Report - tk3.clan.su/forum/10-111-585-16-1212314980

Report Overview

Submitted URL
tk3.clan.su/forum/10-111-585-16-1212314980
IP
193.109.247.239
ASN
#204343 Compubyte Limited
Submitted
2023-05-21 21:16:52
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
37
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tk3.ucoz.ru	unknown	2005-08-20	2015-04-22	2023-04-13	16 kB	17 kB	195.216.243.102
src.ucoz.net	unknown	2005-08-27	2014-07-10	2023-05-21	782 B	1.5 kB	193.109.246.58
rot.spotsniper.ru	unknown	2013-04-03	2017-01-30	2023-05-21	810 B	716 B	31.172.81.158
tk3.ucoz.lv	unknown	unknown	2015-04-22	2023-05-09	397 B	0 B	0.0.0.0
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-21	2.0 kB	4.2 kB	142.250.74.131
s4.ucoz.net	unknown	2005-08-27	2017-02-01	2023-05-13	1.8 kB	8.4 kB	193.109.247.239
zcode12.me	unknown	2022-11-14	2022-11-14	2023-05-21	411 B	61 kB	185.177.93.30
cs.cavis.ru	unknown	unknown	No data	No data	385 B	0 B	0.0.0.0
i031.radikal.ru	unknown	2002-09-01	2012-07-06	2022-02-23	404 B	0 B	0.0.0.0
tk3.clan.su	unknown	2006-03-08	2014-03-07	2023-05-04	16 kB	616 kB	193.109.247.239
src.ucoz.ru	unknown	2005-08-20	2017-01-29	2023-05-19	1.6 kB	1.7 kB	193.109.246.58
themes.googleusercontent.com	9661	2008-11-17	2012-05-24	2023-05-21	531 B	61 kB	142.250.74.97
www.google.com	7	1997-09-15	2015-05-10	2023-05-21	443 B	1.1 kB	216.58.207.228
ucoz.bot.nu	unknown	unknown	No data	No data	398 B	0 B	0.0.0.0
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-21	474 B	172 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-21 21:16:32	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:32	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:32	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.bot .nu Domain
2023-05-21 21:16:33	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.bot .nu Domain
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.bot .nu Domain
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.bot .nu Domain
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.bot .nu Domain
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.bot .nu Domain
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.bot .nu Domain
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.bot .nu Domain
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:34	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:35	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-05-21 21:16:49	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-21	medium	tk3.clan.su/forum/10-111-585-16-1212314980
2023-05-21	medium	tk3.clan.su/forum/10-111-2
2023-05-21	medium	tk3.clan.su/?nhISfeHukGm%21qq6w%21XzXcHcB%21U%2154s%5EubYqbPLQYJ0XsGTRDgsISvyQDfaEvBACM%3BjSpsIJcDPCagUAgBEaST%21EfiDevSiE9IcJMzkYSkHRy6Vh9aBNzO3kE3CUxZ%21iwYb1RsWJiG%5EllZIwb5C%21iuPNbA9qTLXdQSTuCCBynFNsfPrhSWyeLGJdT26wazWlZ31O%5ERSDkG4x7ta61fpj2
2023-05-21	medium	tk3.clan.su/?3rrzj61EwM0GjPA8Y0kB1f%21cIrGEXYjEN6Jwvx5FkYdl%3BvT%5E8rXpfOaaa4dFWhxtEB7h1AQQE82IEcZR0tqXTKuEXxAs6OKMfSibC76Zy2O%3Bag%3BBiAWDql6HRZtAptSELSBM9cl%21DvRTM%5EOQnza1KeCVGaGl81Ss4HV200PIU9KuPS6dw4DBXs9IpMFSwPI2lQtf%3BGZNihQ1%5EcBJ%3B6Hy
2023-05-21	medium	tk3.clan.su/.s/src/uwnd.min.js
2023-05-21	medium	tk3.clan.su/.s/src/ulightbox/ulightbox.min.js
2023-05-21	medium	tk3.clan.su/script/topmsg.js
2023-05-21	medium	tk3.clan.su/.s/src/jquery-3.6.0.min.js
2023-05-21	medium	tk3.clan.su/stat/0.22630698026114304?03
2023-05-21	medium	tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH
2023-05-21	medium	tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH
2023-05-21	medium	tk3.clan.su/forum/10-111-2

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (33)

	URL	Size	First Seen	Last Seen
	unknown	87 B	2023-04-13	2023-05-21
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-13 00:41:10 Last Seen2023-05-21 23:17:06 Times Seen3 Hash 6128a65be5120f82873b51892daa20bc d58d607e628de68c4c45dab643356356d5c43a0e 4aabe14fe8fd23b1cb4de63d5eb92a8ce0a26aa7890d9914378e57aea0050689 Loading...

	unknown	84 B	2023-04-13	2023-05-21
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-13 00:41:10 Last Seen2023-05-21 23:17:06 Times Seen3 Hash 40732c005bfbbfd97665aee4aa3b5780 d0253fa1cb21489fa9335b497678317f94d7fa4a 62440124d43884bb09dd4444018db33a8f142d395321122d16b58b0f7153995b Loading...

	tk3.clan.su/?3rrzj61EwM0GjPA8Y0kB1f%21cIrGEXYjEN6Jwvx5FkYdl%3BvT%5E8rXpfOaaa4dFWhxtEB7h1AQQE82IEcZR0tqXTKuEXxAs6OKMfSibC76Zy2O%3Bag%3BBiAWDql6HRZtAptSELSBM9cl%21DvRTM%5EOQnza1KeCVGaGl81Ss4HV200PIU9KuPS6dw4DBXs9IpMFSwPI2lQtf%3BGZNihQ1%5EcBJ%3B6Hy	834 B	2023-03-29	2023-06-20
Pretty URL tk3.clan.su/?3rrzj61EwM0GjPA8Y0kB1f%21cIrGEXYjEN6Jwvx5FkYdl%3BvT%5E8rXpfOaaa4dFWhxtEB7h1AQQE82IEcZR0tqXTKuEXxAs6OKMfSibC76Zy2O%3Bag%3BBiAWDql6HRZtAptSELSBM9cl%21DvRTM%5EOQnza1KeCVGaGl81Ss4HV200PIU9KuPS6dw4DBXs9IpMFSwPI2lQtf%3BGZNihQ1%5EcBJ%3B6Hy IP 193.109.247.239 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:37:07 Last Seen2023-06-20 20:59:43 Times Seen418 Hash 51e142a0b55c4d1f5056ff08fc046c09 24fab84fa4215afdb8ee7555ec3d3b52e323f998 b36d8b4a6ae0a89de7676de2f7870c67cec1f19e98962b29344aa9291b9131cb Loading...

	tk3.clan.su/forum/10-111-2#585	209 B	2023-03-07	2024-05-10
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:06:21 Last Seen2024-05-10 19:34:33 Times Seen941 Hash ebe6bc0803293713c0cd5ccbb6858263 f7e12e4099d0b1539e6424fb35bed336f953239d de6c089a2079a7e9d7740a581839e60f99fc2b345f909a63fb8edce6e90dca4a Loading...

	tk3.clan.su/forum/10-111-2#585	217 B	2023-03-07	2024-05-10
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:06:21 Last Seen2024-05-10 19:34:33 Times Seen937 Hash 643968481bd70d1b90acb3623acc1cbf a48c24f35825a4f9a22bb98e54b972ab914d0da6 1cc7811671da38d961a9ab7caf93a642e6b64d30f56cfe7e94370f25f190df2c Loading...

	tk3.clan.su/forum/10-111-2#585	1.7 kB	2023-03-26	2024-05-10
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 09:34:22 Last Seen2024-05-10 19:34:33 Times Seen811 Hash a8891969ae54b782e8f5ac283399acca 7d6bcb7b3cb4046aafab14d778a700f1ead83f93 e084d693bfba8019d72f12e6cfd6797b2792a7b3bbe3b98f222867e53f65f806 Loading...

	tk3.clan.su/forum/10-111-2#585	447 B	2023-03-11	2023-05-21
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 22:39:23 Last Seen2023-05-21 23:17:06 Times Seen5 Hash 9247538f0a733a7ae12fc61ccb18cc10 35d98379fd9e41e833772103d8274eb049e79db5 98418421a56b200976d8609fc606e3b507c2010584519ab8b810002663214b97 Loading...

	zcode12.me/?ze=grstanjtgu5ha3ddf4ztgobr	10 B	2023-03-07	2024-05-10
Pretty URL zcode12.me/?ze=grstanjtgu5ha3ddf4ztgobr IP 185.177.93.30 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2024-05-10 19:34:34 Times Seen4535 Hash f495e69f2e9edc75eeae7dd3ea78a747 a89e38bbe70fa2de5db9d578975abd4e9dcda52e 8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c Loading...

	rot.spotsniper.ru/?src=ujs6	1 B	2023-03-07	2024-05-11
Pretty URL rot.spotsniper.ru/?src=ujs6 IP 31.172.81.158 ASN #44066 diva-e Datacenters GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-05-11 00:56:19 Times Seen21837 Hash 7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Loading...

	tk3.clan.su/forum/10-111-2#585	546 B	2023-04-13	2023-05-21
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-13 00:41:10 Last Seen2023-05-21 23:17:06 Times Seen3 Hash c16b4a5ca4a3df5f115e81a4dcc95168 fc8bda53c5a7b312ea15631b98b2062beddd6a1e b499d9f4938a935053e0e4228e951c1f6dab70414926a60a1eb28389844d57cd Loading...

	tk3.clan.su/.s/src/ulightbox/ulightbox.min.js	22 kB	2023-03-13	2023-08-29
Pretty URL tk3.clan.su/.s/src/ulightbox/ulightbox.min.js IP 193.109.247.239 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:50:49 Last Seen2023-08-29 00:13:38 Times Seen1347 Hash 862f093f507f858ee329c39576f1c041 f3da76f6d4071020bf9c82ddbcbb1ad95d74108f a0c876daa26fa9e875abc22a4e88e310a20ea1fdb45451e4af22b907dbf22da8 Loading...

	tk3.clan.su/forum/10-111-2#585	130 B	2023-03-11	2023-05-21
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 22:39:23 Last Seen2023-05-21 23:17:06 Times Seen5 Hash 55dea9622b100507beff5434c6f82173 630699217b476a4e14e6249f7739e0508efa971e 31f296001dd05bb31a5f309bb232d6be5a50b5867ef9dfcd492b4f25838ec6cb Loading...

	tk3.clan.su/.s/src/uwnd.min.js	210 kB	2023-03-07	2023-11-09
Pretty URL tk3.clan.su/.s/src/uwnd.min.js IP 193.109.247.239 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:47 Last Seen2023-11-09 11:57:45 Times Seen1943 Hash 0e2dd07983ad50fa9205b6a9d24bc79f 8eafe02a75c83f60d40d1cee73e2770805e54a9e 8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad Loading...

	tk3.clan.su/forum/10-111-2#585	464 B	2023-04-05	2024-05-10
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 13:59:34 Last Seen2024-05-10 19:34:33 Times Seen799 Hash 9a536789cc4102abd4a9769ecf660e43 a8b24237df4c077f7a648c24cd245b1fc33687f5 a27d3579fcabdab43f501d6487a378ef8481e31a1c093f7054a305bec3133436 Loading...

	tk3.clan.su/script/topmsg.js	2.8 kB	2023-03-11	2023-05-21
Pretty URL tk3.clan.su/script/topmsg.js IP 193.109.247.239 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:39:23 Last Seen2023-05-21 23:17:06 Times Seen8 Hash 325e7f57279ae3f6e26d6963a575a1e0 708c7a80af3de399fdbd807c5035f9c3d9002599 b1abf8f38be8f7efd0ce0d1365a68d8f6522076c458be6e0ef68300fb4a047e1 Loading...

	tk3.clan.su/.s/src/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-11
Pretty URL tk3.clan.su/.s/src/jquery-3.6.0.min.js IP 193.109.247.239 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-11 00:55:31 Times Seen270393 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	tk3.clan.su/forum/10-111-2#585	2.1 kB	2023-05-21	2023-05-21
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-21 23:17:06 Last Seen2023-05-21 23:17:06 Times Seen1 Hash c303b51f851b8e2208851626afc10b1e 03a1ee861d7961372076b3c1d4f4bee1427a8e67 e90c18bb2e4cc89548f341c7efdd1cf3383c1797b048ab8aad67d07de9c735f9 Loading...

	unknown	38 B	2023-04-11	2024-05-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:09:18 Last Seen2024-05-10 21:45:21 Times Seen3975 Hash a55bc61bb8cabacdc353356d20217fb1 ecf7f3fc124c625be7890bb4536b6f89d4d76786 a4a9b568a83a7f91eeed94a7c6587bb5d3bdf73d515d40c4402460dc046ab7a6 Loading...

	tk3.clan.su/forum/10-111-2#585	334 B	2023-03-07	2024-05-10
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:49:41 Last Seen2024-05-10 19:34:34 Times Seen95 Hash 4ad9e8eb9436a82eb49f58f7f120393c 21ea22f939ee33ccc58f4202c8c61d6718196f6f ab526717acd97825f32075de1d10b96a3739e2c55141d1a822bcd4c8a0c3b3cf Loading...

	tk3.clan.su/forum/10-111-2#585	913 B	2023-05-21	2023-05-21
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-21 23:17:06 Last Seen2023-05-21 23:17:06 Times Seen1 Hash dd88ed31f87279a7514e61ae7e11486b be3677021281aeee0a0f498b908b3948280e6691 78a80e2f0af78cf2ff5d980d792c13ef45b8432aeb77505286819be5d4e224e8 Loading...

	www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru	905 B	2023-05-19	2023-05-26
Pretty URL www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-19 19:43:06 Last Seen2023-05-26 00:30:46 Times Seen115 Hash f3651a48f92f2ce6ffd95d0ae3268a9f 1cb70789a541931c3127a5f0c12e001da6a543ce c81584853fdd4a67b3676d9b9970f46a25c307600d97cf6d2e666a84bede5581 Loading...

	tk3.clan.su/forum/10-111-2#585	210 B	2023-03-10	2023-12-02
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 21:16:34 Last Seen2023-12-02 10:07:31 Times Seen3 Hash 1e8850c5d48c7de60a6922afe845cf26 a06864b11c3c5f059b5e8c8995620fc3c383ca03 fba307b9f76830cc82868d76f596e3b9f9dba3d4b9eeef0f205fd380bcdb0290 Loading...

	tk3.clan.su/forum/10-111-2#585	659 B	2023-04-13	2023-05-21
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-13 00:41:10 Last Seen2023-05-21 23:17:06 Times Seen3 Hash d4d7803f0581ad9acf6d2c0d13279001 cbdd55fcc927eade40079e93514cd3564fcf1411 989438ac52b7f2d7747c88ff7026cc32842cce5573575090e358da27ea3187f1 Loading...

	s4.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.862622949351582	0 B	2023-03-07	2024-05-11
Pretty URL s4.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.862622949351582 IP 193.109.247.239 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 01:04:29 Times Seen37532537 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	tk3.clan.su/forum/10-111-2#585	237 B	2023-03-11	2023-05-21
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 22:39:23 Last Seen2023-05-21 23:17:06 Times Seen4 Hash 37939d9ba9670c55d98d58aae8788e7a 40e564720a6762df0ebd97ddc22da8c67346032d 4897f36a8fa5d6edf2e5457287e81f0f1cd704bfdd848e4528c506d93cd4d6d7 Loading...

	tk3.clan.su/?nhISfeHukGm%21qq6w%21XzXcHcB%21U%2154s%5EubYqbPLQYJ0XsGTRDgsISvyQDfaEvBACM%3BjSpsIJcDPCagUAgBEaST%21EfiDevSiE9IcJMzkYSkHRy6Vh9aBNzO3kE3CUxZ%21iwYb1RsWJiG%5EllZIwb5C%21iuPNbA9qTLXdQSTuCCBynFNsfPrhSWyeLGJdT26wazWlZ31O%5ERSDkG4x7ta61fpj2	1.2 kB	2023-05-21	2023-05-21
Pretty URL tk3.clan.su/?nhISfeHukGm%21qq6w%21XzXcHcB%21U%2154s%5EubYqbPLQYJ0XsGTRDgsISvyQDfaEvBACM%3BjSpsIJcDPCagUAgBEaST%21EfiDevSiE9IcJMzkYSkHRy6Vh9aBNzO3kE3CUxZ%21iwYb1RsWJiG%5EllZIwb5C%21iuPNbA9qTLXdQSTuCCBynFNsfPrhSWyeLGJdT26wazWlZ31O%5ERSDkG4x7ta61fpj2 IP 193.109.247.239 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-21 23:17:06 Last Seen2023-05-21 23:17:06 Times Seen2 Hash af0d156e579a13a724dcb1e983ffd983 0003df040ec7e412b63609031b3da5b668bb4411 ad967914b053fdcd6273f8bf91e976817f2a1fa2093f67c989d5a124612ca3d8 Loading...

	tk3.clan.su/forum/10-111-2#585	245 B	2023-04-05	2024-01-06
Pretty URL tk3.clan.su/forum/10-111-2#585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 15:51:18 Last Seen2024-01-06 15:43:56 Times Seen26 Hash 55589374602cfe4c6b229710685f2f9a 1501b08acecc54998d02b7e37f1e6c1eaffdb3df 8f7d8189cf12fed2b687f3e195e10c3fd3a135337c3107bb7b71e760fbe2d933 Loading...

	www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ru.js	453 kB	2023-05-19	2023-05-26
Pretty URL www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ru.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-19 12:22:29 Last Seen2023-05-26 01:33:48 Times Seen588 Hash 5ee55e4774f7047ff36c50d754de7a45 5706760775775aca8883b7e4fef43105b58a1b34 50be60d04fa931d5b28c8e0866e64c44a7ffe724c8874fe70236528be43ca213 Loading...

	tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH	0 B	2023-03-07	2024-05-11
Pretty URL tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH IP 193.109.247.239 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 01:04:29 Times Seen37532537 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - 8b0fe86547ea1099fa2f32bd4c526c44	152 B	2023-03-07	2024-05-10
Pretty Observations First Seen2023-03-07 01:33:44 Last Seen2024-05-10 19:34:34 Times Seen1071 Hash 8b0fe86547ea1099fa2f32bd4c526c44 c180eadc55e8f386b0df85d043c4e682fb52ffb8 6887ab5beb82890d571c8f7c9d474bde94d3912e2b59247bab0fe77d408a026a Loading...

	#2 Write - 4f2526a61687dcec48965d43674abab6	309 B	2023-03-11	2023-05-21
Pretty Observations First Seen2023-03-11 22:39:23 Last Seen2023-05-21 23:17:06 Times Seen5 Hash 4f2526a61687dcec48965d43674abab6 b75b2b6241c6c305f2218a9d1f43a8149c3efe3c a404d42fd6aee61a2624d54027cc809d4393997660d971cfae4615cbec398999 Loading...

	#3 Write - 3416a7fa9d4c85c9bea8baa83a22ea93	427 B	2023-05-21	2023-05-21
Pretty Observations First Seen2023-05-21 23:17:06 Last Seen2023-05-21 23:17:06 Times Seen1 Hash 3416a7fa9d4c85c9bea8baa83a22ea93 93466721647d08692a3c4feee30f62ed007c837a f6e68ef6ec3434711dc0e0e9a8225dfaa4da5d240b4087c99dec1d91f043dfce Loading...

	#4 Write - a5b75c455b5d2ccca43d64fc5f0dbf4d	181 B	2023-05-21	2023-05-21
Pretty Observations First Seen2023-05-21 23:17:06 Last Seen2023-05-21 23:17:06 Times Seen1 Hash a5b75c455b5d2ccca43d64fc5f0dbf4d fc3ed8e9b3847f4d5bf6d190fda82323b0ec92bc 1cc4ed8e7b2d0578ab4abb9ecfed9b0e04a2de1922202aea3b786db00f4c8920 Loading...

HTTP Transactions (100)

URL IP Response Size

tk3.clan.su/forum/10-111-585-16-1212314980

193.109.247.239

302 Found

218 B

URL User Request GET HTTP/1.1
tk3.clan.su/forum/10-111-585-16-1212314980
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
218 B (218 bytes)
Hash
0b679362dbfdf5bbb61d3cc471a8e966
8ac5be83a5abe1902c461cb724d05afa128036e4
0abe8800dbcfdd388784cf5b5a1ef6b5598455caa942d3559caa1ec5625a8214

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /forum/10-111-585-16-1212314980 HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 6tk3uCoz=; path=/; expires=Fri, 21-May-2021 21:16:43 GMT; Secure; HttpOnly; domain=.tk3.clan.su
Location: https://tk3.clan.su/forum/10-111-2#585
Cache-Control: private

tk3.clan.su/forum/10-111-2

193.109.247.239

14 kB

URL
tk3.clan.su/forum/10-111-2
IP
193.109.247.239:0
ASN
#204343 Compubyte Limited

Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1447)
Size
14 kB (13910 bytes)
Hash
bc208b38f364607412cb66ed5a2e5886
7c2cd349ba809955af3b0d925b455f312dc39604
8f22d172a219c86f9c8f3e79d52891d6900286245286226d6d04a47fbaa93a98

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /forum/10-111-2 HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 6tk3uCoz=; path=/; expires=Fri, 21-May-2021 21:16:43 GMT; Secure; HttpOnly; domain=.tk3.clan.su
6tk3uzfss=lt%3D1684703803%2Cpst%3D1684685803; path=/forum; expires=Mon, 20-May-2024 21:16:43 GMT; Secure; domain=.tk3.clan.su
6tk3f0=; path=/forum; expires=Mon, 20-May-2024 21:16:43 GMT; Secure; domain=.tk3.clan.su
6tk3pushi=1; path=/; expires=Mon, 22-May-2023 20:16:43 GMT; Secure
Pragma: no-cache
Vary: host
Last-Modified: Sun, 21 May 2023 21:14:05 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip

tk3.clan.su/?nhISfeHukGm%21qq6w%21XzXcHcB%21U%2154s%5EubYqbPLQYJ0XsGTRDgsISvyQDfaEvBACM%3BjSpsIJcDPCagUAgBEaST%21EfiDevSiE9IcJMzkYSkHRy6Vh9aBNzO3kE3CUxZ%21iwYb1RsWJiG%5EllZIwb5C%21iuPNbA9qTLXdQSTuCCBynFNsfPrhSWyeLGJdT26wazWlZ31O%5ERSDkG4x7ta61fpj2

193.109.247.239

200 OK

1.2 kB

URL GET HTTP/1.1
tk3.clan.su/?nhISfeHukGm%21qq6w%21XzXcHcB%21U%2154s%5EubYqbPLQYJ0XsGTRDgsISvyQDfaEvBACM%3BjSpsIJcDPCagUAgBEaST%21EfiDevSiE9IcJMzkYSkHRy6Vh9aBNzO3kE3CUxZ%21iwYb1RsWJiG%5EllZIwb5C%21iuPNbA9qTLXdQSTuCCBynFNsfPrhSWyeLGJdT26wazWlZ31O%5ERSDkG4x7ta61fpj2
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
ASCII text
Size
1.2 kB (1151 bytes)
Hash
af0d156e579a13a724dcb1e983ffd983
0003df040ec7e412b63609031b3da5b668bb4411
ad967914b053fdcd6273f8bf91e976817f2a1fa2093f67c989d5a124612ca3d8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /?nhISfeHukGm%21qq6w%21XzXcHcB%21U%2154s%5EubYqbPLQYJ0XsGTRDgsISvyQDfaEvBACM%3BjSpsIJcDPCagUAgBEaST%21EfiDevSiE9IcJMzkYSkHRy6Vh9aBNzO3kE3CUxZ%21iwYb1RsWJiG%5EllZIwb5C%21iuPNbA9qTLXdQSTuCCBynFNsfPrhSWyeLGJdT26wazWlZ31O%5ERSDkG4x7ta61fpj2 HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache

tk3.clan.su/.s/src/layer6.min.css

193.109.247.239

200 OK

5.4 kB

URL GET HTTP/1.1
tk3.clan.su/.s/src/layer6.min.css
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
ASCII text, with very long lines (22068), with no line terminators
Size
5.4 kB (5362 bytes)
Hash
e910563a7f6438887e50cd7d60f961fa
05b10d75b416431c439d20cb4f8c9c550c1eec4c
0b95e6256665db30e02bbf3e3f465c38bd04aac3e5a0bd08607d9185bb8a8aa7

HTTP Headers

GET /.s/src/layer6.min.css HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/css
Last-Modified: Thu, 27 Apr 2023 12:45:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"644a6e4c-5634"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
049a58b7447df3b04516d97d3423d2a1
36d219434e8f0ea98ea47f636746e435abc7deb7
062834716fcc1f06a51ceda92b702060a86700f3a567606154991fd2b7d66220

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 21:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru

216.58.207.228

200 OK

579 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT

File type
ASCII text, with very long lines (905), with no line terminators
Size
579 B (579 bytes)
Hash
f3651a48f92f2ce6ffd95d0ae3268a9f
1cb70789a541931c3127a5f0c12e001da6a543ce
c81584853fdd4a67b3676d9b9970f46a25c307600d97cf6d2e666a84bede5581

HTTP Headers

GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Sun, 21 May 2023 21:16:34 GMT
date: Sun, 21 May 2023 21:16:34 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tk3.clan.su/?3rrzj61EwM0GjPA8Y0kB1f%21cIrGEXYjEN6Jwvx5FkYdl%3BvT%5E8rXpfOaaa4dFWhxtEB7h1AQQE82IEcZR0tqXTKuEXxAs6OKMfSibC76Zy2O%3Bag%3BBiAWDql6HRZtAptSELSBM9cl%21DvRTM%5EOQnza1KeCVGaGl81Ss4HV200PIU9KuPS6dw4DBXs9IpMFSwPI2lQtf%3BGZNihQ1%5EcBJ%3B6Hy

193.109.247.239

200 OK

834 B

URL GET HTTP/1.1
tk3.clan.su/?3rrzj61EwM0GjPA8Y0kB1f%21cIrGEXYjEN6Jwvx5FkYdl%3BvT%5E8rXpfOaaa4dFWhxtEB7h1AQQE82IEcZR0tqXTKuEXxAs6OKMfSibC76Zy2O%3Bag%3BBiAWDql6HRZtAptSELSBM9cl%21DvRTM%5EOQnza1KeCVGaGl81Ss4HV200PIU9KuPS6dw4DBXs9IpMFSwPI2lQtf%3BGZNihQ1%5EcBJ%3B6Hy
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
ASCII text
Size
834 B (834 bytes)
Hash
51e142a0b55c4d1f5056ff08fc046c09
24fab84fa4215afdb8ee7555ec3d3b52e323f998
b36d8b4a6ae0a89de7676de2f7870c67cec1f19e98962b29344aa9291b9131cb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /?3rrzj61EwM0GjPA8Y0kB1f%21cIrGEXYjEN6Jwvx5FkYdl%3BvT%5E8rXpfOaaa4dFWhxtEB7h1AQQE82IEcZR0tqXTKuEXxAs6OKMfSibC76Zy2O%3Bag%3BBiAWDql6HRZtAptSELSBM9cl%21DvRTM%5EOQnza1KeCVGaGl81Ss4HV200PIU9KuPS6dw4DBXs9IpMFSwPI2lQtf%3BGZNihQ1%5EcBJ%3B6Hy HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache

tk3.clan.su/.s/src/uwnd.min.js

193.109.247.239

200 OK

57 kB

URL GET HTTP/1.1
tk3.clan.su/.s/src/uwnd.min.js
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
57 kB (56796 bytes)
Hash
0e2dd07983ad50fa9205b6a9d24bc79f
8eafe02a75c83f60d40d1cee73e2770805e54a9e
8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /.s/src/uwnd.min.js HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

tk3.clan.su/.s/src/ulightbox/ulightbox.min.js

193.109.247.239

200 OK

7.7 kB

URL GET HTTP/1.1
tk3.clan.su/.s/src/ulightbox/ulightbox.min.js
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
ASCII text, with very long lines (22313), with no line terminators
Size
7.7 kB (7650 bytes)
Hash
862f093f507f858ee329c39576f1c041
f3da76f6d4071020bf9c82ddbcbb1ad95d74108f
a0c876daa26fa9e875abc22a4e88e310a20ea1fdb45451e4af22b907dbf22da8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/javascript
Last-Modified: Wed, 05 Apr 2023 11:24:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5a5f-5729"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

tk3.clan.su/_st/my.css

193.109.247.239

200 OK

3.6 kB

URL GET HTTP/1.1
tk3.clan.su/_st/my.css
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
assembler source, ASCII text
Size
3.6 kB (3576 bytes)
Hash
1d93817df3f3315f1b2be824aa86cc4f
7d7c3c5986a575b4cff61ec51d6f2873f0c7332d
36d3dd2d9e9009fb504a0482d1b77b9333b290ac0201d81288fb9ba1259c7072

HTTP Headers

GET /_st/my.css HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/css
Last-Modified: Wed, 11 Jun 2008 01:00:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"484f23a1-41ae"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

tk3.clan.su/script/topmsg.js

193.109.247.239

200 OK

959 B

URL GET HTTP/1.1
tk3.clan.su/script/topmsg.js
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
ASCII text
Size
959 B (959 bytes)
Hash
325e7f57279ae3f6e26d6963a575a1e0
708c7a80af3de399fdbd807c5035f9c3d9002599
b1abf8f38be8f7efd0ce0d1365a68d8f6522076c458be6e0ef68300fb4a047e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /script/topmsg.js HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/javascript
Last-Modified: Tue, 03 Jun 2008 00:34:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4844917b-af9"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

tk3.clan.su/.s/src/base.min.css

193.109.247.239

200 OK

6.2 kB

URL GET HTTP/1.1
tk3.clan.su/.s/src/base.min.css
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
ASCII text, with very long lines (24519), with no line terminators
Size
6.2 kB (6184 bytes)
Hash
cfa5d689b5b2f45ea3e3cf33415da504
dd71774375b3808c4483688e68833113c6e2c236
55998c0419cad6f5f33925fa11a2a38fd7586d3a5c9315f279d2b42a310460d2

HTTP Headers

GET /.s/src/base.min.css HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/css
Last-Modified: Tue, 02 May 2023 08:55:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6450cff3-5fc7"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

tk3.clan.su/.s/src/ulightbox/ulightbox.min.css

193.109.247.239

200 OK

1.4 kB

URL GET HTTP/1.1
tk3.clan.su/.s/src/ulightbox/ulightbox.min.css
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
ASCII text, with very long lines (4552), with no line terminators
Size
1.4 kB (1359 bytes)
Hash
a05316c4712b56d4de87d83d57fc9a74
22db34df3400db68355d8b3e06c01c4f964ad484
5ddb669cd05d5c481a798631d2bd02b041950600ebaa4d419833fe0f01a04955

HTTP Headers

GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-11c8"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
68e98363f930b3ef10efe3f848d4b441
de398874bc8e97a4f3da7023ca4c32c91b4dd847
442199edd1d2acf6f9dcc726a70c7fdd168eb1444f2fbb999408a6cb32b59028

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 21:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tk3.clan.su/.s/src/jquery-3.6.0.min.js

193.109.247.239

200 OK

31 kB

URL GET HTTP/1.1
tk3.clan.su/.s/src/jquery-3.6.0.min.js
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (30947 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /.s/src/jquery-3.6.0.min.js HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/javascript
Last-Modified: Wed, 05 Apr 2023 11:24:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5a54-15d9d"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

s4.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.862622949351582

193.109.247.239

200 OK

0 B

URL GET HTTP/1.1
s4.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.862622949351582
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGoGetSSL
Subject*.ucoz.net
Fingerprint9C:9F:0E:28:57:CD:A6:DE:BC:89:EA:60:7A:68:97:BB:58:9F:C1:4A
ValidityWed, 15 Mar 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.862622949351582 HTTP/1.1
Host: s4.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15

tk3.ucoz.ru/status/power_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/power_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:42 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/power_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/moderator.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/moderator.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/moderator.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:42 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/moderator.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/admin.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/admin.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:42 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/admin.gif
X-Frame-Options: SAMEORIGIN

src.ucoz.net/sm/23/biggrin.gif

193.109.246.58

200 OK

467 B

URL GET HTTP/1.1
src.ucoz.net/sm/23/biggrin.gif
IP
193.109.246.58:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGoGetSSL
Subject*.ucoz.net
Fingerprint9C:9F:0E:28:57:CD:A6:DE:BC:89:EA:60:7A:68:97:BB:58:9F:C1:4A
ValidityWed, 15 Mar 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 20 x 20\012- data
Size
467 B (467 bytes)
Hash
97c84d06a265a30be2f4bf1f63a1d452
763e3c3ca54ff60b358d8a6e1511a9731f103093
6e93db19553909adf2f7dddecb69b0de52ad1d6685002cff865c171bff86114b

HTTP Headers

GET /sm/23/biggrin.gif HTTP/1.1
Host: src.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:46 GMT
Content-Type: image/gif
Content-Length: 467
Last-Modified: Wed, 01 Apr 2009 09:03:40 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "49d32dec-1d3"
Expires: Wed, 31 May 2023 21:16:46 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

tk3.ucoz.ru/status/check_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/check_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/check_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:42 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/check_user.gif
X-Frame-Options: SAMEORIGIN

tk3.clan.su/image/avatar.gif

193.109.247.239

200 OK

10 kB

URL GET HTTP/1.1
tk3.clan.su/image/avatar.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 110 x 110\012- data
Size
10 kB (9982 bytes)
Hash
99db82236dfb7eb4dbbfc5591c8859e5
f0bacb576ee146b1ab4e61fd916bedb528ba48ed
2c790f4ce263a342d5d5ef6576203c78be71f935f7518076858155a425600ca0

HTTP Headers

GET /image/avatar.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 9982
Last-Modified: Sun, 07 Sep 2008 17:40:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "48c411fd-26fe"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/image/icon/p_icq.gif

193.109.247.239

200 OK

352 B

URL GET HTTP/1.1
tk3.clan.su/image/icon/p_icq.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 28 x 12\012- data
Size
352 B (352 bytes)
Hash
6676374b78a919e8dc78df1708898694
86475187928e68387c548acf926c97220e9f2bfc
603d4c83573870a231b73815301aeefe10b6f1614d583aef7043b932f0c835b2

HTTP Headers

GET /image/icon/p_icq.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 352
Last-Modified: Wed, 23 Apr 2008 19:21:29 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c39-160"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/image/icon/p_up.gif

193.109.247.239

200 OK

144 B

URL GET HTTP/1.1
tk3.clan.su/image/icon/p_up.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 12 x 12\012- data
Size
144 B (144 bytes)
Hash
0fbf4fcc0fb8f606a89b54e7f7442c14
29e531351fcbb54429e58459c6404a2f11019bd1
7bf33a8355a7957c813ee581822126b006e53573427ba58670f9cbe306ad2e3d

HTTP Headers

GET /image/icon/p_up.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 144
Last-Modified: Wed, 23 Apr 2008 19:21:44 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c48-90"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

src.ucoz.net/sm/23/smile.gif

193.109.246.58

200 OK

350 B

URL GET HTTP/1.1
src.ucoz.net/sm/23/smile.gif
IP
193.109.246.58:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGoGetSSL
Subject*.ucoz.net
Fingerprint9C:9F:0E:28:57:CD:A6:DE:BC:89:EA:60:7A:68:97:BB:58:9F:C1:4A
ValidityWed, 15 Mar 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 20 x 20\012- data
Size
350 B (350 bytes)
Hash
aa74650abaec1c391f8f60af9ff90e28
e6d53ff3d35e7f962ca50b8483464927a8f9435f
63431e6e87f0add420a95ebdda4195ce6e7e92510218d4f24f7384620d329bcd

HTTP Headers

GET /sm/23/smile.gif HTTP/1.1
Host: src.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:46 GMT
Content-Type: image/gif
Content-Length: 350
Last-Modified: Wed, 01 Apr 2009 09:03:40 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "49d32dec-15e"
Expires: Wed, 31 May 2023 21:16:46 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

tk3.clan.su/image/icon/t_new.gif

193.109.247.239

200 OK

328 B

URL GET HTTP/1.1
tk3.clan.su/image/icon/t_new.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 64 x 12\012- data
Size
328 B (328 bytes)
Hash
6a379f736f17ba61e26d26c1c2cd7e10
fc28c9e0dc5a880bf64f6580eab33ecdcffa3cfd
5a6f6cd3a949578876360d3f4680cf6553f7c92cbd17a69bece2480dea94e2ad

HTTP Headers

GET /image/icon/t_new.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 328
Last-Modified: Wed, 23 Apr 2008 19:21:52 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c50-148"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/image/icon/p_www.gif

193.109.247.239

200 OK

351 B

URL GET HTTP/1.1
tk3.clan.su/image/icon/p_www.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 28 x 12\012- data
Size
351 B (351 bytes)
Hash
5023192b204be568c2a55faba66161ab
6e977eb49b8204c8cbf951ef58562c6735799097
3a4e2287cbf1c00807a468c8430e3d24c6375623bf5de7cb480974c6f511a1cd

HTTP Headers

GET /image/icon/p_www.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 351
Last-Modified: Wed, 23 Apr 2008 19:21:48 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c4c-15f"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/image/icon/t_poll.gif

193.109.247.239

200 OK

352 B

URL GET HTTP/1.1
tk3.clan.su/image/icon/t_poll.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 70 x 12\012- data
Size
352 B (352 bytes)
Hash
ff1c2710ca54bbc3200564a66a4355ad
859dd7bc26406fce197afacec81c72b1b0707152
62d9167ae06ac9b4054d001af52a60e369ec83dd5006c703674576787735b2e0

HTTP Headers

GET /image/icon/t_poll.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 352
Last-Modified: Wed, 23 Apr 2008 19:22:02 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c5a-160"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/image/icon/t_reply.gif

193.109.247.239

200 OK

321 B

URL GET HTTP/1.1
tk3.clan.su/image/icon/t_reply.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 61 x 12\012- data
Size
321 B (321 bytes)
Hash
4cbabe760cd23595d48327f644db96ac
49c3a1a7dd3a7c46deff0e170dec4b253bdeae81
9e2d27180c9ef09d72ec8d35cae437411e5063311e60bf076c69210767979909

HTTP Headers

GET /image/icon/t_reply.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 321
Last-Modified: Wed, 23 Apr 2008 19:22:06 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c5e-141"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/image/icon/p_profile.gif

193.109.247.239

200 OK

287 B

URL GET HTTP/1.1
tk3.clan.su/image/icon/p_profile.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 47 x 12\012- data
Size
287 B (287 bytes)
Hash
7e7063436315cc1a29179de7e30bf130
5ded81345f20a2d607165b58b22a04c0800140d6
8a3de824aae63ae756aea3534cccc4b8dd48d3ebf089c1cb2645f51d7339882d

HTTP Headers

GET /image/icon/p_profile.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 287
Last-Modified: Wed, 23 Apr 2008 19:21:36 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c40-11f"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/avatar/38/2504-877734.jpg

193.109.247.239

200 OK

34 kB

URL GET HTTP/1.1
tk3.clan.su/avatar/38/2504-877734.jpg
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2008:06:26 23:46:49], progressive, precision 8, 110x110, components 3\012- data
Size
34 kB (33474 bytes)
Hash
7fcd9d6056fede65898f0ca907cec796
a6765913d0f1b46b91e97d9c80ea5a178a40e143
e6387ca224f1357e0814c20895676219f6e7133e162ead814c3ecb10f716f452

HTTP Headers

GET /avatar/38/2504-877734.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/jpeg
Content-Length: 33474
Last-Modified: Fri, 20 May 2016 07:09:07 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "573eb813-82c2"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/avatar/08/3846-051017.jpg

193.109.247.239

200 OK

5.2 kB

URL GET HTTP/1.1
tk3.clan.su/avatar/08/3846-051017.jpg
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=Paint.NET v3.22], baseline, precision 8, 110x119, components 3\012- data
Size
5.2 kB (5160 bytes)
Hash
5e7279b898ab358b313acf2a078996ee
b639bae33147272fc491598935349a29bc24902b
e0f3846e0cf4c4953bb943145436e6f0e5a9b4f0152aafc3da07078bce543b06

HTTP Headers

GET /avatar/08/3846-051017.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/jpeg
Content-Length: 5160
Last-Modified: Wed, 25 May 2016 02:11:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "574509bf-1428"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/stat/0.22630698026114304?03

193.109.247.239

302 Found

217 B

URL GET HTTP/1.1
tk3.clan.su/stat/0.22630698026114304?03
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
217 B (217 bytes)
Hash
4184eeab2f856fd57cd04ffca55ee783
cde572e51ac62686b330904255c0786a37418343
369f890d63aa92c1310cfe1df0e372eaac6914b2181521240babb12ca1948b00

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /stat/0.22630698026114304?03 HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 6tk3ucnid=wtDvr2AopH; domain=tk3.clan.su; path=/stat/936178959; expires=Sun, 21-May-2023 21:16:54 GMT
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://tk3.clan.su/stat/936178959?13

tk3.clan.su/style/1.gif

193.109.247.239

200 OK

826 B

URL GET HTTP/1.1
tk3.clan.su/style/1.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 9 x 9\012- data
Size
826 B (826 bytes)
Hash
1f1b16416ebfbb801f969af2502ea82c
cb7e1dd0f6084e945fae05e901dbc0cae47e4edf
65daea5c6705a8b09c2e8956448bb9e7920d08c3986899c0d2be7c5ff6c73aba

HTTP Headers

GET /style/1.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 826
Last-Modified: Sun, 06 Jan 2008 17:56:33 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "47811651-33a"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/style/4.gif

193.109.247.239

200 OK

787 B

URL GET HTTP/1.1
tk3.clan.su/style/4.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 23 x 23\012- data
Size
787 B (787 bytes)
Hash
0507a3173a48c496fd3d0b50fd153be9
9b6adac8b643bfeb46771d74bbfe549049be04ae
9c774c14bced85b9769f251fb46435d326702197bb3456ec0c89f12bc8c4dcd6

HTTP Headers

GET /style/4.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 787
Last-Modified: Mon, 08 Sep 2008 21:47:23 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "48c59d6b-313"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/style/6.gif

193.109.247.239

200 OK

808 B

URL GET HTTP/1.1
tk3.clan.su/style/6.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 89a, 3 x 6\012- data
Size
808 B (808 bytes)
Hash
cd87b0af7870a612db000816a13c6815
528430cde09d04cd49bacc138eb61c619508f450
e82e65e717445916c4d6c00f3eeb23740cdbfed02cf9aaaaf4e0711c6a02b686

HTTP Headers

GET /style/6.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/gif
Content-Length: 808
Last-Modified: Sun, 06 Jan 2008 17:55:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "478115f4-328"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

src.ucoz.ru/t/984/2.gif

193.109.246.58

200 OK

46 B

URL GET HTTP/1.1
src.ucoz.ru/t/984/2.gif
IP
193.109.246.58:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
GIF image data, version 89a, 6 x 2\012- data
Size
46 B (46 bytes)
Hash
01f0dc9c8c733667f88395ff66065eb6
e856f1d032844e41794b898f2e01173da51b4cc3
8742bd93ec0583f2ab4d58e14895461df701a8938bf1ddaba3bfc004d979079a

HTTP Headers

GET /t/984/2.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:46 GMT
Content-Type: image/gif
Content-Length: 46
Last-Modified: Fri, 01 Apr 2016 13:34:32 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e8-2e"
Expires: Wed, 31 May 2023 21:16:46 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

tk3.clan.su/style/5_1.jpg

193.109.247.239

200 OK

27 kB

URL GET HTTP/1.1
tk3.clan.su/style/5_1.jpg
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2008:09:09 00:51:08], baseline, precision 8, 180x23, components 3\012- data
Size
27 kB (26778 bytes)
Hash
0aaba67f87f7d619b9bba23e212d0452
3d647528b5ecdf90eb30374b3adce03b0caa5a1e
eb59305d3e2ad0663b48527403099d90ad1683e06a47f1c8ff9121b8cd34160f

HTTP Headers

GET /style/5_1.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/jpeg
Content-Length: 26778
Last-Modified: Mon, 08 Sep 2008 21:51:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "48c59e50-689a"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH

193.109.247.239

200 OK

800 B

URL GET HTTP/1.1
tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
800 B (800 bytes)
Hash
b8c973af0a70adf8fd0b6f2964067e39
832abb721b2c4a20f1be24b2bfde41f56864338d
9d46098c8046a24fe6136cd1fbf3b5754516ad2ccf5a398431f038bd8ee8ae61

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip

src.ucoz.ru/t/984/8.gif

193.109.246.58

200 OK

72 B

URL GET HTTP/1.1
src.ucoz.ru/t/984/8.gif
IP
193.109.246.58:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
GIF image data, version 89a, 10 x 10\012- data
Size
72 B (72 bytes)
Hash
f9d4d09e822eafeb8fe7310a7826eea2
abc73eb82dcee44b8003f1c69494c0bddf742746
9a7eac9c050276a3de116ee8fe986f50d23ffbb4b258de431efcee541ebe6266

HTTP Headers

GET /t/984/8.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:47 GMT
Content-Type: image/gif
Content-Length: 72
Last-Modified: Fri, 01 Apr 2016 13:34:32 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e8-48"
Expires: Wed, 31 May 2023 21:16:47 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

tk3.ucoz.ru/status/check_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/check_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/check_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/check_user.gif
X-Frame-Options: SAMEORIGIN

tk3.clan.su/style/bgblock.jpg

193.109.247.239

200 OK

95 kB

URL GET HTTP/1.1
tk3.clan.su/style/bgblock.jpg
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2008:05:28 23:20:48], baseline, precision 8, 400x400, components 3\012- data
Size
95 kB (95042 bytes)
Hash
e3d547488d67a4f0b78386bdaf180605
5662d9e41bffc18d3d2cd9bf8ade50028c0a78b5
e7bbe6c3aa301932978806741200261d16ca824cafbb3eea0e6c2344e0f92c92

HTTP Headers

GET /style/bgblock.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/jpeg
Content-Length: 95042
Last-Modified: Wed, 28 May 2008 20:20:14 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "483dbe7e-17342"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

tk3.clan.su/stat/936178959?13

193.109.247.239

200 OK

399 B

URL GET HTTP/1.1
tk3.clan.su/stat/936178959?13
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
GIF image data, version 87a, 88 x 31\012- data
Size
399 B (399 bytes)
Hash
67d97664eb57aa4065cf13edda645939
512342d840b078ce30d2d592b44c68044b6cc35f
57f6239a5f2289302718f024a0f7e895b2f12751f1e0ec45a84e60fc9e657a82

HTTP Headers

GET /stat/936178959?13 HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tk3.clan.su/forum/10-111-2
DNT: 1
Connection: keep-alive
Cookie: 6tk3ucnid=wtDvr2AopH; 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: ucvid=j80M13qv3h; domain=clan.su; path=/; expires=Mon, 20-May-2024 21:16:45 GMT

tk3.ucoz.ru/status/admin.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/admin.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/admin.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/power_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/power_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/power_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/moderator.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/moderator.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/moderator.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/moderator.gif
X-Frame-Options: SAMEORIGIN

tk3.clan.su/style/logo-beta.jpg

193.109.247.239

200 OK

185 kB

URL GET HTTP/1.1
tk3.clan.su/style/logo-beta.jpg
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2008:09:07 19:01:58], baseline, precision 8, 978x160, components 3\012- data
Size
185 kB (185283 bytes)
Hash
8a7048387238516550b614acb4db10d6
bb000d36172cc888e5886fbd85c9abc04e1cb1b2
3fa06d04fc73924c20016f268f6f52fea4fff17b170831b53842e425f6bb73d5

HTTP Headers

GET /style/logo-beta.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: image/jpeg
Content-Length: 185283
Last-Modified: Sun, 07 Sep 2008 16:03:38 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "48c3fb5a-2d3c3"
Expires: Sat, 10 Jun 2023 21:16:44 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

s4.ucoz.net/adv/dummy/000/css/style.css

193.109.247.239

200 OK

1.6 kB

URL GET HTTP/1.1
s4.ucoz.net/adv/dummy/000/css/style.css
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH
Certificate
IssuerGoGetSSL
Subject*.ucoz.net
Fingerprint9C:9F:0E:28:57:CD:A6:DE:BC:89:EA:60:7A:68:97:BB:58:9F:C1:4A
ValidityWed, 15 Mar 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
ASCII text
Size
1.6 kB (1564 bytes)
Hash
66bafd673de0c9223fcb6de5548e0e6f
cff0e25c3783772bfb13ad21ad8b328ccca63cb9
25ed1276f20986488e24b40548f023af771181ac7862900bde43cbdaffe0d0b9

HTTP Headers

GET /adv/dummy/000/css/style.css HTTP/1.1
Host: s4.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:45 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Mar 2019 14:28:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5c9a3701-19eb"
Content-Encoding: gzip

src.ucoz.ru/t/984/15.gif

195.216.243.221

200 OK

187 B

URL GET HTTP/1.1
src.ucoz.ru/t/984/15.gif
IP
195.216.243.221:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
GIF image data, version 89a, 4 x 21\012- data
Size
187 B (187 bytes)
Hash
04246ae87fd5014d08d44f7813b62241
3faabb86fd79a5ae544e162ab81b663b218e75b5
f442593d0354ec444223d73251629b609eef7d083dba71ee57aba8d94bd73fac

HTTP Headers

GET /t/984/15.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:29 GMT
Content-Type: image/gif
Content-Length: 187
Last-Modified: Tue, 23 Feb 2016 13:19:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56cc5c4f-bb"
Expires: Wed, 31 May 2023 21:16:29 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

tk3.ucoz.ru/status/check_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/check_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/check_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/check_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/admin.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/admin.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/admin.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/power_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/power_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/power_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/moderator.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/moderator.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/moderator.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/moderator.gif
X-Frame-Options: SAMEORIGIN

src.ucoz.ru/t/984/1.gif

195.216.243.221

200 OK

123 B

URL GET HTTP/1.1
src.ucoz.ru/t/984/1.gif
IP
195.216.243.221:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
GIF image data, version 89a, 9 x 9\012- data
Size
123 B (123 bytes)
Hash
d6757bcf9148d36a51e294b2142b140f
13e4779784eeb6a3931b28d91e827eef0e5d12e7
a24727ed8baa6920f8bf384db0884df864d6a723d81f4f9d95aa4d585635f28b

HTTP Headers

GET /t/984/1.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:29 GMT
Content-Type: image/gif
Content-Length: 123
Last-Modified: Tue, 23 Feb 2016 13:19:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56cc5c4f-7b"
Expires: Wed, 31 May 2023 21:16:29 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

s4.ucoz.net/adv/dummy/000/img/ucoz-logo.png

193.109.247.239

200 OK

4.6 kB

URL GET HTTP/1.1
s4.ucoz.net/adv/dummy/000/img/ucoz-logo.png
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH
Certificate
IssuerGoGetSSL
Subject*.ucoz.net
Fingerprint9C:9F:0E:28:57:CD:A6:DE:BC:89:EA:60:7A:68:97:BB:58:9F:C1:4A
ValidityWed, 15 Mar 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4585 bytes)
Hash
14d37a3409afc2c450c62b97bc8019da
43fc12bf16a292d6d10b17ab7d1e37785288858c
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2

HTTP Headers

GET /adv/dummy/000/img/ucoz-logo.png HTTP/1.1
Host: s4.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:45 GMT
Content-Type: image/png
Content-Length: 4585
Last-Modified: Tue, 26 Mar 2019 14:28:17 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a3701-11e9"
Accept-Ranges: bytes

rot.spotsniper.ru/?src=ujs6

31.172.81.158

200 OK

1 B

URL GET HTTP/1.1
rot.spotsniper.ru/?src=ujs6
IP
31.172.81.158:443
ASN
#44066 diva-e Datacenters GmbH

Requested by
https://tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH
Certificate
IssuerLet's Encrypt
Subjectrot.spotsniper.ru
Fingerprint13:D8:07:73:18:96:DD:24:23:40:59:1D:77:25:1E:F0:00:59:B3:07
ValidityTue, 11 Apr 2023 04:45:34 GMT - Mon, 10 Jul 2023 04:45:33 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

HTTP Headers

GET /?src=ujs6 HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:35 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

rot.spotsniper.ru/?src=ujs6&s_subid=btn

31.172.81.158

200 OK

1 B

URL GET HTTP/1.1
rot.spotsniper.ru/?src=ujs6&s_subid=btn
IP
31.172.81.158:443
ASN
#44066 diva-e Datacenters GmbH

Requested by
https://tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH
Certificate
IssuerLet's Encrypt
Subjectrot.spotsniper.ru
Fingerprint13:D8:07:73:18:96:DD:24:23:40:59:1D:77:25:1E:F0:00:59:B3:07
ValidityTue, 11 Apr 2023 04:45:34 GMT - Mon, 10 Jul 2023 04:45:33 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

HTTP Headers

GET /?src=ujs6&s_subid=btn HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:35 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

tk3.ucoz.ru/status/check_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/check_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/check_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/check_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/admin.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/admin.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/admin.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/power_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/power_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/power_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/moderator.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/moderator.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/moderator.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/moderator.gif
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
834d30ac255a2bf6e40206abe1df62f6
79794a460ef16547837ca7a0e2f2cd2f4c239536
5784b258eb8aed35876e541eb1cca1ea5a38b6f4dd9255182ded4a6f35d74436

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 21:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zcode12.me/?ze=grstanjtgu5ha3ddf4ztgobr

185.177.93.30

200 OK

60 kB

URL GET HTTP/2
zcode12.me/?ze=grstanjtgu5ha3ddf4ztgobr
IP
185.177.93.30:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerLet's Encrypt
Subjectzpgetcode12.com
Fingerprint5F:99:7D:06:EF:A3:4B:DF:58:6F:FA:B2:67:8F:88:83:2B:3A:45:F9
ValidityWed, 17 May 2023 02:42:23 GMT - Tue, 15 Aug 2023 02:42:22 GMT

File type
data
Size
60 kB (60342 bytes)
Hash
9b4705f3126733b36c5e67811996194d
d0755f09aafb34cc61f9774aac0de6f52607e78a
f5fe37ab80b04ce72d3b05ca2231336d5b1b3565aff64ee2ec793587c0e6bb76

HTTP Headers

GET /?ze=grstanjtgu5ha3ddf4ztgobr HTTP/1.1
Host: zcode12.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 21:16:35 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=caf20503-98fd-4009-9905-a6bbf8731604; expires=Tue, 20-Jun-2023 21:16:35 GMT; Max-Age=2592000; path=/; SameSite=None; domain=zcode12.me; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

s4.ucoz.net/adv/dummy/000/img/bg.gif

193.109.247.239

200 OK

1.3 kB

URL GET HTTP/1.1
s4.ucoz.net/adv/dummy/000/img/bg.gif
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH
Certificate
IssuerGoGetSSL
Subject*.ucoz.net
Fingerprint9C:9F:0E:28:57:CD:A6:DE:BC:89:EA:60:7A:68:97:BB:58:9F:C1:4A
ValidityWed, 15 Mar 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 485 x 3\012- data
Size
1.3 kB (1268 bytes)
Hash
b19967d808ed7c42b41316d6c8474f55
18d80748bd4041b13a3373a429281ec65347a0e2
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50

HTTP Headers

GET /adv/dummy/000/img/bg.gif HTTP/1.1
Host: s4.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s4.ucoz.net/adv/dummy/000/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:45 GMT
Content-Type: image/gif
Content-Length: 1268
Last-Modified: Tue, 26 Mar 2019 14:28:17 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a3701-4f4"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
834d30ac255a2bf6e40206abe1df62f6
79794a460ef16547837ca7a0e2f2cd2f4c239536
5784b258eb8aed35876e541eb1cca1ea5a38b6f4dd9255182ded4a6f35d74436

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 21:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/check_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/check_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/check_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/check_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/power_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/power_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/power_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/moderator.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/moderator.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/moderator.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/moderator.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/admin.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/admin.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/admin.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/check_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/check_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/check_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/check_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/power_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/power_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/power_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/moderator.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/moderator.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/moderator.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/moderator.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/admin.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/admin.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/admin.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/check_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/check_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/check_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/check_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/power_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/power_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/power_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/moderator.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/moderator.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/moderator.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/moderator.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/admin.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/admin.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/admin.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/check_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/check_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/check_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/check_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/power_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/power_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/power_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/moderator.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/moderator.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/moderator.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/moderator.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/admin.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/admin.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/admin.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/check_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/check_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/check_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/check_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/power_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/power_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/power_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/moderator.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/moderator.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/moderator.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/moderator.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/admin.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/admin.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/admin.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/check_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/check_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/check_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/check_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/power_user.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/power_user.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/power_user.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/moderator.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/moderator.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/moderator.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/moderator.gif
X-Frame-Options: SAMEORIGIN

tk3.ucoz.ru/status/admin.gif

195.216.243.102

301 Moved Permanently

178 B

URL GET HTTP/1.1
tk3.ucoz.ru/status/admin.gif
IP
195.216.243.102:443
ASN
#57724 Ddos-guard Ltd

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 21 May 2023 21:16:44 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://tk3.ucoz.ru/status/admin.gif
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 21:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tk3.clan.su/favicon.ico

193.109.247.239

200 OK

3.3 kB

URL GET HTTP/1.1
tk3.clan.su/favicon.ico
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 24 colors, 24 bits/pixel\012- data
Size
3.3 kB (3262 bytes)
Hash
2a6628d3a0f47ecf699cd1f61a103699
892810686f1fe3a4d4d8d8bcbfe2160e095d5e6e
c99515dd7166fac9ec039b84803350534802c97182009b719a8a40b91655ac9c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/forum/10-111-2
Cookie: 6tk3pushi=1; ucvid=j80M13qv3h
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:45 GMT
Content-Type: image/x-icon
Content-Length: 3262
Last-Modified: Mon, 08 Sep 2008 13:20:41 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "48c526a9-cbe"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ru.js

142.250.74.35

200 OK

171 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ru.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (771)
Size
171 kB (170778 bytes)
Hash
5ee55e4774f7047ff36c50d754de7a45
5706760775775aca8883b7e4fef43105b58a1b34
50be60d04fa931d5b28c8e0866e64c44a7ffe724c8874fe70236528be43ca213

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tk3.clan.su
DNT: 1
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 170778
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 21:25:13 GMT
expires: Sun, 19 May 2024 21:25:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 85882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 21:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH

193.109.247.239

200 OK

800 B

URL GET HTTP/1.1
tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Requested by
https://tk3.clan.su/forum/10-111-2#585
Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
800 B (800 bytes)
Hash
b8c973af0a70adf8fd0b6f2964067e39
832abb721b2c4a20f1be24b2bfde41f56864338d
9d46098c8046a24fe6136cd1fbf3b5754516ad2ccf5a398431f038bd8ee8ae61

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip

tk3.clan.su/forum/10-111-2

193.109.247.239

200 OK

109 kB

URL User Request GET HTTP/1.1
tk3.clan.su/forum/10-111-2
IP
193.109.247.239:443
ASN
#204343 Compubyte Limited

Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
Fingerprint34:37:A9:45:84:C8:78:DA:5C:95:B0:2D:A9:B2:C5:F3:74:6E:C7:01
ValidityThu, 01 Sep 2022 15:46:56 GMT - Tue, 03 Oct 2023 15:46:55 GMT

File type

Size
109 kB (108662 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /forum/10-111-2 HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 21:16:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 6tk3uCoz=; path=/; expires=Fri, 21-May-2021 21:16:43 GMT; Secure; HttpOnly; domain=.tk3.clan.su
6tk3uzfss=lt%3D1684703803%2Cpst%3D1684685803; path=/forum; expires=Mon, 20-May-2024 21:16:43 GMT; Secure; domain=.tk3.clan.su
6tk3f0=; path=/forum; expires=Mon, 20-May-2024 21:16:43 GMT; Secure; domain=.tk3.clan.su
6tk3pushi=1; path=/; expires=Mon, 22-May-2023 20:16:43 GMT; Secure
Pragma: no-cache
Vary: host
Last-Modified: Sun, 21 May 2023 21:14:05 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip

tk3.ucoz.lv/userbar/errorrbar.gif

0.0.0.0

0 B

URL GET
tk3.ucoz.lv/userbar/errorrbar.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://tk3.clan.su/forum/10-111-2#585

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbar/errorrbar.gif HTTP/1.1
Host: tk3.ucoz.lv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cs.cavis.ru/clcik.png

0.0.0.0

0 B

URL GET
cs.cavis.ru/clcik.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://tk3.clan.su/forum/10-111-2#585

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /clcik.png HTTP/1.1
Host: cs.cavis.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff

142.250.74.97

200 OK

60 kB

URL GET HTTP/2
themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://tk3.clan.su/?4%3BVuCWgf0cTCWsV7W3ZAQi%5EK1zXqAiq%3BCJ9snLCr7nnYXceXPpGLJ3BVrYGGAX3nOznOSDp6%3ByW0NvSaPNpH
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint49:A1:78:AA:CC:58:2A:18:8D:75:CC:D3:F4:F7:DD:A5:5D:58:B0:B1
ValidityMon, 24 Apr 2023 12:00:35 GMT - Mon, 17 Jul 2023 12:00:34 GMT

File type
Web Open Font Format, TrueType, length 60332, version 1.1\012- data
Size
60 kB (60332 bytes)
Hash
0d6d6ae28614efe13ec053eaeef473c1
20cd1c419ba0763bb4bbb1435bc0aed00452af2e
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1

HTTP Headers

GET /static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tk3.clan.su
DNT: 1
Connection: keep-alive
Referer: https://s4.ucoz.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
timing-allow-origin: *
content-length: 60332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 21:21:24 GMT
expires: Sun, 19 May 2024 21:21:24 GMT
cache-control: public, max-age=31536000
age: 86111
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: font/woff
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i031.radikal.ru/0806/20/826f50f28369.jpg

0.0.0.0

0 B

URL GET
i031.radikal.ru/0806/20/826f50f28369.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://tk3.clan.su/forum/10-111-2#585

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0806/20/826f50f28369.jpg HTTP/1.1
Host: i031.radikal.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

ucoz.bot.nu/force/admin/foxly2.gif

0.0.0.0

0 B

URL GET
ucoz.bot.nu/force/admin/foxly2.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://tk3.clan.su/forum/10-111-2#585

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /force/admin/foxly2.gif HTTP/1.1
Host: ucoz.bot.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by