations First Seen2023-10-27 20:05:54 Last Seen2024-04-26 06:17:52 Times Seen10 Hash e09f59764dcdd50f38d8949739c7bbe5 27402b055c87c106fcb6d77bff9ef4fdbfcbdab7 704d1e75d4ac870325d54638dc8b6db915055a34c237c94ec02686d8b956eb6d Loading...

	#2 Eval - ae00fd1f3e34b02376456b9c87a50828	12 kB	2023-10-27	2024-04-26
Pretty Observations First Seen2023-10-27 20:05:54 Last Seen2024-04-26 06:17:52 Times Seen10 Hash ae00fd1f3e34b02376456b9c87a50828 8f53aad2d035bb6e1f2222b4d0e78e2d0dd68e8b 1ed482100ed7e2c1ba475799779ce74fa35021043a61d68cef3ff158ee63599a Loading...

		Size	First Seen	Last Seen
	#1 Write - 7ea4f5f92758869428cf504a47ea53e1	255 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 7ea4f5f92758869428cf504a47ea53e1 0e88c6254977ca1ad08800e0070264cf27ade684 c656a44d486d55a15bf9c36f5ea8d860d40c984002c232040ccb6331d370e052 Loading...

	#2 Write - 23451204d461b70adda58e31119f08ab	245 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 23451204d461b70adda58e31119f08ab db6f21bd11f2cc61b431d59036f0e4143ed745e0 88e6a7435aba53aef0cf5be199b8b2c2d875c84cc1fdcac24943c071e9b5ece2 Loading...

	#3 Write - 4b4cf7d6c103cef2fd522ce1c0c363e2	253 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 4b4cf7d6c103cef2fd522ce1c0c363e2 2250faceba644b31df93d98cde065e7eb86ce82f 373442ba2b18cf34fd3b89a42f925de6bb1ea7a2e0ceb449e4d55b125fe6b175 Loading...

	#4 Write - 02f47890ece1a33066d5777d1701ec7d	260 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 02f47890ece1a33066d5777d1701ec7d 78edd8ce99446047f8bcd93fadeb03fc67ff3caf 8699dc8e6cb4efeafd97c606eadf46b92571f4b43ceac618c854d8a24aa41f44 Loading...

	#5 Write - 7c91bc44bf182aa35776b5e00e25c17a	3.0 kB	2023-12-21	2024-04-26
Pretty Observations First Seen2023-12-21 10:10:46 Last Seen2024-04-26 06:17:52 Times Seen548 Hash 7c91bc44bf182aa35776b5e00e25c17a 8050898bc021d8a875a2e5857f4da880bdb9d86a b7b426f69c0b1a77ec95f63631a55e6af3b54815dd4733a745a783e103c87338 Loading...

	#6 Write - d7da72b3b621e8c8004e9e2922ae5f9c	31 B	2024-01-18	2024-04-26
Pretty Observations First Seen2024-01-18 03:40:10 Last Seen2024-04-26 06:17:52 Times Seen4 Hash d7da72b3b621e8c8004e9e2922ae5f9c abf5e54670961afd676614d2f70ab25277c337bb 04ca30aed4a13f9510c793722fa018091cb547aceb1363e1679de9abb1c76ee1 Loading...

	#7 Write - 86278ad2ae62cb4694ce682b1da05633	255 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 86278ad2ae62cb4694ce682b1da05633 346dae594c70cc3bafc73c8d61c2c261a2f64787 0c7f6c21ca308f4f620e7bb2ef588aee073483474a5c6f4c32e09b2c04b23162 Loading...

	#8 Write - 322493e835f0cd97ba6ed41b9c0f6be1	263 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 322493e835f0cd97ba6ed41b9c0f6be1 7461e878a526b16d6c31246af7c8afcf944aef28 4af1d7095acd9119ef8b4bf1f73af2033b48b56a7ac7a9333245cb764a4224e0 Loading...

	#9 Write - b3561cb182ff145e07e8745e6a8efc5c	258 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash b3561cb182ff145e07e8745e6a8efc5c 37754f3699fec69ea3341feeeed35db3d416a512 3e892de8f7babe60f86cea2c889ad575768930649bcd7780460a99a4dfe04df4 Loading...

	#10 Write - 2e8bcc79c5efcb00e2adb3de860f9eff	262 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 2e8bcc79c5efcb00e2adb3de860f9eff c0f62b3b0661d5fce7425b6661aef189040e0526 e3ec3fac443dc8adcb472471a7675e65b64f89eb85d76ac45ec34ba5ed82a445 Loading...

	#11 Write - dd27a00ff6af4645628b7840c70df6ab	251 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash dd27a00ff6af4645628b7840c70df6ab f3e448c578c97988202a7db2460f44326ef5da5d 5ee7ccbdc6b15d2ec37615a43a1f47e21927182a422a64053ae29f1f1196f098 Loading...

	#12 Write - f8c6036663670e4c1f76cb11b941b454	253 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash f8c6036663670e4c1f76cb11b941b454 8f225d75d4b1c04300cfa6a5ea8ccc4cb578ebd8 c85e9d18bb5d49cb127a83fcc8bcefdb9c396593faed02d2e7a8b2e2d3f7c7f1 Loading...

	#13 Write - f887ba2e4018d038df8d7cc95a64e27c	254 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash f887ba2e4018d038df8d7cc95a64e27c 87008a87c1a80902c14016568abe420a7d550596 7cce1fbecf2447e9b26151bcd0f2e4e95705f76d80a342c0b4b9c276bd380fc0 Loading...

	#14 Write - a30e6f1a40cc7604b82550cea97255ef	257 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash a30e6f1a40cc7604b82550cea97255ef 00ec1bee2295c1f2a00feeccbd20a0904ed491b9 b289657513616dc9d6a7d26752aea815a110ea7fc178ccc6930a0040b382716e Loading...

	#15 Write - d0cc8bea48b60141cb04d04cb422dad7	254 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash d0cc8bea48b60141cb04d04cb422dad7 8aad9ec7a0a4be713dd9a224907bf02a85f86f5c 7ebbf9d3ef615be0333d08b624109e44c88811744f792ccd8f8ed0dcb1f53be7 Loading...

	#16 Write - 49a0e7e48f625fc3730a397fe67ce8cc	256 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 49a0e7e48f625fc3730a397fe67ce8cc 56a38b22cc983ea0c87f80af9f0d6d8509829e42 9c96bbce7f8ed381574d5b2d697e1da1141cba95649ee726d8a3562c0e0ecc77 Loading...

	#17 Write - 5670df3be821538fc756aa88e300742b	248 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 5670df3be821538fc756aa88e300742b 664bf60beb3e70837e1a3964d29c2dd25b5357a3 f2e337e7ede810654eba9f34c1fe809ff4f9bd8072e0fa30b8c3b4cdae6676c3 Loading...

	#18 Write - 9b6057e446bf2480af12f4aecb67d42f	252 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 9b6057e446bf2480af12f4aecb67d42f 9294a04131853962f1dd22a41fc274f885566c1c ddcf334302fc84e156e12a1460c85f2cb3e0c21dd3518405803cef8821f00ec7 Loading...

	#19 Write - 1af330b32a7aa89a2063cc9445599a7d	248 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 1af330b32a7aa89a2063cc9445599a7d 27dfe87a5703f7516bd1b10a5af11cc28b592cbf e5f362885da5e4bf5361861b80cf34ffc37086d734c35342041b4717b9d11c74 Loading...

	#20 Write - caa6c394d50f580e0e54e227d011ac95	255 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash caa6c394d50f580e0e54e227d011ac95 fd64aab8e43ee8c859de7513e0f9050bfad8fb44 d92c971a9ffe40bf21bab01d1a67917da6d931db720560da23632f6d2115a361 Loading...

	#21 Write - fa660a8ad505547640133768f2877788	8 B	2023-03-07	2024-05-05
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-05 16:15:15 Times Seen3739 Hash fa660a8ad505547640133768f2877788 cdf4bf8f51f450a842d85ab41a089e05a2e12f73 1fe76d6f9e6bcb754dd822ef01eb6e76013d2029d841d52b6a52c7b88a8c7593 Loading...

	#22 Write - fa165b3449f76e7b6fcd4bf32e5d77cb	251 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash fa165b3449f76e7b6fcd4bf32e5d77cb 7dea7daa0329cdc77c3d547e74c099fc3e588044 b0b6f9565ad1f60ecefe287b37e7ca0b7faccd6185377c908b3e585d1847e79d Loading...

	#23 Write - 25d2d481b049771c0bfa874130bbb760	259 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 25d2d481b049771c0bfa874130bbb760 46be488bf04b71bd6b760b9bf4696f1e5b423469 f19f4acb2f0e8ee816df63530bebca95b69241f596b72c89ad83ec32cd0b660b Loading...

	#24 Write - bb8db611778cb15f09e66d2c9dd222d7	255 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:01 Last Seen2024-04-26 06:17:52 Times Seen2 Hash bb8db611778cb15f09e66d2c9dd222d7 869153cf8360a98568dee8630218f39898c1d01f 35baad56426c2339d8cfaa46d2246d564387d1b48d3a230d9d1606a10e9efb70 Loading...

	#25 Write - fe256a765f4a0b3f17717b759350694d	258 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash fe256a765f4a0b3f17717b759350694d f3dec823720823e8b49860a443fe5aac87b0fe27 168e8190bdf47ac4b2d127f5e7469e700a6bd434ae94d531e63ca8ebc3658ebd Loading...

	#26 Write - aa019c41d5fcc1725a1a405f8cb0c648	264 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash aa019c41d5fcc1725a1a405f8cb0c648 8f515c54ad4bc5d6dd003fe5db708d46ea957600 9ea3249cd8f558f08ec5272d42afd60766fbb6e98f6356236cda505d0a902f5e Loading...

	#27 Write - 9c5e3448ace7e659dca80f7626b18e07	266 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 9c5e3448ace7e659dca80f7626b18e07 8eea0613573a8a47a2e7fb0df6260691a4b987a8 604ee1d91c40d5f4891cfe23ca5117ea9edf187e8585cfee9664c074e3367935 Loading...

	#28 Write - 83d624d46f9a27175d18b92f11a20245	245 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:52 Times Seen2 Hash 83d624d46f9a27175d18b92f11a20245 326b74cf2a8c44049a623cd37466086abf09f6a7 a856cfeb6d83fc9d031540605c935aeb754a3ce3052ca17f9eef222a4d09cbf4 Loading...

	#29 Write - 78628db8494b3dbbf63d0ee9eda01a9e	263 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:53 Times Seen2 Hash 78628db8494b3dbbf63d0ee9eda01a9e ede673dd68ad946de79a310ac67e8c7ac5d7cd76 533b05c8dfb5210a59d02bd3de6f94f6842c839cb5d93abf477990f43ebd7949 Loading...

	#30 Write - f840ff5d98b27438930606180a31c4a1	257 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:53 Times Seen2 Hash f840ff5d98b27438930606180a31c4a1 c2f4aa958a639cd2d003087c50deef8ca3d2fc3d 42c9ee83e9e23a7b7e8b8d27b4d3c9f3dd75519c3680d65da221647f09086de3 Loading...

	#31 Write - 046ef363fad408df7751d4e53ab88257	259 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:53 Times Seen2 Hash 046ef363fad408df7751d4e53ab88257 66f1ffad5027b803ec4ca1a31f6b0c80c22904b5 00a68dac06e477de9a0b1171ac8d3d67a55f4a1f74da37dbc36c03cdea5dfd90 Loading...

	#32 Write - ce62fb35a335726034c3c7853d8d12e8	260 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:53 Times Seen2 Hash ce62fb35a335726034c3c7853d8d12e8 65d22239bba4173282b0e1fe895a7844b323832c 87bc1d03bc8fd13e9269264e05cd3e652e26220ba3d8d9f70948e5c8f7421c68 Loading...

	#33 Write - a0c6bc452ee5c4db1c05e8812e4996e9	254 B	2024-04-07	2024-04-26
Pretty Observations First Seen2024-04-07 07:22:02 Last Seen2024-04-26 06:17:53 Times Seen2 Hash a0c6bc452ee5c4db1c05e8812e4996e9 b34dac9550606293201c9485d070134babfb9915 47594e66d01a39564f521a914c1626408d4c345b5adddc9322052357a3e75119 Loading...

HTTP Transactions (82)

URL IP Response Size

tg1.leetgems.h1n.ru/img/LogoBig_1x.png

81.90.181.60

200 OK

1.6 kB

URL GET HTTP/2
tg1.leetgems.h1n.ru/img/LogoBig_1x.png
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type
PNG image data, 131 x 31, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1635 bytes)
Hash
22aae336e78f75ab0ff2534cf975ed4a
bbc0d011f640673b811d07ea30fbfec0415530a4
7bb14dc217f7f5ac7104b4838132dd370e1b808f7df6ccb4fdfd0227de5159bc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /img/LogoBig_1x.png HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/png
content-length: 1635
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: "6389c0ca-663"
expires: Sat, 26 Apr 2025 04:17:16 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2

tg1.leetgems.h1n.ru/img/cparip.png

81.90.181.60

200 OK

2.3 MB

URL GET HTTP/2
tg1.leetgems.h1n.ru/img/cparip.png
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type
PNG image data, 4096 x 4096, 8-bit/color RGB, non-interlaced
Size
2.3 MB (2288360 bytes)
Hash
0664cb29e7663889c52dc98b43ecbefb
8db35f4da81d644fb290b4c3793b1aa2a910ac07
5aa23070b3cf7ceb7e942c4b1c57da80c6bf78e140b53196bbf17eb0d0ed5600

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /img/cparip.png HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/png
content-length: 2288360
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: "6389c0ca-22eae8"
expires: Sat, 26 Apr 2025 04:17:16 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2

unitraffic.net/banner.php?user=2718

85.208.187.144

852 B

URL GET
unitraffic.net/banner.php?user=2718
IP
85.208.187.144:0
ASN
#204601 Zomro B.V.

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectunitraffic.net
FingerprintD6:0F:0E:A2:F9:DF:D0:C4:2A:5E:8F:94:00:76:B1:DF:9C:83:13:DE
ValidityThu, 25 Apr 2024 23:35:08 GMT - Wed, 24 Jul 2024 23:35:07 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1522), with no line terminators
Size
852 B (852 bytes)
Hash
30dfa3e94d434603dab6eabfd975493a
83392bcb475e598afd467327fd5832d665e3e515
32f62215553a5471236cc7af22c30c2a5f5ac00db3fbf4ea0a60c25a310142d5

HTTP Headers

GET /banner.php?user=2718 HTTP/1.1
Host: unitraffic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 04:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=ndacg5ak4994qsiluo4s7qt6mg; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

webtrafic.ru/img/banner_empty.gif

104.21.68.251

200 OK

34 kB

URL GET HTTP/3
webtrafic.ru/img/banner_empty.gif
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
GIF image data, version 89a, 468 x 60
Size
34 kB (33550 bytes)
Hash
ad8c7c5a9aa7d752407f1bd9911493d4
31caa83c93fae3797de238975d81e8e3f66fe43e
32cc157d7035835c6c380bd706d0e33294afd6aa61c320c400488b34c66d9e79

HTTP Headers

GET /img/banner_empty.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/gif
content-length: 33550
etag: "640f1fd0-830e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 3338685
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLH2zWAibqw2XDdDlO1j8BNvw%2FCWi8WwaagiHJzNPt36%2Fd53qc4z%2Bogynkz67LQq%2Fsf6rCZBuURWYk556U7G27Bii52hLNw8fVeGeQfTO10mn%2B7xVYGW56XcBIqWus4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c31d3c7e5693-OSL
alt-svc: h3=":443"; ma=86400

unitraffic.net/img/banner_empty.png

85.208.187.144

200 OK

5.4 kB

URL GET HTTP/1.1
unitraffic.net/img/banner_empty.png
IP
85.208.187.144:443
ASN
#204601 Zomro B.V.

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectunitraffic.net
FingerprintD6:0F:0E:A2:F9:DF:D0:C4:2A:5E:8F:94:00:76:B1:DF:9C:83:13:DE
ValidityThu, 25 Apr 2024 23:35:08 GMT - Wed, 24 Jul 2024 23:35:07 GMT

File type
PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced
Size
5.4 kB (5392 bytes)
Hash
28d818cd8b5ea617d336300ca726663b
d1286a3f06f719fe7c410e41760a81cee39d4c86
8c9960fa2ab2600dad21e8bc1ad0062120067252c7920e8492df81808c2b0af4

HTTP Headers

GET /img/banner_empty.png HTTP/1.1
Host: unitraffic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 04:17:16 GMT
Content-Type: image/png
Content-Length: 5392
Last-Modified: Sun, 17 Apr 2022 06:44:13 GMT
Connection: keep-alive
ETag: "625bb73d-1510"
Expires: Sat, 27 Apr 2024 04:17:16 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

1rash.ru/q/bsk.php

89.208.145.166

200 OK

2.4 kB

URL GET HTTP/1.1
1rash.ru/q/bsk.php
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
HTML document, ISO-8859 text
Size
2.4 kB (2434 bytes)
Hash
1d1e270a0f9d9c11a8f7a082dde1e866
2781df8c3216a701dfa7fb861de330a487b7c4f2
a775c29735b3c32570192577829788da259e2594889db941b50701fa81d10fac

HTTP Headers

GET /q/bsk.php HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: text/html; charset=windows-1251
Content-Length: 2434
Connection: keep-alive
Server: Apache

neon.today/context/get/100439/28769/1/468/60

213.183.48.30

200 OK

580 B

URL GET HTTP/1.1
neon.today/context/get/100439/28769/1/468/60
IP
213.183.48.30:443
ASN
#56630 Melbikomas UAB

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectneon.today
FingerprintF9:C9:45:2E:BF:94:50:19:BE:3C:64:8A:BE:97:0C:2B:D6:AE:C9:7A
ValidityTue, 02 Apr 2024 22:30:27 GMT - Mon, 01 Jul 2024 22:30:26 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
580 B (580 bytes)
Hash
da65f822317970d5451f4fbee8553480
e6c6086836bedff7e03f70ba343482b9a7e5c2b5
c0f3bbb2f7a2a4f769e2683aa587cd9e21e4de3dffd14e286780b50f27faf149

HTTP Headers

GET /context/get/100439/28769/1/468/60 HTTP/1.1
Host: neon.today
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 04:17:16 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 580
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

1rash.ru/q/i/i22.jpg

89.208.145.166

200 OK

1.1 kB

URL GET HTTP/1.1
1rash.ru/q/i/i22.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.1 kB (1082 bytes)
Hash
09d00cd5cf090d3daf70d5e213688b4c
9022599fd1c9d38bfec8fae286962db248f1f722
a135fceb668a6804c45b9b2a2cac063d3211f517411ebb87ad13e29ed11cd6d2

HTTP Headers

GET /q/i/i22.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1082
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fb-43a-4a176377d1600"
Accept-Ranges: bytes

1rash.ru/q/i/i21.jpg

89.208.145.166

200 OK

1.3 kB

URL GET HTTP/1.1
1rash.ru/q/i/i21.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.3 kB (1287 bytes)
Hash
edcd6cd2af814f8f30bd55e6e1686b6c
687202c4759ba4e1c94b8f62c4be961656cabd28
4c94f6ce0bc99d807ef5ad1c81ffe5c89c1665c751c6aa95baf9179275d19111

HTTP Headers

GET /q/i/i21.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1287
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1fa-507-4a176376dd3c0"
Accept-Ranges: bytes

webtrafic.ru/img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png

104.21.68.251

200 OK

866 B

URL GET HTTP/3
webtrafic.ru/img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
PNG image data, 25 x 25, 8-bit colormap, non-interlaced
Size
866 B (866 bytes)
Hash
38d180fd271c03dc195834c4f6460108
777cda920a9ca1f764cba72f69471a592ba74498
d8f87cc6d28b1e3affe0e051740259bea0d9dcc5591badebd44ecb63ee671373

HTTP Headers

GET /img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/png
content-length: 866
link: <http://webtrafic.ru/img/pe.png>; rel="canonical"
expires: Thu, 28 Nov 2024 14:17:07 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 29 Nov 2023 14:17:07 GMT
x-original-content-length: 9792
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 12836986
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3P856DFnPj1T9q%2Bj%2FJFiZ4Mml3FT8fYkuiv%2FLH54YhyxMRq7CL6lI%2FpcheGykN3zTts0gpof2lXxiyACAnEgFdJTAZzN3dwc1lzXsIIwpmZi8RtFkyiGkcdbYNFs00o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c3208eb85693-OSL
alt-svc: h3=":443"; ma=86400

webtrafic.ru/img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png

104.21.68.251

200 OK

1.5 kB

URL GET HTTP/3
webtrafic.ru/img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1504 bytes)
Hash
b6068d14a1756e0e41052584059ecaac
d5836694aa54334f2ae81ad908192970d7ad1590
d31fee4b1d850d79de5748d3b82a5706f6c92e90a4fced70266ae0ae92ed2fd2

HTTP Headers

GET /img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/png
content-length: 1504
link: <http://webtrafic.ru/img/cart.png>; rel="canonical"
expires: Thu, 28 Nov 2024 14:17:07 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 29 Nov 2023 14:17:07 GMT
x-original-content-length: 24626
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 12836986
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cs%2F7jKgHzzU5QE3KInLAmCja2Vi2mqRhHl9y9DJWiVlWmiVHFv7VsLgNKcC%2FBLDHYzvXalQzFFwRN8xIQt730sHdEmK3N8AKPzQ2DRp6z%2BiXy6VSFz98FuTvXl6Zn%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c3208eba5693-OSL
alt-svc: h3=":443"; ma=86400

webtrafic.ru/img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png

104.21.68.251

200 OK

1.1 kB

URL GET HTTP/3
webtrafic.ru/img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
PNG image data, 25 x 25, 8-bit colormap, non-interlaced
Size
1.1 kB (1079 bytes)
Hash
abb0364ceccfd96f043c089281b7e8c3
a22a6747139991930c63de9f7fb36ac19998e216
aa2e91454bb83b548d9e01685127a73eda1291cb81899ccc3354e24567a53ace

HTTP Headers

GET /img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: image/png
content-length: 1079
link: <http://webtrafic.ru/img/sp.png>; rel="canonical"
expires: Thu, 28 Nov 2024 14:17:07 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 29 Nov 2023 14:17:07 GMT
x-original-content-length: 11788
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 12836986
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jonU30CSwFSQ1IUWaA%2BO2vUEL4DWiU20lMd1QrJ3MGBBNe8o%2BIYFgSI9nuptP2VOD4Cjo7WPyNLJNiNEqzuKHPe3JNo3f4EeMpj1dTAfvbSDLdeRQuizeXEYl1weOaE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c3208ebb5693-OSL
alt-svc: h3=":443"; ma=86400

1rash.ru/q/i/i29.jpg

89.208.145.166

200 OK

808 B

URL GET HTTP/1.1
1rash.ru/q/i/i29.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
808 B (808 bytes)
Hash
a8bb6266b787520230e26df801086e12
5556ebc578a6b87b9e2113dda0a719740d5ff645
7217c5b17c8499f134de4a5de3af9ae9acb1adaa9a0da6f21ece6fd770bdb09d

HTTP Headers

GET /q/i/i29.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 808
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:05:18 GMT
ETag: "13c1ff-328-4a5d31520db80"
Accept-Ranges: bytes

cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

151.101.129.229

200 OK

1.2 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://webtrafic.ru/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (1623)
Size
1.2 kB (1217 bytes)
Hash
11d89af3414c7a4dc324be89b1a5ce2c
d68a4d4193af0419784b91622ebc4af5abd1042b
d37a7d61b33b7277b794fc7be203b20292ec5b9fb091dd3112603c8c48c5a7f6

HTTP Headers

GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"848-1opNQZOvBBl4S5FiLrxK9avRBCs"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 04:17:16 GMT
age: 24439
x-served-by: cache-fra-eddf8230099-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1217
X-Firefox-Spdy: h2

neon.today/logo_small.png

213.183.48.30

200 OK

19 kB

URL GET HTTP/1.1
neon.today/logo_small.png
IP
213.183.48.30:443
ASN
#56630 Melbikomas UAB

Requested by
https://neon.today/context/get/100439/28769/1/468/60
Certificate
IssuerLet's Encrypt
Subjectneon.today
FingerprintF9:C9:45:2E:BF:94:50:19:BE:3C:64:8A:BE:97:0C:2B:D6:AE:C9:7A
ValidityTue, 02 Apr 2024 22:30:27 GMT - Mon, 01 Jul 2024 22:30:26 GMT

File type
PNG image data, 50 x 15, 8-bit/color RGBA, non-interlaced
Size
19 kB (18858 bytes)
Hash
e8f264874aa64e38756e575d1d6452ba
015287540c0fe06723408a117daac30afc9efefe
c86c4eb33d4edbc00eaf4ad4d5afdc7bd9a5e6e311d3e54399590911b6d8b684

HTTP Headers

GET /logo_small.png HTTP/1.1
Host: neon.today
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neon.today/context/get/100439/28769/1/468/60
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 04:17:16 GMT
Content-Type: image/png
Content-Length: 18858
Last-Modified: Sat, 20 Aug 2022 08:28:35 GMT
Connection: keep-alive
ETag: "63009b33-49aa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

1rash.ru/q/i/i16.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i16.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1247 bytes)
Hash
8b1d04d8a287d40e166d52b8851c9f37
59968678f97de41ea4d1191537db925a72026c94
7eef92ac0490c7d9f62bdf74deaf01a4beee430ebee7eb6fdba8a2a1043e2763

HTTP Headers

GET /q/i/i16.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1247
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f4-4df-4a176375e9180"
Accept-Ranges: bytes

1rash.ru/q/i/i1.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i1.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1170 bytes)
Hash
c7fa97c8911aca393ddb4217cc075321
584ef670b8982eba7d9853c3047f47e91d7a8c35
f1e6f586e4cb3e5633175f10c60274d54451a3e1ed4a42d9563b3f0d80c60e9b

HTTP Headers

GET /q/i/i1.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1170
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1ed-492-4a176377d1600"
Accept-Ranges: bytes

1rash.ru/q/i/i10.jpg

89.208.145.166

200 OK

1.1 kB

URL GET HTTP/1.1
1rash.ru/q/i/i10.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.1 kB (1099 bytes)
Hash
0ac0624c642f13116fab03f97d48fae9
1b790e1320dfd80ed7337d077f357c39a599dd62
2266f2f329c08b77641df314c7ecb2256ad0b539ae4484269d8eacb6c1e182a2

HTTP Headers

GET /q/i/i10.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1099
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1ee-44b-4a176374f4f40"
Accept-Ranges: bytes

1rash.ru/q/i/i28.jpg

89.208.145.166

200 OK

844 B

URL GET HTTP/1.1
1rash.ru/q/i/i28.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
844 B (844 bytes)
Hash
412b8d68806a6f1eaae33ab61408e5b6
3cf120f4ac25cb37d03690ed4f4f99e8c10f6549
28e3bab9f1c604044ef0b744978ed7a94986b406fae3f5dc48daab90ddafe571

HTTP Headers

GET /q/i/i28.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 844
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 11:56:55 GMT
ETag: "13c1fe-34c-4a5d2f725afc0"
Accept-Ranges: bytes

1rash.ru/q/i/i27.jpg

89.208.145.166

200 OK

852 B

URL GET HTTP/1.1
1rash.ru/q/i/i27.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
852 B (852 bytes)
Hash
fa3c317272839ce74e946168cc1f0256
e7ea8d93a2b3df81c5224a5d197672b0f9880ac0
2f9a28e0948fe7428bb68ba67a815438f3723915d5e745421333293ae26fcb27

HTTP Headers

GET /q/i/i27.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 852
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fd-354-4a176377d1600"
Accept-Ranges: bytes

1rash.ru/q/i/i32.jpg

89.208.145.166

200 OK

787 B

URL GET HTTP/1.1
1rash.ru/q/i/i32.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
787 B (787 bytes)
Hash
2f5b2fa04eb1c03fa76e0f4ee3ba867d
c779636e1641ce5543ab7d4ceb8315f50ebf6fe0
3c4761799cfb5faf650cf9b5ee7dcb6323f5ea88a025ab4f2ca45f9ad26aa2a8

HTTP Headers

GET /q/i/i32.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 787
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:25:42 GMT
ETag: "13c203-313-4a5d35e159d80"
Accept-Ranges: bytes

1rash.ru/q/i/i6.jpg

89.208.145.166

200 OK

949 B

URL GET HTTP/1.1
1rash.ru/q/i/i6.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
949 B (949 bytes)
Hash
599ecaaf31ded9febc399f253c6850ac
8b757aafb5f1b3ed40882e6edf81a5a7ceb70cd6
d002b4d408b10bc8993f7f980cfbb85198659e92f345bbe1a812612194925dac

HTTP Headers

GET /q/i/i6.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 949
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c206-3b5-4a176379b9a80"
Accept-Ranges: bytes

1rash.ru/q/i/i8.jpg

89.208.145.166

200 OK

1.3 kB

URL GET HTTP/1.1
1rash.ru/q/i/i8.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.3 kB (1264 bytes)
Hash
2ab385dd42c7301aa0d69bfd3bcb71a2
f5d68e166c75ddbec5ddcfb08b976c559ef75a26
39e01baf23094c9244c4b8babfd1c0faa1aa0648ca1bf3325148b1daa9e78843

HTTP Headers

GET /q/i/i8.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1264
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c208-4f0-4a176379b9a80"
Accept-Ranges: bytes

1rash.ru/q/i/i7.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i7.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1240 bytes)
Hash
9f1eddb947f9d468e54408d52a1831b0
98e3141fb66605f969c990827c1730e29c92123d
ca3346a44f7619fa1928c810fb1f1d2b78ed01eaf28bc2f9ec884555627e25f5

HTTP Headers

GET /q/i/i7.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1240
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c207-4d8-4a176379b9a80"
Accept-Ranges: bytes

1rash.ru/q/i/i9.jpg

89.208.145.166

200 OK

1.1 kB

URL GET HTTP/1.1
1rash.ru/q/i/i9.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.1 kB (1121 bytes)
Hash
4651716c2e8a82e38e57e9c3f88b69fe
ed1f6eb5729e01eaff6224d0d676e5d6f74acb5f
848244e41780fd3cf681351db6a399063842f49f6dbcc72a7219e156fe184d26

HTTP Headers

GET /q/i/i9.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1121
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:59 GMT
ETag: "13c209-461-4a17637aadcc0"
Accept-Ranges: bytes

1rash.ru/q/i/i11.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i11.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1160 bytes)
Hash
8c216347028037af3b531687fb40f5ad
93c87e3bb567c48618a2503123f4f42cb232102a
3f3c39233984706be1fd358a3e17a1f938a562cf287e9f4bd819f005242a79e9

HTTP Headers

GET /q/i/i11.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:58 GMT
Content-Type: image/jpeg
Content-Length: 1160
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1ef-488-4a176374f4f40"
Accept-Ranges: bytes

1rash.ru/q/i/i12.jpg

89.208.145.166

200 OK

1.3 kB

URL GET HTTP/1.1
1rash.ru/q/i/i12.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.3 kB (1310 bytes)
Hash
974908a0d5d6aec321ea6ceadeabcc89
f9ecc635349dec18f5789f0afc667db32389cc0e
0bfdcf90455eb460deee1f94df548fa8ff6cd91a96ac5305515756b3a5e13c84

HTTP Headers

GET /q/i/i12.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1310
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1f0-51e-4a176374f4f40"
Accept-Ranges: bytes

1rash.ru/q/i/i20.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i20.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1244 bytes)
Hash
20ac0c63e1b8cd918e142669cadf7073
da110a8fa35192d02702cda67816cbea3ab60cef
58eb04e77c4a3b31d18b8ac0b7a33ecff1fe892a8b1871619b9c5ae134a7777a

HTTP Headers

GET /q/i/i20.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1244
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f9-4dc-4a176376dd3c0"
Accept-Ranges: bytes

1rash.ru/q/i/i03.jpg

89.208.145.166

200 OK

860 B

URL GET HTTP/1.1
1rash.ru/q/i/i03.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
860 B (860 bytes)
Hash
43ad002dd395011a36e0004faff95040
4123a3ed39f1319dd6c4fa1eaaa14734c518abbe
49d9c3f15ae2db284cfd2bb31f1e1fe40d8cc4f833e6ce4118256c5d551b1f01

HTTP Headers

GET /q/i/i03.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 860
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c1ec-35c-4a176378c5840"
Accept-Ranges: bytes

1rash.ru/q/i/i30.jpg

89.208.145.166

200 OK

863 B

URL GET HTTP/1.1
1rash.ru/q/i/i30.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
863 B (863 bytes)
Hash
82b7028d77310c4a39c48ca5bdb1873a
b799bfc4397d54f423d7f20e2779308fd714ef7e
096d226948285a2d84390d1d89388743ab773debc9daf91bdd678d07ab55f2ae

HTTP Headers

GET /q/i/i30.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 863
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:12:40 GMT
ETag: "13c201-35f-4a5d32f793e00"
Accept-Ranges: bytes

1rash.ru/q/i/i13.jpg

89.208.145.166

200 OK

1.0 kB

URL GET HTTP/1.1
1rash.ru/q/i/i13.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.0 kB (1035 bytes)
Hash
0999c2f6b7fb91a5e39884824762e07c
ced0d0cc4b7ca1a912b427c4366588737c188380
ce852c75b278249ff2d327b256f20b25d37519ce145b089045fbfe03e566e3d7

HTTP Headers

GET /q/i/i13.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1035
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f1-40b-4a176375e9180"
Accept-Ranges: bytes

1rash.ru/q/i/i23.jpg

89.208.145.166

200 OK

869 B

URL GET HTTP/1.1
1rash.ru/q/i/i23.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
869 B (869 bytes)
Hash
a0c3f9db170b509064860d331477aac0
caf1270d767791eea4b4e8423adbe4f23156ef2d
30159bc97ad2456ba29092d508d6fc23026066583dad0b10e66a6b94df28c41d

HTTP Headers

GET /q/i/i23.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 869
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fc-365-4a176377d1600"
Accept-Ranges: bytes

1rash.ru/q/i/i14.jpg

89.208.145.166

200 OK

1.4 kB

URL GET HTTP/1.1
1rash.ru/q/i/i14.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.4 kB (1378 bytes)
Hash
0278675b031052695f83ed7285ad5168
e85bd2517e48351474aec32edcf5d1a475fe89f5
81fe9a4decee6ba1e8ababab5bd3afe2fdbcf72c92b0e81d7d8ddaa2f545abc3

HTTP Headers

GET /q/i/i14.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1378
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f2-562-4a176375e9180"
Accept-Ranges: bytes

1rash.ru/q/i/i15.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i15.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1213 bytes)
Hash
716cf0372a9e3549dd0c8228104e5a8a
c25f1da1ecf3c1e1687b356885ed143bdadc529c
99b968d7b2ce9008b2ac8d312e355c7ed61c671b53b70f0694eefb9c20692fb3

HTTP Headers

GET /q/i/i15.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1213
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f3-4bd-4a176375e9180"
Accept-Ranges: bytes

1rash.ru/q/i/i17.jpg

89.208.145.166

200 OK

1.3 kB

URL GET HTTP/1.1
1rash.ru/q/i/i17.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.3 kB (1296 bytes)
Hash
201fb6a4a3b9fc2fd5e96108e79c14e1
2800cf177bac5bbbcaa35b3ac8beb534b264bd0d
8e8b314683c3f3d30a41248101c0d55f0a53ce3f50a198e28033bcc38edef44d

HTTP Headers

GET /q/i/i17.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1296
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f5-510-4a176375e9180"
Accept-Ranges: bytes

1rash.ru/q/i/i3.jpg

89.208.145.166

200 OK

1.1 kB

URL GET HTTP/1.1
1rash.ru/q/i/i3.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.1 kB (1054 bytes)
Hash
c0cd32ad99537e47a0359f7f765a9063
452e77efcfb1852e5dc9d6ba26eca99cf9adb75f
d29bad3ad73a49ad955bd610396a9ea4808392fd016f56204108adaf3ebdc511

HTTP Headers

GET /q/i/i3.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1054
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c200-41e-4a176378c5840"
Accept-Ranges: bytes

1rash.ru/q/i/i18.jpg

89.208.145.166

200 OK

1.1 kB

URL GET HTTP/1.1
1rash.ru/q/i/i18.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.1 kB (1074 bytes)
Hash
bd49a082045314b5913de74e31601db1
979096d8183c8a0c0fe16611a822e6b83989a19d
9d59f5df3eec72870aef48178d02ac36f28cfc3975dcf81477d39fc5aef24380

HTTP Headers

GET /q/i/i18.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1074
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f6-432-4a176376dd3c0"
Accept-Ranges: bytes

1rash.ru/q/i/i19.jpg

89.208.145.166

200 OK

1.3 kB

URL GET HTTP/1.1
1rash.ru/q/i/i19.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.3 kB (1275 bytes)
Hash
e4b0a3b3be399e14b790be247368fcf8
2fe771d6660fd4ef5dc313df6f4b2fb8315746d8
92d49c679788eb22633820c9e3e74ac71b23da5cb019f7fd7771a59ba24275b7

HTTP Headers

GET /q/i/i19.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 1275
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f7-4fb-4a176376dd3c0"
Accept-Ranges: bytes

1rash.ru/q/i/i00.jpg

89.208.145.166

200 OK

914 B

URL GET HTTP/1.1
1rash.ru/q/i/i00.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
914 B (914 bytes)
Hash
f0500a756946bd6216a353c755640f62
1d9038b9d476757ca222d3cf22e5e6372083750f
e61fa050fcc0d73160370b92428fc300df065aec14b86236b3513afda2a0db05

HTTP Headers

GET /q/i/i00.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 914
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1eb-392-4a176377d1600"
Accept-Ranges: bytes

1rash.ru/q/i/i2.jpg

89.208.145.166

200 OK

957 B

URL GET HTTP/1.1
1rash.ru/q/i/i2.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
957 B (957 bytes)
Hash
cc094b5369d872ff2148ad86ef788d38
0c25a58ebe84c1b141f4d9398eb311abf1968b76
e83a294df92a56d5363eb6299ee547b41809b72dc94d04e6674e1e46fe4a3dea

HTTP Headers

GET /q/i/i2.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 957
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c1f8-3bd-4a176378c5840"
Accept-Ranges: bytes

1rash.ru/q/i/i4.jpg

89.208.145.166

200 OK

854 B

URL GET HTTP/1.1
1rash.ru/q/i/i4.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
854 B (854 bytes)
Hash
10bd409f25fbfbab424662c87ffd8149
fe31d44c2625da598bbaeb110567f74c91f20709
bd03aa9a97b29315975ce1949d8d6d7e8712e264c80234c5c2916a5b29eaae0d

HTTP Headers

GET /q/i/i4.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 854
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c204-356-4a176379b9a80"
Accept-Ranges: bytes

1rash.ru/q/i/i31.jpg

89.208.145.166

200 OK

867 B

URL GET HTTP/1.1
1rash.ru/q/i/i31.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
867 B (867 bytes)
Hash
0a328a40864cc03d0495cd59273c0831
604badc1551096e40d9076bb9e8861790f8e4912
e87e329c040bb403d5045bfbb4148d96960aa0a27f6f1347a341f38a316c34e1

HTTP Headers

GET /q/i/i31.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:17:59 GMT
Content-Type: image/jpeg
Content-Length: 867
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:17:39 GMT
ETag: "13c202-363-4a5d3414b9ec0"
Accept-Ranges: bytes

translate.google.com/translate_a/element.js?cb=TranslateInit

216.58.211.14

200 OK

31 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=TranslateInit
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
gzip compressed data, max compression
Size
31 kB (31360 bytes)
Hash
fabd4f78fdbad5411eff03614ec57ec6
4ea034bdb232b9e62e03174348a24325b760c282
95350e1e1ee1d17ffc244f1198b97d6dfdfeaaa91ed34b98f6d2f98e7122fef2

HTTP Headers

GET /translate_a/element.js?cb=TranslateInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 04:17:17 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tg1.leetgems.h1n.ru/img/telegram_logo_icon.ico

81.90.181.60

200 OK

68 kB

URL GET HTTP/2
tg1.leetgems.h1n.ru/img/telegram_logo_icon.ico
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type
MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel
Size
68 kB (67646 bytes)
Hash
4f123b8081a681da829b4b034dd4b7bc
02e58fa28ede37a412174ac17cc9883f9378d4ae
d7bbaeffe46c40d1b069c527d3138b7e2a0c831a4e3a9ca0ca9350b0d8ec332a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /img/telegram_logo_icon.ico HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: image/x-icon
content-length: 67646
last-modified: Sun, 05 Mar 2023 08:58:29 GMT
etag: "640459b5-1083e"
expires: Sat, 26 Apr 2025 04:17:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2

webtrafic.ru/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.21.68.251

200 OK

77 kB

URL GET HTTP/3
webtrafic.ru/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: application/octet-stream
content-length: 77160
last-modified: Mon, 13 Mar 2023 13:06:22 GMT
etag: "640f1fce-12d68"
cache-control: max-age=14400, s-maxage=10
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJBgThY7FUQZxJJ%2Fyk%2FWlmgkw2rJjnvNAODTTsC1vHtoZcTr8R1IR%2BsOy43s8MG%2FOLwbc94MCnS0h4fVJiN1EuvhXQnP61Wt2g43skXLqreOAFO8R6YTpR8SVXqvUlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c32358515693-OSL
alt-svc: h3=":443"; ma=86400

webtrafic.ru/banners/629ced855a6914574f931bac67d05e45.gif

104.21.68.251

200 OK

12 kB

URL GET HTTP/3
webtrafic.ru/banners/629ced855a6914574f931bac67d05e45.gif
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
GIF image data, version 89a, 468 x 60
Size
12 kB (11826 bytes)
Hash
eb7081779805c635152a8a63bae69403
be0698fa005acd021695105c0d4caef92018a7c9
fbc4d8237ae780f3f03b8b3a7f11a636ab24fcab13e208c4a42a790cc18bce11

HTTP Headers

GET /banners/629ced855a6914574f931bac67d05e45.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: image/gif
content-length: 11826
etag: "65f1a2fd-2e32"
expires: Thu, 25 Apr 2024 19:47:50 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ONAdnA5QHuWgETtsl5r5q7SQYeyT%2FoD51Q%2FO0HfEvrSxDDj4cuc7qgtnmaM%2BqyX%2BO5fYDljU9E1VTB%2F2XqKD5%2Fgw1zrPsFv2nAm%2B83%2BIEG%2FhnBM5QpFHLzEw%2BIZog0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c32358575693-OSL
alt-svc: h3=":443"; ma=86400

webtrafic.ru/banners/79e80939853df95135f890ebc1f07946.gif

104.21.68.251

200 OK

18 kB

URL GET HTTP/3
webtrafic.ru/banners/79e80939853df95135f890ebc1f07946.gif
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
GIF image data, version 89a, 468 x 60
Size
18 kB (17858 bytes)
Hash
a2959d05e627aa8f83fa414bb10c503e
38f2d1984f8f271baa3ad82cd2572a2a348da464
6b919a2d0d74de1d77aa4b10a6cd9b81cc08d0bf8e1837c68d7556e8eb6bb743

HTTP Headers

GET /banners/79e80939853df95135f890ebc1f07946.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: image/gif
content-length: 17858
etag: "6628f3d8-45c2"
expires: Wed, 24 Apr 2024 20:29:31 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FCBJ4hMT2eGEpVmOG7bfknlRzoMn8CnnpJjVvs%2Fb5zbAi%2FzxCdiV8S5c3viNs%2FClF9%2FjGn1z3yi9DhyS9xd16oeaorWx6TNI2XCi1puuuRlKDYAUJVxDWikz6a%2BDN0M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c32358565693-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css

142.250.74.99

4.0 kB

URL GET
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
IP
142.250.74.99:0
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 09:56:49 GMT
expires: Wed, 23 Apr 2025 09:56:49 GMT
cache-control: public, max-age=31536000
age: 238828
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

payeer.com/?session=2103954

149.202.17.208

200 OK

621 B

URL GET HTTP/1.1
payeer.com/?session=2103954
IP
149.202.17.208:443
ASN
#16276 OVH SAS

Requested by
https://webtrafic.ru/
Certificate
IssuerSectigo Limited
Subject*.payeer.com
Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06
ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (621), with no line terminators
Size
621 B (621 bytes)
Hash
e3b84da190f58394835cfc9c9a6025e1
37015e4a3cfb0fb360c3fede7dcbb626830ff5fa
a74127092386132de3e78a066c45cdeaddc010b9f81adb536d6c25ea8c243395

HTTP Headers

GET /?session=2103954 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: iCore Proxy Module
Date: Fri, 26 Apr 2024 04:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store, max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

rekizar.com/bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3

172.67.174.5

1.4 kB

URL GET
rekizar.com/bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3
IP
172.67.174.5:0
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectrekizar.com
Fingerprint95:55:B7:B7:61:FE:55:F7:F1:E1:F8:82:C8:A6:C5:3B:3B:39:54:BD
ValidityTue, 02 Apr 2024 11:49:39 GMT - Mon, 01 Jul 2024 11:49:38 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
1.4 kB (1400 bytes)
Hash
d930ae9d8479391c014c63330da99b4d
db0d5951971bf065f416221cd2065f426e1b8a51
535b183a35efad2ea6ee91e65a1836316cce97984f26a47a9c94266ac68650e1

HTTP Headers

GET /bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3 HTTP/1.1
Host: rekizar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=378utmsgea1jsqbaiebcvn9jrg; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilbHUhqcGizztI13f1XXqcD%2F1sb1Gwq75Ht24TrVVR0jdkGr364t9Yvy92YJs09T%2F7W1mfm31tkxoKF5r%2BGWFKRFN%2F0%2BT77hbiJ32ppwyJb2AFRvyzAW0EZdo%2BDE3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c323b8815693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

payeer.com/iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0

149.202.17.208

302 Found

0 B

URL GET HTTP/1.1
payeer.com/iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0
IP
149.202.17.208:443
ASN
#16276 OVH SAS

Requested by
https://webtrafic.ru/
Certificate
IssuerSectigo Limited
Subject*.payeer.com
Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06
ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payeer.com/?session=2103954
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: iCore Proxy Module
Date: Fri, 26 Apr 2024 04:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store, max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: /?session=2103954

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qSFe8Zd40bk.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfq92X1o0HH0hndEbECGlbI-dOTnmg/m=el_main

142.250.74.74

200 OK

73 kB

URL GET HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qSFe8Zd40bk.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfq92X1o0HH0hndEbECGlbI-dOTnmg/m=el_main
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (2297)
Size
73 kB (72714 bytes)
Hash
12487a9b7a04b957648956d8e195e2fa
db8c446b1516d76be812ba7bc1ebf455c090ef01
b005774fd9d7ddf333c0c90b728c59db1a08be979a9d64a267e00c5fc37686c2

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.qSFe8Zd40bk.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfq92X1o0HH0hndEbECGlbI-dOTnmg/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 72714
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 18:43:58 GMT
expires: Thu, 24 Apr 2025 18:43:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Apr 2024 17:10:37 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 120799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

informer.yandex.ru/informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews

87.250.251.119

200 OK

1.5 kB

URL GET HTTP/2
informer.yandex.ru/informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://webtrafic.ru/
Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
FingerprintDB:EC:6C:00:83:6B:5E:03:B2:DE:D1:CA:D1:7B:50:9B:E3:E8:57:65
ValidityTue, 26 Dec 2023 16:32:23 GMT - Wed, 05 Jun 2024 20:59:59 GMT

File type
PNG image data, 80 x 31, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1463 bytes)
Hash
16510afa9865ee176c64f80150d15a24
ebe655708d04f3faffb5f369d96df52f49d69557
769d779e317513bc9852a9c079c0d6514eb87f44dc44a9d352aa343ea9665f17

HTTP Headers

GET /informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews HTTP/1.1
Host: informer.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 1463
last-modified: Fri, 26-Apr-2024 04:17:17 GMT
content-type: image/png
pragma: no-cache
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Fri, 26-Apr-2024 04:17:17 GMT
X-Firefox-Spdy: h2

webtrafic.ru/images/lang/lang__ru.png

104.21.68.251

200 OK

899 B

URL GET HTTP/3
webtrafic.ru/images/lang/lang__ru.png
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced
Size
899 B (899 bytes)
Hash
fa57d43ba1417bf41ad68ba291c3e9b3
7936bf1f4ae4a8d24c0cb1789651b68725fbc1f9
73ba093d2e134bee9f470147aad2521ef9ee5d6a48e32dc6377553546a7ce628

HTTP Headers

GET /images/lang/lang__ru.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: image/png
content-length: 899
last-modified: Mon, 13 Mar 2023 13:06:23 GMT
etag: "640f1fcf-383"
cache-control: max-age=14400
expires: Fri, 26 Apr 2024 04:09:07 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCSqargYje1wG%2BzaudkfEk5PLtOg1uXw0N9x2EhdiPBgStrL5522aS%2FRXkrRjAEcd0jgGEHklWNr35fqMVZYJ2kZmAQa9IaSPJF5K%2BjhfFxm%2FOo5GF0hJba8irvKi%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c326b99a5693-OSL
alt-svc: h3=":443"; ma=86400

payeer.com/?session=2103954

149.202.17.208

200 OK

0 B

URL GET HTTP/1.1
payeer.com/?session=2103954
IP
149.202.17.208:443
ASN
#16276 OVH SAS

Requested by
https://webtrafic.ru/
Certificate
IssuerSectigo Limited
Subject*.payeer.com
Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06
ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?session=2103954 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://payeer.com/?session=2103954
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: iCore Proxy Module
Date: Fri, 26 Apr 2024 04:17:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=65
Set-Cookie: BITRIX_SM_SALE_AFFILIATE=2103954; expires=Sun, 26-May-2024 04:17:17 GMT; Max-Age=2592000; path=/
BITRIX_SM_SALE_AFFILIATE=2103954; expires=Sun, 26-May-2024 04:17:17 GMT; Max-Age=2592000; path=/; domain=payeer.com
BITRIX_SM_SALE_AFFILIATE=2103954; expires=Sun, 26-May-2024 04:17:17 GMT; Max-Age=2592000; path=/; domain=.payeer.com
Location: /en/
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.74

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 26 Apr 2024 04:17:17 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=513=bhsLYjQHpWLdFcwb2osXL-XpyA68NmoqpNzIO-tZp6Lnpf6orIss300oDnA54rg44PjRBJ-vrnlDgFuZm7JfVAcpFKrZyi3wYkvrjVzcSFRBPCKkLRjkBoadRYz-sCDG61pu4B_aKMDwT7J16L1FfIFeQv4Jm8NFafNq_MMeJBs; expires=Sat, 26-Oct-2024 04:17:17 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Fri, 26 Apr 2024 04:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

payeer.com/en/

149.202.17.208

200 OK

13 kB

URL GET HTTP/1.1
payeer.com/en/
IP
149.202.17.208:443
ASN
#16276 OVH SAS

Requested by
https://webtrafic.ru/
Certificate
IssuerSectigo Limited
Subject*.payeer.com
Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06
ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (430)
Size
13 kB (13298 bytes)
Hash
f333d95beccb008a3481560678004631
bb2bdc86a648e247ecc97cfee243ba8c5992e5d8
d128a0ce734f1bad2af2da9da2d50ea7327f821b725c0ba7c68153ee04532319

HTTP Headers

GET /en/ HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://payeer.com/?session=2103954
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: iCore Proxy Module
Date: Fri, 26 Apr 2024 04:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=65
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=n6jm4hq05irt299kklp4gkttq7u155b7haitnt8o2h49j9mjs54fjfeeps02qpp10nof017a0s3e3b278u26c82stjjq5b06k17lpk1; path=/; samesite=None; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.99

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 14:33:33 GMT
expires: Fri, 25 Apr 2025 14:33:33 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 49425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.google.com/gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240423

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
translate.google.com/gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240423
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240423 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 04:17:18 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-ixpMck2BDXbKhnXZTGAjdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjEtDikmJw15BicEqfwRoExELcHOeurtnIJvCg9zInAGnKCRI"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=19.SE=S9dvSeWGdsjF9M4qh9ciyaW-j0RANHKjyxuhCL0VUXK4Yz6i-nDSLdVW6FBz3YkSXAbEXuLWor54fWtauc18bsshhqwat32W9UxSMAH0dsDn8qPuBB4FbTdEde2m1_JTp_84HQDURCMsYPTGUt7wJN1KapM66v-M0d_zHxwcy2g; expires=Mon, 26-May-2025 20:35:36 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

linkslot.pro/bancode.php?id=1

104.21.31.204

4.5 kB

URL GET
linkslot.pro/bancode.php?id=1
IP
104.21.31.204:0
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerCloudflare, Inc.
Subjectlinkslot.pro
Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96
ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1536)
Size
4.5 kB (4527 bytes)
Hash
0e53b2eb465649e5aaed82e4a83f35c8
72534b716717a1ae9195f9373101d8fa1ebec835
f88e779d29b06620a850969ac985c0e1203fd492099e6c47882636d4d1e25072

HTTP Headers

GET /bancode.php?id=1 HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:17 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: PHPSESSID=6dgbn3jn6k2tmpaam2isv2rav7; path=/; domain=.linkslot.pro
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQ2PK8LXXEZVeYAQ63RrCwh8fOqR5gdjgpmznDGF3wfzy0bQAyIAJKXr%2FWBUAJRTkuADOnUUaCRs%2F%2B5EdvMtlcu5ywoZ2jFEhPkTq26XLYouwn8ZG9jK0vogdR6%2BbTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c323fd0a569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

linkslot.pro/uploads/a7e19b9fb14c0d090df0cb7c8a6bafc0.gif

104.21.31.204

200 OK

340 kB

URL GET HTTP/3
linkslot.pro/uploads/a7e19b9fb14c0d090df0cb7c8a6bafc0.gif
IP
104.21.31.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerCloudflare, Inc.
Subjectlinkslot.pro
Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96
ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 468 x 60
Size
340 kB (339985 bytes)
Hash
c0aaeafa7cd8a122ac9e17e4a3344f19
64cc190ed5540606bdc9c3fbf270f40ff65c971b
c5612f33a8f39a5eac1b79cd53ba0c82e944458a7e3848e02d0397c18075c4eb

HTTP Headers

GET /uploads/a7e19b9fb14c0d090df0cb7c8a6bafc0.gif HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:18 GMT
content-type: image/gif
content-length: 339985
last-modified: Thu, 25 Apr 2024 13:20:37 GMT
etag: "662a58a5-53011"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 4654
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBX11XFmcX%2FnXdlNlowrDg9XLATl9ZTRU7rr8EXeiDsSYNz16LccqhhfZvtWC2zuAgYpBtPU4CHJx7d1Xy6758RgIA%2FLUlvWmimuaXiVhBHiExrzBiYeIPEePBLuU0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c327ccac5689-OSL
alt-svc: h3=":443"; ma=86400

linkslot.pro/img/buyb.png

104.21.31.204

200 OK

2.6 kB

URL GET HTTP/3
linkslot.pro/img/buyb.png
IP
104.21.31.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerCloudflare, Inc.
Subjectlinkslot.pro
Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96
ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 127 x 16, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2585 bytes)
Hash
6623622f5954708d814fc46180f75b9f
7bd68ddbb91875e815e73fa937efc259e56fad47
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29

HTTP Headers

GET /img/buyb.png HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:18 GMT
content-type: image/png
content-length: 2585
last-modified: Thu, 06 Apr 2023 09:20:44 GMT
etag: "642e8eec-a19"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 2619
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FhtI9qQWGrC4IxWk3BcytBvTwkognti1FUP6PF%2FCfUFVqa5NJAK8Y7LWJX32yKwtaaxBrlJkvNKe9CdmM9XobslImA9CgvBh33WHNSZcrpLj1b%2FY7QtBscAuU4n6wk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c327dcae5689-OSL
alt-svc: h3=":443"; ma=86400

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.74

200 OK

0 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://webtrafic.ru/
Origin: https://webtrafic.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://webtrafic.ru
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 26 Apr 2024 04:17:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.74

200 OK

131 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webtrafic.ru/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1073
Origin: https://webtrafic.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://webtrafic.ru
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 26 Apr 2024 04:17:27 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

linkslot.link/img/buyb.png

104.21.15.5

200 OK

2.6 kB

URL GET HTTP/3
linkslot.link/img/buyb.png
IP
104.21.15.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectlinkslot.link
FingerprintB8:D7:B6:CD:DE:AC:A1:C0:8F:BB:6A:DD:85:0F:6D:90:52:E0:96:CB
ValidityWed, 06 Mar 2024 10:01:08 GMT - Tue, 04 Jun 2024 10:01:07 GMT

File type
PNG image data, 127 x 16, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2585 bytes)
Hash
6623622f5954708d814fc46180f75b9f
7bd68ddbb91875e815e73fa937efc259e56fad47
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29

HTTP Headers

GET /img/buyb.png HTTP/1.1
Host: linkslot.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:32 GMT
content-type: image/png
content-length: 2585
last-modified: Sun, 10 Mar 2024 02:58:08 GMT
etag: "65ed21c0-a19"
expires: Fri, 26 Apr 2024 23:33:15 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 17057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MRLifGlt41C4%2FS3JOWsU1dSKlRervFenpCDPJ7wixjKNMu3rigTHp%2BnYNqz0oxHsmZgOPsmhihIsee%2BFIUDqg3m%2BmcUMgjc3RFYlsx067kEkfudDcE%2FnqjLzRaR9zccb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c382ac80b503-OSL
alt-svc: h3=":443"; ma=86400

linkslot.link/bancode_new.php?id=358863

104.21.15.5

34 kB

URL GET
linkslot.link/bancode_new.php?id=358863
IP
104.21.15.5:0
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectlinkslot.link
FingerprintB8:D7:B6:CD:DE:AC:A1:C0:8F:BB:6A:DD:85:0F:6D:90:52:E0:96:CB
ValidityWed, 06 Mar 2024 10:01:08 GMT - Tue, 04 Jun 2024 10:01:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2423)
Size
34 kB (34032 bytes)
Hash
ab1ec8f182faa550a4870de4ccd4d3d6
a66488c7725745c48bb9732cf0e75d68986f0d94
28b01dc185c984741f000d587f63798f0d3206b5a253eb46af160315a05e4de4

HTTP Headers

GET /bancode_new.php?id=358863 HTTP/1.1
Host: linkslot.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:32 GMT
content-type: text/html;charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYpS2%2FvFRswo4jMKpsfIslV7nUH2bfDAJ0wNLPwz0%2FzQdUfMBHhRDMfyKunBnmLIv4l1LADsGerdsdCRIYXuNmkw%2BcCwFBT9ypOzJdvzs9bruKp6FA3%2BsiChQC38Iaj9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3819a40b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

webtrafic.ru/banners/3dfa85a815352bcb53b5c3e9ae345974.jpg

104.21.68.251

200 OK

5.2 kB

URL GET HTTP/3
webtrafic.ru/banners/3dfa85a815352bcb53b5c3e9ae345974.jpg
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 468x60, components 3
Size
5.2 kB (5195 bytes)
Hash
9c5ff5ef151f901d20d94ce7c8453dab
cde31b3bd651d2c1e9a06010774c813b77ba3e0f
a5b159e6c4581641806110bc101cb4c550604bb4b15090d001c0b92c421ae666

HTTP Headers

GET /banners/3dfa85a815352bcb53b5c3e9ae345974.jpg HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:37 GMT
content-type: image/jpeg
content-length: 5195
x-original-content-length: 10687
etag: W/"PSA-aj-nF_17xUfkB"
expires: Fri, 26 Apr 2024 04:21:05 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9AUKt%2FypRcSf2R5JERcTPNGfDGxYCZ42zlGTevTJ4cTlt6Y7dUShuegP3%2Bwt6IjV6cl0c%2FNm5tDHW0IR%2FAknEdPLL60oH2ZNx6e1TospDrWZxzWv55c5ks%2FvhrddhI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c3a06b835693-OSL
alt-svc: h3=":443"; ma=86400

webtrafic.ru/banners/899bca1fbac3067ad78b45da65256bb8.gif

104.21.68.251

200 OK

130 kB

URL GET HTTP/3
webtrafic.ru/banners/899bca1fbac3067ad78b45da65256bb8.gif
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
GIF image data, version 89a, 468 x 60
Size
130 kB (129821 bytes)
Hash
4c8860751e58a3b98bfc949422a2a475
8b88af491c1a4c032a3f84d166bfe020c059ac1b
d91d92766813ffdf21a641b174af2951fbc3104ab3f0e98ffed91306a5ba6e24

HTTP Headers

GET /banners/899bca1fbac3067ad78b45da65256bb8.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:37 GMT
content-type: image/gif
content-length: 129821
etag: "662a719e-1fb1d"
cache-control: max-age=14400
expires: Fri, 26 Apr 2024 04:22:07 GMT
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRRve0HioluUZoh5y29iQ9crSSiE%2BvNBAhhFoJNnCPUpycT15VyFly85mZv4hMsbzNtPxgCSKBrVnchZ%2BGGJIIUp9s24knJs3gCA38cq%2FEbK0mTNke2bCyquQdsnu1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c3a05b825693-OSL
alt-svc: h3=":443"; ma=86400

webtrafic.ru/js/socket.io.min.js

104.21.68.251

200 OK

64 kB

URL GET HTTP/3
webtrafic.ru/js/socket.io.min.js
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
JavaScript source, ASCII text, with very long lines (64366), with no line terminators
Size
64 kB (64366 bytes)
Hash
63241b78a09366c1220125b1c8a5ff20
91d14b8a343afbb645bcd157200555816519ced3
f01fea38541229b697b158619451884a0b355c477a7da949411f0aa6852fab89

HTTP Headers

GET /js/socket.io.min.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: application/javascript
x-original-content-length: 64504
vary: Accept-Encoding
etag: W/"PSA-aj-YyQbeKCTZs"
expires: Tue, 23 Apr 2024 15:49:07 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 576
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bo4lLV8QnnYIuDGQrRyLWHLkPW%2B%2FYyoM%2F596wLu05BLt9ITe55DoLVjMeClIaPKHeT66TeUVNMqICApjTXoWWimJhUPoqrBCRXBZwBVhKSVske8mKzG%2FDTFfwpDbbFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3207eb55693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js

104.21.68.251

200 OK

88 kB

URL GET HTTP/3
webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (88059 bytes)
Hash
b4999cbb6a73a9b312f635cff75e5a53
c7b683fc72d06eac129185c3e60362f5c1adc2a8
736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302

HTTP Headers

GET /js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"0"
expires: Mon, 25 Nov 2024 05:53:12 GMT
last-modified: Sun, 26 Nov 2023 05:53:12 GMT
vary: Accept-Encoding
x-original-content-length: 88145
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 13127006
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUzBXxj8l4LexhJAnm7tQf6tHf2KXOF0yq4sqR0ZCyzP%2BNv75zDJJnKP6TC4d9bRuT8yCT%2FuamqwECb%2BNXp3pF3%2BmVUuIxG9ZA6wT5cNMHi%2FJ6BBhfa%2FMBerY%2BYXWk4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3207eb25693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

linkslot.ru/uploads/cd64ace35d93b2ca176ceaa7bdcf8cb4.gif

172.67.223.195

200 OK

31 kB

URL GET HTTP/2
linkslot.ru/uploads/cd64ace35d93b2ca176ceaa7bdcf8cb4.gif
IP
172.67.223.195:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerLet's Encrypt
Subjectlinkslot.ru
FingerprintB7:EA:87:79:45:4A:E5:99:FC:25:D1:DA:AC:D6:B9:AB:30:8C:09:D5
ValidityTue, 16 Apr 2024 15:06:13 GMT - Mon, 15 Jul 2024 15:06:12 GMT

File type
GIF image data, version 89a, 468 x 60
Size
31 kB (30711 bytes)
Hash
cd64ace35d93b2ca176ceaa7bdcf8cb4
513b9d28f1682e46c967283e21d4d4d0cfbfad1a
3260385da46f95328a7f20243f96f5daa51bcb7e5cbd09f7ffce9e9d2963fc84

HTTP Headers

GET /uploads/cd64ace35d93b2ca176ceaa7bdcf8cb4.gif HTTP/1.1
Host: linkslot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:32 GMT
content-type: image/gif
content-length: 30711
last-modified: Thu, 25 Apr 2024 23:25:09 GMT
etag: "662ae655-77f7"
cache-control: max-age=14400, s-maxage=10
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVwCY%2BMIeN4OkBEyZ4FJeJXNZ7U2olxDI%2BF2VzsDjqT%2Fe%2FB%2FXXWqz%2BnG7WAPNbroYvqeB4ENCd8KhEYyq5WGbHGYpkHuviDgN82VFJpzHuBx3kBDvC6Q0ZCiAHzImw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3c382ed2756c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

216.58.207.227

200 OK

6.2 kB

URL GET HTTP/2
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
SVG Scalable Vector Graphics image
Size
6.2 kB (6225 bytes)
Hash
a1a4ffbc52fa4bd18e2f9f7c45ba71fc
0df81f908c859204ae9748c21ad2a4219381b2e4
151e69c94e1f500a46c405df3a0c60043651b22aec7b4ae33d5df3bc9fd82737

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 18:58:28 GMT
expires: Mon, 21 Apr 2025 18:58:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 379130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js

104.21.68.251

200 OK

81 kB

URL GET HTTP/3
webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
81 kB (80796 bytes)
Hash
070da11284349ddb4498fa8c51e1e103
e5d71d44333fd20376909a4b7b12a9201108d59a
4139a3b34657fa34eb91cdaf03375da63742bcefb317aa3f585cc3b2737d8220

HTTP Headers

GET /bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"0"
expires: Thu, 21 Nov 2024 02:12:32 GMT
last-modified: Wed, 22 Nov 2023 02:12:32 GMT
vary: Accept-Encoding
x-original-content-length: 81084
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 13485773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDn42X%2BB0gfFxeL9Jsh0VHX36jSBT0gdUemu3wnq89dCVxOQP3XYoLbAO07IWujqS7rXKO8MvluVbeYcFSHa9lPls4tCE0OJj4ko2L8nPPam4Y%2FOoY6dJmAu7Qr6uTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3207eb35693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css

104.21.68.251

200 OK

230 kB

URL GET HTTP/3
webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type

Size
230 kB (230290 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=231427
etag: W/"0"
expires: Mon, 25 Nov 2024 05:55:28 GMT
last-modified: Sun, 26 Nov 2023 05:55:28 GMT
vary: Accept-Encoding
x-original-content-length: 292525
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 13126838
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JLFkNfI%2FyTmzL5eMu6GTR19m6h8jDlhvBq%2BXQUXReKmcmuZzqPFffNWUn4SnsS4v4EcqO6G2lzHbjGINX06hxFhW4i7AUGxQv2zqi3X8QHRKJhBQ0VcPGvPuHaaEquw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3207eb15693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg1.leetgems.h1n.ru/

81.90.181.60

200 OK

6.3 kB

URL User Request GET HTTP/2
tg1.leetgems.h1n.ru/
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6000), with no line terminators
Size
6.3 kB (6317 bytes)
Hash
9643a8f96e190fea93003b4d37047de1
0e6d0c0318ae2236dc33817f1fc6c1223c45d9de
13d84b9f1c1745d92973a04667b689f57682ac00722dc0903625e169e64d09ab

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET / HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:15 GMT
content-type: text/html; charset=UTF-8
last-modified: Sat, 28 Oct 2023 19:12:20 GMT
etag: W/"18ad-608cb95862a94"
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2

webtrafic.ru/

0.0.0.0

0 B

URL GET
webtrafic.ru/
IP
0.0.0.0:0
ASN
#0

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

tg1.leetgems.h1n.ru/css/bootstrap.min.css

81.90.181.60

200 OK

141 kB

URL GET HTTP/2
tg1.leetgems.h1n.ru/css/bootstrap.min.css
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
141 kB (140942 bytes)
Hash
62907ef14a08ac2199b60610b616d0e5
7ccf464455d57e73be3acf820ba77ee92ad4fc13
3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: text/css
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: W/"6389c0ca-2268e"
expires: Sat, 26 Apr 2025 04:17:16 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2

tg1.leetgems.h1n.ru/css/detect.js

81.90.181.60

200 OK

52 kB

URL GET HTTP/2
tg1.leetgems.h1n.ru/css/detect.js
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type

Size
52 kB (51931 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /css/detect.js HTTP/1.1
Host: tg1.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: W/"6389c0ca-cadb"
expires: Sat, 26 Apr 2025 04:17:16 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2

webtrafic.ru/ads.php?uid=8247

0.0.0.0

0 B

URL GET
webtrafic.ru/ads.php?uid=8247
IP
0.0.0.0:0
ASN
#0

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ads.php?uid=8247 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qq197Fxc%2FI99rUOzLeJOmLtxqLquXhvaGGahlpNNXEnXXuPaanIjRneK65ceTASST%2BrMH%2FY%2FQHCHGnpKsoniLxALsjc4AuILQ5meu9Tv9Ef%2Fo3NfO%2FCfClUgcgXKPiA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c31b7bd956bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

webtrafic.ru/

104.21.68.251

200 OK

43 kB

URL GET HTTP/3
webtrafic.ru/
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type

Size
43 kB (42785 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=fm05losuttc9bgtnvtt506kq4v; path=/
pragma: no-cache
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKQ4Ttr6THIbql5rGTbYSHM8m%2BPa5Ss7u%2FMsYjFt%2BEsStIRuUSXD1YA3zwWDURQ%2FCg7B5c2IatnyPL5840C%2FB%2F%2BEI0x96yMX6snQQ2j9NUQjvkfnOx7tvXHcXvQhr0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c31d3c7d5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

webtrafic.ru/ads.php?uid=8247

0.0.0.0

0 B

URL GET
webtrafic.ru/ads.php?uid=8247
IP
0.0.0.0:0
ASN
#0

Requested by
https://tg1.leetgems.h1n.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ads.php?uid=8247 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg1.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7fPsS22GhL20tb9DardJwTeMiw4vYb48DxxLDvXS%2FNgUdgbCjE%2BlLyQkdvBmqSLHUHj00Y1DNN3vuwpC6%2Bn92ycKBeOIBtE8xyUQFpU20hdWH4R7%2BpLtAdpERSTMiPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c31c1c9a56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js

104.21.68.251

200 OK

35 kB

URL GET HTTP/3
webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type

Size
35 kB (34948 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:17:16 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=34954
etag: W/"0"
expires: Sat, 23 Nov 2024 06:11:58 GMT
last-modified: Fri, 24 Nov 2023 06:11:58 GMT
vary: Accept-Encoding
x-original-content-length: 49566
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 13298519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUhFWjyLQrhdEraQrXdPUxBHi5V3Ydfarbu8sCtRr4KGmUDij2560hWvwR8r7HKUBu7q3E9ipcY4r3SbjW00Sz5n1x5I12hIZtTbc%2B5vyCcGrI%2BUYp8rrVzwb5tFLZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3c3207eb45693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (58)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML