Report - tech-str.ru/system/logs/crypted.Locker_GUI

Report Overview

Submitted URL
tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
IP
5.23.51.195
ASN
#9123 TimeWeb Ltd.
Submitted
2023-06-04 01:44:52
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-03	2.0 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-03	2.1 kB	54 kB	216.58.207.227
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-06-03	698 B	2.8 kB	104.18.20.226
informer.yandex.ru	54908	1997-09-23	2015-07-19	2023-06-03	463 B	1.6 kB	87.250.250.119
avatars.mds.yandex.net	6545	2000-11-14	2014-12-15	2023-06-03	432 B	5.6 kB	87.250.247.183
yandex.ru	671	1997-09-23	2012-05-21	2023-06-03	535 B	5.2 kB	5.255.255.77
tech-str.ru	unknown	2012-11-28	2015-05-29	2022-12-15	26 kB	2.4 MB	5.23.51.195
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-06-03	428 B	35 kB	142.250.74.10
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-03	480 B	26 kB	142.250.74.106
use.fontawesome.com	942	2012-10-18	2017-01-30	2023-06-03	461 B	55 kB	172.64.133.15

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-04 01:44:32	high	Client IP	5.23.51.195	ET MALWARE Possible Malicious Macro DL BIN May 2016 (No UA)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (34)

	URL	Size	First Seen	Last Seen
	tech-str.ru/exform/exform.js	3.6 kB	2023-06-04	2023-06-04
Pretty URL tech-str.ru/exform/exform.js IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 9c252a46057174f9181b03437a383b18 cf4e3e263084189bd3aeaf88f4667584e79c9b1e 3b413de763e345faa2c495abfc3578c5320f26952b766de36e1f51ec7b35baa1 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	221 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 3474c768df46921ebe01e764de3d1fa8 e8abd748d56bf863118553bb6bc782548a6398f1 04851c75b28d2196b7b392cac6b566cfc53b9df6a59282c2ab0c654ef0a23cb6 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	131 B	2023-03-07	2024-03-03
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:47 Last Seen2024-03-03 19:56:49 Times Seen152 Hash 3a11f0d48a09e2f6e13c2ba8a0b4275b ac3b0b50faaa9ee5a7d5971a1058e3b010b2946a 84c7e6e0a3501b71072af0e9ca16c0befb41a9b20cb709e7e491b205d9da028c Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	637 B	2023-04-07	2024-02-26
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 12:12:11 Last Seen2024-02-26 12:18:03 Times Seen54 Hash c74f33c40f056e69f24e34b01df725cf 074c4946bb56ecbc0c533ad4beb86ef3136456de 1886ffdb27705867013886a16795f7df851b5f6497810e2ba4b7e378e4b37c28 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	318 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 0ebb0eed4db8bbcec1141ee8492d951c 0a7a2982645ecdab086ce9a48f3b72e6ca418a80 66853e2139d19fc2d69dbc9a6869636b77d434e8d6d0ba30159213b4941081ad Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	752 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash c9fceea4701fec69180701682f594b15 ddc4c082eece123a69aa76f9889715379ed0baba a9a5ea7f788983a96003664f81fd0dfef586cf1e9a7f29395681be209f4753e5 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	382 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 81fb2f0b3006315b133a671ac7a8b952 f4c57552cd74491a6a00b9abd09c260a677f9c95 d2c4556b0757c2b0f682c7416bfec5e37f65d3c043c7e0bf5c1324c5fa61a507 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	105 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 4d9d9c6fd049c496a6d32992b1025a1e 8e4ee800cab0beaaa19e91c8e0ca9aabf37ffd40 7782c2ff6d7ca0c7fd39132b59dd50c50622eef4c2dd81a6daf9080760c3c4bb Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	160 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 2e6fff3186672bf684edb1951234b9d2 b1fda069772252ca910fa94a922651a6dfd812e6 5f1ea04502380c352cc291a6941cfeb2979dd0a332450b55cab5c9e943eb4131 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js	94 kB	2023-03-07	2024-04-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-04-27 03:43:48 Times Seen16351 Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7 06e872300088b9ba8a08427d28ed0efcdf9c6ff5 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	276 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 608b8aa8a0798a049475ffcac6f8a383 bdf40fcdf855f4eba0da693a4691c5b39974bb98 6189fbff6995a5d7eac0cf9189605ae7354eb9f6a79d2d4146b1540f6449845d Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	134 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 4f0ce1e53c5cbd8c270e31d148d48dc4 7c1bf17c9d0b8bbe5fd6a10fb5955eac4bec3d54 1ef7d61d1ec7eda4ed3325e6cd23d3b1510d3c69114cabf90bb5fa0954ea2b4a Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	564 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 49e257b067132db31e06242ae93409b3 77d291f55817e32862034913096d97e0a0cc3623 dd348ec6c9ef08c82730b9bdd81c0afae6a949d38ad89ca8e3287da7ad3eb8d0 Loading...

	tech-str.ru/bitrix/cache/js/s1/main/kernel_main/kernel_main.js?1659607209334162	334 kB	2023-06-04	2023-06-04
Pretty URL tech-str.ru/bitrix/cache/js/s1/main/kernel_main/kernel_main.js?1659607209334162 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash ceabd0ebe516afc5ba5fd52237a476fc 23fdc28e4bc5632f9e63130b175a1d022526d2a1 df9e5323987de358f213130599a7ae2a6c3d37592bfa33f6970698122327026e Loading...

	tech-str.ru/scroll/scrollup.js	837 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/scroll/scrollup.js IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen2 Hash cc6053562a948312d37597295f7175ef a35f107ef24ef3021ee5819135bfb69b5f207bf6 c2edd7d617c2c64bd6d4f405f9dd88ba6fe452498564b3358491487dd9e8bd6e Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	207 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 49f8c640068211a28b5bb32985c668fc 48a3b3a5f71c124dce3710dff4ea8502484bbbb3 2f217fcf5f84f8a56ad9d215e31c5eb774c331db7ae60d1d41af029a86f51c1a Loading...

	tech-str.ru/bxslider/jquery.bxslider.min.js	19 kB	2023-03-07	2024-04-26
Pretty URL tech-str.ru/bxslider/jquery.bxslider.min.js IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:11 Last Seen2024-04-26 17:17:53 Times Seen4417 Hash 697d69a48e5356f7106e38c09f7f19e0 b57160771fa597a5b56c5b12756c693e4829be07 bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e Loading...

	tech-str.ru/system/logs/sandbox%20eval%20code	147 B	2023-04-11	2024-04-27
Pretty URL tech-str.ru/system/logs/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 04:17:32 Times Seen342532 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	tech-str.ru/lightbox/js/lightbox-2.6.min.js	7.4 kB	2023-03-07	2024-02-23
Pretty URL tech-str.ru/lightbox/js/lightbox-2.6.min.js IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:04 Last Seen2024-02-23 06:01:56 Times Seen294 Hash c7ec2f4c002fe84a21daea97e5fa1297 864063d2d0ab92bb6b62f01d8609dde8d97300ee dd8165ce534f89585cc121a3f859cd06f4c72bc558e565a984d577a9b18b7307 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	163 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 8df3c1e59d15e7d75807b913f9c87571 23e5c86609271f94d4baa9985eae3ca59444f320 d4c8c21db0270d370b84cda6f5f2d700e9f13e1956acd265188d0f40b107c92e Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	209 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 6cde1d836ec99ac8e5cd8693d2b1d7d8 9a1efcdd362f9d252efd744a87e16c53eb280d8f be93570ff5a1c294d469b98ebcfe968662b6cc2ef64820f31611bf0b377acbf7 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	149 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 7eb0d61f0870347f992c99ca40e864a7 7a866b09fa1d4d8afd28558c817d1e365acb14a2 f350d88befc63b6337be10fc981c000cb627985d8b3260ccaa2399a0b30886be Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	904 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash e9e05b95cdda0207b45cc73c4a9e5352 65983cbc56777080b3e6254cb33dd92a0fd7e94b 05f2c144705e377ca1a9f22750e163d34bc66ff54a2df6effd7d8b2db530fb7a Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	648 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 9a7f2af492cf2bf68deb3c70bb7b14ae f08c326a611895369b96050be3bbdbbea7fc6c7b c388179486cd5eaea8c1dfb680e64768fb28af31c65bcc39fc018b414103b015 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	128 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 0d1663034d8f258e3232107bb09f9875 2331c28a9f5655fd018994d70c810698667428e2 3e5e48ed394ea72b77dec7a52f4ea098d5d3d9702ea34dfdc29e636ba1e13161 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	179 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 1a49e03ef81316b5465ac5ab0561bd2a 3c0114ed919c8ab39c136107bcf272822659054f 17448170f5e12c8c93054b80a0343c90104e737e2f12fd4abe89995b3e8120cc Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	538 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 6ce7d6bc4d105f339a68c5b622dc1641 2624d12ea1d7c8808bc791525bce493e74cf216d 22339b222d4501ad2b6a7ddd3905b15fa65ff91c8a3ba220f9003004410a7655 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	604 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 5e19ff0a95981240f10126a7c3db9912 3d69f40ea2d6da203dc952452e89fba83e7ea941 b22449d7a926f7efec2e181cd480010b3bd3c3ef9cf2444c5c56e948960d41a8 Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	278 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 875d43d6728df263d59902ec2541c858 48e61a45887add718e00efdeffc8a081333231c0 0fc36488cf94ed0274036ae558a83b89561ff02e368801c83839de9243ebaf00 Loading...

	tech-str.ru/bitrix/cache/js/s1/main/template_57e7c50ed63a7d73590fd30b09d17306/template_57e7c50ed63a7d73590fd30b09d17306.js?165960719286942	87 kB	2023-06-04	2023-06-04
Pretty URL tech-str.ru/bitrix/cache/js/s1/main/template_57e7c50ed63a7d73590fd30b09d17306/template_57e7c50ed63a7d73590fd30b09d17306.js?165960719286942 IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 3876ebcb50c3a77a60339484c526b693 a64e0717c0f8054ea19654153eaca47437ce52b6 52ff6d2e4aa4b0bd81151918c830042b0d9c27ffda32fc9de6439599ebad2d1b Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	377 B	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash 8bb80ee6da228e944245c2c715fdd503 0058967963cf305eb75d90a7c575ba778838f61b 88acd2a0e44c32a81e50e76ca5665034606f31904ab4ee8b1b838ad045b1c72a Loading...

	tech-str.ru/system/logs/crypted.Locker_GUI_0.exe	3.2 kB	2023-06-04	2023-06-04
Pretty URL tech-str.ru/system/logs/crypted.Locker_GUI_0.exe IP 5.23.51.195 ASN #9123 TimeWeb Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 03:44:57 Last Seen2023-06-04 03:44:57 Times Seen1 Hash a55b9d13ed30811f01d3117418d20b3f 0bf5ad415f80974e70d76cfea23b0e2034bb626b 7755940296a7a3cf095d232ddd9a175afb411702ba0da6b2862400504a39d7ed Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 04:17:32 Times Seen342031 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e17bb3747c5d76d10a06f0956214b68	21 kB	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 12:12:00 Last Seen2024-04-14 06:03:28 Times Seen129 Hash 9e17bb3747c5d76d10a06f0956214b68 54758d9e26f072b45b1d1817176f1579f5781414 a85b1ebf649465beddc9cb5c71887fb51841668bb817116a42106bbb47ab2fb3 Loading...

HTTP Transactions (66)

URL IP Response Size

tech-str.ru/system/logs/crypted.Locker_GUI_0.exe

5.23.51.195

301 Moved Permanently

169 B

URL User Request GET HTTP/1.1
tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
IP
5.23.51.195:80
ASN
#9123 TimeWeb Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4

Detections

NIDS	Severity	Alert
suricata	high	ET MALWARE Possible Malicious Macro DL BIN May 2016 (No UA)

HTTP Headers

GET /system/logs/crypted.Locker_GUI_0.exe HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sun, 04 Jun 2023 01:44:33 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Expires: Wed, 05 Jul 2023 01:44:33 GMT
Cache-Control: max-age=2678400

tech-str.ru/scroll/scrollup.css

5.23.51.195

200 OK

287 B

URL GET HTTP/2
tech-str.ru/scroll/scrollup.css
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
ASCII text
Size
287 B (287 bytes)
Hash
38da72bdeede96ea79ce5ad2706af48b
d1031d41c12227417a66f1a9a0f67648cfd8b626
8a1caf5c2c6af6a675f6cdce3d0cc2c38a8064baec648cd826f3df6e46d39442

HTTP Headers

GET /scroll/scrollup.css HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: text/css
content-length: 287
last-modified: Mon, 10 Dec 2018 08:26:33 GMT
etag: "5c0e2339-11f"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/scroll/scrollup.js

5.23.51.195

200 OK

837 B

URL GET HTTP/2
tech-str.ru/scroll/scrollup.js
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
Unicode text, UTF-8 text
Size
837 B (837 bytes)
Hash
cc6053562a948312d37597295f7175ef
a35f107ef24ef3021ee5819135bfb69b5f207bf6
c2edd7d617c2c64bd6d4f405f9dd88ba6fe452498564b3358491487dd9e8bd6e

HTTP Headers

GET /scroll/scrollup.js HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: application/x-javascript
content-length: 837
last-modified: Mon, 10 Dec 2018 08:26:33 GMT
etag: "5c0e2339-345"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/logo.png

5.23.51.195

200 OK

22 kB

URL GET HTTP/2
tech-str.ru/images/logo.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 292 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22321 bytes)
Hash
11b478a2d1f055c487dad2084cdf576e
f43b03c35a857190c69c6ee23ed53a672c8ace5f
5987224420829a7820669179b2fb1b8415e873f09bc756768a5371cba516ab80

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 22321
last-modified: Mon, 10 Dec 2018 08:26:56 GMT
etag: "5c0e2350-5731"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/adr.png

5.23.51.195

200 OK

460 B

URL GET HTTP/2
tech-str.ru/images/adr.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 12 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
460 B (460 bytes)
Hash
941e4d9d2faa30a7b3341419ba63ed8b
a3a2689732a16b083a584a1f2ec3cb7ce516a592
16cf55cf5dbdb8cb9918034899106bab239b8d9be299c6f66b39ab8e610f8d57

HTTP Headers

GET /images/adr.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 460
last-modified: Thu, 13 Dec 2018 11:38:04 GMT
etag: "5c12449c-1cc"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/mail.png

5.23.51.195

200 OK

373 B

URL GET HTTP/2
tech-str.ru/images/mail.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 14 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size
373 B (373 bytes)
Hash
391b403cbe19b079d8f51c0ddc90e55f
b8898a1e6e5d4546a52ad0bcfa3b2c11d49c510a
a712ec1eba66d2b4a59414fc70cc530928bcfec36f6f1322f4ab51da02eff0c5

HTTP Headers

GET /images/mail.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 373
last-modified: Thu, 13 Dec 2018 11:38:03 GMT
etag: "5c12449b-175"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/time.png

5.23.51.195

200 OK

455 B

URL GET HTTP/2
tech-str.ru/images/time.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
455 B (455 bytes)
Hash
ebbcde83cbd51be6df2ce25e51aff724
170443d640bb2fab75d04072fecff33f631e3e44
2c84326f75a73b6561384c872254994ca1eff1117e1697b3e319df4fefcd4af1

HTTP Headers

GET /images/time.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 455
last-modified: Thu, 13 Dec 2018 11:38:04 GMT
etag: "5c12449c-1c7"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/phone.png

5.23.51.195

200 OK

550 B

URL GET HTTP/2
tech-str.ru/images/phone.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 18 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size
550 B (550 bytes)
Hash
7cf376fe1b43b3d6cdddfd4df5ddcf10
8d92f116c72eb543b50e20f5b9bac5faef6a85a8
27072386b50848b40e2297666efc8b391c836975655307344a7d6b8ffb191605

HTTP Headers

GET /images/phone.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 550
last-modified: Thu, 13 Dec 2018 12:04:35 GMT
etag: "5c124ad3-226"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/upload/images/img/2.png

5.23.51.195

200 OK

654 B

URL GET HTTP/2
tech-str.ru/upload/images/img/2.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 63 x 63, 8-bit colormap, non-interlaced\012- data
Size
654 B (654 bytes)
Hash
c5b68817ae1b023d0e68ad46f213770c
eb3b5a745851e9d82c62c28fb3d978a6b688daec
d71b1f444111fc59b4a68e39de73a62826157e920c3497c842ad2a0b7056f29c

HTTP Headers

GET /upload/images/img/2.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 654
last-modified: Wed, 03 Mar 2021 11:34:15 GMT
etag: "603f7437-28e"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/upload/images/img/3.png

5.23.51.195

200 OK

967 B

URL GET HTTP/2
tech-str.ru/upload/images/img/3.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 63 x 63, 8-bit colormap, non-interlaced\012- data
Size
967 B (967 bytes)
Hash
da002d8aff9574d25e87c7433335663d
d26837e2cddd28cadcfb254983b9b0488eec0949
4c2f775bb2de6df68d7b83ec6b9de76eff72dee9f93b556403d3888596d62d60

HTTP Headers

GET /upload/images/img/3.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 967
last-modified: Wed, 03 Mar 2021 11:34:15 GMT
etag: "603f7437-3c7"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/upload/images/img/4.png

5.23.51.195

200 OK

942 B

URL GET HTTP/2
tech-str.ru/upload/images/img/4.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 63 x 63, 8-bit colormap, non-interlaced\012- data
Size
942 B (942 bytes)
Hash
ba4d01a1b34e70b77aaed55929552c16
eac09f990871bfc746c2dc644e8dd8e7355e2a01
d2d849a14f08f6233ef8dabc74a64f0c72012d9512c56bac82da73a727de87f9

HTTP Headers

GET /upload/images/img/4.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 942
last-modified: Wed, 03 Mar 2021 11:34:15 GMT
etag: "603f7437-3ae"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/upload/images/img/5.png

5.23.51.195

200 OK

581 B

URL GET HTTP/2
tech-str.ru/upload/images/img/5.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 63 x 63, 4-bit colormap, non-interlaced\012- data
Size
581 B (581 bytes)
Hash
e4974b12294e5b9b441b1af0fef9bd79
1e8f43c23f8ca72dfed7ae7a67608fc219131679
99b379b33a200aba75122b87f12a9fdda1b037c882338e8602e7527546b7d4ba

HTTP Headers

GET /upload/images/img/5.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 581
last-modified: Wed, 03 Mar 2021 11:34:16 GMT
etag: "603f7438-245"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/upload/images/img/6.png

5.23.51.195

200 OK

961 B

URL GET HTTP/2
tech-str.ru/upload/images/img/6.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 63 x 63, 8-bit colormap, non-interlaced\012- data
Size
961 B (961 bytes)
Hash
1c7055e896102e6cdbe7f81b96ff46fa
9065f7c225df580a4375cb4291fb1805d44cfa7d
aaba7f74e1873410c420127f223fc76f09be4116f6039794948130d80a614688

HTTP Headers

GET /upload/images/img/6.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 961
last-modified: Wed, 03 Mar 2021 11:34:16 GMT
etag: "603f7438-3c1"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d11f1919fef5d8fccf8a87cf62ec7d61
b862276403c5375ce0cf2707ff0141d0f765fafa
7002839ec0a73f7a79f9f8720287932bd850a6a1b741ad91808e402ecb1c0d48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 01:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tech-str.ru/armstrong_dilerstvo_kopiya.jpg

5.23.51.195

200 OK

42 kB

URL GET HTTP/2
tech-str.ru/armstrong_dilerstvo_kopiya.jpg
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 350x553, components 3\012- data
Size
42 kB (42483 bytes)
Hash
330d8f449b141ef32568221acbd2c4ef
f22d76bf31823c867e2f0e89aba904d4c1a8f249
83c60c0c981d88eded4dda7fb15303479e21cda9660e317ee4c3c1a61ee3807a

HTTP Headers

GET /armstrong_dilerstvo_kopiya.jpg HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/jpeg
content-length: 42483
last-modified: Mon, 10 Dec 2018 08:26:56 GMT
etag: "5c0e2350-a5f3"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/404.png

5.23.51.195

200 OK

46 kB

URL GET HTTP/2
tech-str.ru/images/404.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 962 x 403, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (46017 bytes)
Hash
19e756f475ac129308368c9762588a9c
6b2c6ffdcd91ebe3b5be3a691d3ffe44c679fe52
976b9b509b1d37681f2b6d806f2c24571c5cbddf86fa22d35fcf1c6c063378d1

HTTP Headers

GET /images/404.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 46017
last-modified: Wed, 09 Jan 2019 16:52:23 GMT
etag: "5c3626c7-b3c1"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/pay1.png

5.23.51.195

200 OK

5.3 kB

URL GET HTTP/2
tech-str.ru/images/pay1.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 68 x 31, 8-bit/color RGBA, non-interlaced\012- data
Size
5.3 kB (5340 bytes)
Hash
6e2595c8fb015d7cfe2541e2c14f618a
0637625c569df31b4eea10370b215322b5a53426
c84f8964d1900bdc9e4e6f7d812857b8435f8ebb77be7a20997c66882398a1c3

HTTP Headers

GET /images/pay1.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 5340
last-modified: Thu, 13 Dec 2018 13:23:45 GMT
etag: "5c125d61-14dc"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/pay2.png

5.23.51.195

200 OK

2.3 kB

URL GET HTTP/2
tech-str.ru/images/pay2.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 69 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2324 bytes)
Hash
db62ec19455064ae6662b8d48301d98a
a8c3691590ca6abb36d784fcaab1fdfa31d30f41
b31d73ae9cef9ca4207236c5fd2f38abd8ac8fa0c55537294665b73b21eabc2d

HTTP Headers

GET /images/pay2.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 2324
last-modified: Thu, 13 Dec 2018 13:23:45 GMT
etag: "5c125d61-914"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/pay3.png

5.23.51.195

200 OK

2.8 kB

URL GET HTTP/2
tech-str.ru/images/pay3.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 54 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2771 bytes)
Hash
0f1b90a5a996bc9fdc751775ba3982a1
0b5bd65bfde4e88bc3248c56c25d3e9e35ec0a3a
93b78b7ab363b964ab8673bf14d18fbf21e35ba3d15b410943ee14073b9981db

HTTP Headers

GET /images/pay3.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 2771
last-modified: Thu, 13 Dec 2018 13:23:45 GMT
etag: "5c125d61-ad3"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/pay4.png

5.23.51.195

200 OK

2.4 kB

URL GET HTTP/2
tech-str.ru/images/pay4.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 45 x 31, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2368 bytes)
Hash
3050457a3083df8247569a90cc02b3c7
49cf728d840da7ed0b4bdef62850ecf718ff542c
b31d7eb3cb8dc7b66399e9b93ee5ac080ca0ddff2bf302eb1a5348e7114422a1

HTTP Headers

GET /images/pay4.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 2368
last-modified: Thu, 13 Dec 2018 13:26:18 GMT
etag: "5c125dfa-940"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/scroll/up.png

5.23.51.195

200 OK

8.0 kB

URL GET HTTP/2
tech-str.ru/scroll/up.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8006 bytes)
Hash
7c6bc66c0bb1aa66273a4e52a71311d0
34396f29c8cbf452e83adf03b8aa61c29467cba3
37d4749d51eca149cd356ff3cea08ae349fd2fb2089fbcf0a3f1fd80d6421d09

HTTP Headers

GET /scroll/up.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 8006
last-modified: Mon, 10 Dec 2018 08:26:33 GMT
etag: "5c0e2339-1f46"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/upload/images/img/1.png

5.23.51.195

200 OK

88 kB

URL GET HTTP/2
tech-str.ru/upload/images/img/1.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 477 x 529, 8-bit colormap, non-interlaced\012- data
Size
88 kB (88324 bytes)
Hash
fa7ac1102bf0602fb56c1a06f6b74b7d
1956e6fa379408fb10d01b4a6b6b861f79e307a2
8b9aee96c658dfeb300297683f24f9941618e79d74fe226bdead47a45f4c1c9d

HTTP Headers

GET /upload/images/img/1.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/png
content-length: 88324
last-modified: Wed, 03 Mar 2021 11:34:15 GMT
etag: "603f7437-15904"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/img946.jpg

5.23.51.195

200 OK

184 kB

URL GET HTTP/2
tech-str.ru/images/img946.jpg
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=ACD Systems Digital Imaging, datetime=2016:06:09 13:25:23], baseline, precision 8, 800x1132, components 3\012- data
Size
184 kB (184153 bytes)
Hash
dfe7ad8ffda0c2cdd0404b9c26adca69
b321b83a3bbe91bdc27584fbbdeaa4426a6edb5a
6443a7be47736b1ba30fdae4fbeb9a6a03f2a47b72cc6281151fbc8d7c5219b2

HTTP Headers

GET /images/img946.jpg HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/jpeg
content-length: 184153
last-modified: Mon, 10 Dec 2018 08:26:56 GMT
etag: "5c0e2350-2cf59"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/q1234.jpg

5.23.51.195

200 OK

575 kB

URL GET HTTP/2
tech-str.ru/images/q1234.jpg
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, height=0, manufacturer=SAMSUNG, model=SM-N7505, orientation=upper-right, software=N7505XXUDPB1, datetime=2016:04:21 10:42:08, width=0], baseline, precision 8, 1674x1261, components 3\012- data
Size
575 kB (575036 bytes)
Hash
1e519efe0732a0a79136f3ccf3a4fddd
732b2fc66e84738ff451b802109bca64379a5526
5e5f49fe7589d91eb03824afb2d7b05ee628b9a20f1a157958c1c7e43bb4954b

HTTP Headers

GET /images/q1234.jpg HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/jpeg
content-length: 575036
last-modified: Mon, 10 Dec 2018 08:26:56 GMT
etag: "5c0e2350-8c63c"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/scan001.jpg

5.23.51.195

200 OK

404 kB

URL GET HTTP/2
tech-str.ru/images/scan001.jpg
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2480x3506, components 3\012- data
Size
404 kB (403790 bytes)
Hash
a3f13d9f8cafb3009742baa64bda16fd
4401a72769f1da4ea93dd3170c2af1f6ee6e54d8
9ef17cdf85a80ef4e0f533a3e15188f509f3e0602cc0bae6a035aa1559916c4a

HTTP Headers

GET /images/scan001.jpg HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/jpeg
content-length: 403790
last-modified: Mon, 10 Dec 2018 08:26:56 GMT
etag: "5c0e2350-6294e"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/scan002.jpg

5.23.51.195

200 OK

494 kB

URL GET HTTP/2
tech-str.ru/images/scan002.jpg
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2550x3513, components 3\012- data
Size
494 kB (494091 bytes)
Hash
31ae1050fc980886aacb0f42836b7dbd
4c936a7f30c8ad8714b421a4bb6cf98d61fe4ae6
55e5a80d4223bcb6875a7f08c4956232b2ac2f1928d71b9214d20b82f426627f

HTTP Headers

GET /images/scan002.jpg HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: image/jpeg
content-length: 494091
last-modified: Mon, 10 Dec 2018 08:26:56 GMT
etag: "5c0e2350-78a0b"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

142.250.74.10

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text, with very long lines (65483)
Size
34 kB (33593 bytes)
Hash
3576a6e73c9dccdbbc4a2cf8ff544ad7
06e872300088b9ba8a08427d28ed0efcdf9c6ff5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

HTTP Headers

GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 21:41:36 GMT
expires: Wed, 29 May 2024 21:41:36 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 360177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0affd42f3b881bc89a46594868663e52
03ca33c099bbc747c00360101c6ca6e21810aa07
1a1eb9e073803bd3864fdc023b727bcdd97df9074a2b8a657769da4a8b858d97

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 01:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tech-str.ru/images/hed_fon.png

5.23.51.195

200 OK

83 kB

URL GET HTTP/2
tech-str.ru/images/hed_fon.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 1366 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
83 kB (82902 bytes)
Hash
9fed895ebe33971d60dd369b1336e097
48d5449d13c2c2238af3ce144bbac4741cf0a951
e49a9b88bfc75f9da5264057aa9d9319d68366fac71aa0602491dbf98bec276d

HTTP Headers

GET /images/hed_fon.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/bitrix/cache/css/s1/main/template_eebd9a07b914a33143acc11bfae195ab/template_eebd9a07b914a33143acc11bfae195ab.css?168570924963608
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: image/png
content-length: 82902
last-modified: Thu, 13 Dec 2018 11:28:23 GMT
etag: "5c124257-143d6"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/search.png

5.23.51.195

200 OK

581 B

URL GET HTTP/2
tech-str.ru/images/search.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 20 x 21, 8-bit/color RGBA, non-interlaced\012- data
Size
581 B (581 bytes)
Hash
a5b12dffb1c008926475f75873aaca8d
294baf522aef13a9a5ecd917b03ec2ac8e1b7733
82c94230a97529849d4363d8522fb4e7b1f345111def70f518463cdff648688a

HTTP Headers

GET /images/search.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/bitrix/cache/css/s1/main/template_eebd9a07b914a33143acc11bfae195ab/template_eebd9a07b914a33143acc11bfae195ab.css?168570924963608
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: image/png
content-length: 581
last-modified: Thu, 13 Dec 2018 12:43:33 GMT
etag: "5c1253f5-245"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 01:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 01:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tech-str.ru/bitrix/cache/js/s1/main/template_57e7c50ed63a7d73590fd30b09d17306/template_57e7c50ed63a7d73590fd30b09d17306.js?165960719286942

5.23.51.195

200 OK

27 kB

URL GET HTTP/2
tech-str.ru/bitrix/cache/js/s1/main/template_57e7c50ed63a7d73590fd30b09d17306/template_57e7c50ed63a7d73590fd30b09d17306.js?165960719286942
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
gzip compressed data, from Unix\012- data
Size
27 kB (26974 bytes)
Hash
4114e72756e6eb19cbef65f72548909d
727af0626b26af30aaf183071f176d7b9d993298
15203fea05e1bc3843852de751db9e0377f69b86a1f43729859147fe9d5b10af

HTTP Headers

GET /bitrix/cache/js/s1/main/template_57e7c50ed63a7d73590fd30b09d17306/template_57e7c50ed63a7d73590fd30b09d17306.js?165960719286942 HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: application/x-javascript
last-modified: Thu, 04 Aug 2022 09:59:52 GMT
vary: Accept-Encoding
etag: W/"62eb9898-1539e"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 01:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tech-str.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 03:11:48 GMT
expires: Sun, 02 Jun 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 81166
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tech-str.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 07:44:41 GMT
expires: Sun, 02 Jun 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 64793
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tech-str.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 03:23:01 GMT
expires: Sun, 02 Jun 2024 03:23:01 GMT
cache-control: public, max-age=31536000
age: 80493
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Size
9.6 kB (9644 bytes)
Hash
6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tech-str.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 18:53:44 GMT
expires: Wed, 29 May 2024 18:53:44 GMT
cache-control: public, max-age=31536000
age: 370250
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tech-str.ru/images/fot_fon.png

5.23.51.195

200 OK

170 kB

URL GET HTTP/2
tech-str.ru/images/fot_fon.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 1366 x 212, 8-bit/color RGBA, non-interlaced\012- data
Size
170 kB (169653 bytes)
Hash
b7dc3fc2148116b7ac4c750ca83eb3fd
2f4fb5739ee306e888cf4e2646d705e8b2e57293
2f9a973342bde109d77076a0cd0ec82e83317cac774fd8798f4c24181b0f261b

HTTP Headers

GET /images/fot_fon.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/bitrix/cache/css/s1/main/template_eebd9a07b914a33143acc11bfae195ab/template_eebd9a07b914a33143acc11bfae195ab.css?168570924963608
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: image/png
content-length: 169653
last-modified: Thu, 13 Dec 2018 14:01:32 GMT
etag: "5c12663c-296b5"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/lightbox/js/lightbox-2.6.min.js

5.23.51.195

200 OK

11 kB

URL GET HTTP/2
tech-str.ru/lightbox/js/lightbox-2.6.min.js
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
gzip compressed data, from Unix\012- data
Size
11 kB (10563 bytes)
Hash
91f0df5d862022ed5bd601a496507197
4adea63d9595b126bf66b0fc423b237fffb4163b
805fcfc255356b6edac4b4db762f8532a7428d961f9f64368b97aef061b16789

HTTP Headers

GET /lightbox/js/lightbox-2.6.min.js HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: application/x-javascript
last-modified: Mon, 10 Dec 2018 08:26:32 GMT
vary: Accept-Encoding
etag: W/"5c0e2338-1cdd"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

tech-str.ru/lightbox/img/close.png

5.23.51.195

200 OK

280 B

URL GET HTTP/2
tech-str.ru/lightbox/img/close.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 27 x 27, 8-bit colormap, non-interlaced\012- data
Size
280 B (280 bytes)
Hash
d9d2d0b1308cb694aa8116915592e2a9
3ca48361cfe0e41163023d03c26296f375bb3eac
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

HTTP Headers

GET /lightbox/img/close.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/lightbox/css/lightbox.css
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: image/png
content-length: 280
last-modified: Mon, 10 Dec 2018 08:26:32 GMT
etag: "5c0e2338-118"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/bxslider/images/bx_loader.gif

5.23.51.195

200 OK

8.6 kB

URL GET HTTP/2
tech-str.ru/bxslider/images/bx_loader.gif
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
GIF image data, version 89a, 32 x 32\012- data
Size
8.6 kB (8581 bytes)
Hash
931bdb6b50816b03206c66921760b246
f67f91dafbe0f846c8f8f67a005497d8bdea188a
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

HTTP Headers

GET /bxslider/images/bx_loader.gif HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/bxslider/jquery.bxslider.css
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: image/gif
content-length: 8581
last-modified: Mon, 10 Dec 2018 08:26:55 GMT
etag: "5c0e234f-2185"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 01:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

938 B

URL
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
0a2824d502d7fe65b7dfce958748cf39
d6d183c9faf7612b7d74c76913a90edf188277f1
f0a789061dfb60655beaab857b6df66f8da8b78cef576639545b3d3201fdfb1f

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 01:44:34 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Thu, 08 Jun 2023 00:16:51 GMT
ETag: "d6d183c9faf7612b7d74c76913a90edf188277f1"
Last-Modified: Sun, 04 Jun 2023 00:16:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2907
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1c7dcf8e18b50f-OSL

tech-str.ru/images/left-arr.png

5.23.51.195

200 OK

524 B

URL GET HTTP/2
tech-str.ru/images/left-arr.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 15 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
524 B (524 bytes)
Hash
e34df44db6dfeee1f4c36331ee41d414
aa8862fb40b8d46833f12e0bee6e0b78d08bed7d
09351aaa28ee19761a7e603e2fa13f9ae4288585b0452bb12c90559cabe5a051

HTTP Headers

GET /images/left-arr.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/bitrix/cache/css/s1/main/template_eebd9a07b914a33143acc11bfae195ab/template_eebd9a07b914a33143acc11bfae195ab.css?168570924963608
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: image/png
content-length: 524
last-modified: Thu, 03 Jan 2019 11:29:34 GMT
etag: "5c2df21e-20c"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/images/right-arr.png

5.23.51.195

200 OK

510 B

URL GET HTTP/2
tech-str.ru/images/right-arr.png
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
PNG image data, 15 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
510 B (510 bytes)
Hash
f235d1affa0c10166ae317befb9bd2e6
31bbfd59c4563ca1e46c9ae6e46b1c1836096ea7
fdbf5aeefa3966d15c02ec494fe4484c129b91913aab7b0fbb3464fbb4f84e70

HTTP Headers

GET /images/right-arr.png HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/bitrix/cache/css/s1/main/template_eebd9a07b914a33143acc11bfae195ab/template_eebd9a07b914a33143acc11bfae195ab.css?168570924963608
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: image/png
content-length: 510
last-modified: Thu, 03 Jan 2019 11:29:34 GMT
etag: "5c2df21e-1fe"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/exform/themes/callback/css/exform.css

5.23.51.195

200 OK

1.9 kB

URL GET HTTP/2
tech-str.ru/exform/themes/callback/css/exform.css
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
gzip compressed data, from Unix\012- data
Size
1.9 kB (1857 bytes)
Hash
a2e4e9a574bcab00338581ad92df38ca
9f03700b7184df25487dfb43d4f564cd44aac77a
96529545219b78742dc9f9f40a5cf0abc2db9f761c2f7b62546f0ad1beea7665

HTTP Headers

GET /exform/themes/callback/css/exform.css HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: text/css
last-modified: Thu, 13 Dec 2018 10:58:08 GMT
vary: Accept-Encoding
etag: W/"5c123b40-c31"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

940 B

URL
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
940 B (940 bytes)
Hash
06d20e0dfc58598473218cb5577c1588
317ce773617516636abd10c947e445a5970be568
99eaacd38bf4b5ec820a0b6fed0c0eac2a0dddac6e0fc2bffdfb1505028e1e0e

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 01:44:34 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 07 Jun 2023 22:36:26 GMT
ETag: "317ce773617516636abd10c947e445a5970be568"
Last-Modified: Sat, 03 Jun 2023 22:36:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1384
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1c7dd17ee5b50f-OSL

informer.yandex.ru/informer/32924444/3_1_FFFFFFFF_EFEFEFFF_0_pageviews

87.250.250.119

200 OK

1.3 kB

URL GET HTTP/2
informer.yandex.ru/informer/32924444/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
IP
87.250.250.119:443
ASN
#13238 YANDEX LLC

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT

File type
PNG image data, 88 x 31, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1287 bytes)
Hash
7a51d59b70669f38f23494ef4d0a89b8
9af0674cfdf2326fd117a4d03d0fe5302619d85f
10e4800bb8797bfe5648743ab240b419817efd521026fa21a0dded2cfc541490

HTTP Headers

GET /informer/32924444/3_1_FFFFFFFF_EFEFEFFF_0_pageviews HTTP/1.1
Host: informer.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 1287
last-modified: Sun, 04-Jun-2023 01:44:34 GMT
content-type: image/png
pragma: no-cache
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 04-Jun-2023 01:44:34 GMT
X-Firefox-Spdy: h2

tech-str.ru/system/logs/crypted.Locker_GUI_0.exe

5.23.51.195

301 Moved Permanently

13 kB

URL User Request GET HTTP/1.1
tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
IP
5.23.51.195:80
ASN
#9123 TimeWeb Ltd.

File type
gzip compressed data\012- data
Size
13 kB (13209 bytes)
Hash
79a8561238a906ec1b3820c6e741e8a5
2bebfb9af5077fc5eeb5e9bf71e936982df4ccea
212dbb193aadc0b50d7198812cd7cb24accf631e025d3e28af040a6d81e448fd

Detections

NIDS	Severity	Alert
suricata	high	ET MALWARE Possible Malicious Macro DL BIN May 2016 (No UA)

HTTP Headers

GET /system/logs/crypted.Locker_GUI_0.exe HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: text/html; charset=UTF-8
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-cms: Bitrix Site Manager (DEMO)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

tech-str.ru/js/flexslider/flexslider.css

5.23.51.195

200 OK

6.8 kB

URL GET HTTP/2
tech-str.ru/js/flexslider/flexslider.css
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
gzip compressed data, from Unix\012- data
Size
6.8 kB (6796 bytes)
Hash
7e6413f46e9fe7660a2193f6c92e9136
36ddd97437dab06b932c0a968f6b2ea224358bd2
9edbef45ea7ab34cae1ee2a18a503313721d0924be8af3dc3a3a939c88b8cd6c

HTTP Headers

GET /js/flexslider/flexslider.css HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: text/css
last-modified: Sat, 07 Dec 2019 18:29:06 GMT
vary: Accept-Encoding
etag: W/"5debef72-19ac"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

avatars.mds.yandex.net/get-altay/1554359/badge_rating_light_4.3/orig

87.250.247.183

200 OK

5.1 kB

URL GET HTTP/2
avatars.mds.yandex.net/get-altay/1554359/badge_rating_light_4.3/orig
IP
87.250.247.183:443
ASN
#13238 YANDEX LLC

Requested by
https://yandex.ru/sprav/widget/rating-badge/116769865717
Certificate
IssuerGlobalSign nv-sa
Subject*.avatars.mds.yandex.net
FingerprintB9:58:2C:33:49:75:74:DD:1D:4F:F8:7F:25:1C:CB:A6:45:1A:69:D6
ValidityMon, 06 Mar 2023 20:07:37 GMT - Fri, 06 Oct 2023 20:07:37 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5109 bytes)
Hash
01c8fbd5b7db928a9576f0751a4550f5
c6d1e758e3033054a5e5c26a52480aa736d79d2f
cca17e7dcfe8058cc40d8f44eeabe5523faabae637b886ce34adc0058b83c48e

HTTP Headers

GET /get-altay/1554359/badge_rating_light_4.3/orig HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 01:44:35 GMT
content-type: image/png
content-length: 5109
last-modified: Wed, 14 Dec 2022 08:16:38 GMT
cache-control: max-age=259200,immutable
x-request-id: 383b66845a4d0a1b
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
X-Firefox-Spdy: h2

tech-str.ru/exform/exform.js

5.23.51.195

200 OK

3.6 kB

URL GET HTTP/2
tech-str.ru/exform/exform.js
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
ASCII text, with very long lines (3770), with no line terminators
Size
3.6 kB (3601 bytes)
Hash
d3a97dd188252980b7454d8f864b4cdf
2a3ca66752dd8cbb6dbdbed9daa030c13b6b25bd
b9a4a23a2a42f3d0312c1d54004fab869e41f3190dfd0bac6fe4444e9caee816

HTTP Headers

GET /exform/exform.js HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: application/x-javascript
last-modified: Mon, 10 Dec 2018 08:26:33 GMT
vary: Accept-Encoding
etag: W/"5c0e2339-e11"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

tech-str.ru/bxslider/jquery.bxslider.min.js

5.23.51.195

200 OK

19 kB

URL GET HTTP/2
tech-str.ru/bxslider/jquery.bxslider.min.js
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
ASCII text, with very long lines (19040)
Size
19 kB (19359 bytes)
Hash
697d69a48e5356f7106e38c09f7f19e0
b57160771fa597a5b56c5b12756c693e4829be07
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

HTTP Headers

GET /bxslider/jquery.bxslider.min.js HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: application/x-javascript
last-modified: Mon, 10 Dec 2018 08:26:55 GMT
vary: Accept-Encoding
etag: W/"5c0e234f-4b9f"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

tech-str.ru/exform/css/mform.css

5.23.51.195

200 OK

811 B

URL GET HTTP/2
tech-str.ru/exform/css/mform.css
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (775), with no line terminators
Size
811 B (811 bytes)
Hash
2e02d403c0de23a20ff247fa5bc24375
2057bce5f38bfff63a5eafcb9b96782bbdc90365
cdfd1ef3b89c901b951ebf5abc53336a7d8db4237b47e0533e9de59702286f7f

HTTP Headers

GET /exform/css/mform.css HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/exform/themes/callback/css/exform.css
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: text/css
content-length: 811
last-modified: Mon, 10 Dec 2018 08:26:33 GMT
etag: "5c0e2339-32b"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

tech-str.ru/exform/themes/one_click/css/exform.css

5.23.51.195

200 OK

3.1 kB

URL GET HTTP/2
tech-str.ru/exform/themes/one_click/css/exform.css
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
ASCII text, with very long lines (3205), with no line terminators
Size
3.1 kB (3109 bytes)
Hash
d58c48f9aab16cdfccd3451896ee298d
781320f62c85128cd4bc5f31c785e4b5430cb0ca
5a6d72914d0bde409b7b1f721aa4f384696c51c4c7dddf4e6d0199ed42faf743

HTTP Headers

GET /exform/themes/one_click/css/exform.css HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: text/css
last-modified: Thu, 13 Dec 2018 10:57:49 GMT
vary: Accept-Encoding
etag: W/"5c123b2d-c25"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

tech-str.ru/bitrix/cache/css/s1/main/template_eebd9a07b914a33143acc11bfae195ab/template_eebd9a07b914a33143acc11bfae195ab.css?168570924963608

5.23.51.195

200 OK

64 kB

URL GET HTTP/2
tech-str.ru/bitrix/cache/css/s1/main/template_eebd9a07b914a33143acc11bfae195ab/template_eebd9a07b914a33143acc11bfae195ab.css?168570924963608
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type

Size
64 kB (63608 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bitrix/cache/css/s1/main/template_eebd9a07b914a33143acc11bfae195ab/template_eebd9a07b914a33143acc11bfae195ab.css?168570924963608 HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: text/css
last-modified: Fri, 02 Jun 2023 12:34:09 GMT
vary: Accept-Encoding
etag: W/"6479e1c1-f878"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

yandex.ru/sprav/widget/rating-badge/116769865717

5.255.255.77

200 OK

1.5 kB

URL GET HTTP/2
yandex.ru/sprav/widget/rating-badge/116769865717
IP
5.255.255.77:443
ASN
#13238 YANDEX LLC

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerGlobalSign nv-sa
Subject*.xn--d1acpjx3f.xn--p1ai
Fingerprint7A:E6:FF:BB:19:79:E4:52:B5:47:97:69:F8:78:1C:38:BD:E6:2F:C2
ValidityWed, 01 Feb 2023 12:45:35 GMT - Tue, 01 Aug 2023 20:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1546), with no line terminators
Size
1.5 kB (1489 bytes)
Hash
756dd9a9d2df531ea24302815f0540dd
e237cbba8d2ee1b52e1664f2a23c1eae282c8c0c
49a69fb01a65b327d56b46937c060fe28f2a430c8cb1f1eab9add902b827e071

HTTP Headers

GET /sprav/widget/rating-badge/116769865717 HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-xss-protection: 0, 1; mode=block
x-yandex-req-id: 1685843074617200-7077876662420097436-balancer-l7leveler-kubr-yp-vla-43-BAL
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-download-options: noopen
date: Sun, 04 Jun 2023 01:44:34 GMT
set-cookie: is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Tue, 03 Jun 2025 01:44:34 GMT; SameSite=None; Secure
is_gdpr_b=CPOxcxCUuwEYAQ==; Path=/; Domain=.yandex.ru; Expires=Tue, 03 Jun 2025 01:44:34 GMT; SameSite=None; Secure
_yasc=W7vDkF/sEcXG7fVPtBMaf+ATw33SjN+1P6GmS6A35M7orT+yQImfHhHHTP8=; domain=.yandex.ru; path=/; expires=Wed, 01 Jun 2033 01:44:34 GMT; secure
i=fcpUOBAiVS68ut+mP3kVZvx9Ofalvr12wmgqlWgLg8pSMZNthI0yqheyXgLzQ8cUxqQIRwrUpiddaHUcOdU/aOdOqgg=; Expires=Tue, 03-Jun-2025 01:44:34 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7200974361685843074; Expires=Tue, 03-Jun-2025 01:44:34 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
vary: Accept-Encoding
content-security-policy: default-src 'none'; script-src 'self' 'nonce-Kz7KPSWA/quwMd9UaREZhw==' 'unsafe-eval' yastatic.net *.yandex.ru yandex.ru *.ya.ru ya.ru *.maps.yandex.net yastat.net widget-pvz.dostavka.yandex.net; style-src 'self' 'unsafe-inline' yastatic.net mc.yandex.ru yastat.net *.yandex.ru yandex.ru *.ya.ru ya.ru; font-src 'self' data: yastatic.net *.yandex.ru yandex.ru *.ya.ru ya.ru widget-pvz.dostavka.yandex.net; img-src 'self' data: avatars.mds.yandex.net avatars.yandex.net yastatic.net *.maps.yandex.net yapic.yandex.net *.yandex.ru yandex.ru avatars.mdst.yandex.net mc.webvisor.org mc.yandex.ru mc.yandex.ua mc.yandex.by mc.yandex.kz mc.yandex.com mc.yandex.com.tr static-maps.yandex.ru storage.mds.yandex.net eda.yandex mc.admetrica.ru mc.admetrica.ua mc.admetrica.by mc.admetrica.kz mc.admetrica.com mc.admetrica.com.tr files.messenger.yandex.net priority.s3.yandex.net wappalyzer-client.yandex.ru *.ya.ru ya.ru; object-src 'self' *.yandex.ru yandex.ru *.ya.ru ya.ru; frame-src 'self' api-maps.yandex.ru yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.ua *.yandex.by *.yandex.kz *.yandex.com *.yandex.com.tr ya.ru *.ya.ru priority.s3.yandex.net; child-src 'self' api-maps.yandex.ru awaps.yandex.ru; connect-src 'self' mc.yandex.ru yandex.ru *.yandex.ru ya.ru *.ya.ru files.messenger.yandex.net api.passport.yandex.ru api.passport.yandex.ua api.passport.yandex.by api.passport.yandex.kz api.passport.yandex.com api.passport.yandex.com.tr yastatic.net yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.ua *.yandex.by *.yandex.kz *.yandex.com *.yandex.com.tr *.mybusiness.yango.com widget-pvz.dostavka.yandex.net api-ext.vh.yandex.net maps-geoapp-goods-imports-stable.s3.yandex.net; manifest-src 'self'; media-src blob:; report-uri https://csp.yandex.net/csp?from=tycoon&yandex_login=undefined&yandexuid=undefined;
x-permitted-cross-domain-policies: none
content-type: text/html; charset=utf-8
etag: W/"5d1-kbpnOOL2ON9RaSok9rKTEnDEq9o"
referrer-policy: no-referrer
expect-ct: max-age=0
x-content-type-options: nosniff, nosniff
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-dns-prefetch-control: off
X-Firefox-Spdy: h2

tech-str.ru/bitrix/cache/css/s1/main/kernel_main/kernel_main.css?165960720936635

5.23.51.195

200 OK

37 kB

URL GET HTTP/2
tech-str.ru/bitrix/cache/css/s1/main/kernel_main/kernel_main.css?165960720936635
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
ASCII text, with very long lines (688)
Size
37 kB (36635 bytes)
Hash
6d6449ccaa02a0419367dbc4bf98483b
1617755c13fb315150032096543bbe4720527422
43a38a36bfaa51b6d67e96b2e4bd7e91878e6a9b5b638decebf1415a6ddfed69

HTTP Headers

GET /bitrix/cache/css/s1/main/kernel_main/kernel_main.css?165960720936635 HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: text/css
last-modified: Thu, 04 Aug 2022 10:00:09 GMT
vary: Accept-Encoding
etag: W/"62eb98a9-8f1b"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

142.250.74.106

200 OK

26 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text
Size
26 kB (25610 bytes)
Hash
f5d1b487fac71a08cb759bd21a2428bf
1d81069808f53058288bb3035e8dbaa94c757e9d
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47

HTTP Headers

GET /css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Jun 2023 01:44:34 GMT
date: Sun, 04 Jun 2023 01:44:34 GMT
cache-control: private, max-age=86400
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tech-str.ru/favicon.svg

5.23.51.195

200 OK

10 kB

URL GET HTTP/2
tech-str.ru/favicon.svg
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text
Size
10 kB (10003 bytes)
Hash
bdd4d924c13636f66d8ec913294c6bf5
7ddcb6ccd0ea6252bf28610ba8bdb4fa8425526c
f4c288d295da32143f9ad4d3d1bd4b606740254d17ea2e34a32a49874b15f187

HTTP Headers

GET /favicon.svg HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: image/svg+xml
last-modified: Fri, 15 Jan 2021 06:56:50 GMT
vary: Accept-Encoding
etag: W/"60013cb2-2713"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

tech-str.ru/exform/themes/request/css/exform.css

5.23.51.195

200 OK

3.0 kB

URL GET HTTP/2
tech-str.ru/exform/themes/request/css/exform.css
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
ASCII text, with very long lines (3112), with no line terminators
Size
3.0 kB (3021 bytes)
Hash
4ccb3dd8ecf67db4cf4a4eea181190b9
345af68417b24859b2dcd5ab9b2d10ffd59bba0c
5226f2fc2b80a6cc7c55f8c4e60cf1774fa2a1870f47cb5eb1b10b8de493272c

HTTP Headers

GET /exform/themes/request/css/exform.css HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: text/css
last-modified: Thu, 13 Dec 2018 10:58:30 GMT
vary: Accept-Encoding
etag: W/"5c123b56-bcd"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

tech-str.ru/lightbox/img/loading.gif

5.23.51.195

200 OK

8.5 kB

URL GET HTTP/2
tech-str.ru/lightbox/img/loading.gif
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
GIF image data, version 89a, 32 x 32\012- data
Size
8.5 kB (8476 bytes)
Hash
2299ad0b3f63413f026dfec20c205b8f
cf720b50cf8dde0e1a84ce1c6a77788bfc5882d5
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

HTTP Headers

GET /lightbox/img/loading.gif HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/lightbox/css/lightbox.css
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:34 GMT
content-type: image/gif
content-length: 8476
last-modified: Mon, 10 Dec 2018 08:26:32 GMT
etag: "5c0e2338-211c"
expires: Wed, 05 Jul 2023 01:44:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.6.3/css/all.css

172.64.133.15

200 OK

54 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.6.3/css/all.css
IP
172.64.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT

File type
ASCII text, with very long lines (53592), with no line terminators
Size
54 kB (53592 bytes)
Hash
dc93d584e41f8417f6b7163320d34329
07013bc45af8f3412ea2d15b874702aeb1df3350
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

HTTP Headers

GET /releases/v5.6.3/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tech-str.ru
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: text/css
x-amz-id-2: aFot76bH/+cmUQOxVIGDWBeFfkO8Y0dhJkFAUYcOq5u2nqzBUvfW+LaF6cs6vqm8J1dpXfxv31U=
x-amz-request-id: MRJGPZZGB9F18VDC
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
etag: W/"dc93d584e41f8417f6b7163320d34329"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 25855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTclfcIaZYBZojwEAg%2FLMP8n%2BhLbb%2F0c0z0aGQkFQqzdMQW3%2FHEUPcYrwiOv8Hu5I4zuBxYA5zF3ftZ2HGsK7PTaM7MJHP%2By5nNBPRSc3X0gEMdqXa3szaSTPaYainfwIEHk4ECE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1c7dcaab0775e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tech-str.ru/bxslider/jquery.bxslider.css

5.23.51.195

200 OK

3.9 kB

URL GET HTTP/2
tech-str.ru/bxslider/jquery.bxslider.css
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
ASCII text, with very long lines (4163), with no line terminators
Size
3.9 kB (3859 bytes)
Hash
a0ec6a52495338f7b6fdda77be6b44e4
1c52291d4c4c332e45a5097eb546f0a4cf118052
52516a4b6623afb942a9caf6afaf3e7a989fbcee2cf1a4b4ef118ecd0f9e5406

HTTP Headers

GET /bxslider/jquery.bxslider.css HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: text/css
last-modified: Tue, 19 Feb 2019 10:16:08 GMT
vary: Accept-Encoding
etag: W/"5c6bd768-f13"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

tech-str.ru/lightbox/css/lightbox.css

5.23.51.195

200 OK

4.2 kB

URL GET HTTP/2
tech-str.ru/lightbox/css/lightbox.css
IP
5.23.51.195:443
ASN
#9123 TimeWeb Ltd.

Requested by
https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Certificate
IssuerLet's Encrypt
Subjecttech-str.ru
FingerprintD1:25:5B:A0:E8:90:4F:D3:98:06:6A:FF:FB:FF:57:5B:1F:E9:DF:33
ValidityTue, 16 May 2023 04:29:37 GMT - Mon, 14 Aug 2023 04:29:36 GMT

File type
ASCII text, with very long lines (4396), with no line terminators
Size
4.2 kB (4190 bytes)
Hash
17c2dee11d06b1bc98387850cdd224a2
a9e04caeb1ab93913ab3ca6b37b2f66b9118fff0
29a25541374a384425e7bc8a86dddf17f620802735ae1dc99a073840b2dbe99d

HTTP Headers

GET /lightbox/css/lightbox.css HTTP/1.1
Host: tech-str.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tech-str.ru/system/logs/crypted.Locker_GUI_0.exe
Cookie: PHPSESSID=3aca22ac22fb9dc1e459f6bd9b9a6570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 04 Jun 2023 01:44:33 GMT
content-type: text/css
last-modified: Mon, 10 Dec 2018 08:26:32 GMT
vary: Accept-Encoding
etag: W/"5c0e2338-105e"
expires: Wed, 05 Jul 2023 01:44:33 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (34)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML