Report - nawerist.xyz/1Yb/7.html

Report Overview

Submitted URL
nawerist.xyz/1Yb/7.html
IP
45.141.156.113
ASN
#206776 Ophidian Network Limited
Submitted
2024-04-23 18:51:59
Access
public
Website Title
Avast Antivirus
Final URL
nawerist.xyz/1Yb/7.html
Tags
fake_software scam
urlquery detections
Scam - Fake AntiVirus / Security software

Detections

urlquery
10
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nawerist.xyz	unknown	unknown	No data	No data	7.7 kB	100 kB	45.141.156.113
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-23	427 B	32 kB	142.250.74.106
translate.googleapis.com	1005	2005-01-25	2012-05-31	2024-04-23	1.7 kB	75 kB	142.250.74.138
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-23	486 B	10 kB	142.250.74.106
threatdetect.org	unknown	2022-01-28	2022-01-28	2024-03-24	472 B	603 B	188.114.97.1
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-04-22	1.8 kB	116 kB	172.67.142.245
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-22	2.6 kB	203 kB	216.58.207.227
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-23	1.1 kB	7.3 kB	142.250.74.35
translate.google.com	1156	1997-09-15	2012-05-30	2024-04-22	444 B	35 kB	142.250.74.46
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04	2024-04-22	526 B	2.2 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main	212 kB	2024-04-23	2024-04-24
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 20:52:05 Last Seen2024-04-24 21:08:14 Times Seen34 Hash b78a598053844b5ae2d3c1d98851d54a f75001b57e8d501345f9f6a24bb05b4da381022d c1e457211fafb84677e66e20fa411e5d6875dfced5e2e8727615589aa3434d02 Loading...

	use.fontawesome.com/f182237388.js	9.5 kB	2023-03-08	2024-05-02
Pretty URL use.fontawesome.com/f182237388.js IP 172.67.142.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:08:25 Last Seen2024-05-02 19:51:57 Times Seen178 Hash 642925e489914ab3dd425cb843636667 b1e9f31c4ef9543e82467d88db7b63933cd67556 5fc81f26f3ae5cce9fffb7bf98e91a71210defe0a685ba8eff16ce863524a131 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-03
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-03 20:32:45 Times Seen141243 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	nawerist.xyz/1Yb/files/script/smart.js	2.2 kB	2023-03-07	2024-05-02
Pretty URL nawerist.xyz/1Yb/files/script/smart.js IP 45.141.156.113 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-05-02 19:51:57 Times Seen685 Hash c9e9a54501fc6f6e8918b2c0f2a53981 3d530e6c830ccba6284e79c7245bb45d6f4f2197 491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454 Loading...

	nawerist.xyz/1Yb/files/script/myjs.js	28 kB	2023-10-31	2024-04-30
Pretty URL nawerist.xyz/1Yb/files/script/myjs.js IP 45.141.156.113 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 06:51:57 Last Seen2024-04-30 01:43:00 Times Seen41 Hash 8de3ee6051018487cda3b87c5377827c 3e859cc6d316f85e919c38e6102cec21c957bb1c 8056f21d9161a95ae08dc4973afc97579acd958c7bf8ac368ebc4993f956a366 Loading...

	nawerist.xyz/1Yb/7.html	38 B	2023-10-31	2024-05-02
Pretty URL nawerist.xyz/1Yb/7.html IP 45.141.156.113 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-31 06:51:57 Last Seen2024-05-02 09:29:26 Times Seen106 Hash 518779926bc5658ade8df84ea2f8b0e9 197b9ce340aae95551312b3ca7d41902e8c1ca53 854037d3c6e773ef2e0a8dc82efd78c0d9bca0bdbb62a92fb324c12e831cb16b Loading...

	nawerist.xyz/1Yb/files/script/lang.js	1.2 kB	2023-03-07	2024-05-02
Pretty URL nawerist.xyz/1Yb/files/script/lang.js IP 45.141.156.113 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-05-02 19:51:57 Times Seen738 Hash fcd546809170dd574eb37b989529f69a 2e227e144e3b4bd68064354d8a7fbc61125f624c 350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920 Loading...

	nawerist.xyz/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=wA/d=1/rs=AN8SPfqgs5B2z4NXPNgxvW-mvf_WtlMJyg/m=el_conf	90 kB	2024-04-23	2024-04-23
Pretty URL nawerist.xyz/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=wA/d=1/rs=AN8SPfqgs5B2z4NXPNgxvW-mvf_WtlMJyg/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 20:52:06 Last Seen2024-04-23 20:52:06 Times Seen1 Hash 03f76a3efad46601b04a3c91f47dabdd 7dc133a59adbe0e7ea0920254d10e2ed33a1c91e b34975eef4a481f8bee3e99c7be42a968f938073d08ba60c2626f8c42a33df22 Loading...

HTTP Transactions (36)

URL IP Response Size

nawerist.xyz/1Yb/files/images/logo.png

45.141.156.113

200 OK

7.7 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/logo.png
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
PNG image data, 200 x 62, 8-bit/color RGBA, non-interlaced
Size
7.7 kB (7689 bytes)
Hash
1217b2259b629c2124a282397ad473b6
91fecd95286977542815f94653f2cdb94a0b2393
c697beb4d02fb05c37738cbf0f0f5563ccc66b6e0319e8eab880c94dd6f16942

HTTP Headers

GET /1Yb/files/images/logo.png HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/png
content-length: 7689
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-1e09"
accept-ranges: bytes
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/favicon.png

45.141.156.113

200 OK

7.3 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/favicon.png
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7274 bytes)
Hash
12c7ecc7ac0109afd3009124f3a6281a
c69e8f5a652817412bba15cbc24b640b1be4f3b4
a152701d997f44aea37c3ea4f4138fcb6db6be0bfb304c93f99b988c44a476ad

HTTP Headers

GET /1Yb/files/images/favicon.png HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/png
content-length: 7274
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-1c6a"
accept-ranges: bytes
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/icon_1.png

45.141.156.113

200 OK

1.1 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/icon_1.png
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1137 bytes)
Hash
d4d69630de198f952456bd95946cff99
63666fc0c400af0789069bcf8fb5ec3092e3c7b5
3bc79b2b43c6496e7be7ea2cc22838c9e14bd7d4ab27d049d8a01a6423607e87

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Yb/files/images/icon_1.png HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/png
content-length: 1137
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-471"
accept-ranges: bytes
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/icon_2.png

45.141.156.113

200 OK

2.4 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/icon_2.png
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2431 bytes)
Hash
fd22397dfe5d6d7349164ce82847fd53
dcc678c0c3c6d91d88b021081f280377fa65ee01
3c6902c5acb08e21fef1afb46bcf770245b6b942f0613d8063a5032065c4d317

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Yb/files/images/icon_2.png HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/png
content-length: 2431
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-97f"
accept-ranges: bytes
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/together.png

45.141.156.113

200 OK

9.2 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/together.png
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
PNG image data, 200 x 62, 8-bit/color RGBA, non-interlaced
Size
9.2 kB (9155 bytes)
Hash
e358f78da82386cbfe4c40caec1afddd
d1a5af6523595a6c3541db05bf580d6f3715dbf3
403e3733ad621708dbf43c4f3cd4195b42af2aedd59c9a330ffc32f3d63951f2

HTTP Headers

GET /1Yb/files/images/together.png HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/png
content-length: 9155
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-23c3"
accept-ranges: bytes
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 09:56:44 GMT
expires: Wed, 23 Apr 2025 09:56:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 32089
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/atten.png

45.141.156.113

200 OK

2.5 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/atten.png
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
PNG image data, 100 x 89, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2453 bytes)
Hash
73ee5f5a65419cdae683e3ce557667c5
c63479fd67f9bcf0ff867e518ed12dbb223929fb
beaf85377ddd403e8beb6772e27ef87608e0da79d09e3080798c339d9b822135

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Yb/files/images/atten.png HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/png
content-length: 2453
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-995"
accept-ranges: bytes
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/icon_3.png

45.141.156.113

200 OK

1.0 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/icon_3.png
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.0 kB (1010 bytes)
Hash
118f0c5583f13e7f2e42ac3c34d54a4a
aca14f746b4889df053494c8fa043f8a4b22a511
746872277e95c813f0720fb138d445af664d09b0e9968bb2dfc453a4f30f75da

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Yb/files/images/icon_3.png HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/png
content-length: 1010
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-3f2"
accept-ranges: bytes
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/icon_4.png

45.141.156.113

200 OK

1.3 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/icon_4.png
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1288 bytes)
Hash
d4ce6e3f44d5ddcc50f3f1e88107b886
1b1969cff7e88bce4b1196551d6a44bef0ef6dcf
2d21436c30be8369abd4dcbf6b26d1c5d9db2f039c398d5c8aeba3db93d7d7a5

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Yb/files/images/icon_4.png HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/png
content-length: 1288
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-508"
accept-ranges: bytes
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/action_1.gif

45.141.156.113

200 OK

69 B

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/action_1.gif
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
GIF image data, version 89a, 16 x 16
Size
69 B (69 bytes)
Hash
3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Yb/files/images/action_1.gif HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/gif
content-length: 69
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-45"
accept-ranges: bytes
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/action_2.gif

45.141.156.113

200 OK

377 B

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/action_2.gif
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
GIF image data, version 89a, 16 x 16
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Yb/files/images/action_2.gif HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/gif
content-length: 377
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-179"
accept-ranges: bytes
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/action_3.gif

45.141.156.113

200 OK

234 B

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/action_3.gif
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
GIF image data, version 89a, 16 x 16
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Yb/files/images/action_3.gif HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: image/gif
content-length: 234
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-ea"
accept-ranges: bytes
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/script/lang.js

45.141.156.113

200 OK

1.0 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/script/lang.js
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
gzip compressed data, from Unix
Size
1.0 kB (1015 bytes)
Hash
4484a84fa15de20d18fff31116112104
a9c62f11b290d4e85d890d4aedcd0420ef21474d
feebf452d45ed67daadd568bc0bd88a2bb94b8099241222f787163821c8074a5

HTTP Headers

GET /1Yb/files/script/lang.js HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: application/javascript
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
vary: Accept-Encoding
etag: W/"65e59a55-485"
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2

172.67.142.245

200 OK

77 kB

URL GET HTTP/2
use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /releases/v4.7.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nawerist.xyz
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:51:34 GMT
content-type: application/font-woff2
content-length: 77160
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 86562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMtUsRtWDIUWC1hOG9ZcxEZUbBw%2BqP%2FFaQZSOXrHvhbBNw%2FwKqsRMCBkseZlw2L8diQqV1%2Fx1Gq3HlmWF2QT1KVEXGoUw3VzMtG%2FYoudkADnzB5NfhqcCqqoYSfvjyhMmaFCz9cK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87900bb21ba17128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nawerist.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 490594
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nawerist.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 490594
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nawerist.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 490594
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nawerist.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 490594
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/images/favicon.png

45.141.156.113

200 OK

7.3 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/images/favicon.png
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7274 bytes)
Hash
12c7ecc7ac0109afd3009124f3a6281a
c69e8f5a652817412bba15cbc24b640b1be4f3b4
a152701d997f44aea37c3ea4f4138fcb6db6be0bfb304c93f99b988c44a476ad

HTTP Headers

GET /1Yb/files/images/favicon.png HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:34 GMT
content-type: image/png
content-length: 7274
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
etag: "65e59a55-1c6a"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css

142.250.74.35

200 OK

4.0 kB

URL GET HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:44:30 GMT
expires: Fri, 18 Apr 2025 02:44:30 GMT
cache-control: public, max-age=31536000
age: 490024
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main

142.250.74.138

200 OK

73 kB

URL GET HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (2308)
Size
73 kB (73076 bytes)
Hash
b78a598053844b5ae2d3c1d98851d54a
f75001b57e8d501345f9f6a24bb05b4da381022d
c1e457211fafb84677e66e20fa411e5d6875dfced5e2e8727615589aa3434d02

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 73076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 17:35:04 GMT
expires: Wed, 23 Apr 2025 17:35:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:10:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 4590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

142.250.74.46

200 OK

34 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JavaScript source, ASCII text, with very long lines (2064)
Size
34 kB (34369 bytes)
Hash
9cdba2b68147f82f35f4a7ac711e2d1c
8e1c543cbe0daf09e3267eda7730a1b97f5ff03a
c281f4594a24e58c9baf4a2d41f39e05f2c35ef494e96a1b7d21af0b4e899353

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Apr 2024 18:51:34 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 14:38:24 GMT
expires: Wed, 23 Apr 2025 14:38:24 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 15190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.106

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 23 Apr 2024 18:51:34 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=513=EEfFA6fSsFDzrW2VQYpuMp1PiQi-vDPIwokCVQlYWUOPWskQt36QKU1uSwlIbHI5OKUthriaycaeg341INz0Yu0IapoHecp8hLtlp5T4pVA4M_lznGuyBcqApYHUj2iVqX2DAJsu4sXwK7aZQijzqk_2MS4K4UhG4Zcd-GDRNtA; expires=Wed, 23-Oct-2024 18:51:34 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Tue, 23 Apr 2024 18:51:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

use.fontawesome.com/f182237388.js

172.67.142.245

200 OK

4.0 kB

URL GET HTTP/2
use.fontawesome.com/f182237388.js
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (9239)
Size
4.0 kB (4011 bytes)
Hash
642925e489914ab3dd425cb843636667
b1e9f31c4ef9543e82467d88db7b63933cd67556
5fc81f26f3ae5cce9fffb7bf98e91a71210defe0a685ba8eff16ce863524a131

HTTP Headers

GET /f182237388.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: text/javascript
etag: W/"642925e489914ab3dd425cb843636667"
last-modified: Fri, 22 Sep 2023 01:40:28 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 7098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=32Dcr9znfFY7W1eZLQy%2Bx2vPDSso6qWgZljo6F2bMsTmIawILDcG1U%2FLpDHdTen1bnw1gulvwN8EqWsqktmbIKZ90kX4IwFtK%2Bp4rDQK0I4WAmh6C%2F5mXZMzUik3lapvx4wcI16O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87900baf89047128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap

142.250.74.106

200 OK

9.7 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
gzip compressed data, max compression
Size
9.7 kB (9720 bytes)
Hash
45816736a4a4ebf69b35f4db3c84dcdd
a2101bda7ea000de084482df9687ff674ce2fc2a
88cbe369ac79c0862d54b1b45de6921552e7cf9264ee594b8832f8fe73d1d7af

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 23 Apr 2024 18:51:33 GMT
date: Tue, 23 Apr 2024 18:51:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.138

200 OK

0 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://nawerist.xyz/
Origin: https://nawerist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://nawerist.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 23 Apr 2024 18:51:44 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.138

200 OK

131 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nawerist.xyz/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1179
Origin: https://nawerist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://nawerist.xyz
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 23 Apr 2024 18:51:44 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

threatdetect.org/fonts/?font=aHR0cHM6Ly9uYXdlcmlzdC54eXovMVliLzcuaHRtbA==

188.114.97.1

200 OK

0 B

URL GET HTTP/2
threatdetect.org/fonts/?font=aHR0cHM6Ly9uYXdlcmlzdC54eXovMVliLzcuaHRtbA==
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectthreatdetect.org
FingerprintF6:23:B8:9E:08:03:83:36:F4:82:1C:31:29:E6:F5:FC:ED:66:02:14
ValidityThu, 18 Apr 2024 10:28:31 GMT - Wed, 17 Jul 2024 10:28:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/?font=aHR0cHM6Ly9uYXdlcmlzdC54eXovMVliLzcuaHRtbA== HTTP/1.1
Host: threatdetect.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nawerist.xyz
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:51:34 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=poaTq8KMO%2BvfnZaDXX%2F7Lo0owB%2BptelGHSan5%2B458%2FYZ4sDztyrWIjFr7tdCdZzzK0x5lQwfugA1uyxPzEX1kgQwK8PUE9JkhmfacbxMJ2BX2tcdnpI39rnVACypkzKC%2FZXo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87900bb1bd44b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

216.58.207.227

200 OK

6.2 kB

URL GET HTTP/3
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
SVG Scalable Vector Graphics image
Size
6.2 kB (6225 bytes)
Hash
a1a4ffbc52fa4bd18e2f9f7c45ba71fc
0df81f908c859204ae9748c21ad2a4219381b2e4
151e69c94e1f500a46c405df3a0c60043651b22aec7b4ae33d5df3bc9fd82737

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 18:58:28 GMT
expires: Mon, 21 Apr 2025 18:58:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 172386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

nawerist.xyz/1Yb/files/script/smart.js

45.141.156.113

200 OK

2.2 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/script/smart.js
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
JavaScript source, ASCII text, with very long lines (2304), with no line terminators
Size
2.2 kB (2198 bytes)
Hash
79218c8e4d6b9589da61b4daddd1d721
c8bdf2b44db9327ac24f0d02e2aa0bfc69097ab5
db4e31aaf6f2022d9cd8c052537ee237b0b69cd49ab27d6d29913bf401b1ea5a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Yb/files/script/smart.js HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: application/javascript
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
vary: Accept-Encoding
etag: W/"65e59a55-896"
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css

172.67.142.245

200 OK

30 kB

URL GET HTTP/2
use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30343)
Size
30 kB (30344 bytes)
Hash
36082410df2ef7f83932219089dc1443
7961402d7d01e19387fe609a38454b0bc8c6cca4
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

HTTP Headers

GET /releases/v4.7.0/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/f182237388.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:51:34 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"36082410df2ef7f83932219089dc1443"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2455232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdNB%2Bp5LDQyL79mYScHPpx8FLTUYwSZyF5pvBnM7yowDf%2BitugDAjUd1HTJBvOGhh5dtl5ExV62%2Bd7kv0S2pp1SYZ%2BAf9iJsBCyUwqs%2BgDOZiU6No%2BNcmpNEF1Nm9hecorMvjwwY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87900bb1ab317128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/f182237388.css

172.67.142.245

200 OK

1.0 kB

URL GET HTTP/2
use.fontawesome.com/f182237388.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1054), with no line terminators
Size
1.0 kB (1033 bytes)
Hash
38ab6981f2d275f63d6a5e13e551e2ae
fed5822d1194a5965a5012005fa4dafd5be9ae2e
b029b512b28b1f42efe25a07a756b0d6bd97a071e0845129c8fae7fe288c18a8

HTTP Headers

GET /f182237388.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: text/css
etag: W/"c34c69a9993e345a33d3899b6f063f04"
last-modified: Fri, 22 Sep 2023 01:40:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 1722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6IfPQ7JI1yFrM0h2YrSkZHAJCFfZNv4OOaph0Zil5d7X%2BeUodJf%2FSXZnIFwKPVknU43ocsi%2FYmfGwLjs262wBkiZ96cK%2BMfu8RbTv8J5%2BcClyW2dNvqKTVe5Y5s8jqSsTN9yBGJq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87900bb13ad87128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/7.html

45.141.156.113

200 OK

15 kB

URL User Request GET HTTP/2
nawerist.xyz/1Yb/7.html
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
15 kB (15196 bytes)
Hash
3a653ffac166433e0918b8f0d8872ecd
a698bb1aed3a8e6b569dd57293e5876ed0bfd7aa
a387a723dfc4ac400ce8c00ad932879229b50b9cb932deb97f7739d6532fa750

HTTP Headers

GET /1Yb/7.html HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: text/html
last-modified: Mon, 04 Mar 2024 09:54:26 GMT
vary: Accept-Encoding
etag: W/"65e59a52-3b5c"
content-encoding: gzip
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/styles/default.css

45.141.156.113

200 OK

8.5 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/styles/default.css
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type
ASCII text, with very long lines (9661), with no line terminators
Size
8.5 kB (8544 bytes)
Hash
8184b4115f518dcbfcf20da5df4b2b9d
42ee0e1339bc5e562820f8230793dfd7a2bd9783
6b598fd615c0f839df631d378de75d6dfd492e4e3aaaba4a7510cc5d884777e5

HTTP Headers

GET /1Yb/files/styles/default.css HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
vary: Accept-Encoding
etag: W/"65e59a55-2160"
content-encoding: gzip
X-Firefox-Spdy: h2

nawerist.xyz/1Yb/files/script/myjs.js

45.141.156.113

200 OK

28 kB

URL GET HTTP/2
nawerist.xyz/1Yb/files/script/myjs.js
IP
45.141.156.113:443
ASN
#206776 Ophidian Network Limited

Requested by
https://nawerist.xyz/1Yb/7.html
Certificate
IssuerLet's Encrypt
Subjectnawerist.xyz
FingerprintF3:93:6F:E9:55:F3:11:95:9A:21:7C:41:B5:73:A0:19:00:44:63:8D
ValidityMon, 08 Apr 2024 10:34:52 GMT - Sun, 07 Jul 2024 10:34:51 GMT

File type

Size
28 kB (28306 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1Yb/files/script/myjs.js HTTP/1.1
Host: nawerist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nawerist.xyz/1Yb/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:51:33 GMT
content-type: application/javascript
last-modified: Mon, 04 Mar 2024 09:54:29 GMT
vary: Accept-Encoding
etag: W/"65e59a55-6e92"
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (36)

URL GET HTTP/2

IP