ekreklama.ru Open in urlscan Pro
2606:4700:3037::ac43:940b  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ekreklama.ru/	29 KB 15 KB	1257ms 918ms	Document text/html	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekreklama.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3be5dc8c07ace70e8cf915e195b46cb7a448627b6e196a5cf39df6b7a3501e2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86221f2ff81c09b6-MIA content-encoding br content-type text/html; charset=utf-8 date Sun, 10 Mar 2024 09:01:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNezBVmgmI7kT%2F3RlsrnN%2F70p7VdDVG8yr7PdfHYnVHsHS9Kn3cNJhfel5SIG3mS5CFtw7MsQv1Hpo5sETQqBuZXIxN0rSofkLdHAJd213z7nUHxaR5luDZbIwfOQ%2Fb%2FEt%2FB0zV0UQkJU4k%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	style.css ekreklama.ru/templates/KRAKEN_CAP/styles/	7 KB 2 KB	814ms 813ms	Stylesheet text/css	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekreklama.ru/templates/KRAKEN_CAP/styles/style.css Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5f2f5b8acc41af5d1e493354718795990ecd36bfa05e02471546976c4c71b7e Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/3751265306 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nh839xNacTL2ww%2FAFnBPaH2a0Vr4rMn2EQzME4UJc2ejo%2FnlD3lTai731yyhHxWDPXhlNHAcX5Bwxt%2F%2Bq%2BAeM%2F1kl5q9lkGpuEeif%2Bt2HFD%2FkXvUxtjGYBzzHLFEMaelH5rhrwJbPvo2oxA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 86221f35c9dc09b6-MIA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	11 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 83a1148e3d94f64007c709f05183caf8d9d952013bd5cb3cb4e26af353e6784b Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET H3	200	15799795831_ssylki-onion-kramp.jpg ekreklama.ru/PARSE/DATA/IMAGES/	43 KB 43 KB	1631ms 1631ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/15799795831_ssylki-onion-kramp.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8e4d80e1423649216751a553a44e4bc0adf90c6a0e66ad1ff3d843a5fa1538e Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/3417343337 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFkkjDQHsgLutNPRt1pF9rLELJmkgCJJYDXIlpivNJDGWkVqj0aNzXuuR7S9lAq0H1F3CBNlUR3dw%2FNwFmesIjDmq6liUtM%2BJbYUaistdRyQIPGJu2Iq95ck8qihSIqaFhXQ9BA72f6cSow%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36bedd0971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	10570615251_kraken-onion-sajt-kraken-ssylka-onion-com.jpg ekreklama.ru/PARSE/DATA/IMAGES/	45 KB 45 KB	941ms 940ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/10570615251_kraken-onion-sajt-kraken-ssylka-onion-com.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 720babc0b546da22f59aebc3c5ba8c98f39e6d7796d24428377bfdac6d02f89d Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/3818384106 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niL7gLQg%2FQemdqDKa0VQSmEIuNGNiVjeLLuaDqKw8Fnhv%2BI3L86QswEEm2AsarjT3jb0LOQb8Mbk%2FvZvzEuwuHolNuWe7JuX9K5k49XIRofHuoYVzgChP9po8qJZ6z1Vx2NTLZA7LMSR%2FBw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36bedf0971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	45025803031_aktualnaja-ssylka-na-gidru-onion.jpg ekreklama.ru/PARSE/DATA/IMAGES/	39 KB 40 KB	809ms 807ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/45025803031_aktualnaja-ssylka-na-gidru-onion.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9d65b2699dcd3d151472a78d8b0bf82cc6ebbcce4e77cff40cee556e40706a5 Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/460811515 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSa6X70CeYjnIT5%2BDZdezIJVtyoLb4m82EdQK5nDkmAEo82%2F1z4yNA4IUd9btej7yU8hyLMF1ilFIkfOrCMPMCOLLYsCx4DD0mIZey%2Bf%2B8w18uUV%2BRG9lVaZv3sw5k51KU3XvbBPuUKuNIw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36bee00971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	10574193971_sajt-kramp-ne-rabotaet.jpg ekreklama.ru/PARSE/DATA/IMAGES/	33 KB 34 KB	874ms 872ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/10574193971_sajt-kramp-ne-rabotaet.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd4aee713e49d46892ca70120e3984c337163dac2980fa0664241e5aa2d277db Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/3424793205 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL5FGWfXvKt%2BZTYCN4tAD4Lp0ikpgOT2Ssnb5eYx7XvqRsTmod31aOovXMXavLxc9izq4zs0GR3iDGiIlO8rRKi%2BkhcjLJKWk3Lu7jNPGinQ91hpa5EJMO%2BkX8ACjo8hWhT7LB8qH8FK%2BOY%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36bee10971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	20874365081_adres-blacksprut-onion.jpg ekreklama.ru/PARSE/DATA/IMAGES/	59 KB 59 KB	1847ms 1845ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/20874365081_adres-blacksprut-onion.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e806fc28face494258619fd321cd8da583c9c523f1c289ac69f01ff4c1db96dc Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:47 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/1019965795 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zy2PshD3Gcu30xsEnEoPxbtVdk%2BqeDEzozy2GDs7fbVIraqjuxaHo1d3%2BY6oUgLd63D%2FPpF0fuclIL2YxGypyk6XbU9ecsAuU%2Fnc0GkkRmL02jR7l1Bz9YuJ1AKtkvaDY1EYFvoYGecfWCQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36bee40971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	11581897221_ajpi-kramp-tor.jpg ekreklama.ru/PARSE/DATA/IMAGES/	52 KB 53 KB	1391ms 1389ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/11581897221_ajpi-kramp-tor.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94901f88cdb6c0434cea0f3bd5a97cafe912bdf088b259ad9d92be018649ae62 Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/2697315437 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzNdro7MVb1DV8wU2sLYr%2F88lvNYGmq5TBaDmtcHJrOWxeXnEC0EAPu4S5dKvh%2B2F6snBY1rh4eYBIUb0ZJ1anpTBwAy6cL32PE8xKMuKA2xD23NCOUWjmRJim%2By7VrG1K%2F4gwOJd0vB8QQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36bee50971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	15940783021_sajt-kraken-zerkalo-rabochee-na-russkom.jpg ekreklama.ru/PARSE/DATA/IMAGES/	35 KB 36 KB	1298ms 1296ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/15940783021_sajt-kraken-zerkalo-rabochee-na-russkom.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28d67555a59b4ef04c07b8e325de5f4a01399bd0c2c397f79a03b06991d464bb Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/193883739 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I08BJjCKUzxHDNKoxKWa9utGuMmSVPIy0H9aEE%2ByphVNwzdN3uXdLEjL3A%2BSjpUheW5sSfXSM9KrIZphjAMxW4LavMT%2FaSkWeMZte2PjOvqI4RW%2BWRc3%2BKDr6l%2BB%2BJoRZgsTmzw5i%2B67qkw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36bee70971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	32103635921_kraken-sajt-zerkalo-krmp-cc.jpg ekreklama.ru/PARSE/DATA/IMAGES/	31 KB 31 KB	1483ms 1482ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/32103635921_kraken-sajt-zerkalo-krmp-cc.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b35b72b4ccafe920966dae0f90aab63a97bea5a17f40720478256fab2109e23 Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/2879132038 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALMHYhyDOvKlBV3FeEOEtmj5R4saz4l%2BLrmbL5oT2GqMlNlbYs14cQEYvmcUQY%2BLmwVIcIrtBSpNbFkZsuN1BJ2SjQPu1sfdaue0PrFGNHFgUp5hB%2BJDcmDCkrHNaIP%2BU9FfPrDB4LjOBAQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36bee80971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	18834293761_bleksprut-ssylka-na-sajt-zerkalo.jpg ekreklama.ru/PARSE/DATA/IMAGES/	45 KB 45 KB	1474ms 1473ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/18834293761_bleksprut-ssylka-na-sajt-zerkalo.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34992c3e84f56588a720fbeb502b622d77525582af766150b5713f42cc6fb230 Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/1128313828 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU6K3MmYAUNEQhNYemogrynDoeB%2BPJCwxH2ui3rvSRXlC0PE8dLCmHlsxl5qmcI24XN02ry7rK5B8MJDrD7fxeVfrVxANqb1khUWBZ1QHy5fZQc68sPt8bGDsD0vVpoC%2B23jAuYzjun1%2BVQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36bee90971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	27103495881_kraken-ssylka-kraken4webes.jpg ekreklama.ru/PARSE/DATA/IMAGES/	59 KB 60 KB	1150ms 1149ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/27103495881_kraken-ssylka-kraken4webes.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 608af2dfe3a21c5d10979c5fe8e6368a313152aa657dbf97f28815e9d04d260f Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/3939791579 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6L87F%2BGLpKmAd8Qsy29BoPb%2BRljZMMXT7OgEjIj8vyi2Kld%2B5DjUeJSaJvTjOIlJD3%2FTZaavorrGVHkbS%2Bdt2dn9NsUfjx059C2hMbGUrU7D7RA6MtePwMiiWhIJTSGNKDDm8OM1atBW6Y%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36beea0971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	13391487461_zerkalo-v-kraken.jpg ekreklama.ru/PARSE/DATA/IMAGES/	48 KB 49 KB	1667ms 1666ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/13391487461_zerkalo-v-kraken.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6c6084896b1af8123ba26e94c303c43a3ed02e74368eb7e4b8dc5a36f72a07f Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:47 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/1070196983 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdbSwtPAtydQzIflp7sWmSj%2F%2FN%2BmBAe%2Fd5qsqyzZysYQlo7AvWmgO%2F9%2BIC6gbMJlcxaFUOtc82At6ZhoPhXVJWp93IHZJQ%2FZ7KkWRtlHDFz1bAh3tZ7VjWk4MDcBcGHHBqDuhDWEmRhMipQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36beeb0971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	40708422111_spisok-zerkal-kraken.jpg ekreklama.ru/PARSE/DATA/IMAGES/	34 KB 35 KB	1772ms 1771ms	Image image/jpeg	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/PARSE/DATA/IMAGES/40708422111_spisok-zerkal-kraken.jpg Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d37574f78296579346247312f1a1ef1b601899c85a4ab1dcc965f1a1b5b6c99 Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:47 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/722765077 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qubuunp3OIG2tzdD1jYFWRYXpALEN1XF%2BzrntVx4RU2Xy3WNLLEagw3O7To7Rzf6F%2B42jonZQdHnIT%2FXA3H2F3LfRHAybufrEgt%2FOFxFN2qfAtu%2Fa1oGxyjX5SueEz4VW4B0hi%2BfbPVNpqo%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 86221f36beec0971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	logo.webp ekreklama.ru/templates/KRAKEN_CAP/img/	14 KB 14 KB	979ms 978ms	Image text/html	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekreklama.ru/templates/KRAKEN_CAP/img/logo.webp Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b37b37345e460c496b82109389c5bc53605bc8e0fc8612c2182864422563da5c Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT content-encoding br cf-cache-status MISS last-modified Sun, 10 Mar 2024 09:01:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvy3FR3jUCYow9kDdeIoVxjKE701xBW3cKMskZfqe%2Fl3S6XL985Eu%2FeWyVNdNBRdVaWTx7qaGHLpIXITytAT4w3FstOpN%2FTrwuzScxBgeAlb8h9CbADMSZUFXxukA3dlpGcfoyUlFShZDeg%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control max-age=14400 cf-ray 86221f36beed0971-MIA alt-svc h3=":443"; ma=86400
GET H2	200	matomo.js Show response anal.avotor.host/	65 KB 22 KB	145ms 43ms	Script application/javascript	2606:4700:3037::6815:31f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anal.avotor.host/matomo.js Requested by Host: ekreklama.ru URL: https://ekreklama.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:31f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce Request headers accept-language en-US,en;q=0.9 Referer https://ekreklama.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:46 GMT content-encoding br cf-cache-status HIT last-modified Mon, 05 Feb 2024 13:45:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 57738 etag W/"65c0e679-1042f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXcG06XcHeUdQb%2FMLgm7SYW%2BBOEl68XaA7mlt%2FjVU2POjfjJZJw%2Fi40bTSdERCsy%2FQTyQfipTrxqL4Co2DjKTgjvwpHn93qppzSDy3T8HjERBx8yLJWzij1VIhM8tnTBpx2OY1WG6lNxF5wVnUBT"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 86221f3b7f94034d-MIA alt-svc h3=":443"; ma=86400 expires Sun, 10 Mar 2024 16:59:28 GMT
GET H3	200	Goldman-Regular.ttf ekreklama.ru/templates/KRAKEN_CAP/fonts/	75 KB 39 KB	1405ms 1405ms	Font text/html	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekreklama.ru/templates/KRAKEN_CAP/fonts/Goldman-Regular.ttf Requested by Host: ekreklama.ru URL: https://ekreklama.ru/templates/KRAKEN_CAP/styles/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d077d1058ef409ed140e66930f33c015e135a06ac9dbd6dedda5d3ab92d8c68f Request headers Referer https://ekreklama.ru/templates/KRAKEN_CAP/styles/style.css Origin https://ekreklama.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:47 GMT content-encoding br cf-cache-status MISS last-modified Sun, 10 Mar 2024 09:01:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWPZAk6AAdH%2B6eW4D5t8AgR9AQsgMf8hu02ys411ViBhHnhg4p67WkDXOX2R2OyTXzI%2BfBotggXxcThG1ts52%2BPUMIU%2F5qwmFMdJB90YFI06FUACgOxs%2Bf9VHQEUxcJZuCFoh%2Fqxy96gjJ4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control max-age=14400 cf-ray 86221f3ad89d0971-MIA alt-svc h3=":443"; ma=86400
GET H3	200	Montserrat-Regular.ttf ekreklama.ru/templates/KRAKEN_CAP/fonts/	193 KB 82 KB	1524ms 1523ms	Font text/html	2606:4700:3037::ac43:940b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekreklama.ru/templates/KRAKEN_CAP/fonts/Montserrat-Regular.ttf Requested by Host: ekreklama.ru URL: https://ekreklama.ru/templates/KRAKEN_CAP/styles/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:940b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fc535f2ff2e7534271db5c7bfe30e461ff82e148f335bd51327ce61f43f0b6f Request headers Referer https://ekreklama.ru/templates/KRAKEN_CAP/styles/style.css Origin https://ekreklama.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 09:01:47 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 06 Mar 2024 16:44:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwtYuUZ0OWue9O0QqQIlLm90epfdAqlSD9VEQyud8b0EyeNm3sV4EKt4Lla41glLIo18dArY77rmgDpVpwPJqk5jXu%2F3V1%2F6k62HZyW0rFuPjIz40Qlotyoo8R59Wr%2BYTGgqXvSFvbeO%2BEk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control max-age=14400 cf-ray 86221f3ad89e0971-MIA alt-svc h3=":443"; ma=86400
POST H2	204	matomo.php anal.avotor.host/	0 307 B	411ms 410ms	Ping text/plain	2606:4700:3037::6815:31f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anal.avotor.host/matomo.php?action_name=ekreklama.ru%2F%D0%9A%D1%80%D0%B0%D0%BA%D0%B5%D0%BD%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%B0%D1%80%D0%BA%D0%BD%D0%B5%D1%82%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82-%20kraken8.at%20kraken9.at%20kraken10.at%20kraken11.at&idsite=2&rec=1&r=260372&h=23&m=1&s=46&url=https%3A%2F%2Fekreklama.ru%2F&_id=33c85e51d56dfd30&_idn=1&send_image=0&_refts=0&pv_id=G4ex3d&pf_net=339&pf_srv=918&pf_tfr=137&pf_dm1=827&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200 Requested by Host: anal.avotor.host URL: https://anal.avotor.host/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:31f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ekreklama.ru/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers date Sun, 10 Mar 2024 09:01:46 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DO399nw9k2sIHdBw36FsHuGBjv033KKaSblXtNm8jRO8QtKXxBwR6Jfv7smVG0aquwTnywd4c6%2FwcaDVHxs199PEVU%2BqeI1Vp3mOb4gxTKz41LSLRBCJsMHTPeVuudH6x0BfOcPyJvMxvJDmarDa"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://ekreklama.ru access-control-allow-credentials true cf-ray 86221f3bfffd034d-MIA alt-svc h3=":443"; ma=86400

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ekreklama.ru/	1970-01-21 04:26:56	Name: _pk_id.2.101d Value: 33c85e51d56dfd30.1710061306.
			ekreklama.ru/	1970-01-20 19:01:03	Name: _pk_ses.2.101d Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anal.avotor.host
ekreklama.ru
2606:4700:3037::6815:31f9
2606:4700:3037::ac43:940b
28d67555a59b4ef04c07b8e325de5f4a01399bd0c2c397f79a03b06991d464bb
2d37574f78296579346247312f1a1ef1b601899c85a4ab1dcc965f1a1b5b6c99
34992c3e84f56588a720fbeb502b622d77525582af766150b5713f42cc6fb230
3fc535f2ff2e7534271db5c7bfe30e461ff82e148f335bd51327ce61f43f0b6f
608af2dfe3a21c5d10979c5fe8e6368a313152aa657dbf97f28815e9d04d260f
6b35b72b4ccafe920966dae0f90aab63a97bea5a17f40720478256fab2109e23
720babc0b546da22f59aebc3c5ba8c98f39e6d7796d24428377bfdac6d02f89d
83a1148e3d94f64007c709f05183caf8d9d952013bd5cb3cb4e26af353e6784b
94901f88cdb6c0434cea0f3bd5a97cafe912bdf088b259ad9d92be018649ae62
b37b37345e460c496b82109389c5bc53605bc8e0fc8612c2182864422563da5c
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
b5f2f5b8acc41af5d1e493354718795990ecd36bfa05e02471546976c4c71b7e
c8e4d80e1423649216751a553a44e4bc0adf90c6a0e66ad1ff3d843a5fa1538e
d077d1058ef409ed140e66930f33c015e135a06ac9dbd6dedda5d3ab92d8c68f
d6c6084896b1af8123ba26e94c303c43a3ed02e74368eb7e4b8dc5a36f72a07f
d9d65b2699dcd3d151472a78d8b0bf82cc6ebbcce4e77cff40cee556e40706a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e806fc28face494258619fd321cd8da583c9c523f1c289ac69f01ff4c1db96dc
f3be5dc8c07ace70e8cf915e195b46cb7a448627b6e196a5cf39df6b7a3501e2
fd4aee713e49d46892ca70120e3984c337163dac2980fa0664241e5aa2d277db