| h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 | 104.21.27.52 | 200 OK | 15 kB |
URL User Request GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 IP104.21.27.52:443
CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20388) Hashf387c9bc86507dda9ac41497d101e18c e61b92ee79ea6674e0a3aebf2b2d655bede97198 736bf649249c19f6d6e83d3425fd89c03d9702e14939c812a5ae56c299181fa7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache, no-cache
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a048c5f8e656be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/main.js | 104.21.27.52 | 200 OK | 3 B |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/main.js IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with no line terminators Hash4f4adcbf8c6f66dcfc8a3282ac2bf10a c35a9fc52bb556c79f8fa540df587a2bf465b940 6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/main.js HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: application/javascript
content-length: 3
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: "3-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87a048c6f9b356be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/rocket-loader.min.js | 104.21.27.52 | 200 OK | 3 B |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/rocket-loader.min.js IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with no line terminators Hash4f4adcbf8c6f66dcfc8a3282ac2bf10a c35a9fc52bb556c79f8fa540df587a2bf465b940 6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/rocket-loader.min.js HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: application/javascript
content-length: 3
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: "3-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 87a048c78a3e56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/banner-mb.png | 104.21.27.52 | 200 OK | 21 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/banner-mb.png IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typePNG image data, 413 x 207, 8-bit colormap, non-interlaced Hashca401434eb9c416bd1b10ba06417a4b6 46ec53cb6fe457bff21e92022437449f584f0715 9ac9af3ec6e620273f700178f417b8989bda964be3a42d911d7dc143faa3fcbe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/banner-mb.png HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: image/png
content-length: 21231
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: "52ef-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87a048c6e9a856be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/public/fonts/Metropolis-Medium.woff | 104.21.27.52 | 200 OK | 26 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/public/fonts/Metropolis-Medium.woff IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeWeb Open Font Format (Version 2), CFF, length 26360, version 11.0 Hash372fc7d16a6da93d61dd2c8014c847d6 a2bfb8c76eb4fa99e74f14d4fa72530917d10301 f3a738735a2c006f11738c827cd58ae1400b1792eb6555202effc1a830b84adb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/public/fonts/Metropolis-Medium.woff HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/fonts.css
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: font/woff
content-length: 26360
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: "66f8-616ee15b2ae40"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87a048c7eab856be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/icon-5.svg | 104.21.27.52 | 200 OK | 25 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/icon-5.svg IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash45c325922d7488af37d45e13bc13a710 9f1d7f19686187ea2d5046a12b34743fcc5a425e 5ee5a88d12e3df325e198795cb8026195509d9467f5ea768e2f667bcde12f952
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/icon-5.svg HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"91b-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6f9bc56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/icon-search.svg | 104.21.27.52 | 200 OK | 27 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/icon-search.svg IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash67a6e57f21dc51784c78c636d6232359 4d8d0a31eb7a4f85c732e357b1a620ff685f9fa9 c89801047a5ad993e3bb63b1bfdf938d165c843bfce893538ed0403bd1403a86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/icon-search.svg HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"31e-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6d99f56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/icon-6.svg | 104.21.27.52 | 200 OK | 27 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/icon-6.svg IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash6d41144f539a54aff882ce7c5b4b7255 2ef693958218233eb9ece4deab329ad87e54436e c34806a8e3956b4b49b17ce6c1ca3f8eb0576cc22105ea8673a85255c16793e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/icon-6.svg HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"4c9-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6f9c256be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/favicon.ico | 104.21.27.52 | 404 Not Found | 660 B |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/favicon.ico IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeHTML document, ASCII text Hash62962daa1b19bbcc2db10b7bfd531ea6 d64bae91091eda6a7532ebec06aa70893b79e1f8 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XuCs7EFvFXQe%2FLYjXEKOzsLG37qqSKG2dX42x00wzYixEtmUag0QGSzZP3tOb0DGNeH0qXKKMxjcpINCCUdbky6wiwnj%2FzFs2Pq0z1gJfFLby2Vqxe22B7dFIG5QGGVrK7%2B1gaXi7aENSDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a048c8db8756be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/icon-3.svg | 104.21.27.52 | 200 OK | 6.8 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/icon-3.svg IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash272109f241373927917cee8d4fd9630c 265d82d40796fa4584c726de434410e4799a9677 8a5e867f0abb9bb02a09678aaaacfd7d096d680d5c69da2cb5b02c53b70d06f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/icon-3.svg HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"57b-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6f9bb56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/edit-white(1).svg | 104.21.27.52 | 200 OK | 14 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/edit-white(1).svg IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hashd4270c08ca4a8cce5b72fa33685f17f0 b245e65f52d81e62c56c87d75117d2a456b8f875 441dad95457c0e84c0421f28ab8be2c6b93a3769f8735124364b1fb7b84ecb52
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/edit-white(1).svg HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"47f-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6e9a356be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/edit-white.svg | 104.21.27.52 | 200 OK | 1.2 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/edit-white.svg IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash38754d80a61deb14892d718ab297e7f2 864e9c249bfb5eeb083254e80edc3383e06a6acf dfa89496d39b8a915e68371e9c3f578ea980e44824b99936c04522d973f9d106
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/edit-white.svg HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"47f-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6d99d56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/public/fonts/Metropolis-Bold.woff | 104.21.27.52 | 200 OK | 26 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/public/fonts/Metropolis-Bold.woff IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeWeb Open Font Format (Version 2), CFF, length 26428, version 11.0 Hashdc6926c36da3e0c92f173fde539a9fdc 7df32375dfbc1955dd873e44bfc4bfd585f13779 9a712a2c31daff2a307d935ebea4ac29bad1a93a75349e0edec1d3eb42f1d2eb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/public/fonts/Metropolis-Bold.woff HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/fonts.css
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: font/woff
content-length: 26428
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: "673c-616ee15b2ae40"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87a048c7eac356be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/icon-4.svg | 104.21.27.52 | 200 OK | 1.5 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/icon-4.svg IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash32026342919ab2244f91356ee7efec85 8400e0195fea7d00c795ac438dcf0884f85ddbc6 a08bf8be355461c36e77893db18463d74a08c119514c7fe00f5530497f221fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/icon-4.svg HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"5ed-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6f9c656be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/fonts.css | 104.21.27.52 | 200 OK | 966 B |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/fonts.css IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with very long lines (966), with no line terminators Hashbc6d3cc401eef62aae452cb86fb0f36f dc0508f12fc99c88c4355e9afcedc201f596d943 722f15689147e2090937b664beb957fba493abc2a0024f1b3a42e26f16c1968f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/fonts.css HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: text/css
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"3c6-616ee15b29ea0-gzip"
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6c98656be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/home.css | 104.21.27.52 | 200 OK | 52 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/home.css IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with very long lines (52000), with no line terminators Hash1bdfc73ee57021b94e22e65fc25024cb 16ca2b59ef19eb8c9677a0f4839d0874a0726ffb ce4cff8ccfa5454c29708f50bdc511ff925237f191b734adf87c3d513faf1935
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/home.css HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: text/css
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"cb20-616ee15b29ea0-gzip"
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6c99356be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/logo.svg | 104.21.27.52 | 200 OK | 5.4 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/logo.svg IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash5dcd22b356aa9e5d02d36e1ec0137557 2e6a67a3fcfc835f008a43c3872624e0a13ea983 eab6862a84252db4df42f3d81a96f5f5c6f6d1a56f5ebd1a4cca252f60d350ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/logo.svg HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"1548-616ee15b29ea0"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6d99756be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/public/fonts/Metropolis-SemiBold.woff | 104.21.27.52 | 200 OK | 27 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/public/fonts/Metropolis-SemiBold.woff IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeWeb Open Font Format (Version 2), CFF, length 26564, version 11.0 Hash10f01a9f175be51d3ec7789947142cc3 40b0f3983a0f4758400bd07f054ef63cc1033a53 695870d15689c04f75955d6f5c3e3c03841d4351d44332f4049abb0f825dc6e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/public/fonts/Metropolis-SemiBold.woff HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/fonts.css
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: font/woff
content-length: 26564
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: "67c4-616ee15b2ae40"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87a048c7eacb56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/public/fonts/Metropolis-Regular.woff | 104.21.27.52 | 200 OK | 24 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/public/fonts/Metropolis-Regular.woff IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeWeb Open Font Format (Version 2), CFF, length 24152, version 11.0 Hash7b9a798c0a745aa9b5fec632bfccaad7 48bb4cb0a99bbab907487213c3beb4211a2f5427 e920e6b0e7987aceb8df32656d01d44057e2c08646716202d594e06b5010ae70
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/public/fonts/Metropolis-Regular.woff HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/fonts.css
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: font/woff
content-length: 24152
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: "5e58-616ee15b2ae40"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87a048c7fad056be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/corporate-account.css | 104.21.27.52 | 200 OK | 34 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/corporate-account.css IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with very long lines (33596), with no line terminators Hash80b0ae92202c318b4dbc068bc69ba10a 1249ac1c076e3d29b2c613372e2d8807ab98afcf ef65a7f0efb772165d1d73ada234ee44a6103ef5dee7eda17c922b657d1b74b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/corporate-account.css HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: text/css
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"833c-616ee15b29ea0-gzip"
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6d99656be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/global.css | 104.21.27.52 | 200 OK | 193 kB |
URL GET HTTP/3h-sikayet.ihbartr.ru.com/00-44/pages/x.sikayet-var-1/src/global.css IP104.21.27.52:443
Requested byhttps://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size193 kB (193406 bytes) Hash4c9db92c22ab22358c7a54cd2bbe48e0 edfdef9dfcd9bb711e56d67ffa68e6036f105612 9603a5fe4d6a0a9f25ca62a59c73d41a3e57cf677b91e778052529ff8ed1c4e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /00-44/pages/x.sikayet-var-1/src/global.css HTTP/1.1
Host: h-sikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h-sikayet.ihbartr.ru.com/00-44/&applicationid=822e472cc1ccdc64211eea55a08dba3c&time=1714068567
Cookie: X-KERTOTOKEN=deqdhnnn6k5t8cdiaiio1036jp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:09:28 GMT
content-type: text/css
last-modified: Thu, 25 Apr 2024 16:14:42 GMT
etag: W/"2f37e-616ee15b29ea0-gzip"
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
x-server: KERTO WEB SERVER SYSTEM
cf-cache-status: MISS
server: cloudflare
cf-ray: 87a048c6c98e56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|