| tg2.leetgems.h1n.ru/img/LogoBig_1x.png | 81.90.181.60 | 200 OK | 1.6 kB |
URL GET HTTP/2tg2.leetgems.h1n.ru/img/LogoBig_1x.png IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
File typePNG image data, 131 x 31, 8-bit/color RGBA, non-interlaced Hash22aae336e78f75ab0ff2534cf975ed4a bbc0d011f640673b811d07ea30fbfec0415530a4 7bb14dc217f7f5ac7104b4838132dd370e1b808f7df6ccb4fdfd0227de5159bc
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /img/LogoBig_1x.png HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:31 GMT
content-type: image/png
content-length: 1635
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: "6389c0ca-663"
expires: Wed, 07 May 2025 17:59:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| unitraffic.net/banner.php?user=2718 | 85.208.187.144 | | 852 B |
URL GET unitraffic.net/banner.php?user=2718 IP85.208.187.144:0
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectunitraffic.net FingerprintD6:0F:0E:A2:F9:DF:D0:C4:2A:5E:8F:94:00:76:B1:DF:9C:83:13:DE ValidityThu, 25 Apr 2024 23:35:08 GMT - Wed, 24 Jul 2024 23:35:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1522), with no line terminators Hash30dfa3e94d434603dab6eabfd975493a 83392bcb475e598afd467327fd5832d665e3e515 32f62215553a5471236cc7af22c30c2a5f5ac00db3fbf4ea0a60c25a310142d5
GET /banner.php?user=2718 HTTP/1.1
Host: unitraffic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 17:59:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=6chr55lrhhqavhljc4agi4l3k1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
|
|
| tg2.leetgems.h1n.ru/img/cparip.png | 81.90.181.60 | 200 OK | 2.3 MB |
URL GET HTTP/2tg2.leetgems.h1n.ru/img/cparip.png IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
File typePNG image data, 4096 x 4096, 8-bit/color RGB, non-interlaced Size2.3 MB (2288360 bytes) Hash0664cb29e7663889c52dc98b43ecbefb 8db35f4da81d644fb290b4c3793b1aa2a910ac07 5aa23070b3cf7ceb7e942c4b1c57da80c6bf78e140b53196bbf17eb0d0ed5600
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /img/cparip.png HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:31 GMT
content-type: image/png
content-length: 2288360
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: "6389c0ca-22eae8"
expires: Wed, 07 May 2025 17:59:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| unitraffic.net/img/banner_empty.png | 85.208.187.144 | 200 OK | 5.4 kB |
URL GET HTTP/1.1unitraffic.net/img/banner_empty.png IP85.208.187.144:443
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectunitraffic.net FingerprintD6:0F:0E:A2:F9:DF:D0:C4:2A:5E:8F:94:00:76:B1:DF:9C:83:13:DE ValidityThu, 25 Apr 2024 23:35:08 GMT - Wed, 24 Jul 2024 23:35:07 GMT
File typePNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced Hash28d818cd8b5ea617d336300ca726663b d1286a3f06f719fe7c410e41760a81cee39d4c86 8c9960fa2ab2600dad21e8bc1ad0062120067252c7920e8492df81808c2b0af4
GET /img/banner_empty.png HTTP/1.1
Host: unitraffic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 17:59:32 GMT
Content-Type: image/png
Content-Length: 5392
Last-Modified: Sun, 17 Apr 2022 06:44:13 GMT
Connection: keep-alive
ETag: "625bb73d-1510"
Expires: Wed, 08 May 2024 17:59:32 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
|
|
| webtrafic.ru/ads.php?uid=8247 | 104.21.68.251 | | 34 kB |
URL GET webtrafic.ru/ads.php?uid=8247 IP104.21.68.251:0
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1186), with no line terminators Hash4897fb8003e87f672918587e3f7fe44b 25df6bb29f6e7059635726a51134dfcefc9e98f3 c086b674db664b99c87a3f52edefedc2d43b83bd1bb42b308353884401e18afa
GET /ads.php?uid=8247 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIuhkkFCPV38jb84JUJmmmNJNpe%2Fh2hYGOwcsHRTLk3CXoc1mECPMqj9y8HTC0Uj%2FtqoKAnDXZDqfE1RDBdPBtyD%2FNe%2BQVI6%2BrFhEMWPfZfK4YrsAiGaHqEou%2FLt3pw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031ab9ec2056be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1rash.ru/q/bsk.php | 89.208.145.166 | 200 OK | 2.4 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeHTML document, ISO-8859 text Hashe60d330693c6f2606d2d204d5bbdc777 5c6260022797867033ab4c36460634ddaf7c00e3 388ec365159ae22ea66ac62b1f792e2b330f45ff66ad89d4543651eefaa7532f
GET /q/bsk.php HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: text/html; charset=windows-1251
Content-Length: 2439
Connection: keep-alive
Server: Apache
|
|
| cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js | 151.101.129.229 | 200 OK | 1.1 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js IP151.101.129.229:443
CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (1619) Hash45f12de4d7b95a193ecdc5cfde664bb9 ee9541cf1a95d2a885f8b143a105caaa08ca9c9d 39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
content-encoding: br
accept-ranges: bytes
date: Tue, 07 May 2024 17:59:32 GMT
age: 30574
x-served-by: cache-fra-eddf8230099-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1078
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/ | 104.21.68.251 | 200 OK | 16 kB |
IP104.21.68.251:443
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (12663) Hashe8421ec7f0e3bb65a294711c0973e25d abd51c4cfd213a563f76a3b8e952745d43ce0b99 d67d44f8cd4e60e575ac06b96769a1df8abadfdc6d592847851120dc1e4d9712
GET / HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=i9j2uppedtruocj3df459dmrdv; path=/
pragma: no-cache
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TL4ZmwCGH5Mli4MXf5IHI7dPVl9twvTAcZ0TyytfRlToc%2Bt5poBXmnjKCybcUm%2BvrdcLQ1nZ%2FPs54x9Rsf3C7WfYpE%2BWBM%2B2G4HVsFYFe0FS%2FKXT1gno%2B83ZE01vBbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031ababe4c56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png | 104.21.68.251 | 200 OK | 1.1 kB |
URL GET HTTP/3webtrafic.ru/img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typePNG image data, 25 x 25, 8-bit colormap, non-interlaced Hashabb0364ceccfd96f043c089281b7e8c3 a22a6747139991930c63de9f7fb36ac19998e216 aa2e91454bb83b548d9e01685127a73eda1291cb81899ccc3354e24567a53ace
GET /img/25x25xsp.png.pagespeed.ic.q7A2TOzP2W.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: image/png
content-length: 1079
link: <http://webtrafic.ru/img/sp.png>; rel="canonical"
expires: Tue, 29 Apr 2025 17:29:16 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Mon, 29 Apr 2024 17:29:16 GMT
x-original-content-length: 11788
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 606522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYwnNNXLjptiFG6c0hW77HKYBgRiUTJnLoFvdKSi%2Fy7xhfrOxEOSEqPYZ9EE0M%2BoEoYvG5DTvErPR7XHCh8JOLZqkddwPM2N5jqX3YlNvKfe8G0DeZlZ33fE1uM7i40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031abdbc9556be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png | 104.21.68.251 | 200 OK | 1.5 kB |
URL GET HTTP/3webtrafic.ru/img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typePNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced Hashb6068d14a1756e0e41052584059ecaac d5836694aa54334f2ae81ad908192970d7ad1590 d31fee4b1d850d79de5748d3b82a5706f6c92e90a4fced70266ae0ae92ed2fd2
GET /img/25x25xcart.png.pagespeed.ic.tgaNFKF1bg.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: image/png
content-length: 1504
link: <http://webtrafic.ru/img/cart.png>; rel="canonical"
expires: Tue, 29 Apr 2025 17:29:16 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Mon, 29 Apr 2024 17:29:16 GMT
x-original-content-length: 24626
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 596394
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTS5aR%2FRlWiGrQHgNnkCrKOpDv9WBGoQqkE1y1X9X%2FUJJwrRBbvb2XWaoWInNL0aFTHtOsU%2BG0b%2FuDx%2BzGojefVzTLPiUzuMCpT9DQGQoA6u%2BMmgPfga0ISDyUH2Oqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031abdbc8f56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1rash.ru/q/i/i22.jpg | 89.208.145.166 | 200 OK | 1.1 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash09d00cd5cf090d3daf70d5e213688b4c 9022599fd1c9d38bfec8fae286962db248f1f722 a135fceb668a6804c45b9b2a2cac063d3211f517411ebb87ad13e29ed11cd6d2
GET /q/i/i22.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 1082
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fb-43a-4a176377d1600"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i21.jpg | 89.208.145.166 | 200 OK | 1.3 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashedcd6cd2af814f8f30bd55e6e1686b6c 687202c4759ba4e1c94b8f62c4be961656cabd28 4c94f6ce0bc99d807ef5ad1c81ffe5c89c1665c751c6aa95baf9179275d19111
GET /q/i/i21.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 1287
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1fa-507-4a176376dd3c0"
Accept-Ranges: bytes
|
|
| neon.today/context/get/100439/28817/1/468/60 | 213.183.48.30 | 200 OK | 580 B |
URL GET HTTP/1.1neon.today/context/get/100439/28817/1/468/60 IP213.183.48.30:443
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectneon.today FingerprintF9:C9:45:2E:BF:94:50:19:BE:3C:64:8A:BE:97:0C:2B:D6:AE:C9:7A ValidityTue, 02 Apr 2024 22:30:27 GMT - Mon, 01 Jul 2024 22:30:26 GMT
File typeHTML document, Unicode text, UTF-8 text Hashec71e0c40ba34cfe9f84633a2d7e38fa f5f45a72b4192ff13d1bc6fed281dedc5a4828ee c61da258f4f9bd3b022f4768ed93f6838ec32d925911611602e5d7c067479d52
GET /context/get/100439/28817/1/468/60 HTTP/1.1
Host: neon.today
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 17:59:32 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 580
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| 1rash.ru/q/i/i29.jpg | 89.208.145.166 | 200 OK | 808 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hasha8bb6266b787520230e26df801086e12 5556ebc578a6b87b9e2113dda0a719740d5ff645 7217c5b17c8499f134de4a5de3af9ae9acb1adaa9a0da6f21ece6fd770bdb09d
GET /q/i/i29.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 808
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:05:18 GMT
ETag: "13c1ff-328-4a5d31520db80"
Accept-Ranges: bytes
|
|
| webtrafic.ru/js/socket.io.min.js | 104.21.68.251 | 200 OK | 17 kB |
URL GET HTTP/3webtrafic.ru/js/socket.io.min.js IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeJavaScript source, ASCII text, with very long lines (64366), with no line terminators Hash63241b78a09366c1220125b1c8a5ff20 91d14b8a343afbb645bcd157200555816519ced3 f01fea38541229b697b158619451884a0b355c477a7da949411f0aa6852fab89
GET /js/socket.io.min.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: application/javascript
x-original-content-length: 64504
vary: Accept-Encoding
etag: W/"PSA-aj-YyQbeKCTZs"
expires: Sun, 05 May 2024 12:10:47 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4292
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddWl1T7EE446fYgafjLDGLCY%2B08lWLsrjxlasTT1UlaFqrVqM6Xl8bjypv5iC3S%2BWfKAgwjQTCOnjdE%2Bzl3d0z8D6Fv4WFndpGLKbOiuYO1ds3oFKYn%2BZ%2F%2FcZNcD97s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031abd4bae56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1rash.ru/q/i/i1.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashc7fa97c8911aca393ddb4217cc075321 584ef670b8982eba7d9853c3047f47e91d7a8c35 f1e6f586e4cb3e5633175f10c60274d54451a3e1ed4a42d9563b3f0d80c60e9b
GET /q/i/i1.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 1170
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1ed-492-4a176377d1600"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i10.jpg | 89.208.145.166 | 200 OK | 1.1 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash0ac0624c642f13116fab03f97d48fae9 1b790e1320dfd80ed7337d077f357c39a599dd62 2266f2f329c08b77641df314c7ecb2256ad0b539ae4484269d8eacb6c1e182a2
GET /q/i/i10.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 1099
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1ee-44b-4a176374f4f40"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i27.jpg | 89.208.145.166 | 200 OK | 852 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hashfa3c317272839ce74e946168cc1f0256 e7ea8d93a2b3df81c5224a5d197672b0f9880ac0 2f9a28e0948fe7428bb68ba67a815438f3723915d5e745421333293ae26fcb27
GET /q/i/i27.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 852
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fd-354-4a176377d1600"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i32.jpg | 89.208.145.166 | 200 OK | 787 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hash2f5b2fa04eb1c03fa76e0f4ee3ba867d c779636e1641ce5543ab7d4ceb8315f50ebf6fe0 3c4761799cfb5faf650cf9b5ee7dcb6323f5ea88a025ab4f2ca45f9ad26aa2a8
GET /q/i/i32.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 787
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:25:42 GMT
ETag: "13c203-313-4a5d35e159d80"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i28.jpg | 89.208.145.166 | 200 OK | 844 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hash412b8d68806a6f1eaae33ab61408e5b6 3cf120f4ac25cb37d03690ed4f4f99e8c10f6549 28e3bab9f1c604044ef0b744978ed7a94986b406fae3f5dc48daab90ddafe571
GET /q/i/i28.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 844
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 11:56:55 GMT
ETag: "13c1fe-34c-4a5d2f725afc0"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i6.jpg | 89.208.145.166 | 200 OK | 949 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash599ecaaf31ded9febc399f253c6850ac 8b757aafb5f1b3ed40882e6edf81a5a7ceb70cd6 d002b4d408b10bc8993f7f980cfbb85198659e92f345bbe1a812612194925dac
GET /q/i/i6.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 949
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c206-3b5-4a176379b9a80"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i8.jpg | 89.208.145.166 | 200 OK | 1.3 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash2ab385dd42c7301aa0d69bfd3bcb71a2 f5d68e166c75ddbec5ddcfb08b976c559ef75a26 39e01baf23094c9244c4b8babfd1c0faa1aa0648ca1bf3325148b1daa9e78843
GET /q/i/i8.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1264
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c208-4f0-4a176379b9a80"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i7.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash9f1eddb947f9d468e54408d52a1831b0 98e3141fb66605f969c990827c1730e29c92123d ca3346a44f7619fa1928c810fb1f1d2b78ed01eaf28bc2f9ec884555627e25f5
GET /q/i/i7.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1240
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c207-4d8-4a176379b9a80"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i9.jpg | 89.208.145.166 | 200 OK | 1.1 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash4651716c2e8a82e38e57e9c3f88b69fe ed1f6eb5729e01eaff6224d0d676e5d6f74acb5f 848244e41780fd3cf681351db6a399063842f49f6dbcc72a7219e156fe184d26
GET /q/i/i9.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1121
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:59 GMT
ETag: "13c209-461-4a17637aadcc0"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i11.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash8c216347028037af3b531687fb40f5ad 93c87e3bb567c48618a2503123f4f42cb232102a 3f3c39233984706be1fd358a3e17a1f938a562cf287e9f4bd819f005242a79e9
GET /q/i/i11.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1160
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1ef-488-4a176374f4f40"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i12.jpg | 89.208.145.166 | 200 OK | 1.3 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash974908a0d5d6aec321ea6ceadeabcc89 f9ecc635349dec18f5789f0afc667db32389cc0e 0bfdcf90455eb460deee1f94df548fa8ff6cd91a96ac5305515756b3a5e13c84
GET /q/i/i12.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1310
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:53 GMT
ETag: "13c1f0-51e-4a176374f4f40"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i20.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash20ac0c63e1b8cd918e142669cadf7073 da110a8fa35192d02702cda67816cbea3ab60cef 58eb04e77c4a3b31d18b8ac0b7a33ecff1fe892a8b1871619b9c5ae134a7777a
GET /q/i/i20.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1244
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f9-4dc-4a176376dd3c0"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i03.jpg | 89.208.145.166 | 200 OK | 860 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hash43ad002dd395011a36e0004faff95040 4123a3ed39f1319dd6c4fa1eaaa14734c518abbe 49d9c3f15ae2db284cfd2bb31f1e1fe40d8cc4f833e6ce4118256c5d551b1f01
GET /q/i/i03.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 860
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c1ec-35c-4a176378c5840"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i13.jpg | 89.208.145.166 | 200 OK | 1.0 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash0999c2f6b7fb91a5e39884824762e07c ced0d0cc4b7ca1a912b427c4366588737c188380 ce852c75b278249ff2d327b256f20b25d37519ce145b089045fbfe03e566e3d7
GET /q/i/i13.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1035
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f1-40b-4a176375e9180"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i30.jpg | 89.208.145.166 | 200 OK | 863 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hash82b7028d77310c4a39c48ca5bdb1873a b799bfc4397d54f423d7f20e2779308fd714ef7e 096d226948285a2d84390d1d89388743ab773debc9daf91bdd678d07ab55f2ae
GET /q/i/i30.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 863
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:12:40 GMT
ETag: "13c201-35f-4a5d32f793e00"
Accept-Ranges: bytes
|
|
| webtrafic.ru/banners/8d7746d19761e5bb340eddb38ee84710.jpg | 104.21.68.251 | 200 OK | 11 kB |
URL GET HTTP/3webtrafic.ru/banners/8d7746d19761e5bb340eddb38ee84710.jpg IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 468x60, components 3 Hash6c287f11b474cb8319e21bdd4c7e7f95 4c9ef4c0e833a6b9d4f63099def2257834afb399 1955f3d0637a5a651784aae94914b26337149f850c91f39b013373f496ea1bad
GET /banners/8d7746d19761e5bb340eddb38ee84710.jpg HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/jpeg
content-length: 10921
x-original-content-length: 17707
etag: W/"PSA-aj-bCh_EbR0y4"
expires: Tue, 07 May 2024 17:47:15 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 44
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FWbhjSL%2BtGgdZhHLhaK7mrdr6%2By%2BQBlOsXIfCco5kllywrKOmq7qevXg9pTKhjMy%2BEelJIqeilhQEQ9%2BVgl51ZAtiBEbONB2gqD%2FtxvKgxQ9i4D6J9QJvTm5m%2Bqsmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac0395856be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/banners/e1e17ab962d5930a640c009a9045fd48.gif | 104.21.68.251 | 200 OK | 4.2 kB |
URL GET HTTP/3webtrafic.ru/banners/e1e17ab962d5930a640c009a9045fd48.gif IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typePNG image data, 468 x 60, 8-bit colormap, non-interlaced Hash5cdb5f82555ebb79f2601e822dcd1e28 3892595961146946a51f0868513e8efc21a03d3f 8cafaaddf474eaf047b718d0f02faf3a18466493d22f7acedd678289c95129d1
GET /banners/e1e17ab962d5930a640c009a9045fd48.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/png
content-length: 4188
x-original-content-length: 4732
etag: W/"PSA-aj-XNtfglVeu3"
expires: Tue, 07 May 2024 15:52:06 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 7199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9q1Axg92OGOslPQ%2BMoCNu9ZKlGOV%2BlJjZDkb6xBpCsILVyKimLFEuaxyn3k89Df6XuiQRONm4uhxPp7%2B2hxUl6o1dzyDzE%2FwyuLwsTFXt599577gn1zdDzKcV1n0Q6o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac0396156be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1rash.ru/q/i/i23.jpg | 89.208.145.166 | 200 OK | 869 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hasha0c3f9db170b509064860d331477aac0 caf1270d767791eea4b4e8423adbe4f23156ef2d 30159bc97ad2456ba29092d508d6fc23026066583dad0b10e66a6b94df28c41d
GET /q/i/i23.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 869
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1fc-365-4a176377d1600"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i14.jpg | 89.208.145.166 | 200 OK | 1.4 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash0278675b031052695f83ed7285ad5168 e85bd2517e48351474aec32edcf5d1a475fe89f5 81fe9a4decee6ba1e8ababab5bd3afe2fdbcf72c92b0e81d7d8ddaa2f545abc3
GET /q/i/i14.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1378
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f2-562-4a176375e9180"
Accept-Ranges: bytes
|
|
| webtrafic.ru/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.21.68.251 | 200 OK | 77 kB |
URL GET HTTP/3webtrafic.ru/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: application/octet-stream
content-length: 77160
last-modified: Mon, 13 Mar 2023 13:06:22 GMT
etag: "640f1fce-12d68"
cache-control: max-age=14400, s-maxage=10
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjJyukM1yH7d6Cc7z9jGCLZM53P4tBrLdjbZRa94V0p%2FAehcKPol%2Fmg5xVxGhj5uqCmgbq4vsx2nnpPVdh9PYpQwxwJNP6i1DQwkQNGWB8fAnI7S1tGErsI7yOU43sQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac0191f56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1rash.ru/q/i/i15.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash716cf0372a9e3549dd0c8228104e5a8a c25f1da1ecf3c1e1687b356885ed143bdadc529c 99b968d7b2ce9008b2ac8d312e355c7ed61c671b53b70f0694eefb9c20692fb3
GET /q/i/i15.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1213
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f3-4bd-4a176375e9180"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i3.jpg | 89.208.145.166 | 200 OK | 1.1 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashc0cd32ad99537e47a0359f7f765a9063 452e77efcfb1852e5dc9d6ba26eca99cf9adb75f d29bad3ad73a49ad955bd610396a9ea4808392fd016f56204108adaf3ebdc511
GET /q/i/i3.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1054
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c200-41e-4a176378c5840"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i17.jpg | 89.208.145.166 | 200 OK | 1.3 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash201fb6a4a3b9fc2fd5e96108e79c14e1 2800cf177bac5bbbcaa35b3ac8beb534b264bd0d 8e8b314683c3f3d30a41248101c0d55f0a53ce3f50a198e28033bcc38edef44d
GET /q/i/i17.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1296
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f5-510-4a176375e9180"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i18.jpg | 89.208.145.166 | 200 OK | 1.1 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashbd49a082045314b5913de74e31601db1 979096d8183c8a0c0fe16611a822e6b83989a19d 9d59f5df3eec72870aef48178d02ac36f28cfc3975dcf81477d39fc5aef24380
GET /q/i/i18.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1074
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f6-432-4a176376dd3c0"
Accept-Ranges: bytes
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css | 142.250.74.131 | | 4.0 kB |
URL GET www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css IP142.250.74.131:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 18:00:32 GMT
expires: Tue, 06 May 2025 18:00:32 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 86341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1rash.ru/q/i/i00.jpg | 89.208.145.166 | 200 OK | 914 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hashf0500a756946bd6216a353c755640f62 1d9038b9d476757ca222d3cf22e5e6372083750f e61fa050fcc0d73160370b92428fc300df065aec14b86236b3513afda2a0db05
GET /q/i/i00.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 914
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:56 GMT
ETag: "13c1eb-392-4a176377d1600"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i19.jpg | 89.208.145.166 | 200 OK | 1.3 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashe4b0a3b3be399e14b790be247368fcf8 2fe771d6660fd4ef5dc313df6f4b2fb8315746d8 92d49c679788eb22633820c9e3e74ac71b23da5cb019f7fd7771a59ba24275b7
GET /q/i/i19.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 1275
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:55 GMT
ETag: "13c1f7-4fb-4a176376dd3c0"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i2.jpg | 89.208.145.166 | 200 OK | 957 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hashcc094b5369d872ff2148ad86ef788d38 0c25a58ebe84c1b141f4d9398eb311abf1968b76 e83a294df92a56d5363eb6299ee547b41809b72dc94d04e6674e1e46fe4a3dea
GET /q/i/i2.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 957
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:57 GMT
ETag: "13c1f8-3bd-4a176378c5840"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i4.jpg | 89.208.145.166 | 200 OK | 854 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash10bd409f25fbfbab424662c87ffd8149 fe31d44c2625da598bbaeb110567f74c91f20709 bd03aa9a97b29315975ce1949d8d6d7e8712e264c80234c5c2916a5b29eaae0d
GET /q/i/i4.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 854
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:58 GMT
ETag: "13c204-356-4a176379b9a80"
Accept-Ranges: bytes
|
|
| 1rash.ru/q/i/i31.jpg | 89.208.145.166 | 200 OK | 867 B |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x20, components 3 Hash0a328a40864cc03d0495cd59273c0831 604badc1551096e40d9076bb9e8861790f8e4912 e87e329c040bb403d5045bfbb4148d96960aa0a27f6f1347a341f38a316c34e1
GET /q/i/i31.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:23 GMT
Content-Type: image/jpeg
Content-Length: 867
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 16 Jun 2011 12:17:39 GMT
ETag: "13c202-363-4a5d3414b9ec0"
Accept-Ranges: bytes
|
|
| neon.today/logo_small.png | 213.183.48.30 | 200 OK | 19 kB |
URL GET HTTP/1.1neon.today/logo_small.png IP213.183.48.30:443
Requested byhttps://neon.today/context/get/100439/28817/1/468/60 CertificateIssuerLet's Encrypt Subjectneon.today FingerprintF9:C9:45:2E:BF:94:50:19:BE:3C:64:8A:BE:97:0C:2B:D6:AE:C9:7A ValidityTue, 02 Apr 2024 22:30:27 GMT - Mon, 01 Jul 2024 22:30:26 GMT
File typePNG image data, 50 x 15, 8-bit/color RGBA, non-interlaced Hashe8f264874aa64e38756e575d1d6452ba 015287540c0fe06723408a117daac30afc9efefe c86c4eb33d4edbc00eaf4ad4d5afdc7bd9a5e6e311d3e54399590911b6d8b684
GET /logo_small.png HTTP/1.1
Host: neon.today
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neon.today/context/get/100439/28817/1/468/60
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 17:59:33 GMT
Content-Type: image/png
Content-Length: 18858
Last-Modified: Sat, 20 Aug 2022 08:28:35 GMT
Connection: keep-alive
ETag: "63009b33-49aa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
|
|
| webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css | 104.21.68.251 | 200 OK | 49 kB |
URL GET HTTP/3webtrafic.ru/A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash6676494c9ee44d937278d98aecd0774e d6e5cc9fa0a99b53e15d19023f937bcb37e93b38 4b6c561f000061c56d2135fe10de8470d3f50d60479988cf62fadb0d6be17a5d
GET /A.bootstrap-4.5.0-dist,,_css,,_bootstrap.min.css+font-awesome-4.7.0,,_font-awesome.min.css+css,,_sfs.main.css,,qv==17+css,,_jquery-ui.css+css,,_language.css,,qv==5,Mcc.oHin5wRMFT.css.pagespeed.cf.qTua6D0A8I.css HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=231427
etag: W/"0"
expires: Wed, 30 Apr 2025 16:20:11 GMT
last-modified: Tue, 30 Apr 2024 16:20:11 GMT
vary: Accept-Encoding
x-original-content-length: 292525
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 610739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owM%2FmwNhcTzJSkIB4lY74IY8X1J6a4jCvvL8SZyd1GlNXEXs%2Bx3Xfb%2FBhj4XeIgCvB1s%2F9JaPJYRSU0wt4iCuJeV9qJJqQL4o1kgqFuL19vkzkVVEnOGXc8YGOzB87o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031abd4ba856be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tg2.leetgems.h1n.ru/img/telegram_logo_icon.ico | 81.90.181.60 | 200 OK | 68 kB |
URL GET HTTP/2tg2.leetgems.h1n.ru/img/telegram_logo_icon.ico IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
File typeMS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel Hash4f123b8081a681da829b4b034dd4b7bc 02e58fa28ede37a412174ac17cc9883f9378d4ae d7bbaeffe46c40d1b069c527d3138b7e2a0c831a4e3a9ca0ca9350b0d8ec332a
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /img/telegram_logo_icon.ico HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/x-icon
content-length: 67646
last-modified: Sun, 05 Mar 2023 08:58:29 GMT
etag: "640459b5-1083e"
expires: Wed, 07 May 2025 17:59:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| payeer.com/?session=2103954 | 149.202.17.208 | 302 Found | 621 B |
URL GET HTTP/1.1payeer.com/?session=2103954 IP149.202.17.208:443
CertificateIssuerSectigo Limited Subject*.payeer.com Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06 ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (621), with no line terminators Hashf1c5e85a5273595a638c13ae96aca215 04ef72d158d591b80b6fb4b503a76aceb750d53c 00510de30359be8cf5954a5e2438f5f4d8761afb560bfd1b539fb711953b2cdc
GET /?session=2103954 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: iCore Proxy Module
Date: Tue, 07 May 2024 17:59:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store, max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
|
|
| rekizar.com/img/468x60.jpg | 104.21.88.72 | 200 OK | 23 kB |
URL GET HTTP/3rekizar.com/img/468x60.jpg IP104.21.88.72:443
CertificateIssuerGoogle Trust Services LLC Subjectrekizar.com Fingerprint95:55:B7:B7:61:FE:55:F7:F1:E1:F8:82:C8:A6:C5:3B:3B:39:54:BD ValidityTue, 02 Apr 2024 11:49:39 GMT - Mon, 01 Jul 2024 11:49:38 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:07:06 14:32:48], baseline, precision 8, 468x60, components 3 Hashfbc934907899d42eb7498fa4e3a1a6de 19de6166486465421dbada583cc75dc616f70bc2 0687f06055827a84336951df496e050f14248e4efb4de70c85095e9116e61bc7
GET /img/468x60.jpg HTTP/1.1
Host: rekizar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/jpeg
content-length: 22628
last-modified: Mon, 12 Feb 2024 09:29:16 GMT
etag: "65c9e4ec-5864"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 286766
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NmtJ%2B9tRwfcSC71eZFZONTAeosnCwPuVwRu8HCcYsHZWWeqC5vbUbI8N%2BAB9jZb%2BYpx7KSmlBRgmGvU1nVUWJqQpnNc9XdZDmRGklEX6jtCyM%2B1b401OnAsveIdR6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac18dd90b02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| linkslot.pro/uploads/0f99185a150936d6507f73aac09b7230.gif | 172.67.179.242 | 200 OK | 305 kB |
URL GET HTTP/3linkslot.pro/uploads/0f99185a150936d6507f73aac09b7230.gif IP172.67.179.242:443
CertificateIssuerCloudflare, Inc. Subjectlinkslot.pro Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96 ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 468 x 60 Size305 kB (304615 bytes) Hashde18b3c6d5039f38e760e0c6e016e822 0a59834bc4862f9e483816051e5d5c7d19058abe 34ff128900b699dd1f11e87f54bae0d8f1a17c7cbc2c65dcc839c61b97a94da7
GET /uploads/0f99185a150936d6507f73aac09b7230.gif HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/gif
content-length: 304615
last-modified: Tue, 07 May 2024 15:22:28 GMT
etag: "663a4734-4a5e7"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 1606
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2zHFV1%2BhUP7opFuwttmt6CkxzgO6JWpLcNOGolCa%2FiOlwdeWT0IOkTd0sqgsjdSwHCz4cvSuUKdXadMu%2BPr4chpAsvdpYc5WnOIFXZ%2BPHOUsTbd2ZPlp5A0wee9wxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac22f6d0afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| linkslot.pro/img/buyb.png | 172.67.179.242 | 200 OK | 2.6 kB |
URL GET HTTP/3linkslot.pro/img/buyb.png IP172.67.179.242:443
CertificateIssuerCloudflare, Inc. Subjectlinkslot.pro Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96 ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typePNG image data, 127 x 16, 8-bit/color RGBA, non-interlaced Hash6623622f5954708d814fc46180f75b9f 7bd68ddbb91875e815e73fa937efc259e56fad47 5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
GET /img/buyb.png HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/png
content-length: 2585
last-modified: Thu, 06 Apr 2023 09:20:44 GMT
etag: "642e8eec-a19"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 184
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddDaDYujRZo6IXcFEdzSCLzzffxbbFXCwmRwZmB9Qf6vVB5Q20K%2BbUtgTRojEqZClWWzOoeSesqcu84jc9tc8m2WNXQVsEF%2BWZLLjjqcas83rHoric4r7h2oItFudsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac22f6f0afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main | 142.250.74.10 | 200 OK | 73 kB |
URL GET HTTP/2translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main IP142.250.74.10:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (2297) Hash9b289af026f3e548d1d06033fa868b46 7916969abb1e3aa9e953f4d7e7cb8ca1380f98f7 dc5d2a255869ad274247f1bb8c353794f470a1fca09d9f8c98968178c5b8a717
GET /_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 72600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 17:42:06 GMT
expires: Tue, 06 May 2025 17:42:06 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 04 May 2024 07:10:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 87447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| informer.yandex.ru/informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews | 93.158.134.119 | 200 OK | 1.4 kB |
URL GET HTTP/2informer.yandex.ru/informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews IP93.158.134.119:443
CertificateIssuerGlobalSign nv-sa Subjectmc.yandex.ru FingerprintDB:EC:6C:00:83:6B:5E:03:B2:DE:D1:CA:D1:7B:50:9B:E3:E8:57:65 ValidityTue, 26 Dec 2023 16:32:23 GMT - Wed, 05 Jun 2024 20:59:59 GMT
File typePNG image data, 80 x 31, 8-bit/color RGBA, non-interlaced Hash132cab1f56469197cd0fda621084f162 a8b793e51dc1d54ac146e62e1019cfd6fb107926 a0b78e583790fe71ff9ce525a6bad91827b203ce0af39b503261d75becd84ed9
GET /informer/92879751/2_0_FFFFFFFF_FFFFFFFF_0_pageviews HTTP/1.1
Host: informer.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 1447
last-modified: Tue, 07-May-2024 17:59:33 GMT
content-type: image/png
pragma: no-cache
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 07-May-2024 17:59:33 GMT
X-Firefox-Spdy: h2
|
|
| payeer.com/iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0 | 149.202.17.208 | 302 Found | 0 B |
URL GET HTTP/1.1payeer.com/iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0 IP149.202.17.208:443
CertificateIssuerSectigo Limited Subject*.payeer.com Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06 ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iproxy/j?Hj2toJVSRJkwlvcmVlhuci8/c2Vzc2lvbj0yMTAzOTU0 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payeer.com/?session=2103954
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: iCore Proxy Module
Date: Tue, 07 May 2024 17:59:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store, max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: /?session=2103954
|
|
| webtrafic.ru/images/lang/lang__ru.png | 104.21.68.251 | 200 OK | 899 B |
URL GET HTTP/3webtrafic.ru/images/lang/lang__ru.png IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typePNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced Hashfa57d43ba1417bf41ad68ba291c3e9b3 7936bf1f4ae4a8d24c0cb1789651b68725fbc1f9 73ba093d2e134bee9f470147aad2521ef9ee5d6a48e32dc6377553546a7ce628
GET /images/lang/lang__ru.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: image/png
content-length: 899
last-modified: Mon, 13 Mar 2023 13:06:23 GMT
etag: "640f1fcf-383"
cache-control: max-age=14400
expires: Tue, 07 May 2024 17:38:47 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2F1H0eVcSPiRkksQS154OFgjfHZ0GpJjiESN2DBHbGOadZQushC6etU1H0VQcCmwgj612prvKmFN4Bo%2ByHJmKkEq%2BdsB1j0WxZXOWCYCO3soF7bcfQV3SX%2BSDeHtebw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ac3883956be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback | 142.250.74.10 | | 1.4 kB |
URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP142.250.74.10:0
Hasha3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 07 May 2024 17:59:33 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=FBy-aX9QWeQmN8TWWTmQ8EQc3Xo3uZCTt7dNsMEWjGYo2a8PAhobbGNKv_CHVOKK-JUQoxC0Vh3NpAiH0Ndz7E5l6zW82R1SScS9geGERxoqo6z2pHYFGoG96OKl-5oc-2OZZKqQfuuVyljWlMXZ1z45hrZeXWMMk63KexGT7NE; expires=Wed, 06-Nov-2024 17:59:33 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Tue, 07 May 2024 17:59:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.131 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.131:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 06:54:36 GMT
expires: Wed, 07 May 2025 06:54:36 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 39897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg | 216.58.207.227 | 200 OK | 3.3 kB |
URL GET HTTP/2fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeSVG Scalable Vector Graphics image Hash2bd5c073a88b83ed74db88282a56ddfb d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650 ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 13:00:35 GMT
expires: Tue, 06 May 2025 13:00:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 104338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.google.com/gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240505 | 216.58.211.14 | 204 No Content | 0 B |
URL GET HTTP/3translate.google.com/gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240505 IP216.58.211.14:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=ru&nca=te_ap&client=te&logld=vTE_20240505 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 17:59:33 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'nonce-E7PE82D3BnHAit3qpctRfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoExEI8HK03Xm5kEzjwa9IUZgBzCwmg"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=19.SE=guE5yLjIDlOMHoR1DREHREL2UTunfcjIJemZECbbW-efoXhWNa0ii8zWFa8k1_hjs_a3ut9hVYMzTvrTiZMa71PGIdfVNdEy_F4nTMLT_0_rvGrdnxXDYeWTKv5VNUC3zumofD59Il7RM_xUxLIBH2pcJE89Y9rBePoHgLU19N0; expires=Sat, 07-Jun-2025 10:17:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| payeer.com/?session=2103954 | 149.202.17.208 | 302 Found | 0 B |
URL GET HTTP/1.1payeer.com/?session=2103954 IP149.202.17.208:443
CertificateIssuerSectigo Limited Subject*.payeer.com Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06 ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?session=2103954 HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://payeer.com/?session=2103954
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: iCore Proxy Module
Date: Tue, 07 May 2024 17:59:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=65
Set-Cookie: BITRIX_SM_SALE_AFFILIATE=2103954; expires=Thu, 06-Jun-2024 17:59:33 GMT; Max-Age=2592000; path=/
BITRIX_SM_SALE_AFFILIATE=2103954; expires=Thu, 06-Jun-2024 17:59:33 GMT; Max-Age=2592000; path=/; domain=payeer.com
BITRIX_SM_SALE_AFFILIATE=2103954; expires=Thu, 06-Jun-2024 17:59:33 GMT; Max-Age=2592000; path=/; domain=.payeer.com
Location: /en/
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| payeer.com/en/ | 149.202.17.208 | 200 OK | 13 kB |
IP149.202.17.208:443
CertificateIssuerSectigo Limited Subject*.payeer.com Fingerprint58:56:53:C3:90:6C:33:AA:A3:49:27:24:C8:C4:01:AE:F9:72:6A:06 ValidityThu, 29 Jun 2023 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (430) Hash41117b4f2d4f3fbb28828260870d37a0 aaf1bb257d14f73689d2dcfbc82385525b7ed789 f7a48541a210f861f9b79b466f3e4dca45067124a319708152e7460189783ad0
GET /en/ HTTP/1.1
Host: payeer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://payeer.com/?session=2103954
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: iCore Proxy Module
Date: Tue, 07 May 2024 17:59:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=65
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=gq3o3e2dm1rhf8gamg3ntalkhik8f5udbp4b1epsabq52mqabfkc4n2qvi0i3aom8s5to0rfruc5fcbujlmksk0u5ap2mk6jngbfqg1; path=/; samesite=None; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.10 | 200 OK | 0 B |
URL POST HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.10:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://webtrafic.ru/
Origin: https://webtrafic.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://webtrafic.ru
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 07 May 2024 17:59:43 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.10 | 200 OK | 131 B |
URL POST HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.10:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webtrafic.ru/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1073
Origin: https://webtrafic.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://webtrafic.ru
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 07 May 2024 17:59:43 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| linkslot.link/bancode_new.php?id=358863 | 172.67.160.247 | | 15 kB |
URL GET linkslot.link/bancode_new.php?id=358863 IP172.67.160.247:0
CertificateIssuerGoogle Trust Services LLC Subjectlinkslot.link Fingerprint37:06:E2:50:9A:98:8C:CA:97:6D:C4:F2:2F:10:86:5C:58:E5:5D:C0 ValiditySat, 04 May 2024 14:00:52 GMT - Fri, 02 Aug 2024 14:00:51 GMT
File typeUnicode text, UTF-8 text, with very long lines (2423) Hash3460e0a932fd05f83ef873bbd8a6b94f 007a71c1dc6464ec21b1947bdb445adf09abf387 93215203e54bb5d76017b865cbfec239116d7b5c2c451ba8ccb46efa5d5bb941
GET /bancode_new.php?id=358863 HTTP/1.1
Host: linkslot.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 17:59:48 GMT
content-type: text/html;charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O9H8wJNfUKnxr9Xn6xv%2F%2BEIMZcVanoo44Sw%2BvkKLppOQ0gW%2FFKfh1s9sGpRIQ64YaIZ1BeL10K7quMd7GNhiM%2B1DEoQhxAbz7RjDFaNZpR3y0NrwTI0OIT0NLx5KMgLx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031b1e4a465688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/banners/cab130883aa549246a1c21be51e3b130.jpg | 104.21.68.251 | 200 OK | 13 kB |
URL GET HTTP/3webtrafic.ru/banners/cab130883aa549246a1c21be51e3b130.jpg IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 468x60, components 3 Hash60dac92b154aa73020bf9a4a57b19ffe 6a5b5edb97b22b738558a41ab97dafb0d7b45809 f6c6b55547382dd86569c85eece8bcbedc2d5e77a1c28a6d0990d1b832958849
GET /banners/cab130883aa549246a1c21be51e3b130.jpg HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:53 GMT
content-type: image/jpeg
content-length: 13269
x-original-content-length: 17483
etag: W/"PSA-aj-YNrJKxVKpz"
expires: Tue, 07 May 2024 17:13:23 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2612
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDOjL1hrz%2F%2BsallchSKwUH6JYMrhBfEw9zkVNH8A79nh5v4ENC9KkzZ8OyzxFZdQNEN4LDrRzvRir5ycuRvW5eeYGaMGmHNrrzPFjTAo2VwGiVBNuYdTrKIBDdwVXg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031b3d1bff56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/banners/dd3b1c00af7e420e2a0bc6bde8178065.gif | 104.21.68.251 | 200 OK | 122 kB |
URL GET HTTP/3webtrafic.ru/banners/dd3b1c00af7e420e2a0bc6bde8178065.gif IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeGIF image data, version 89a, 468 x 60 Size122 kB (122291 bytes) Hash0c224f1490ec9665da3a751a1348d146 d0f3fdc987a69a51f9e41cbfc9569bd0917f8cb8 f86be7754c0c2fab1704b6cfebcaf114106ac4e31368c79a182d93a2021d2eb1
GET /banners/dd3b1c00af7e420e2a0bc6bde8178065.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:53 GMT
content-type: image/gif
content-length: 122291
etag: "640f1fbe-1ddb3"
expires: Tue, 07 May 2024 09:01:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HHuUpTx3Ay5BbH70cHkt0tLtCMzS6gH8gz9GHn%2BUcGEztS%2BPJRVLFGdN%2FWZDPMVmeIC40Q1z8mWYT9bB05wnIkIa2WRe33j7drEQ8D5N7XlTDFqBDAwEzzjXfDL777w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031b3d1bfd56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 81.90.181.60 | 200 OK | 6.3 kB |
URL User Request GET HTTP/2IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5991), with no line terminators Hash69f387f02b4b9c646d4cc1fb344c3cc7 cefd57275b891ae27b5d43f261246f9c92b8295b 5e5c8887a2443803b68f227063ccf96c92f29ee56fa2a942b195c66dd96a5a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET / HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:31 GMT
content-type: text/html; charset=UTF-8
last-modified: Tue, 31 Oct 2023 17:43:48 GMT
etag: W/"18a8-60906b26a8421"
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/img/banner_empty.gif | 104.21.68.251 | 200 OK | 34 kB |
URL GET HTTP/3webtrafic.ru/img/banner_empty.gif IP104.21.68.251:443
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeGIF image data, version 89a, 468 x 60 Hashad8c7c5a9aa7d752407f1bd9911493d4 31caa83c93fae3797de238975d81e8e3f66fe43e 32cc157d7035835c6c380bd706d0e33294afd6aa61c320c400488b34c66d9e79
GET /img/banner_empty.gif HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: image/gif
content-length: 33550
etag: "640f1fd0-830e"
expires: Tue, 07 May 2024 17:26:56 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zk99hrCAS7PutwXQtxZctB%2FqiSTxk8zrkh3xUO9yqhZEMSL1wa%2F1nYFJT6qTDrCwvvBkolQHvXBBhTm%2FX1pmgNLG0cKTg%2Fl%2BYRHiZx%2FArZR2Jfa%2Bb0a8awZV14KzLC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031ababe5b56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js | 104.21.68.251 | 200 OK | 88 kB |
URL GET HTTP/3webtrafic.ru/js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb4999cbb6a73a9b312f635cff75e5a53 c7b683fc72d06eac129185c3e60362f5c1adc2a8 736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302
GET /js/jquery-3.4.1.min.js.pagespeed.jm.tJmcu2pzqb.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"0"
expires: Wed, 30 Apr 2025 20:12:07 GMT
last-modified: Tue, 30 Apr 2024 20:12:07 GMT
vary: Accept-Encoding
x-original-content-length: 88145
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 596766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bdPCm2EwCiVa0wszq4FfiMdqgscmzSaw1LOuRWsWt2%2B5htQz0mY9mFllCSa50HLpHUXMy%2FXihu81sfQvYRCdwfFuazwjg8r65yktCjnG4eNO%2Fi6nK4rWYrroIma6VM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031abd4ba956be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tg2.leetgems.h1n.ru/css/bootstrap.min.css | 81.90.181.60 | 200 OK | 141 kB |
URL GET HTTP/2tg2.leetgems.h1n.ru/css/bootstrap.min.css IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
File typeASCII text, with very long lines (65319), with CRLF line terminators Size141 kB (140942 bytes) Hash62907ef14a08ac2199b60610b616d0e5 7ccf464455d57e73be3acf820ba77ee92ad4fc13 3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /css/bootstrap.min.css HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:31 GMT
content-type: text/css
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: W/"6389c0ca-2268e"
expires: Wed, 07 May 2025 17:59:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| webtrafic.ru/img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png | 104.21.68.251 | 200 OK | 866 B |
URL GET HTTP/3webtrafic.ru/img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typePNG image data, 25 x 25, 8-bit colormap, non-interlaced Hash38d180fd271c03dc195834c4f6460108 777cda920a9ca1f764cba72f69471a592ba74498 d8f87cc6d28b1e3affe0e051740259bea0d9dcc5591badebd44ecb63ee671373
GET /img/25x25xpe.png.pagespeed.ic.ONGA_SccA9.png HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: image/png
content-length: 866
link: <http://webtrafic.ru/img/pe.png>; rel="canonical"
expires: Tue, 29 Apr 2025 17:32:10 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Mon, 29 Apr 2024 17:32:10 GMT
x-original-content-length: 9792
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 610739
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W63UJ7WygsXD1bvtV4R8l3Sttj1oi9kkp%2B48zdw4VfepJNpPJhF9NDg5iGfAiqpmcPDMvVvj0N8xm%2BN%2FGl%2FXwIZcFZM5Ba77Iwgsyr8x56u1vJqs1nAvMw2NCiQyRME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031abdbc8b56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| linkslot.link/promo/dummy/468x60.jpg | 172.67.160.247 | 200 OK | 12 kB |
URL GET HTTP/3linkslot.link/promo/dummy/468x60.jpg IP172.67.160.247:443
CertificateIssuerGoogle Trust Services LLC Subjectlinkslot.link Fingerprint37:06:E2:50:9A:98:8C:CA:97:6D:C4:F2:2F:10:86:5C:58:E5:5D:C0 ValiditySat, 04 May 2024 14:00:52 GMT - Fri, 02 Aug 2024 14:00:51 GMT
File typePNG image data, 468 x 60, 8-bit/color RGB, non-interlaced Hash340218e56c9a171e0704f3fabfe1564e 251985e798c3eaa705e541a9e2f29980caad42e2 ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
GET /promo/dummy/468x60.jpg HTTP/1.1
Host: linkslot.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:48 GMT
content-type: image/jpeg
content-length: 11802
last-modified: Sun, 10 Mar 2024 02:58:08 GMT
etag: "65ed21c0-2e1a"
expires: Tue, 07 May 2024 21:22:42 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 74226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFG9jCC0i%2FazwJTuojfOz5OPMNj7pQL8Jhnyw4XWs3VCaRW7ufK8MYVy55Z1zDc7KYr06gHtb4WR%2F7NPK9AasiLFO91ehBQk27KB0yUjat2iU05zffp7JbPLK76xs8Cu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88031b1f4afe0b49-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1rash.ru/q/i/i16.jpg | 89.208.145.166 | 200 OK | 1.2 kB |
IP89.208.145.166:443 ASN#12695 LLC Digital Network
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subject1rash.ru Fingerprint8D:97:25:6C:C1:1B:5C:3D:2D:75:D4:95:F4:A0:AC:FA:F8:23:25:97 ValidityFri, 19 Apr 2024 20:25:34 GMT - Thu, 18 Jul 2024 20:25:33 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x20, components 3 Hash8b1d04d8a287d40e166d52b8851c9f37 59968678f97de41ea4d1191537db925a72026c94 7eef92ac0490c7d9f62bdf74deaf01a4beee430ebee7eb6fdba8a2a1043e2763
GET /q/i/i16.jpg HTTP/1.1
Host: 1rash.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:00:22 GMT
Content-Type: image/jpeg
Content-Length: 1247
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 21 Apr 2011 23:36:54 GMT
ETag: "13c1f4-4df-4a176375e9180"
Accept-Ranges: bytes
|
|
| webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js | 104.21.68.251 | 200 OK | 35 kB |
URL GET HTTP/3webtrafic.ru/js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/sfs.main.js,qv==28+jquery-ui.min.js.pagespeed.jc.4ZZ1DmRLhv.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=34954
etag: W/"0"
expires: Wed, 30 Apr 2025 20:12:07 GMT
last-modified: Tue, 30 Apr 2024 20:12:07 GMT
vary: Accept-Encoding
x-original-content-length: 49566
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 596765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVCfiY%2BN7QFUkl6aQrCIXvy9dE78sKR%2FE92w8Fan8b5DeBzB%2Fe3J9MNgp%2FQ5xpcBz1kXR1xFTtNEtQGxyc%2F%2FAiyCAWuxZm8iD3%2F89eeu8HMpckuxmH%2BIfTkKC%2BA%2BvSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031abd4bac56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js | 104.21.68.251 | 200 OK | 81 kB |
URL GET HTTP/3webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js IP104.21.68.251:443
CertificateIssuerGoogle Trust Services LLC Subjectwebtrafic.ru Fingerprint6A:E0:13:C6:4C:67:4B:1E:46:CF:EB:63:96:B1:00:21:38:0B:80:CB ValidityFri, 15 Mar 2024 03:01:31 GMT - Thu, 13 Jun 2024 03:01:30 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash070da11284349ddb4498fa8c51e1e103 e5d71d44333fd20376909a4b7b12a9201108d59a 4139a3b34657fa34eb91cdaf03375da63742bcefb317aa3f585cc3b2737d8220
GET /bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js.pagespeed.jm.Bw2hEoQ0nd.js HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:59:32 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"0"
expires: Wed, 30 Apr 2025 20:12:07 GMT
last-modified: Tue, 30 Apr 2024 20:12:07 GMT
vary: Accept-Encoding
x-original-content-length: 81084
x-page-speed: 1.13.35.2-0
cf-cache-status: HIT
age: 596765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YflwrrZpCRWCo%2BvXwxlw%2B483fSFZWPEdWDaZhMKTtUlfUrJugwuWOvUqnF5b2CasoMGQyxrWlbPinN%2FLfVm90Ra7J7%2BpqUDg1nNskW%2F3cGoJTvTNYhXBjbXKaUD6WxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031abd4baa56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rekizar.com/bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3 | 0.0.0.0 | | 0 B |
URL GET rekizar.com/bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3 IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectrekizar.com Fingerprint95:55:B7:B7:61:FE:55:F7:F1:E1:F8:82:C8:A6:C5:3B:3B:39:54:BD ValidityTue, 02 Apr 2024 11:49:39 GMT - Mon, 01 Jul 2024 11:49:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bancode?code=eccbc87e4b5ce2fe28308fd9f2a7baf3 HTTP/1.1
Host: rekizar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=nb0jn33goamqf78p0nduvre1c4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=snUXQHic2yAG3YkqZvlvFLFbTTZ%2FXZujfHnumDizN3vqKyAufdK%2B2jZAi3mZdPlxv%2Bka05w7UteC8HyzuozXfAAv%2BEFgPlEziVgeoRJ92ub4HMx7QFTIv8OZ0lPWcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031ac0aac056c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tg2.leetgems.h1n.ru/css/detect.js | 81.90.181.60 | 200 OK | 52 kB |
URL GET HTTP/2tg2.leetgems.h1n.ru/css/detect.js IP81.90.181.60:443 ASN#50340 OOO Network of data-centers Selectel
Requested byhttps://tg2.leetgems.h1n.ru/ CertificateIssuerLet's Encrypt Subjectleetgems.h1n.ru Fingerprint0D:81:A5:BC:88:4E:C7:76:89:90:5E:4E:AE:3C:27:93:57:5D:29:8A ValidityThu, 04 Apr 2024 23:41:11 GMT - Wed, 03 Jul 2024 23:41:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /css/detect.js HTTP/1.1
Host: tg2.leetgems.h1n.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tg2.leetgems.h1n.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 07 May 2024 17:59:31 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 02 Dec 2022 09:09:30 GMT
etag: W/"6389c0ca-cadb"
expires: Wed, 07 May 2025 17:59:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| translate.google.com/translate_a/element.js?cb=TranslateInit | 216.58.211.14 | 200 OK | 89 kB |
URL GET HTTP/2translate.google.com/translate_a/element.js?cb=TranslateInit IP216.58.211.14:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (2064) Hash96416b7597b2e0bd02301cdb9c9f595b 052cc7f7db836e14e20e024a83308444667c1c89 cdff82a6d53016e070641093115828bef252402da4167e428aeaca3741245b33
GET /translate_a/element.js?cb=TranslateInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 17:59:32 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| linkslot.pro/bancode.php?id=1 | 0.0.0.0 | | 0 B |
URL GET linkslot.pro/bancode.php?id=1 IP0.0.0.0:0
CertificateIssuerCloudflare, Inc. Subjectlinkslot.pro Fingerprint70:58:C2:25:B2:8F:07:43:F4:C1:C8:C9:69:A8:C8:0A:2D:DF:2F:96 ValidityThu, 11 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bancode.php?id=1 HTTP/1.1
Host: linkslot.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webtrafic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 17:59:33 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: PHPSESSID=3pp8e9b3b4p2h1b5oe94muc5a5; path=/; domain=.linkslot.pro
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRIAwJBzKwLb7hKFguUbMQLqwz59QexjqDGLYk6QCC1QUncfev3odsLZ80%2FDJUS8t1Z%2BYubeJxnzJz9VN8f7HvjNR9yVue6HvVjF9RgAJFGsnFWk65QFzD7xkB%2Fdtrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88031ac0afa2b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|