GET saint2.su/embed/fZfZicAe2Ba
200 OK 7.1 kB URL User Request GET HTTP/1.1 saint2.su/embed/fZfZicAe2Ba
IP
Certificate IssuerLet's Encrypt
Subjectsaint2.su
FingerprintD8:91:2E:43:4A:2A:D0:43:F7:AC:98:03:5C:7B:C0:39:0E:78:3B:E1
ValidityFri, 05 Apr 2024 13:19:55 GMT - Thu, 04 Jul 2024 13:19:54 GMT
File type HTML document, ASCII text, with very long lines (12263)
Hash 7bf164404a32ce3cd1132fbd6b91526a
266538ce75c15394616015aa79eac32f00c60910
040210b8556c4badd1e505be6f0bb3e2618b9a9049334e40c4aaddf9341b9766
GET /embed/fZfZicAe2Ba HTTP/1.1
Host: saint2.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 May 2024 19:05:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=jcvetehvh96hijnsl2mqdop4s6; path=/; domain=.saint2.su
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Encoding: gzip
GET saint2.su/css/player-additional.css
200 OK 1.8 kB URL GET HTTP/1.1 saint2.su/css/player-additional.css
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerLet's Encrypt
Subjectsaint2.su
FingerprintD8:91:2E:43:4A:2A:D0:43:F7:AC:98:03:5C:7B:C0:39:0E:78:3B:E1
ValidityFri, 05 Apr 2024 13:19:55 GMT - Thu, 04 Jul 2024 13:19:54 GMT
Hash e194d3d68856c327660b808aec8a951b
110cac6be49b37530e50f74076b7042d6b75fefb
4bb8e34961f5716ecb8cf3e95e6473c4066bdfde2e05e72e5a1f6312ba480120
GET /css/player-additional.css HTTP/1.1
Host: saint2.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/embed/fZfZicAe2Ba
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=jcvetehvh96hijnsl2mqdop4s6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 May 2024 19:05:05 GMT
Content-Type: text/css
Last-Modified: Fri, 19 Apr 2024 17:02:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6622a397-19c7"
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Encoding: gzip
GET cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.1/jquery.cookie.js
200 OK 789 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.1/jquery.cookie.js
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text
Hash 86bfb3ae149e79524eafbcd1cd0a613a
4c7b840648637688378d746f24037cfdc7a5d2d0
5f8d4cdb53aa201c8dd93712d1342157480d75d03859ea50656ab9ab3d298d30
GET /ajax/libs/jquery-cookie/1.3.1/jquery.cookie.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://saint2.su
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 19:05:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 789
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-85e"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 81121
expires: Tue, 22 Apr 2025 19:05:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eU2c2%2Bqxxj1pT5Ta2CNBIEMuO5hgA85Rx%2BM8%2B1JLvh3riCykb2nu6FyxhACljKM4bMWcHATboyJNqbuKvqy%2BnLPnTP7Bk%2BfnUJmrir05MCQRAuv%2BgmzDymLqqy8IabYbKm9Dna%2Bt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87da47e26f89b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.js
200 OK 70 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.js
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text
Hash 2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://saint2.su
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 19:05:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 70371
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-46744"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 78491
expires: Tue, 22 Apr 2025 19:05:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35dxGMwIBEG0ZukP%2FnjKjwkKv1%2Btwg9uzWghxrWLa4VNzB%2FgsCbtH9beaRjY87kMSZgvV9dMqkibjcQkGjTf%2BmwQJiUVujalhTwr8YIHXCSEU4N%2FKJj01SzJs0teN6LO7khsAL2q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87da47e26f9cb523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET fonts.bunny.net/rubik/files/rubik-latin-500-normal.woff2
200 OK 18 kB URL GET HTTP/2 fonts.bunny.net/rubik/files/rubik-latin-500-normal.woff2
IP
ASN #34989 ServeTheWorld AS
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerLet's Encrypt
Subjectfonts.bunny.net
FingerprintCB:89:86:8E:6D:0A:E5:60:AF:D4:50:FD:A4:62:99:B4:6C:13:A7:1F
ValidityTue, 09 Apr 2024 10:09:28 GMT - Mon, 08 Jul 2024 10:09:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 18264, version 1.0
Hash 523db333665c3c4bfa066cd376a93065
6f857ba7e2b0feecaac1606886174a971ea1d5ce
e2ab9c14e82fc81f6a00ac2fd51038c8613ae1b29c9cc67205c6dd7bde44761a
GET /rubik/files/rubik-latin-500-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://saint2.su
DNT: 1
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 19:05:06 GMT
content-type: font/woff2
content-length: 18264
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "64a64285-4758"
last-modified: Thu, 06 Jul 2023 04:26:45 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 20:02:29
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 45f73ea909b88790dd224b65650ba082
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET saint2.su/assets/saintLogo.png
200 OK 41 kB URL GET HTTP/1.1 saint2.su/assets/saintLogo.png
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerLet's Encrypt
Subjectsaint2.su
FingerprintD8:91:2E:43:4A:2A:D0:43:F7:AC:98:03:5C:7B:C0:39:0E:78:3B:E1
ValidityFri, 05 Apr 2024 13:19:55 GMT - Thu, 04 Jul 2024 13:19:54 GMT
File type PNG image data, 1842 x 1228, 8-bit/color RGBA, non-interlaced
Hash 9f0dabe61af44e2f7b87d49e4e7ee074
46909887ab5efbaeab1319273ae8adf79548cfa0
876e378d0fd81a2398b7634a828c983d334c578ece02066a8c14cbe24c5c687c
GET /assets/saintLogo.png HTTP/1.1
Host: saint2.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/embed/fZfZicAe2Ba
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=jcvetehvh96hijnsl2mqdop4s6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 May 2024 19:05:06 GMT
Content-Type: image/png
Content-Length: 41139
Last-Modified: Sat, 30 Apr 2022 21:33:16 GMT
Connection: keep-alive
ETag: "626dab1c-a0b3"
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Accept-Ranges: bytes
POST 68aq8q352.com/solid.gif?z=2021529&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334497703312384&eclog=0&im=1
200 OK 43 B URL POST HTTP/2 68aq8q352.com/solid.gif?z=2021529&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334497703312384&eclog=0&im=1
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint0C:9E:BB:D9:DA:B8:74:37:CB:65:CD:13:B0:1B:DD:DF:B2:8F:61:74
ValiditySat, 27 Apr 2024 13:01:17 GMT - Wed, 23 Oct 2024 21:59:00 GMT
File type GIF image data, version 89a, 1 x 1
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /solid.gif?z=2021529&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334497703312384&eclog=0&im=1 HTTP/1.1
Host: 68aq8q352.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/
Origin: https://saint2.su
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 19:05:06 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Thu, 05 Jun 2025 19:05:06 GMT; Secure; SameSite=None
UID=24050214058e5ad0176ae7446e94b2889a34; Path=/; Expires=Thu, 05 Jun 2025 19:05:06 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET thumbs-saint-to.bunkr.ru/thumbs/65e51bf47c08f-1709513716.jpg
200 OK 63 kB URL GET HTTP/2 thumbs-saint-to.bunkr.ru/thumbs/65e51bf47c08f-1709513716.jpg
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerGoogle Trust Services LLC
Subjectbunkr.ru
Fingerprint14:E8:5E:C2:5B:67:AF:C8:D0:4E:27:13:A1:54:DB:F6:64:17:7D:CB
ValiditySat, 23 Mar 2024 01:42:53 GMT - Fri, 21 Jun 2024 01:42:52 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1920, components 3
Hash 720fb4ca9d77a49ff4fdbf5c0dcea38f
3e3339a920320d59e0c5dac1ad38aec43e291555
c040c8c9f0ced3c9af219771581f89933aee54fc13de2bf276479e0038eb81ff
GET /thumbs/65e51bf47c08f-1709513716.jpg HTTP/1.1
Host: thumbs-saint-to.bunkr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 19:05:06 GMT
content-type: image/jpeg
content-length: 63282
access-control-allow-headers: *
access-control-allow-origin: *, *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=65287
etag: "65e51bf8-ff07"
expires: Mon, 13 May 2024 02:28:07 GMT
last-modified: Mon, 04 Mar 2024 00:55:20 GMT
referrer-policy: strict-origin-when-cross-origin
x-cached-at: Mon, 04 Mar 2024 00:56:22 GMT
x-config: /watch/
x-content-type-options: nosniff
x-proxy-cache: MISS
cf-cache-status: HIT
age: 95124
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87da47e60a5092cd-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET saint2.su/icons/apple-touch-icon.png
200 OK 19 kB URL GET HTTP/1.1 saint2.su/icons/apple-touch-icon.png
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerLet's Encrypt
Subjectsaint2.su
FingerprintD8:91:2E:43:4A:2A:D0:43:F7:AC:98:03:5C:7B:C0:39:0E:78:3B:E1
ValidityFri, 05 Apr 2024 13:19:55 GMT - Thu, 04 Jul 2024 13:19:54 GMT
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Hash dbb95acc5a518f4f0cb4ea29a376e64c
6ece49b91bca3f4b890a4d3536b7ea84b07593bc
4f541cb49b8de0d09c94f289d75e32fce004cd6caa74c1d8ef6f618a4caee707
GET /icons/apple-touch-icon.png HTTP/1.1
Host: saint2.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/embed/fZfZicAe2Ba
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=jcvetehvh96hijnsl2mqdop4s6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 May 2024 19:05:06 GMT
Content-Type: image/png
Content-Length: 19089
Last-Modified: Sun, 29 May 2022 00:01:46 GMT
Connection: keep-alive
ETag: "6292b7ea-4a91"
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Accept-Ranges: bytes
GET 68aq8q352.com/get/2021529?zoneid=2021529&jp=_cld6j07zoopl6m9odx402x&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334497703312384&eclog=0&im=1&uf=0
200 OK 2.2 kB URL GET HTTP/2 68aq8q352.com/get/2021529?zoneid=2021529&jp=_cld6j07zoopl6m9odx402x&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334497703312384&eclog=0&im=1&uf=0
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint0C:9E:BB:D9:DA:B8:74:37:CB:65:CD:13:B0:1B:DD:DF:B2:8F:61:74
ValiditySat, 27 Apr 2024 13:01:17 GMT - Wed, 23 Oct 2024 21:59:00 GMT
File type gzip compressed data, from Unix
Hash 585c5263986de3a2024d8a6809ca9ecf
36ce3ba8afce7675f925aab3dd9a54223b65ed57
5659ce369d24334105866ca0b995f2288459657168bd215ec441fa67b9463ea5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /get/2021529?zoneid=2021529&jp=_cld6j07zoopl6m9odx402x&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334497703312384&eclog=0&im=1&uf=0 HTTP/1.1
Host: 68aq8q352.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 19:05:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Thu, 05 Jun 2025 19:05:06 GMT; Secure; SameSite=None
UID=2405021405a91dfe4c1b394710bf0c455ff7; Path=/; Expires=Thu, 05 Jun 2025 19:05:06 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET cdn.plyr.io/3.7.8/plyr.js
200 OK 34 kB URL GET HTTP/2 cdn.plyr.io/3.7.8/plyr.js
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerCloudflare, Inc.
Subjectcdn.plyr.io
Fingerprint82:12:FB:B3:64:22:F5:22:7D:BA:01:9C:97:81:CF:4F:55:01:08:95
ValidityMon, 11 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 937aa0b508e5b8c675ccc9e44c1158af
ab39c0e9b0ab16e21b410d0ae43a6756c741c0ba
4bdc4c42a18797aaabe38f455613328f0b27fc5279a907b0fac82c6ab2bcc67a
GET /3.7.8/plyr.js HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 19:05:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-bgj: minify
cf-polished: origSize=113183
etag: W/"714122a0383a143c50c9629e2bcb7e1f"
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 182840
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DU%2BFu5W5bLVEr2NE6y7eeXiIA%2FBu4to7NhKmxv4Hc4em6N42kwxnAuJ1kn2OQrSP%2FWL34W8BmFoMVaEBMDmf3ZxswfGnbSTNo40MOIL8ofimgs2%2BoS4k2dxvv4j8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87da47e28d1956b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.plyr.io/3.7.8/plyr.css
200 OK 32 kB URL GET HTTP/2 cdn.plyr.io/3.7.8/plyr.css
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerCloudflare, Inc.
Subjectcdn.plyr.io
Fingerprint82:12:FB:B3:64:22:F5:22:7D:BA:01:9C:97:81:CF:4F:55:01:08:95
ValidityMon, 11 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /3.7.8/plyr.css HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 19:05:05 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-bgj: minify
cf-polished: origSize=32564
etag: W/"411acf0fd5fe4d42c580db72f82077fd"
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 174398
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0EcdOl1aVYZd8xZENIthWJm3kl0mUm%2BC8kF2Uo4RnNAa2yijFmjDt4zKwtOdAP5r4pSU%2Fk6cvmc1kOJ9pTQZaElAJSzC0e79OluISg73NAWDBPO99JYn6GaK2ke"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87da47e27d0556b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.plyr.io/3.7.8/plyr.svg
200 OK 5.8 kB URL GET HTTP/2 cdn.plyr.io/3.7.8/plyr.svg
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerCloudflare, Inc.
Subjectcdn.plyr.io
Fingerprint82:12:FB:B3:64:22:F5:22:7D:BA:01:9C:97:81:CF:4F:55:01:08:95
ValidityMon, 11 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 0515cfb132a7e4e063467814f50e32c4
2d89955170c71b3c1678526168318edd55e16996
f5322aaaaa48e83be4443010300845989622757a8b98ccab908f1e650171e4e2
GET /3.7.8/plyr.svg HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/
Origin: https://saint2.su
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 19:05:06 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 168759
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKx4ExPRK48U68oWN%2FrPIrjT9xcfYz3HhOVd%2B8rZtTttaJFGigRUwEfJp9OqhojD7dIuRt9h0LcJrVYtEDv4h1QjrjasOtBYLV1SdzUPP%2B9M5tWDZVrsDm2N3Dgf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87da47e4885656b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET saint2.su/icons/favicon-16x16.png
200 OK 610 B URL GET HTTP/1.1 saint2.su/icons/favicon-16x16.png
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerLet's Encrypt
Subjectsaint2.su
FingerprintD8:91:2E:43:4A:2A:D0:43:F7:AC:98:03:5C:7B:C0:39:0E:78:3B:E1
ValidityFri, 05 Apr 2024 13:19:55 GMT - Thu, 04 Jul 2024 13:19:54 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Hash 4ef8321dcb1532430b28ca92ee1484d0
59268b58e87b9b50d36d9f389c47e8aca5e3be38
e3f9335cb577f4989998a20171ea8af2d2eac5f23603b0523a291ed49eaf47ab
GET /icons/favicon-16x16.png HTTP/1.1
Host: saint2.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/embed/fZfZicAe2Ba
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=jcvetehvh96hijnsl2mqdop4s6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 May 2024 19:05:06 GMT
Content-Type: image/png
Content-Length: 610
Last-Modified: Sun, 29 May 2022 00:01:46 GMT
Connection: keep-alive
ETag: "6292b7ea-262"
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Accept-Ranges: bytes
GET fonts.bunny.net/css?family=rubik:500
200 OK 2.1 kB URL GET HTTP/2 fonts.bunny.net/css?family=rubik:500
IP
ASN #34989 ServeTheWorld AS
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerLet's Encrypt
Subjectfonts.bunny.net
FingerprintCB:89:86:8E:6D:0A:E5:60:AF:D4:50:FD:A4:62:99:B4:6C:13:A7:1F
ValidityTue, 09 Apr 2024 10:09:28 GMT - Mon, 08 Jul 2024 10:09:27 GMT
File type ASCII text, with very long lines (2157), with no line terminators
Hash 21186584d76b3f07f9229759f86ea827
81ed815ff5a5b4ba0ac3d3d8ce6a771c46b19a88
81ca7c180f56219037333f77ae4ff1398c616477b11c9990d3680cd5e8a4fca0
GET /css?family=rubik:500 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 19:05:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Tue, 23 Apr 2024 18:47:56 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/23/2024 18:47:56
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1b14d414a96dc6dea8f813fb829fc8cb
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
GET 68aq8q352.com/aas/r45d/vki/2021529/8dbd2c8c.js
200 OK 106 kB URL GET HTTP/2 68aq8q352.com/aas/r45d/vki/2021529/8dbd2c8c.js
IP
Requested by https://saint2.su/embed/fZfZicAe2Ba
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint0C:9E:BB:D9:DA:B8:74:37:CB:65:CD:13:B0:1B:DD:DF:B2:8F:61:74
ValiditySat, 27 Apr 2024 13:01:17 GMT - Wed, 23 Oct 2024 21:59:00 GMT
File type JavaScript source, ASCII text, with very long lines (65106)
Size 106 kB (106460 bytes)
Hash 29fb8e7b0a97af3f20138643f135599b
551b9250615cb2cd19f223425e26af66fb900916
d6cd233b92dbeccac8e0cf8606a5b2f7d123e9fcb7222dc56191991a61dfac83
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /aas/r45d/vki/2021529/8dbd2c8c.js HTTP/1.1
Host: 68aq8q352.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://saint2.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 19:05:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
91.149.226.78
104.17.25.14
194.242.11.186
212.117.190.210