Report - tg2.leetgems.h1n.ru/

Report Overview

Submitted URL
tg2.leetgems.h1n.ru/
IP
81.90.181.60
ASN
#50340 OOO Network of data-centers Selectel
Submitted
2024-05-07 18:00:00
Access
public
Website Title
Telegram
Final URL
tg2.leetgems.h1n.ru/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
linkslot.pro	unknown	2015-09-02	2016-01-01	2024-02-22	1.3 kB	310 kB	172.67.179.242
linkslot.link	unknown	2024-03-06	2024-03-06	2024-03-09	840 B	28 kB	172.67.160.247
webtrafic.ru	336414	2020-09-01	2020-09-01	2024-02-13	8.2 kB	598 kB	104.21.68.251
1rash.ru	unknown	2019-05-26	2019-06-10	2023-09-15	13 kB	42 kB	89.208.145.166
unitraffic.net	unknown	2022-04-13	2022-04-16	2024-04-09	847 B	7.0 kB	85.208.187.144
payeer.com	132117	2012-07-17	2014-10-07	2024-02-26	2.1 kB	16 kB	149.202.17.208
rekizar.com	unknown	unknown	No data	No data	862 B	24 kB	104.21.88.72
translate.googleapis.com	1005	2005-01-25	2012-05-31	2024-05-07	1.7 kB	74 kB	142.250.74.10
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	449 B	4.2 kB	216.58.207.227
tg2.leetgems.h1n.ru	unknown	unknown	No data	No data	2.7 kB	2.6 MB	81.90.181.60
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-07	1.1 kB	7.3 kB	142.250.74.131
informer.yandex.ru	54908	1997-09-23	2015-07-19	2024-05-06	462 B	1.8 kB	93.158.134.119
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04	2024-05-06	526 B	2.2 kB	142.250.74.10
translate.google.com	1156	1997-09-15	2012-05-30	2024-05-06	911 B	92 kB	216.58.211.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-06	424 B	1.8 kB	151.101.129.229
neon.today	175799	2017-08-10	2017-08-17	2024-03-28	984 B	20 kB	213.183.48.30

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	tg2.leetgems.h1n.ru/	Telegram
2024-05-07	medium	tg2.leetgems.h1n.ru/	Telegram
2024-05-07	medium	tg2.leetgems.h1n.ru/	Telegram
2024-05-07	medium	tg2.leetgems.h1n.ru/	Telegram
2024-05-07	medium	tg2.leetgems.h1n.ru/	Telegram
2024-05-07	medium	tg2.leetgems.h1n.ru/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (59)

	URL	Size	First Seen	Last Seen
	webtrafic.ru/ads.php?uid=8247	1.2 kB	2024-04-26	2024-05-13
Pretty URL webtrafic.ru/ads.php?uid=8247 IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:17:52 Last Seen2024-05-13 07:25:40 Times Seen13 Hash 4897fb8003e87f672918587e3f7fe44b 25df6bb29f6e7059635726a51134dfcefc9e98f3 c086b674db664b99c87a3f52edefedc2d43b83bd1bb42b308353884401e18afa Loading...

	unitraffic.net/banner.php?user=2718	1.6 kB	2024-04-07	2024-05-13
Pretty URL unitraffic.net/banner.php?user=2718 IP 85.208.187.144 ASN #204601 Zomro B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-07 06:38:01 Last Seen2024-05-13 07:25:40 Times Seen24 Hash 30dfa3e94d434603dab6eabfd975493a 83392bcb475e598afd467327fd5832d665e3e515 32f62215553a5471236cc7af22c30c2a5f5ac00db3fbf4ea0a60c25a310142d5 Loading...

	webtrafic.ru/_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=BgM/d=1/rs=AN8SPfq2MBDiRXuz8tld5nyNDZURqMvV2w/m=el_conf	89 kB	2024-05-07	2024-05-07
Pretty URL webtrafic.ru/_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=BgM/d=1/rs=AN8SPfq2MBDiRXuz8tld5nyNDZURqMvV2w/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:09 Times Seen2 Hash 96416b7597b2e0bd02301cdb9c9f595b 052cc7f7db836e14e20e024a83308444667c1c89 cdff82a6d53016e070641093115828bef252402da4167e428aeaca3741245b33 Loading...

	webtrafic.ru/	31 B	2023-10-27	2024-05-13
Pretty URL webtrafic.ru/ IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 20:05:53 Last Seen2024-05-13 07:25:39 Times Seen18 Hash 67a8c744a44f48b0cc69093ed229e333 0aaf66c16454ac2f6d2d0e5cb5bb089f9c7d1c48 2aa4b93c47e657fba68f6590cf6ac0e261450c54d1b1b751ec255a8add5560b9 Loading...

	linkslot.pro/bancode.php?id=1	2.7 kB	2024-05-07	2024-05-07
Pretty URL linkslot.pro/bancode.php?id=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash bc970f5757368b2a1e919fb3defa06fb 3e0e4e42db1ca2f768680f6bc7a2a6169758b232 307b0b0a6aa0ca9c121b4342d1f5a70e72fbb50ae999d5753fba6b4840fc1e03 Loading...

	linkslot.link/bancode_new.php?id=358863	6.8 kB	2024-04-07	2024-05-08
Pretty URL linkslot.link/bancode_new.php?id=358863 IP 172.67.160.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-07 07:22:01 Last Seen2024-05-08 18:38:39 Times Seen5 Hash 3460e0a932fd05f83ef873bbd8a6b94f 007a71c1dc6464ec21b1947bdb445adf09abf387 93215203e54bb5d76017b865cbfec239116d7b5c2c451ba8ccb46efa5d5bb941 Loading...

	tg2.leetgems.h1n.ru/	24 B	2024-04-07	2024-05-13
Pretty URL tg2.leetgems.h1n.ru/ IP 81.90.181.60 ASN #50340 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-07 06:38:01 Last Seen2024-05-13 07:25:39 Times Seen12 Hash 60230aae070e5df9f2df03d2d12813cd b772ee21a38890648826ee3a2ea1bf514c486cb4 bf58c12f5745285d986dbb544c70b00a852369c14ba1434c675fe08524e5c662 Loading...

	webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js	35 kB	2023-10-27	2024-05-13
Pretty URL webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-27 20:05:53 Last Seen2024-05-13 07:25:39 Times Seen23 Hash b7006bac1eeccbe0ec299a000b74ca6c 31ff92b3182dd07c596865a5f1921ba986534c58 431f76135cb011943b3db7812ae22ac8c4d469626ed7930829738f775bae4087 Loading...

	webtrafic.ru/	31 B	2023-10-27	2024-05-13
Pretty URL webtrafic.ru/ IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 20:05:53 Last Seen2024-05-13 07:25:39 Times Seen18 Hash 845d738167249ba64cdd0a16c1c3cee8 f395bd091bd3ec77005333406d938818c4af0eef 7b96d45981d628780fb1d4ab28152c9163494fa3de2879ee865ff31cd0d868e3 Loading...

	unknown	9 B	2023-03-07	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-19 17:10:37 Times Seen16771 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

	tg2.leetgems.h1n.ru/	0 B	2023-03-07	2024-05-19
Pretty URL tg2.leetgems.h1n.ru/ IP 81.90.181.60 ASN #50340 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 17:58:15 Times Seen37836997 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	webtrafic.ru/	42 B	2023-10-27	2024-05-13
Pretty URL webtrafic.ru/ IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 20:05:53 Last Seen2024-05-13 07:25:39 Times Seen17 Hash e62cbb0165fffa03a5fcb4b9dafe7a49 ccb398093c462746cb2795fb3d0ca630c853a701 7ba9426262deec9cce9934f26648b23d653f3a1d786268a5ff873122da47b385 Loading...

	webtrafic.ru/	1.7 kB	2023-10-27	2024-05-13
Pretty URL webtrafic.ru/ IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 20:05:53 Last Seen2024-05-13 07:25:39 Times Seen17 Hash 68c5191cf1dfcd866d6ee19463cbb0df 3db6e711a08e6d3214b0d2dba61aba1b9c2d3452 5b05bd63d422fbbfc4f730622804e9263ecd9b017b5f35d6e0dbe2e93913b368 Loading...

	1rash.ru/q/bsk.php	2.8 kB	2024-05-07	2024-05-07
Pretty URL 1rash.ru/q/bsk.php IP 89.208.145.166 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash e709d25c4f1f37d572bc4e0cfd7bf82a 9fe9e5ebd54165dd3e7fa4292bcc0b50397f2d90 f63814ca4a206f5719097ca3a93bb36f7e042d2cc21ee9510b7447e61a696ca3 Loading...

	cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js	2.0 kB	2023-03-07	2024-05-19
Pretty URL cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:43 Last Seen2024-05-19 00:53:59 Times Seen4080 Hash 45f12de4d7b95a193ecdc5cfde664bb9 ee9541cf1a95d2a885f8b143a105caaa08ca9c9d 39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b Loading...

	webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js	81 kB	2023-03-08	2024-05-13
Pretty URL webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:34:53 Last Seen2024-05-13 07:25:40 Times Seen37 Hash 070da11284349ddb4498fa8c51e1e103 e5d71d44333fd20376909a4b7b12a9201108d59a 4139a3b34657fa34eb91cdaf03375da63742bcefb317aa3f585cc3b2737d8220 Loading...

	webtrafic.ru/js/socket.io.min.js	64 kB	2023-10-27	2024-05-13
Pretty URL webtrafic.ru/js/socket.io.min.js IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-27 20:05:53 Last Seen2024-05-13 07:25:40 Times Seen32 Hash 63241b78a09366c1220125b1c8a5ff20 91d14b8a343afbb645bcd157200555816519ced3 f01fea38541229b697b158619451884a0b355c477a7da949411f0aa6852fab89 Loading...

	webtrafic.ru/	451 B	2023-10-27	2024-05-13
Pretty URL webtrafic.ru/ IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 20:05:53 Last Seen2024-05-13 07:25:39 Times Seen16 Hash 19f40970247d1f2ae3cd80be5610c744 e6d65ec231ddcc241ce0ee1f74744a26eeaa129c 6a026493e335d68e9e9d4291ed6e4dc3eeb868fe7f7cdfb274222b8617b74aa0 Loading...

	webtrafic.ru/	13 kB	2024-05-07	2024-05-07
Pretty URL webtrafic.ru/ IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash 9ed96747fe31a4c52e090c029116dadb 8f0c20dec4fef888a4e0da717a27034b5a3bd6b5 ae4bb7f4dfee718bd1695a929ea52fa78c9c6cb25c0e433ae44732e0df9b5720 Loading...

	rekizar.com/bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3	428 B	2024-05-07	2024-05-08
Pretty URL rekizar.com/bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-08 18:38:39 Times Seen2 Hash 6334537c9d29056f975a37f8b22f4293 7a8211e977bee06634d49d42ecd99f977c2e2eae d0afff3843bce457f652f3809aa6fb14c17460c5384a3419c3c4d28093f9bd5a Loading...

	tg2.leetgems.h1n.ru/css/detect.js	52 kB	2023-07-02	2024-05-13
Pretty URL tg2.leetgems.h1n.ru/css/detect.js IP 81.90.181.60 ASN #50340 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-02 18:56:09 Last Seen2024-05-13 07:25:39 Times Seen43 Hash 1a6562fb89417e06cc801d5f3c5771c1 4a83ce13216db8f6f792cb312df869685d5ed367 40ccd872ab672d693655c3478e46248417330f584342852d4431ea62fc89e03f Loading...

	webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js	88 kB	2023-03-07	2024-05-18
Pretty URL webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:29 Last Seen2024-05-18 16:35:29 Times Seen424 Hash b4999cbb6a73a9b312f635cff75e5a53 c7b683fc72d06eac129185c3e60362f5c1adc2a8 736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302 Loading...

	webtrafic.ru/	1.6 kB	2024-04-26	2024-05-08
Pretty URL webtrafic.ru/ IP 104.21.68.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 06:17:52 Last Seen2024-05-08 18:38:40 Times Seen3 Hash 545fb217bde57ec66811f569913ffd0e 8b00569b7bc10dbac3793ded12cd0700f4ca1e5f 635765782ddf20d3a6d6d536cf38ab125b18b456373f0afcb19f737d319df276 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main	210 kB	2024-05-06	2024-05-08
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-06 22:25:01 Last Seen2024-05-08 21:06:36 Times Seen71 Hash 9b289af026f3e548d1d06033fa868b46 7916969abb1e3aa9e953f4d7e7cb8ca1380f98f7 dc5d2a255869ad274247f1bb8c353794f470a1fca09d9f8c98968178c5b8a717 Loading...

		Size	First Seen	Last Seen
	#1 Eval - e09f59764dcdd50f38d8949739c7bbe5	22 kB	2023-10-27	2024-05-13
Pretty Observations First Seen2023-10-27 20:05:54 Last Seen2024-05-13 07:25:39 Times Seen18 Hash e09f59764dcdd50f38d8949739c7bbe5 27402b055c87c106fcb6d77bff9ef4fdbfcbdab7 704d1e75d4ac870325d54638dc8b6db915055a34c237c94ec02686d8b956eb6d Loading...

	#2 Eval - ae00fd1f3e34b02376456b9c87a50828	12 kB	2023-10-27	2024-05-13
Pretty Observations First Seen2023-10-27 20:05:54 Last Seen2024-05-13 07:25:39 Times Seen17 Hash ae00fd1f3e34b02376456b9c87a50828 8f53aad2d035bb6e1f2222b4d0e78e2d0dd68e8b 1ed482100ed7e2c1ba475799779ce74fa35021043a61d68cef3ff158ee63599a Loading...

		Size	First Seen	Last Seen
	#1 Write - 91da24a9f2541b541b9dcea3b8e99d27	257 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash 91da24a9f2541b541b9dcea3b8e99d27 5896dae1bcc10432d50cf28d935f4bdc50dbd4c0 74595e0508dcf5a48ab7a5fe7f50e9fb97268ca2c6df10fc258ecf90920692de Loading...

	#2 Write - 7ed277830729068ebc6ae8a598e8be3e	245 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash 7ed277830729068ebc6ae8a598e8be3e ae0f839364541af561f9dc5de6c8b9317655ce1a 29d6e674271806ce444914b2260259414a51c8cf5444b5703d8a046efe4441d0 Loading...

	#3 Write - e053a08fd51e865560e39a533ae7553f	259 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash e053a08fd51e865560e39a533ae7553f bf19cc24e4f9a04f7f5c8ea42a21bcef2fe127e9 ebe4452e8b3e2f0d628b328764036fefed926d1073dd48beb9487e4280d0c70b Loading...

	#4 Write - 8abbf18b005f5c5dc9128e3176207986	255 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash 8abbf18b005f5c5dc9128e3176207986 6ba3744c0d2f5f1e420c42c3e3a0b103a5de7493 895bd30c157635a969f8ca65d6f8b7c43bce002e5605e1083fb1f841d517a737 Loading...

	#5 Write - bea2f8556d963c1c25d1339a9eac475a	248 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash bea2f8556d963c1c25d1339a9eac475a 1eee346215d7014e70043aa7c19bd47fd4cac55f a29f4d3bc2b9b37ee6ff91723735fa4dd8f164a7799304e3028eb0a62ea4e270 Loading...

	#6 Write - c9b00bfcc0409eeab8d341b97c46a427	245 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash c9b00bfcc0409eeab8d341b97c46a427 2391fadaaeec843d0d85a2bd9770744623aca9b9 70f9e31dbd13abb67e603e4f8fc9228ce770751e876befa654933177039a7d51 Loading...

	#7 Write - 7f0b9acd318271d1e888c2c1c3b1ea30	266 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash 7f0b9acd318271d1e888c2c1c3b1ea30 4ee7bf5227dde5824a0c893ea24f063ba4d345bb f510255b3246ca35c184d778dfa5e753009c61e7d7ce1ef24694d29a11bc840c Loading...

	#8 Write - 5ae0c308f8278d140d0738575117cc81	256 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:08 Last Seen2024-05-07 20:00:08 Times Seen1 Hash 5ae0c308f8278d140d0738575117cc81 1b41fbb4b59cb43425271020a414237d549041c2 e43b082e1a7acd1f0e3297e61c927e1827f5d8b28756852f5272d617c7f9fb8c Loading...

	#9 Write - 727895fe9f38aaba4992f99ba7d8a5e3	262 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 727895fe9f38aaba4992f99ba7d8a5e3 73a98519b5a42c915e17723ed5c8c69b4defb959 589284faa0a1c0bd01faf6ba804e12eb037af5e69b39c8ab44915047dff1ada6 Loading...

	#10 Write - 1d9e4c80fa0d866c7d818bf336711e3c	260 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 1d9e4c80fa0d866c7d818bf336711e3c 4409c100f5453b065a95eec819aa93461b879089 a4c956e3daf34e419588009ec38345e3e41d24596018f2f6ff3424809ba97c31 Loading...

	#11 Write - 3459300dfe65ba7fdb2912ae990b9120	253 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 3459300dfe65ba7fdb2912ae990b9120 9b54799603c95a96500b7b46de3eb63314f13c7b 90fce42cb7ff680124397997fa99c08f2247a9cf11787f6c0228f1270566f5ea Loading...

	#12 Write - ad13ea1075afe99fbff5caacd501a798	254 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash ad13ea1075afe99fbff5caacd501a798 da5ed91f2772257ed163abf63b79833bd7c956f5 4945615da664d2625eeabef91242f9444e38cb08c4aed62db182631f1842a438 Loading...

	#13 Write - d94edfee5e5d9d553907de0d997f6f9e	263 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash d94edfee5e5d9d553907de0d997f6f9e 19e34a203f22ecab38c0c122f76f9be0a0861042 95cb516e82aac3575a2861c855117cfe9538852fa7614a64790202603cddd81c Loading...

	#14 Write - cb87704aef14c7e46eb2f35ef3c64a6a	255 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash cb87704aef14c7e46eb2f35ef3c64a6a c8945f223d480efde300cda4c0c1da119d8cbb42 7fdf51de0b62392021dcbf6394c4271c9354fbb826e6faa82a44a2cecf8fdbba Loading...

	#15 Write - 57377bf2f3d00de44b3ab3cecb7e6452	252 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 57377bf2f3d00de44b3ab3cecb7e6452 fcfc87afff1738206ca6830dcfc229c044b23467 22d17522dcee021342fb0bb8ac79cc08bc9f93520c8c738a0a5aedd142d96f30 Loading...

	#16 Write - a16c9600304e9d8ea1a96e46e6dd021d	254 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash a16c9600304e9d8ea1a96e46e6dd021d 6057d7f6601085332ef6a63da8a790cdfc889729 93677c13f68d1910dbfbb7f6bddf0575ca66ca811a51b18ae01f22c9465891d8 Loading...

	#17 Write - 67c616113a1c0071953d33eab3efdeb6	257 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 67c616113a1c0071953d33eab3efdeb6 3b6d34986a87ac1706a7646c795057705df3f2fa 98d6736844b49250fecbea661969363d2b57ed7a0b5ced79730bf4761cc7928e Loading...

	#18 Write - b09dbb9813d463c8a7494088c9db85bf	258 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash b09dbb9813d463c8a7494088c9db85bf 85c43d3b54344563b831bd04b207db2da8d8b726 5547038d7919fe4063c2e7c572b94a9e9fdd685c897d2272e0f92dd5e77c68a1 Loading...

	#19 Write - 04338299f8c00786852ce3c3c8e1e410	3.0 kB	2024-05-07	2024-05-19
Pretty Observations First Seen2024-05-07 06:58:15 Last Seen2024-05-19 00:10:13 Times Seen32 Hash 04338299f8c00786852ce3c3c8e1e410 52488622942803eeb1503110bfb14cddd1f1aee5 e95ce65661764c0001e4de2c19c2e818f540d1194dcac3849d11cf5c5bbf5e85 Loading...

	#20 Write - d7da72b3b621e8c8004e9e2922ae5f9c	31 B	2024-01-18	2024-05-13
Pretty Observations First Seen2024-01-18 03:40:10 Last Seen2024-05-13 07:25:39 Times Seen14 Hash d7da72b3b621e8c8004e9e2922ae5f9c abf5e54670961afd676614d2f70ab25277c337bb 04ca30aed4a13f9510c793722fa018091cb547aceb1363e1679de9abb1c76ee1 Loading...

	#21 Write - 9f17adc2d4853be8dc23a965d0b8a019	251 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 9f17adc2d4853be8dc23a965d0b8a019 373759a0c3ab7b9b49f5b88b41fdfde116688cb9 6b027c9de865dec3f8f8fa071fd1c61e3b2bbe6fef115b25321bccc411516515 Loading...

	#22 Write - 85292b6a21dc8d7f06e2342b44805bd7	264 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 85292b6a21dc8d7f06e2342b44805bd7 cd64fdcafe1ca348d1176942126c59b394e6a564 a356a9618d1789150868c23c04624abd769688b8d15765ea20291d2b1ddb2009 Loading...

	#23 Write - 718f08b52c3210b4dc97da31659f8046	253 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 718f08b52c3210b4dc97da31659f8046 25d76bed6e702fc02bf3e166065361e1a72ba261 d8aa92d06db220eff8599178152f1eff8b83a126647da0afc630f972fd86345e Loading...

	#24 Write - 063bb4e19272fcc826cc02e2a1c66ebd	263 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 063bb4e19272fcc826cc02e2a1c66ebd 7e6525957a25647ade47e58f1644668367b6e46a 25a98a16c60c4fcfaa4bcb91a6433fd8d807339eeecca80ce4c6dd962a9bf0a8 Loading...

	#25 Write - 27e17c90648b417e9b2259674bb4ccfc	259 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 27e17c90648b417e9b2259674bb4ccfc 397dfc8bee812433e87165986e7685b192d30d28 36cfe5002b92985069ca1b6f7d3b5ee829e9d340fb7f9f91434044dcabb12307 Loading...

	#26 Write - e0f21173c96e86caf83fb06f8691443e	258 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash e0f21173c96e86caf83fb06f8691443e 80438bbff98aefe4b8861c6111b7c58bc9ec3ac5 0301d098d7d7e6b9517cd4be950281775f03aa278b7759cc9021cff3af999b3e Loading...

	#27 Write - cc2a59c0bc4c7fdc2551d57084f71d0e	255 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash cc2a59c0bc4c7fdc2551d57084f71d0e 288de0e24e45d3612969a6204a355a84834035ae b42b96c2d8275c5ed4aa9774ad1d05c70935a12282bb3dfe9352d85f4356b81c Loading...

	#28 Write - fa660a8ad505547640133768f2877788	8 B	2023-03-07	2024-05-18
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-18 23:48:16 Times Seen3756 Hash fa660a8ad505547640133768f2877788 cdf4bf8f51f450a842d85ab41a089e05a2e12f73 1fe76d6f9e6bcb754dd822ef01eb6e76013d2029d841d52b6a52c7b88a8c7593 Loading...

	#29 Write - b513ba8fb50cd51ec70f95558dcf3998	251 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash b513ba8fb50cd51ec70f95558dcf3998 b4cd682d6914709a5bb7cd08717fea55318a44ee 5b6f6e2edb26ac88094ea91f57ddc45257104cda9dfeee87363c80eb85a75da3 Loading...

	#30 Write - e4bcfc516fe7821794381d40a525c827	260 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash e4bcfc516fe7821794381d40a525c827 f07645fff1281b1ca99897f5ba091cea388b4f9c 4aab671bef66a6ada1485a86777251a7d39dcee9a063911b8f9903d9b049a5bd Loading...

	#31 Write - d69d301dfa1553e0682dcd5d0df28f59	248 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash d69d301dfa1553e0682dcd5d0df28f59 5c3b5ca59be4f9d8485836888b372a316d17c823 5a4f5852e5aedb53908b2201ef2f45811854effa19acba0c519b00285a6b668f Loading...

	#32 Write - 27fd671c75ce30e2b46c75f0250fc933	255 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 27fd671c75ce30e2b46c75f0250fc933 e63911aa072797145090e322c66fb2787cadf9b1 833a68b5074b23a6b660103673a1b7e2a58acae9833af60aedb7b97c827903e3 Loading...

	#33 Write - 36f4af135e5521ae74812f722191218d	254 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:00:09 Last Seen2024-05-07 20:00:09 Times Seen1 Hash 36f4af135e5521ae74812f722191218d 6688e8c331a0c51f0d63065eff53098bdaf0080e fdd2131f14970ddf8d0f5d8f91d2c5e8a8c90ed197e7053cff93270b7044ab2f Loading...

HTTP Transactions (80)

URL IP Response Size

tg2.leetgems.h1n.ru/img/LogoBig_1x.png

81.90.181.60

200 OK

1.6 kB

URL GET HTTP/2
tg2.leetgems.h1n.ru/img/LogoBig_1x.png
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type
PNG image data, 131 x 31, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1635 bytes)
Hash
22aae336e78f75ab0ff2534cf975ed4a
bbc0d011f640673b811d07ea30fbfec0415530a4
7bb14dc217f7f5ac7104b4838132dd370e1b808f7df6ccb4fdfd0227de5159bc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /img/LogoBig_1x.png HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:31 GMT
content-type: image/png
content-length: 1635
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: "6389c0ca-663"
expires: Wed, 07 May 2025 17:59:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2

unitraffic.net/banner.php?user=2718

85.208.187.144

852 B

URL GET
unitraffic.net/banner.php?user=2718
IP
85.208.187.144:0
ASN
#204601 Zomro B.V.

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectunitraffic.net
FingerprintD6:0F:0E:A2:F9:DF:D0:C4:2A:5E:8F:94:00:76:B1:DF:9C:83:13:DE
ValidityThu, 25 Apr 2024 23:35:08 GMT - Wed, 24 Jul 2024 23:35:07 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1522), with no line terminators
Size
852 B (852 bytes)
Hash
30dfa3e94d434603dab6eabfd975493a
83392bcb475e598afd467327fd5832d665e3e515
32f62215553a5471236cc7af22c30c2a5f5ac00db3fbf4ea0a60c25a310142d5

HTTP Headers

GET /banner.php?user=2718 HTTP/1.1
Host: unitraffic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 17:59:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=6chr55lrhhqavhljc4agi4l3k1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

tg2.leetgems.h1n.ru/img/cparip.png

81.90.181.60

200 OK

2.3 MB

URL GET HTTP/2
tg2.leetgems.h1n.ru/img/cparip.png
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type
PNG image data, 4096 x 4096, 8-bit/color RGB, non-interlaced
Size
2.3 MB (2288360 bytes)
Hash
0664cb29e7663889c52dc98b43ecbefb
8db35f4da81d644fb290b4c3793b1aa2a910ac07
5aa23070b3cf7ceb7e942c4b1c57da80c6bf78e140b53196bbf17eb0d0ed5600

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /img/cparip.png HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:31 GMT
content-type: image/png
content-length: 2288360
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: "6389c0ca-22eae8"
expires: Wed, 07 May 2025 17:59:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2

unitraffic.net/img/banner_empty.png

85.208.187.144

200 OK

5.4 kB

URL GET HTTP/1.1
unitraffic.net/img/banner_empty.png
IP
85.208.187.144:443
ASN
#204601 Zomro B.V.

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectunitraffic.net
FingerprintD6:0F:0E:A2:F9:DF:D0:C4:2A:5E:8F:94:00:76:B1:DF:9C:83:13:DE
ValidityThu, 25 Apr 2024 23:35:08 GMT - Wed, 24 Jul 2024 23:35:07 GMT

File type
PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced
Size
5.4 kB (5392 bytes)
Hash
28d818cd8b5ea617d336300ca726663b
d1286a3f06f719fe7c410e41760a81cee39d4c86
8c9960fa2ab2600dad21e8bc1ad0062120067252c7920e8492df81808c2b0af4

HTTP Headers

GET /img/banner_empty.png HTTP/1.1
Host: unitraffic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 17:59:32 GMT
Content-Type: image/png
Content-Length: 5392
Last-Modified: Sun, 17 Apr 2022 06:44:13 GMT
Connection: keep-alive
ETag: "625bb73d-1510"
Expires: Wed, 08 May 2024 17:59:32 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

webtrafic.ru/ads.php?uid=8247

104.21.68.251

34 kB

URL GET
webtrafic.ru/ads.php?uid=8247
IP
104.21.68.251:0
ASN
#13335 CLOUDFLARENET

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1186), with no line terminators
Size
34 kB (34145 bytes)
Hash
4897fb8003e87f672918587e3f7fe44b
25df6bb29f6e7059635726a51134dfcefc9e98f3
c086b674db664b99c87a3f52edefedc2d43b83bd1bb42b308353884401e18afa

HTTP Headers

GET /ads.php?uid=8247 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIuhkkFCPV38jb84JUJmmmNJNpe%2Fh2hYGOwcsHRTLk3CXoc1mECPMqj9y8HTC0Uj%2FtqoKAnDXZDqfE1RDBdPBtyD%2FNe%2BQVI6%2BrFhEMWPfZfK4YrsAiGaHqEou%2FLt3pw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031ab9ec2056be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

1rash.ru/q/bsk.php

89.208.145.166

200 OK

2.4 kB

URL GET HTTP/1.1
1rash.ru/q/bsk.php
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
HTML document, ISO-8859 text
Size
2.4 kB (2439 bytes)
Hash
e60d330693c6f2606d2d204d5bbdc777
5c6260022797867033ab4c36460634ddaf7c00e3
388ec365159ae22ea66ac62b1f792e2b330f45ff66ad89d4543651eefaa7532f

HTTP Headers

GET /q/bsk.php HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: text/html; charset=windows-1251
Content-Length: 2439
Connection: keep-alive
Server: Apache

cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

151.101.129.229

200 OK

1.1 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://webtrafic.ru/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (1619)
Size
1.1 kB (1078 bytes)
Hash
45f12de4d7b95a193ecdc5cfde664bb9
ee9541cf1a95d2a885f8b143a105caaa08ca9c9d
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

HTTP Headers

GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
content-encoding: br
accept-ranges: bytes
date: Tue, 07 May 2024 17:59:32 GMT
age: 30574
x-served-by: cache-fra-eddf8230099-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1078
X-Firefox-Spdy: h2

webtrafic.ru/

104.21.68.251

200 OK

16 kB

URL GET HTTP/3
webtrafic.ru/
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (12663)
Size
16 kB (15695 bytes)
Hash
e8421ec7f0e3bb65a294711c0973e25d
abd51c4cfd213a563f76a3b8e952745d43ce0b99
d67d44f8cd4e60e575ac06b96769a1df8abadfdc6d592847851120dc1e4d9712

HTTP Headers

GET / HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=i9j2uppedtruocj3df459dmrdv; path=/
pragma: no-cache
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TL4ZmwCGH5Mli4MXf5IHI7dPVl9twvTAcZ0TyytfRlToc%2Bt5poBXmnjKCybcUm%2BvrdcLQ1nZ%2FPs54x9Rsf3C7WfYpE%2BWBM%2B2G4HVsFYFe0FS%2FKXT1gno%2B83ZE01vBbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031ababe4c56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

webtrafic.ru/img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png

104.21.68.251

200 OK

1.1 kB

URL GET HTTP/3
webtrafic.ru/img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
PNG image data, 25 x 25, 8-bit colormap, non-interlaced
Size
1.1 kB (1079 bytes)
Hash
abb0364ceccfd96f043c089281b7e8c3
a22a6747139991930c63de9f7fb36ac19998e216
aa2e91454bb83b548d9e01685127a73eda1291cb81899ccc3354e24567a53ace

HTTP Headers

GET /img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: image/png
content-length: 1079
link: <http://webtrafic.ru/img/sp.png>; rel="canonical"
expires: Tue, 29 Apr 2025 17:29:16 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Mon, 29 Apr 2024 17:29:16 GMT
x-original-content-length: 11788
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 606522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYwnNNXLjptiFG6c0hW77HKYBgRiUTJnLoFvdKSi%2Fy7xhfrOxEOSEqPYZ9EE0M%2BoEoYvG5DTvErPR7XHCh8JOLZqkddwPM2N5jqX3YlNvKfe8G0DeZlZ33fE1uM7i40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031abdbc9556be-OSL
alt-svc: h3=":443"; ma=86400

webtrafic.ru/img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png

104.21.68.251

200 OK

1.5 kB

URL GET HTTP/3
webtrafic.ru/img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1504 bytes)
Hash
b6068d14a1756e0e41052584059ecaac
d5836694aa54334f2ae81ad908192970d7ad1590
d31fee4b1d850d79de5748d3b82a5706f6c92e90a4fced70266ae0ae92ed2fd2

HTTP Headers

GET /img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: image/png
content-length: 1504
link: <http://webtrafic.ru/img/cart.png>; rel="canonical"
expires: Tue, 29 Apr 2025 17:29:16 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Mon, 29 Apr 2024 17:29:16 GMT
x-original-content-length: 24626
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 596394
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTS5aR%2FRlWiGrQHgNnkCrKOpDv9WBGoQqkE1y1X9X%2FUJJwrRBbvb2XWaoWInNL0aFTHtOsU%2BG0b%2FuDx%2BzGojefVzTLPiUzuMCpT9DQGQoA6u%2BMmgPfga0ISDyUH2Oqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031abdbc8f56be-OSL
alt-svc: h3=":443"; ma=86400

1rash.ru/q/i/i22.jpg

89.208.145.166

200 OK

1.1 kB

URL GET HTTP/1.1
1rash.ru/q/i/i22.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.1 kB (1082 bytes)
Hash
09d00cd5cf090d3daf70d5e213688b4c
9022599fd1c9d38bfec8fae286962db248f1f722
a135fceb668a6804c45b9b2a2cac063d3211f517411ebb87ad13e29ed11cd6d2

HTTP Headers

GET /q/i/i22.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 1082
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fb-43a-4a176377d1600"
Accept-Ranges: bytes

1rash.ru/q/i/i21.jpg

89.208.145.166

200 OK

1.3 kB

URL GET HTTP/1.1
1rash.ru/q/i/i21.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.3 kB (1287 bytes)
Hash
edcd6cd2af814f8f30bd55e6e1686b6c
687202c4759ba4e1c94b8f62c4be961656cabd28
4c94f6ce0bc99d807ef5ad1c81ffe5c89c1665c751c6aa95baf9179275d19111

HTTP Headers

GET /q/i/i21.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 1287
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1fa-507-4a176376dd3c0"
Accept-Ranges: bytes

neon.today/context/get/100439/28817/1/468/60

213.183.48.30

200 OK

580 B

URL GET HTTP/1.1
neon.today/context/get/100439/28817/1/468/60
IP
213.183.48.30:443
ASN
#56630 Melbikomas UAB

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectneon.today
FingerprintF9:C9:45:2E:BF:94:50:19:BE:3C:64:8A:BE:97:0C:2B:D6:AE:C9:7A
ValidityTue, 02 Apr 2024 22:30:27 GMT - Mon, 01 Jul 2024 22:30:26 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
580 B (580 bytes)
Hash
ec71e0c40ba34cfe9f84633a2d7e38fa
f5f45a72b4192ff13d1bc6fed281dedc5a4828ee
c61da258f4f9bd3b022f4768ed93f6838ec32d925911611602e5d7c067479d52

HTTP Headers

GET /context/get/100439/28817/1/468/60 HTTP/1.1
Host: neon.today
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 17:59:32 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 580
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

1rash.ru/q/i/i29.jpg

89.208.145.166

200 OK

808 B

URL GET HTTP/1.1
1rash.ru/q/i/i29.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
808 B (808 bytes)
Hash
a8bb6266b787520230e26df801086e12
5556ebc578a6b87b9e2113dda0a719740d5ff645
7217c5b17c8499f134de4a5de3af9ae9acb1adaa9a0da6f21ece6fd770bdb09d

HTTP Headers

GET /q/i/i29.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 808
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:05:18 GMT
ETag: "13c1ff-328-4a5d31520db80"
Accept-Ranges: bytes

webtrafic.ru/js/socket.io.min.js

104.21.68.251

200 OK

17 kB

URL GET HTTP/3
webtrafic.ru/js/socket.io.min.js
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
JavaScript source, ASCII text, with very long lines (64366), with no line terminators
Size
17 kB (16705 bytes)
Hash
63241b78a09366c1220125b1c8a5ff20
91d14b8a343afbb645bcd157200555816519ced3
f01fea38541229b697b158619451884a0b355c477a7da949411f0aa6852fab89

HTTP Headers

GET /js/socket.io.min.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: application/javascript
x-original-content-length: 64504
vary: Accept-Encoding
etag: W/"PSA-aj-YyQbeKCTZs"
expires: Sun, 05 May 2024 12:10:47 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4292
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddWl1T7EE446fYgafjLDGLCY%2B08lWLsrjxlasTT1UlaFqrVqM6Xl8bjypv5iC3S%2BWfKAgwjQTCOnjdE%2Bzl3d0z8D6Fv4WFndpGLKbOiuYO1ds3oFKYn%2BZ%2F%2FcZNcD97s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031abd4bae56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

1rash.ru/q/i/i1.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i1.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1170 bytes)
Hash
c7fa97c8911aca393ddb4217cc075321
584ef670b8982eba7d9853c3047f47e91d7a8c35
f1e6f586e4cb3e5633175f10c60274d54451a3e1ed4a42d9563b3f0d80c60e9b

HTTP Headers

GET /q/i/i1.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 1170
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1ed-492-4a176377d1600"
Accept-Ranges: bytes

1rash.ru/q/i/i10.jpg

89.208.145.166

200 OK

1.1 kB

URL GET HTTP/1.1
1rash.ru/q/i/i10.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.1 kB (1099 bytes)
Hash
0ac0624c642f13116fab03f97d48fae9
1b790e1320dfd80ed7337d077f357c39a599dd62
2266f2f329c08b77641df314c7ecb2256ad0b539ae4484269d8eacb6c1e182a2

HTTP Headers

GET /q/i/i10.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 1099
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1ee-44b-4a176374f4f40"
Accept-Ranges: bytes

1rash.ru/q/i/i27.jpg

89.208.145.166

200 OK

852 B

URL GET HTTP/1.1
1rash.ru/q/i/i27.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
852 B (852 bytes)
Hash
fa3c317272839ce74e946168cc1f0256
e7ea8d93a2b3df81c5224a5d197672b0f9880ac0
2f9a28e0948fe7428bb68ba67a815438f3723915d5e745421333293ae26fcb27

HTTP Headers

GET /q/i/i27.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 852
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fd-354-4a176377d1600"
Accept-Ranges: bytes

1rash.ru/q/i/i32.jpg

89.208.145.166

200 OK

787 B

URL GET HTTP/1.1
1rash.ru/q/i/i32.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
787 B (787 bytes)
Hash
2f5b2fa04eb1c03fa76e0f4ee3ba867d
c779636e1641ce5543ab7d4ceb8315f50ebf6fe0
3c4761799cfb5faf650cf9b5ee7dcb6323f5ea88a025ab4f2ca45f9ad26aa2a8

HTTP Headers

GET /q/i/i32.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 787
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:25:42 GMT
ETag: "13c203-313-4a5d35e159d80"
Accept-Ranges: bytes

1rash.ru/q/i/i28.jpg

89.208.145.166

200 OK

844 B

URL GET HTTP/1.1
1rash.ru/q/i/i28.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
844 B (844 bytes)
Hash
412b8d68806a6f1eaae33ab61408e5b6
3cf120f4ac25cb37d03690ed4f4f99e8c10f6549
28e3bab9f1c604044ef0b744978ed7a94986b406fae3f5dc48daab90ddafe571

HTTP Headers

GET /q/i/i28.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 844
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 11:56:55 GMT
ETag: "13c1fe-34c-4a5d2f725afc0"
Accept-Ranges: bytes

1rash.ru/q/i/i6.jpg

89.208.145.166

200 OK

949 B

URL GET HTTP/1.1
1rash.ru/q/i/i6.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
949 B (949 bytes)
Hash
599ecaaf31ded9febc399f253c6850ac
8b757aafb5f1b3ed40882e6edf81a5a7ceb70cd6
d002b4d408b10bc8993f7f980cfbb85198659e92f345bbe1a812612194925dac

HTTP Headers

GET /q/i/i6.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 949
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c206-3b5-4a176379b9a80"
Accept-Ranges: bytes

1rash.ru/q/i/i8.jpg

89.208.145.166

200 OK

1.3 kB

URL GET HTTP/1.1
1rash.ru/q/i/i8.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.3 kB (1264 bytes)
Hash
2ab385dd42c7301aa0d69bfd3bcb71a2
f5d68e166c75ddbec5ddcfb08b976c559ef75a26
39e01baf23094c9244c4b8babfd1c0faa1aa0648ca1bf3325148b1daa9e78843

HTTP Headers

GET /q/i/i8.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1264
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c208-4f0-4a176379b9a80"
Accept-Ranges: bytes

1rash.ru/q/i/i7.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i7.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1240 bytes)
Hash
9f1eddb947f9d468e54408d52a1831b0
98e3141fb66605f969c990827c1730e29c92123d
ca3346a44f7619fa1928c810fb1f1d2b78ed01eaf28bc2f9ec884555627e25f5

HTTP Headers

GET /q/i/i7.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1240
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c207-4d8-4a176379b9a80"
Accept-Ranges: bytes

1rash.ru/q/i/i9.jpg

89.208.145.166

200 OK

1.1 kB

URL GET HTTP/1.1
1rash.ru/q/i/i9.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.1 kB (1121 bytes)
Hash
4651716c2e8a82e38e57e9c3f88b69fe
ed1f6eb5729e01eaff6224d0d676e5d6f74acb5f
848244e41780fd3cf681351db6a399063842f49f6dbcc72a7219e156fe184d26

HTTP Headers

GET /q/i/i9.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1121
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:59 GMT
ETag: "13c209-461-4a17637aadcc0"
Accept-Ranges: bytes

1rash.ru/q/i/i11.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i11.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1160 bytes)
Hash
8c216347028037af3b531687fb40f5ad
93c87e3bb567c48618a2503123f4f42cb232102a
3f3c39233984706be1fd358a3e17a1f938a562cf287e9f4bd819f005242a79e9

HTTP Headers

GET /q/i/i11.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1160
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1ef-488-4a176374f4f40"
Accept-Ranges: bytes

1rash.ru/q/i/i12.jpg

89.208.145.166

200 OK

1.3 kB

URL GET HTTP/1.1
1rash.ru/q/i/i12.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.3 kB (1310 bytes)
Hash
974908a0d5d6aec321ea6ceadeabcc89
f9ecc635349dec18f5789f0afc667db32389cc0e
0bfdcf90455eb460deee1f94df548fa8ff6cd91a96ac5305515756b3a5e13c84

HTTP Headers

GET /q/i/i12.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1310
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1f0-51e-4a176374f4f40"
Accept-Ranges: bytes

1rash.ru/q/i/i20.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i20.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1244 bytes)
Hash
20ac0c63e1b8cd918e142669cadf7073
da110a8fa35192d02702cda67816cbea3ab60cef
58eb04e77c4a3b31d18b8ac0b7a33ecff1fe892a8b1871619b9c5ae134a7777a

HTTP Headers

GET /q/i/i20.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1244
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f9-4dc-4a176376dd3c0"
Accept-Ranges: bytes

1rash.ru/q/i/i03.jpg

89.208.145.166

200 OK

860 B

URL GET HTTP/1.1
1rash.ru/q/i/i03.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
860 B (860 bytes)
Hash
43ad002dd395011a36e0004faff95040
4123a3ed39f1319dd6c4fa1eaaa14734c518abbe
49d9c3f15ae2db284cfd2bb31f1e1fe40d8cc4f833e6ce4118256c5d551b1f01

HTTP Headers

GET /q/i/i03.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 860
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c1ec-35c-4a176378c5840"
Accept-Ranges: bytes

1rash.ru/q/i/i13.jpg

89.208.145.166

200 OK

1.0 kB

URL GET HTTP/1.1
1rash.ru/q/i/i13.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.0 kB (1035 bytes)
Hash
0999c2f6b7fb91a5e39884824762e07c
ced0d0cc4b7ca1a912b427c4366588737c188380
ce852c75b278249ff2d327b256f20b25d37519ce145b089045fbfe03e566e3d7

HTTP Headers

GET /q/i/i13.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1035
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f1-40b-4a176375e9180"
Accept-Ranges: bytes

1rash.ru/q/i/i30.jpg

89.208.145.166

200 OK

863 B

URL GET HTTP/1.1
1rash.ru/q/i/i30.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
863 B (863 bytes)
Hash
82b7028d77310c4a39c48ca5bdb1873a
b799bfc4397d54f423d7f20e2779308fd714ef7e
096d226948285a2d84390d1d89388743ab773debc9daf91bdd678d07ab55f2ae

HTTP Headers

GET /q/i/i30.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 863
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:12:40 GMT
ETag: "13c201-35f-4a5d32f793e00"
Accept-Ranges: bytes

webtrafic.ru/banners/8d7746d19761e5bb340eddb38ee84710.jpg

104.21.68.251

200 OK

11 kB

URL GET HTTP/3
webtrafic.ru/banners/8d7746d19761e5bb340eddb38ee84710.jpg
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 468x60, components 3
Size
11 kB (10921 bytes)
Hash
6c287f11b474cb8319e21bdd4c7e7f95
4c9ef4c0e833a6b9d4f63099def2257834afb399
1955f3d0637a5a651784aae94914b26337149f850c91f39b013373f496ea1bad

HTTP Headers

GET /banners/8d7746d19761e5bb340eddb38ee84710.jpg HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/jpeg
content-length: 10921
x-original-content-length: 17707
etag: W/"PSA-aj-bCh_EbR0y4"
expires: Tue, 07 May 2024 17:47:15 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 44
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FWbhjSL%2BtGgdZhHLhaK7mrdr6%2By%2BQBlOsXIfCco5kllywrKOmq7qevXg9pTKhjMy%2BEelJIqeilhQEQ9%2BVgl51ZAtiBEbONB2gqD%2FtxvKgxQ9i4D6J9QJvTm5m%2Bqsmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac0395856be-OSL
alt-svc: h3=":443"; ma=86400

webtrafic.ru/banners/e1e17ab962d5930a640c009a9045fd48.gif

104.21.68.251

200 OK

4.2 kB

URL GET HTTP/3
webtrafic.ru/banners/e1e17ab962d5930a640c009a9045fd48.gif
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
PNG image data, 468 x 60, 8-bit colormap, non-interlaced
Size
4.2 kB (4188 bytes)
Hash
5cdb5f82555ebb79f2601e822dcd1e28
3892595961146946a51f0868513e8efc21a03d3f
8cafaaddf474eaf047b718d0f02faf3a18466493d22f7acedd678289c95129d1

HTTP Headers

GET /banners/e1e17ab962d5930a640c009a9045fd48.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/png
content-length: 4188
x-original-content-length: 4732
etag: W/"PSA-aj-XNtfglVeu3"
expires: Tue, 07 May 2024 15:52:06 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 7199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9q1Axg92OGOslPQ%2BMoCNu9ZKlGOV%2BlJjZDkb6xBpCsILVyKimLFEuaxyn3k89Df6XuiQRONm4uhxPp7%2B2hxUl6o1dzyDzE%2FwyuLwsTFXt599577gn1zdDzKcV1n0Q6o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac0396156be-OSL
alt-svc: h3=":443"; ma=86400

1rash.ru/q/i/i23.jpg

89.208.145.166

200 OK

869 B

URL GET HTTP/1.1
1rash.ru/q/i/i23.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
869 B (869 bytes)
Hash
a0c3f9db170b509064860d331477aac0
caf1270d767791eea4b4e8423adbe4f23156ef2d
30159bc97ad2456ba29092d508d6fc23026066583dad0b10e66a6b94df28c41d

HTTP Headers

GET /q/i/i23.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 869
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fc-365-4a176377d1600"
Accept-Ranges: bytes

1rash.ru/q/i/i14.jpg

89.208.145.166

200 OK

1.4 kB

URL GET HTTP/1.1
1rash.ru/q/i/i14.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.4 kB (1378 bytes)
Hash
0278675b031052695f83ed7285ad5168
e85bd2517e48351474aec32edcf5d1a475fe89f5
81fe9a4decee6ba1e8ababab5bd3afe2fdbcf72c92b0e81d7d8ddaa2f545abc3

HTTP Headers

GET /q/i/i14.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1378
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f2-562-4a176375e9180"
Accept-Ranges: bytes

webtrafic.ru/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.21.68.251

200 OK

77 kB

URL GET HTTP/3
webtrafic.ru/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: application/octet-stream
content-length: 77160
last-modified: Mon, 13 Mar 2023 13:06:22 GMT
etag: "640f1fce-12d68"
cache-control: max-age=14400, s-maxage=10
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjJyukM1yH7d6Cc7z9jGCLZM53P4tBrLdjbZRa94V0p%2FAehcKPol%2Fmg5xVxGhj5uqCmgbq4vsx2nnpPVdh9PYpQwxwJNP6i1DQwkQNGWB8fAnI7S1tGErsI7yOU43sQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac0191f56be-OSL
alt-svc: h3=":443"; ma=86400

1rash.ru/q/i/i15.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i15.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1213 bytes)
Hash
716cf0372a9e3549dd0c8228104e5a8a
c25f1da1ecf3c1e1687b356885ed143bdadc529c
99b968d7b2ce9008b2ac8d312e355c7ed61c671b53b70f0694eefb9c20692fb3

HTTP Headers

GET /q/i/i15.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1213
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f3-4bd-4a176375e9180"
Accept-Ranges: bytes

1rash.ru/q/i/i3.jpg

89.208.145.166

200 OK

1.1 kB

URL GET HTTP/1.1
1rash.ru/q/i/i3.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.1 kB (1054 bytes)
Hash
c0cd32ad99537e47a0359f7f765a9063
452e77efcfb1852e5dc9d6ba26eca99cf9adb75f
d29bad3ad73a49ad955bd610396a9ea4808392fd016f56204108adaf3ebdc511

HTTP Headers

GET /q/i/i3.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1054
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c200-41e-4a176378c5840"
Accept-Ranges: bytes

1rash.ru/q/i/i17.jpg

89.208.145.166

200 OK

1.3 kB

URL GET HTTP/1.1
1rash.ru/q/i/i17.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.3 kB (1296 bytes)
Hash
201fb6a4a3b9fc2fd5e96108e79c14e1
2800cf177bac5bbbcaa35b3ac8beb534b264bd0d
8e8b314683c3f3d30a41248101c0d55f0a53ce3f50a198e28033bcc38edef44d

HTTP Headers

GET /q/i/i17.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1296
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f5-510-4a176375e9180"
Accept-Ranges: bytes

1rash.ru/q/i/i18.jpg

89.208.145.166

200 OK

1.1 kB

URL GET HTTP/1.1
1rash.ru/q/i/i18.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.1 kB (1074 bytes)
Hash
bd49a082045314b5913de74e31601db1
979096d8183c8a0c0fe16611a822e6b83989a19d
9d59f5df3eec72870aef48178d02ac36f28cfc3975dcf81477d39fc5aef24380

HTTP Headers

GET /q/i/i18.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1074
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f6-432-4a176376dd3c0"
Accept-Ranges: bytes

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css

142.250.74.131

4.0 kB

URL GET
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css
IP
142.250.74.131:0
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 18:00:32 GMT
expires: Tue, 06 May 2025 18:00:32 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 86341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1rash.ru/q/i/i00.jpg

89.208.145.166

200 OK

914 B

URL GET HTTP/1.1
1rash.ru/q/i/i00.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
914 B (914 bytes)
Hash
f0500a756946bd6216a353c755640f62
1d9038b9d476757ca222d3cf22e5e6372083750f
e61fa050fcc0d73160370b92428fc300df065aec14b86236b3513afda2a0db05

HTTP Headers

GET /q/i/i00.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 914
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1eb-392-4a176377d1600"
Accept-Ranges: bytes

1rash.ru/q/i/i19.jpg

89.208.145.166

200 OK

1.3 kB

URL GET HTTP/1.1
1rash.ru/q/i/i19.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.3 kB (1275 bytes)
Hash
e4b0a3b3be399e14b790be247368fcf8
2fe771d6660fd4ef5dc313df6f4b2fb8315746d8
92d49c679788eb22633820c9e3e74ac71b23da5cb019f7fd7771a59ba24275b7

HTTP Headers

GET /q/i/i19.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1275
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f7-4fb-4a176376dd3c0"
Accept-Ranges: bytes

1rash.ru/q/i/i2.jpg

89.208.145.166

200 OK

957 B

URL GET HTTP/1.1
1rash.ru/q/i/i2.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
957 B (957 bytes)
Hash
cc094b5369d872ff2148ad86ef788d38
0c25a58ebe84c1b141f4d9398eb311abf1968b76
e83a294df92a56d5363eb6299ee547b41809b72dc94d04e6674e1e46fe4a3dea

HTTP Headers

GET /q/i/i2.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 957
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c1f8-3bd-4a176378c5840"
Accept-Ranges: bytes

1rash.ru/q/i/i4.jpg

89.208.145.166

200 OK

854 B

URL GET HTTP/1.1
1rash.ru/q/i/i4.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
854 B (854 bytes)
Hash
10bd409f25fbfbab424662c87ffd8149
fe31d44c2625da598bbaeb110567f74c91f20709
bd03aa9a97b29315975ce1949d8d6d7e8712e264c80234c5c2916a5b29eaae0d

HTTP Headers

GET /q/i/i4.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 854
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c204-356-4a176379b9a80"
Accept-Ranges: bytes

1rash.ru/q/i/i31.jpg

89.208.145.166

200 OK

867 B

URL GET HTTP/1.1
1rash.ru/q/i/i31.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3
Size
867 B (867 bytes)
Hash
0a328a40864cc03d0495cd59273c0831
604badc1551096e40d9076bb9e8861790f8e4912
e87e329c040bb403d5045bfbb4148d96960aa0a27f6f1347a341f38a316c34e1

HTTP Headers

GET /q/i/i31.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 867
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:17:39 GMT
ETag: "13c202-363-4a5d3414b9ec0"
Accept-Ranges: bytes

neon.today/logo_small.png

213.183.48.30

200 OK

19 kB

URL GET HTTP/1.1
neon.today/logo_small.png
IP
213.183.48.30:443
ASN
#56630 Melbikomas UAB

Requested by
https://neon.today/context/get/100439/28817/1/468/60
Certificate
IssuerLet's Encrypt
Subjectneon.today
FingerprintF9:C9:45:2E:BF:94:50:19:BE:3C:64:8A:BE:97:0C:2B:D6:AE:C9:7A
ValidityTue, 02 Apr 2024 22:30:27 GMT - Mon, 01 Jul 2024 22:30:26 GMT

File type
PNG image data, 50 x 15, 8-bit/color RGBA, non-interlaced
Size
19 kB (18858 bytes)
Hash
e8f264874aa64e38756e575d1d6452ba
015287540c0fe06723408a117daac30afc9efefe
c86c4eb33d4edbc00eaf4ad4d5afdc7bd9a5e6e311d3e54399590911b6d8b684

HTTP Headers

GET /logo_small.png HTTP/1.1
Host: neon.today
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neon.today/context/get/100439/28817/1/468/60
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 17:59:33 GMT
Content-Type: image/png
Content-Length: 18858
Last-Modified: Sat, 20 Aug 2022 08:28:35 GMT
Connection: keep-alive
ETag: "63009b33-49aa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css

104.21.68.251

200 OK

49 kB

URL GET HTTP/3
webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
49 kB (49372 bytes)
Hash
6676494c9ee44d937278d98aecd0774e
d6e5cc9fa0a99b53e15d19023f937bcb37e93b38
4b6c561f000061c56d2135fe10de8470d3f50d60479988cf62fadb0d6be17a5d

HTTP Headers

GET /A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=231427
etag: W/"0"
expires: Wed, 30 Apr 2025 16:20:11 GMT
last-modified: Tue, 30 Apr 2024 16:20:11 GMT
vary: Accept-Encoding
x-original-content-length: 292525
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 610739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owM%2FmwNhcTzJSkIB4lY74IY8X1J6a4jCvvL8SZyd1GlNXEXs%2Bx3Xfb%2FBhj4XeIgCvB1s%2F9JaPJYRSU0wt4iCuJeV9qJJqQL4o1kgqFuL19vkzkVVEnOGXc8YGOzB87o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031abd4ba856be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg2.leetgems.h1n.ru/img/telegram_logo_icon.ico

81.90.181.60

200 OK

68 kB

URL GET HTTP/2
tg2.leetgems.h1n.ru/img/telegram_logo_icon.ico
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type
MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel
Size
68 kB (67646 bytes)
Hash
4f123b8081a681da829b4b034dd4b7bc
02e58fa28ede37a412174ac17cc9883f9378d4ae
d7bbaeffe46c40d1b069c527d3138b7e2a0c831a4e3a9ca0ca9350b0d8ec332a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /img/telegram_logo_icon.ico HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/x-icon
content-length: 67646
last-modified: Sun, 05 Mar 2023 08:58:29 GMT
etag: "640459b5-1083e"
expires: Wed, 07 May 2025 17:59:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2

payeer.com/?session=2103954

149.202.17.208

302 Found

621 B

URL GET HTTP/1.1
payeer.com/?session=2103954
IP
149.202.17.208:443
ASN
#16276 OVH SAS

Requested by
https://webtrafic.ru/
Certificate
IssuerSectigo Limited
Subject*.payeer.com
Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06
ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (621), with no line terminators
Size
621 B (621 bytes)
Hash
f1c5e85a5273595a638c13ae96aca215
04ef72d158d591b80b6fb4b503a76aceb750d53c
00510de30359be8cf5954a5e2438f5f4d8761afb560bfd1b539fb711953b2cdc

HTTP Headers

GET /?session=2103954 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: iCore Proxy Module
Date: Tue, 07 May 2024 17:59:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store, max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

rekizar.com/img/468x60.jpg

104.21.88.72

200 OK

23 kB

URL GET HTTP/3
rekizar.com/img/468x60.jpg
IP
104.21.88.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectrekizar.com
Fingerprint95:55:B7:B7:61:FE:55:F7:F1:E1:F8:82:C8:A6:C5:3B:3B:39:54:BD
ValidityTue, 02 Apr 2024 11:49:39 GMT - Mon, 01 Jul 2024 11:49:38 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:07:06 14:32:48], baseline, precision 8, 468x60, components 3
Size
23 kB (22628 bytes)
Hash
fbc934907899d42eb7498fa4e3a1a6de
19de6166486465421dbada583cc75dc616f70bc2
0687f06055827a84336951df496e050f14248e4efb4de70c85095e9116e61bc7

HTTP Headers

GET /img/468x60.jpg HTTP/1.1
Host: rekizar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/jpeg
content-length: 22628
last-modified: Mon, 12 Feb 2024 09:29:16 GMT
etag: "65c9e4ec-5864"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 286766
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NmtJ%2B9tRwfcSC71eZFZONTAeosnCwPuVwRu8HCcYsHZWWeqC5vbUbI8N%2BAB9jZb%2BYpx7KSmlBRgmGvU1nVUWJqQpnNc9XdZDmRGklEX6jtCyM%2B1b401OnAsveIdR6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac18dd90b02-OSL
alt-svc: h3=":443"; ma=86400

linkslot.pro/uploads/0f99185a150936d6507f73aac09b7230.gif

172.67.179.242

200 OK

305 kB

URL GET HTTP/3
linkslot.pro/uploads/0f99185a150936d6507f73aac09b7230.gif
IP
172.67.179.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerCloudflare, Inc.
Subjectlinkslot.pro
Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96
ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 468 x 60
Size
305 kB (304615 bytes)
Hash
de18b3c6d5039f38e760e0c6e016e822
0a59834bc4862f9e483816051e5d5c7d19058abe
34ff128900b699dd1f11e87f54bae0d8f1a17c7cbc2c65dcc839c61b97a94da7

HTTP Headers

GET /uploads/0f99185a150936d6507f73aac09b7230.gif HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/gif
content-length: 304615
last-modified: Tue, 07 May 2024 15:22:28 GMT
etag: "663a4734-4a5e7"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 1606
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2zHFV1%2BhUP7opFuwttmt6CkxzgO6JWpLcNOGolCa%2FiOlwdeWT0IOkTd0sqgsjdSwHCz4cvSuUKdXadMu%2BPr4chpAsvdpYc5WnOIFXZ%2BPHOUsTbd2ZPlp5A0wee9wxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac22f6d0afa-OSL
alt-svc: h3=":443"; ma=86400

linkslot.pro/img/buyb.png

172.67.179.242

200 OK

2.6 kB

URL GET HTTP/3
linkslot.pro/img/buyb.png
IP
172.67.179.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerCloudflare, Inc.
Subjectlinkslot.pro
Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96
ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 127 x 16, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2585 bytes)
Hash
6623622f5954708d814fc46180f75b9f
7bd68ddbb91875e815e73fa937efc259e56fad47
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29

HTTP Headers

GET /img/buyb.png HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/png
content-length: 2585
last-modified: Thu, 06 Apr 2023 09:20:44 GMT
etag: "642e8eec-a19"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 184
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddDaDYujRZo6IXcFEdzSCLzzffxbbFXCwmRwZmB9Qf6vVB5Q20K%2BbUtgTRojEqZClWWzOoeSesqcu84jc9tc8m2WNXQVsEF%2BWZLLjjqcas83rHoric4r7h2oItFudsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac22f6f0afa-OSL
alt-svc: h3=":443"; ma=86400

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main

142.250.74.10

200 OK

73 kB

URL GET HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (2297)
Size
73 kB (72600 bytes)
Hash
9b289af026f3e548d1d06033fa868b46
7916969abb1e3aa9e953f4d7e7cb8ca1380f98f7
dc5d2a255869ad274247f1bb8c353794f470a1fca09d9f8c98968178c5b8a717

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 72600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 17:42:06 GMT
expires: Tue, 06 May 2025 17:42:06 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 04 May 2024 07:10:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 87447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

informer.yandex.ru/informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews

93.158.134.119

200 OK

1.4 kB

URL GET HTTP/2
informer.yandex.ru/informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews
IP
93.158.134.119:443
ASN
#13238 YANDEX LLC

Requested by
https://webtrafic.ru/
Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
FingerprintDB:EC:6C:00:83:6B:5E:03:B2:DE:D1:CA:D1:7B:50:9B:E3:E8:57:65
ValidityTue, 26 Dec 2023 16:32:23 GMT - Wed, 05 Jun 2024 20:59:59 GMT

File type
PNG image data, 80 x 31, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1447 bytes)
Hash
132cab1f56469197cd0fda621084f162
a8b793e51dc1d54ac146e62e1019cfd6fb107926
a0b78e583790fe71ff9ce525a6bad91827b203ce0af39b503261d75becd84ed9

HTTP Headers

GET /informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews HTTP/1.1
Host: informer.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 1447
last-modified: Tue, 07-May-2024 17:59:33 GMT
content-type: image/png
pragma: no-cache
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 07-May-2024 17:59:33 GMT
X-Firefox-Spdy: h2

payeer.com/iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0

149.202.17.208

302 Found

0 B

URL GET HTTP/1.1
payeer.com/iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0
IP
149.202.17.208:443
ASN
#16276 OVH SAS

Requested by
https://webtrafic.ru/
Certificate
IssuerSectigo Limited
Subject*.payeer.com
Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06
ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payeer.com/?session=2103954
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: iCore Proxy Module
Date: Tue, 07 May 2024 17:59:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store, max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: /?session=2103954

webtrafic.ru/images/lang/lang__ru.png

104.21.68.251

200 OK

899 B

URL GET HTTP/3
webtrafic.ru/images/lang/lang__ru.png
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced
Size
899 B (899 bytes)
Hash
fa57d43ba1417bf41ad68ba291c3e9b3
7936bf1f4ae4a8d24c0cb1789651b68725fbc1f9
73ba093d2e134bee9f470147aad2521ef9ee5d6a48e32dc6377553546a7ce628

HTTP Headers

GET /images/lang/lang__ru.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/png
content-length: 899
last-modified: Mon, 13 Mar 2023 13:06:23 GMT
etag: "640f1fcf-383"
cache-control: max-age=14400
expires: Tue, 07 May 2024 17:38:47 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2F1H0eVcSPiRkksQS154OFgjfHZ0GpJjiESN2DBHbGOadZQushC6etU1H0VQcCmwgj612prvKmFN4Bo%2ByHJmKkEq%2BdsB1j0WxZXOWCYCO3soF7bcfQV3SX%2BSDeHtebw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac3883956be-OSL
alt-svc: h3=":443"; ma=86400

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.10

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 07 May 2024 17:59:33 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=FBy-aX9QWeQmN8TWWTmQ8EQc3Xo3uZCTt7dNsMEWjGYo2a8PAhobbGNKv_CHVOKK-JUQoxC0Vh3NpAiH0Ndz7E5l6zW82R1SScS9geGERxoqo6z2pHYFGoG96OKl-5oc-2OZZKqQfuuVyljWlMXZ1z45hrZeXWMMk63KexGT7NE; expires=Wed, 06-Nov-2024 17:59:33 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Tue, 07 May 2024 17:59:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.131

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 06:54:36 GMT
expires: Wed, 07 May 2025 06:54:36 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 39897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

216.58.207.227

200 OK

3.3 kB

URL GET HTTP/2
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3340 bytes)
Hash
2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 13:00:35 GMT
expires: Tue, 06 May 2025 13:00:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 104338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.google.com/gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240505

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
translate.google.com/gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240505
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240505 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 17:59:33 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'nonce-E7PE82D3BnHAit3qpctRfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoExEI8HK03Xm5kEzjwa9IUZgBzCwmg"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=19.SE=guE5yLjIDlOMHoR1DREHREL2UTunfcjIJemZECbbW-efoXhWNa0ii8zWFa8k1_hjs_a3ut9hVYMzTvrTiZMa71PGIdfVNdEy_F4nTMLT_0_rvGrdnxXDYeWTKv5VNUC3zumofD59Il7RM_xUxLIBH2pcJE89Y9rBePoHgLU19N0; expires=Sat, 07-Jun-2025 10:17:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

payeer.com/?session=2103954

149.202.17.208

302 Found

0 B

URL GET HTTP/1.1
payeer.com/?session=2103954
IP
149.202.17.208:443
ASN
#16276 OVH SAS

Requested by
https://webtrafic.ru/
Certificate
IssuerSectigo Limited
Subject*.payeer.com
Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06
ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?session=2103954 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://payeer.com/?session=2103954
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: iCore Proxy Module
Date: Tue, 07 May 2024 17:59:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=65
Set-Cookie: BITRIX_SM_SALE_AFFILIATE=2103954; expires=Thu, 06-Jun-2024 17:59:33 GMT; Max-Age=2592000; path=/
BITRIX_SM_SALE_AFFILIATE=2103954; expires=Thu, 06-Jun-2024 17:59:33 GMT; Max-Age=2592000; path=/; domain=payeer.com
BITRIX_SM_SALE_AFFILIATE=2103954; expires=Thu, 06-Jun-2024 17:59:33 GMT; Max-Age=2592000; path=/; domain=.payeer.com
Location: /en/
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

payeer.com/en/

149.202.17.208

200 OK

13 kB

URL GET HTTP/1.1
payeer.com/en/
IP
149.202.17.208:443
ASN
#16276 OVH SAS

Requested by
https://webtrafic.ru/
Certificate
IssuerSectigo Limited
Subject*.payeer.com
Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06
ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (430)
Size
13 kB (13268 bytes)
Hash
41117b4f2d4f3fbb28828260870d37a0
aaf1bb257d14f73689d2dcfbc82385525b7ed789
f7a48541a210f861f9b79b466f3e4dca45067124a319708152e7460189783ad0

HTTP Headers

GET /en/ HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://payeer.com/?session=2103954
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: iCore Proxy Module
Date: Tue, 07 May 2024 17:59:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=65
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=gq3o3e2dm1rhf8gamg3ntalkhik8f5udbp4b1epsabq52mqabfkc4n2qvi0i3aom8s5to0rfruc5fcbujlmksk0u5ap2mk6jngbfqg1; path=/; samesite=None; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.10

200 OK

0 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://webtrafic.ru/
Origin: https://webtrafic.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://webtrafic.ru
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 07 May 2024 17:59:43 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.10

200 OK

131 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webtrafic.ru/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1073
Origin: https://webtrafic.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://webtrafic.ru
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 07 May 2024 17:59:43 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

linkslot.link/bancode_new.php?id=358863

172.67.160.247

15 kB

URL GET
linkslot.link/bancode_new.php?id=358863
IP
172.67.160.247:0
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectlinkslot.link
Fingerprint37:06:E2:50:9A:98:8C:CA:97:6D:C4:F2:2F:10:86:5C:58:E5:5D:C0
ValiditySat, 04 May 2024 14:00:52 GMT - Fri, 02 Aug 2024 14:00:51 GMT

File type
Unicode text, UTF-8 text, with very long lines (2423)
Size
15 kB (14863 bytes)
Hash
3460e0a932fd05f83ef873bbd8a6b94f
007a71c1dc6464ec21b1947bdb445adf09abf387
93215203e54bb5d76017b865cbfec239116d7b5c2c451ba8ccb46efa5d5bb941

HTTP Headers

GET /bancode_new.php?id=358863 HTTP/1.1
Host: linkslot.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 17:59:48 GMT
content-type: text/html;charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O9H8wJNfUKnxr9Xn6xv%2F%2BEIMZcVanoo44Sw%2BvkKLppOQ0gW%2FFKfh1s9sGpRIQ64YaIZ1BeL10K7quMd7GNhiM%2B1DEoQhxAbz7RjDFaNZpR3y0NrwTI0OIT0NLx5KMgLx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031b1e4a465688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

webtrafic.ru/banners/cab130883aa549246a1c21be51e3b130.jpg

104.21.68.251

200 OK

13 kB

URL GET HTTP/3
webtrafic.ru/banners/cab130883aa549246a1c21be51e3b130.jpg
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 468x60, components 3
Size
13 kB (13269 bytes)
Hash
60dac92b154aa73020bf9a4a57b19ffe
6a5b5edb97b22b738558a41ab97dafb0d7b45809
f6c6b55547382dd86569c85eece8bcbedc2d5e77a1c28a6d0990d1b832958849

HTTP Headers

GET /banners/cab130883aa549246a1c21be51e3b130.jpg HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:53 GMT
content-type: image/jpeg
content-length: 13269
x-original-content-length: 17483
etag: W/"PSA-aj-YNrJKxVKpz"
expires: Tue, 07 May 2024 17:13:23 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2612
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDOjL1hrz%2F%2BsallchSKwUH6JYMrhBfEw9zkVNH8A79nh5v4ENC9KkzZ8OyzxFZdQNEN4LDrRzvRir5ycuRvW5eeYGaMGmHNrrzPFjTAo2VwGiVBNuYdTrKIBDdwVXg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031b3d1bff56be-OSL
alt-svc: h3=":443"; ma=86400

webtrafic.ru/banners/dd3b1c00af7e420e2a0bc6bde8178065.gif

104.21.68.251

200 OK

122 kB

URL GET HTTP/3
webtrafic.ru/banners/dd3b1c00af7e420e2a0bc6bde8178065.gif
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
GIF image data, version 89a, 468 x 60
Size
122 kB (122291 bytes)
Hash
0c224f1490ec9665da3a751a1348d146
d0f3fdc987a69a51f9e41cbfc9569bd0917f8cb8
f86be7754c0c2fab1704b6cfebcaf114106ac4e31368c79a182d93a2021d2eb1

HTTP Headers

GET /banners/dd3b1c00af7e420e2a0bc6bde8178065.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:53 GMT
content-type: image/gif
content-length: 122291
etag: "640f1fbe-1ddb3"
expires: Tue, 07 May 2024 09:01:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HHuUpTx3Ay5BbH70cHkt0tLtCMzS6gH8gz9GHn%2BUcGEztS%2BPJRVLFGdN%2FWZDPMVmeIC40Q1z8mWYT9bB05wnIkIa2WRe33j7drEQ8D5N7XlTDFqBDAwEzzjXfDL777w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031b3d1bfd56be-OSL
alt-svc: h3=":443"; ma=86400

tg2.leetgems.h1n.ru/

81.90.181.60

200 OK

6.3 kB

URL User Request GET HTTP/2
tg2.leetgems.h1n.ru/
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5991), with no line terminators
Size
6.3 kB (6312 bytes)
Hash
69f387f02b4b9c646d4cc1fb344c3cc7
cefd57275b891ae27b5d43f261246f9c92b8295b
5e5c8887a2443803b68f227063ccf96c92f29ee56fa2a942b195c66dd96a5a0a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET / HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:31 GMT
content-type: text/html; charset=UTF-8
last-modified: Tue, 31 Oct 2023 17:43:48 GMT
etag: W/"18a8-60906b26a8421"
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2

webtrafic.ru/img/banner_empty.gif

104.21.68.251

200 OK

34 kB

URL GET HTTP/3
webtrafic.ru/img/banner_empty.gif
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
GIF image data, version 89a, 468 x 60
Size
34 kB (33550 bytes)
Hash
ad8c7c5a9aa7d752407f1bd9911493d4
31caa83c93fae3797de238975d81e8e3f66fe43e
32cc157d7035835c6c380bd706d0e33294afd6aa61c320c400488b34c66d9e79

HTTP Headers

GET /img/banner_empty.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: image/gif
content-length: 33550
etag: "640f1fd0-830e"
expires: Tue, 07 May 2024 17:26:56 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zk99hrCAS7PutwXQtxZctB%2FqiSTxk8zrkh3xUO9yqhZEMSL1wa%2F1nYFJT6qTDrCwvvBkolQHvXBBhTm%2FX1pmgNLG0cKTg%2Fl%2BYRHiZx%2FArZR2Jfa%2Bb0a8awZV14KzLC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ababe5b56be-OSL
alt-svc: h3=":443"; ma=86400

webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js

104.21.68.251

200 OK

88 kB

URL GET HTTP/3
webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (88059 bytes)
Hash
b4999cbb6a73a9b312f635cff75e5a53
c7b683fc72d06eac129185c3e60362f5c1adc2a8
736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302

HTTP Headers

GET /js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"0"
expires: Wed, 30 Apr 2025 20:12:07 GMT
last-modified: Tue, 30 Apr 2024 20:12:07 GMT
vary: Accept-Encoding
x-original-content-length: 88145
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 596766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bdPCm2EwCiVa0wszq4FfiMdqgscmzSaw1LOuRWsWt2%2B5htQz0mY9mFllCSa50HLpHUXMy%2FXihu81sfQvYRCdwfFuazwjg8r65yktCjnG4eNO%2Fi6nK4rWYrroIma6VM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031abd4ba956be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tg2.leetgems.h1n.ru/css/bootstrap.min.css

81.90.181.60

200 OK

141 kB

URL GET HTTP/2
tg2.leetgems.h1n.ru/css/bootstrap.min.css
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
141 kB (140942 bytes)
Hash
62907ef14a08ac2199b60610b616d0e5
7ccf464455d57e73be3acf820ba77ee92ad4fc13
3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:31 GMT
content-type: text/css
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: W/"6389c0ca-2268e"
expires: Wed, 07 May 2025 17:59:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2

webtrafic.ru/img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png

104.21.68.251

200 OK

866 B

URL GET HTTP/3
webtrafic.ru/img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
PNG image data, 25 x 25, 8-bit colormap, non-interlaced
Size
866 B (866 bytes)
Hash
38d180fd271c03dc195834c4f6460108
777cda920a9ca1f764cba72f69471a592ba74498
d8f87cc6d28b1e3affe0e051740259bea0d9dcc5591badebd44ecb63ee671373

HTTP Headers

GET /img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: image/png
content-length: 866
link: <http://webtrafic.ru/img/pe.png>; rel="canonical"
expires: Tue, 29 Apr 2025 17:32:10 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Mon, 29 Apr 2024 17:32:10 GMT
x-original-content-length: 9792
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 610739
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W63UJ7WygsXD1bvtV4R8l3Sttj1oi9kkp%2B48zdw4VfepJNpPJhF9NDg5iGfAiqpmcPDMvVvj0N8xm%2BN%2FGl%2FXwIZcFZM5Ba77Iwgsyr8x56u1vJqs1nAvMw2NCiQyRME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031abdbc8b56be-OSL
alt-svc: h3=":443"; ma=86400

linkslot.link/promo/dummy/468x60.jpg

172.67.160.247

200 OK

12 kB

URL GET HTTP/3
linkslot.link/promo/dummy/468x60.jpg
IP
172.67.160.247:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectlinkslot.link
Fingerprint37:06:E2:50:9A:98:8C:CA:97:6D:C4:F2:2F:10:86:5C:58:E5:5D:C0
ValiditySat, 04 May 2024 14:00:52 GMT - Fri, 02 Aug 2024 14:00:51 GMT

File type
PNG image data, 468 x 60, 8-bit/color RGB, non-interlaced
Size
12 kB (11802 bytes)
Hash
340218e56c9a171e0704f3fabfe1564e
251985e798c3eaa705e541a9e2f29980caad42e2
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

HTTP Headers

GET /promo/dummy/468x60.jpg HTTP/1.1
Host: linkslot.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:48 GMT
content-type: image/jpeg
content-length: 11802
last-modified: Sun, 10 Mar 2024 02:58:08 GMT
etag: "65ed21c0-2e1a"
expires: Tue, 07 May 2024 21:22:42 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 74226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFG9jCC0i%2FazwJTuojfOz5OPMNj7pQL8Jhnyw4XWs3VCaRW7ufK8MYVy55Z1zDc7KYr06gHtb4WR%2F7NPK9AasiLFO91ehBQk27KB0yUjat2iU05zffp7JbPLK76xs8Cu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031b1f4afe0b49-OSL
alt-svc: h3=":443"; ma=86400

1rash.ru/q/i/i16.jpg

89.208.145.166

200 OK

1.2 kB

URL GET HTTP/1.1
1rash.ru/q/i/i16.jpg
IP
89.208.145.166:443
ASN
#12695 LLC Digital Network

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subject1rash.ru
Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97
ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3
Size
1.2 kB (1247 bytes)
Hash
8b1d04d8a287d40e166d52b8851c9f37
59968678f97de41ea4d1191537db925a72026c94
7eef92ac0490c7d9f62bdf74deaf01a4beee430ebee7eb6fdba8a2a1043e2763

HTTP Headers

GET /q/i/i16.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 1247
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f4-4df-4a176375e9180"
Accept-Ranges: bytes

webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js

104.21.68.251

200 OK

35 kB

URL GET HTTP/3
webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type

Size
35 kB (34948 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=34954
etag: W/"0"
expires: Wed, 30 Apr 2025 20:12:07 GMT
last-modified: Tue, 30 Apr 2024 20:12:07 GMT
vary: Accept-Encoding
x-original-content-length: 49566
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 596765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVCfiY%2BN7QFUkl6aQrCIXvy9dE78sKR%2FE92w8Fan8b5DeBzB%2Fe3J9MNgp%2FQ5xpcBz1kXR1xFTtNEtQGxyc%2F%2FAiyCAWuxZm8iD3%2F89eeu8HMpckuxmH%2BIfTkKC%2BA%2BvSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031abd4bac56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js

104.21.68.251

200 OK

81 kB

URL GET HTTP/3
webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js
IP
104.21.68.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwebtrafic.ru
Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB
ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
81 kB (80796 bytes)
Hash
070da11284349ddb4498fa8c51e1e103
e5d71d44333fd20376909a4b7b12a9201108d59a
4139a3b34657fa34eb91cdaf03375da63742bcefb317aa3f585cc3b2737d8220

HTTP Headers

GET /bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"0"
expires: Wed, 30 Apr 2025 20:12:07 GMT
last-modified: Tue, 30 Apr 2024 20:12:07 GMT
vary: Accept-Encoding
x-original-content-length: 81084
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 596765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YflwrrZpCRWCo%2BvXwxlw%2B483fSFZWPEdWDaZhMKTtUlfUrJugwuWOvUqnF5b2CasoMGQyxrWlbPinN%2FLfVm90Ra7J7%2BpqUDg1nNskW%2F3cGoJTvTNYhXBjbXKaUD6WxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031abd4baa56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

rekizar.com/bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3

0.0.0.0

0 B

URL GET
rekizar.com/bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3
IP
0.0.0.0:0
ASN
#0

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectrekizar.com
Fingerprint95:55:B7:B7:61:FE:55:F7:F1:E1:F8:82:C8:A6:C5:3B:3B:39:54:BD
ValidityTue, 02 Apr 2024 11:49:39 GMT - Mon, 01 Jul 2024 11:49:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3 HTTP/1.1
Host: rekizar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=nb0jn33goamqf78p0nduvre1c4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=snUXQHic2yAG3YkqZvlvFLFbTTZ%2FXZujfHnumDizN3vqKyAufdK%2B2jZAi3mZdPlxv%2Bka05w7UteC8HyzuozXfAAv%2BEFgPlEziVgeoRJ92ub4HMx7QFTIv8OZ0lPWcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031ac0aac056c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tg2.leetgems.h1n.ru/css/detect.js

81.90.181.60

200 OK

52 kB

URL GET HTTP/2
tg2.leetgems.h1n.ru/css/detect.js
IP
81.90.181.60:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://tg2.leetgems.h1n.ru/
Certificate
IssuerLet's Encrypt
Subjectleetgems.h1n.ru
Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A
ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT

File type

Size
52 kB (51931 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /css/detect.js HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:31 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: W/"6389c0ca-cadb"
expires: Wed, 07 May 2025 17:59:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=TranslateInit

216.58.211.14

200 OK

89 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=TranslateInit
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://webtrafic.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (2064)
Size
89 kB (89363 bytes)
Hash
96416b7597b2e0bd02301cdb9c9f595b
052cc7f7db836e14e20e024a83308444667c1c89
cdff82a6d53016e070641093115828bef252402da4167e428aeaca3741245b33

HTTP Headers

GET /translate_a/element.js?cb=TranslateInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 17:59:32 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

linkslot.pro/bancode.php?id=1

0.0.0.0

0 B

URL GET
linkslot.pro/bancode.php?id=1
IP
0.0.0.0:0
ASN
#0

Requested by
https://webtrafic.ru/
Certificate
IssuerCloudflare, Inc.
Subjectlinkslot.pro
Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96
ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bancode.php?id=1 HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: PHPSESSID=3pp8e9b3b4p2h1b5oe94muc5a5; path=/; domain=.linkslot.pro
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRIAwJBzKwLb7hKFguUbMQLqwz59QexjqDGLYk6QCC1QUncfev3odsLZ80%2FDJUS8t1Z%2BYubeJxnzJz9VN8f7HvjNR9yVue6HvVjF9RgAJFGsnFWk65QFzD7xkB%2Fdtrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031ac0afa2b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (59)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML