helen.helena-small.sbs Open in urlscan Pro
2606:4700:3031::6815:21c9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://helen.helena-small.sbs/really.type.connect/votings
Submission: On November 13 via manual (November 13th 2024, 9:52:49 pm UTC) from CZ — Scanned from US

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3031::6815:21c9, located in United States and belongs to CLOUDFLARENET, US. The main domain is helen.helena-small.sbs.
TLS certificate: Issued by WE1 on November 13th 2024. Valid for: 3 months.

This is the only time helen.helena-small.sbs was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
19	2606:4700:303... 2606:4700:3031::6815:21c9		13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2

19 2606:4700:3031::6815:21c9 (United States)

ASN13335 (CLOUDFLARENET, US)

helen.helena-small.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	helena-small.sbs helen.helena-small.sbs	353 KB
24	1

	Domain	Requested by
19	helen.helena-small.sbs	helen.helena-small.sbs
24	1

This site contains no links.

Subject Issuer	Validity	Valid
helena-small.sbs WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://helen.helena-small.sbs/really.type.connect/votings
Frame ID: 8B2D1D91ABDE58431F32E4FCD2FB273B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Web

Page URL History Show full URLs

https://helen.helena-small.sbs/really.type.connect/votings Page URL
https://helen.helena-small.sbs/really.type.connect/votings Page URL

Page Statistics

24
Requests

79 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

353 kB
Transfer

2131 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://helen.helena-small.sbs/really.type.connect/votings Page URL
https://helen.helena-small.sbs/really.type.connect/votings Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	votings Show response helen.helena-small.sbs/really.type.connect/	12 KB 6 KB	812ms 702ms	Document text/html	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/really.type.connect/votings Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `30e1ee8db00221264847c851ba662da73e7aaf1c80865c668852711cdc063119` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8e21fd87180018c8-EWR content-encoding zstd content-type text/html; charset=UTF-8 date Wed, 13 Nov 2024 21:52:42 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjTqUEOVoDB8c1Kq9OaB7Pyv4t65R96uEZa7vcqDP%2BGrjAI8GHLOku91JacT6jamX2UixFbmRruZoox0Y8FhD8h0vl43ahRKK3cUO5reFySMmT5oVdQpCQe3lGJHcT7bH53DqyiaB9dHaLh7gfau2xSu%2By63"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=7922&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3385&recv_bytes=2368&delivery_rate=504176&cwnd=254&unsent_bytes=0&cid=9f5a6c2731f9c312&ts=710&x=0" vary Accept-Encoding
GET H2	200	index-CLQ0rzaR.js helen.helena-small.sbs/auth/	260 KB 83 KB	24ms 23ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/really.type.connect/votings Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer https://helen.helena-small.sbs/really.type.connect/votings Response headers content-encoding gzip cf-cache-status HIT etag W/"67207b00-40f5f" age 25604 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FdcW7PcHY01LADWpUPu0GGa%2FJywlEO9jrZN%2BX8BQuKu0PiBL1GZr%2BpXF31XuI3m2h3nIUj5XAp6yuK6Jxm0Tn2NxT%2B0nd7qiDumrw%2BA9vxY8s83jl3It%2FEMeQHWiM42BmXZJP4psGBDfxOv2gg4802Jukgq"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:45:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=9438&sent=17&recv=16&lost=0&retrans=0&sent_bytes=9326&recv_bytes=2679&delivery_rate=1129388&cwnd=254&unsent_bytes=0&cid=9f5a6c2731f9c312&ts=744&x=0" date Wed, 13 Nov 2024 21:52:42 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:48 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd8b9eb918c8-EWR server cloudflare
GET H2	200	0ucgvpqie6b5.css helen.helena-small.sbs/auth/	477 KB 84 KB	33ms 32ms	Stylesheet text/css	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/0ucgvpqie6b5.css Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/really.type.connect/votings Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer https://helen.helena-small.sbs/really.type.connect/votings Response headers content-encoding gzip cf-cache-status HIT etag W/"67207ac6-77466" age 25604 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFOD44xGPxs9xfpYLqTUD9npyzlzv8m68%2FEChNv9iit%2FQZadjwKgxaZBaDRaMskw%2FrEHmnYjmbQ%2FYklk1defEA51kZ0%2FvLUIv2tn1qL%2FuE6V5P%2F1hr8zsBsK%2FLuVpNEZOQvQF%2BJxv6mVCpoByEHcCY1mZT3T"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:45:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=9438&sent=76&recv=16&lost=0&retrans=0&sent_bytes=73454&recv_bytes=2679&delivery_rate=1129388&cwnd=254&unsent_bytes=21805&cid=9f5a6c2731f9c312&ts=750&x=0" date Wed, 13 Nov 2024 21:52:42 GMT content-type text/css vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:03:50 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd8b9eb318c8-EWR server cloudflare
GET H3	200	Primary Request votings Show response helen.helena-small.sbs/really.type.connect/	12 KB 6 KB	663ms 663ms	Document text/html	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/really.type.connect/votings Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/really.type.connect/votings Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `30e1ee8db00221264847c851ba662da73e7aaf1c80865c668852711cdc063119` Request headers Referer https://helen.helena-small.sbs/really.type.connect/votings Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8e21fd8bbbb4c333-EWR content-encoding zstd content-type text/html; charset=UTF-8 date Wed, 13 Nov 2024 21:52:43 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJLFRlDoqCExkXJl89Yg5Z%2BPn0nRqMSfWZcezeCbmwFC%2FtAkM70PlRC21I%2BeJooM5vWlUmIhr8cwuszl9ew1iWzk5q8Aq%2FbvkU3pMFROjMyQhC2ZntoIVjr0zb5EOl9zVfSh4t0e0CenXj18oKo%2FzAbDr9dE"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=8893&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4270&recv_bytes=4569&delivery_rate=831&cwnd=12000&unsent_bytes=0&cid=3e904b2188b65804&ts=681&x=1" cfHdrFlush;dur=0 vary Accept-Encoding
GET H2	200	index-CLQ0rzaR.js Show response helen.helena-small.sbs/auth/	260 KB 0	0ms 0ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/really.type.connect/votings Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ac9839ffe308b0fc9e9fc60a609876c1c41c121a70e99331f8d83970cb0b06e5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer https://helen.helena-small.sbs/really.type.connect/votings Response headers content-encoding gzip cf-cache-status HIT etag W/"67207b00-40f5f" age 25604 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FdcW7PcHY01LADWpUPu0GGa%2FJywlEO9jrZN%2BX8BQuKu0PiBL1GZr%2BpXF31XuI3m2h3nIUj5XAp6yuK6Jxm0Tn2NxT%2B0nd7qiDumrw%2BA9vxY8s83jl3It%2FEMeQHWiM42BmXZJP4psGBDfxOv2gg4802Jukgq"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:45:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=9438&sent=17&recv=16&lost=0&retrans=0&sent_bytes=9326&recv_bytes=2679&delivery_rate=1129388&cwnd=254&unsent_bytes=0&cid=9f5a6c2731f9c312&ts=744&x=0" date Wed, 13 Nov 2024 21:52:42 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:48 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd8b9eb918c8-EWR server cloudflare
GET H2	200	0ucgvpqie6b5.css helen.helena-small.sbs/auth/	477 KB 0	1ms 1ms	Stylesheet text/css	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/0ucgvpqie6b5.css Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/really.type.connect/votings Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer https://helen.helena-small.sbs/really.type.connect/votings Response headers content-encoding gzip cf-cache-status HIT etag W/"67207ac6-77466" age 25604 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFOD44xGPxs9xfpYLqTUD9npyzlzv8m68%2FEChNv9iit%2FQZadjwKgxaZBaDRaMskw%2FrEHmnYjmbQ%2FYklk1defEA51kZ0%2FvLUIv2tn1qL%2FuE6V5P%2F1hr8zsBsK%2FLuVpNEZOQvQF%2BJxv6mVCpoByEHcCY1mZT3T"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:45:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=9438&sent=76&recv=16&lost=0&retrans=0&sent_bytes=73454&recv_bytes=2679&delivery_rate=1129388&cwnd=254&unsent_bytes=21805&cid=9f5a6c2731f9c312&ts=750&x=0" date Wed, 13 Nov 2024 21:52:42 GMT content-type text/css vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:03:50 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd8b9eb318c8-EWR server cloudflare
GET		mtproto.worker-DpY9_Bdy.js helen.helena-small.sbs/auth/	0 0

GET		crypto.worker-CfCshcpI.js helen.helena-small.sbs/auth/	0 0

GET DATA	200 OK	truncated /	369 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	crypto.worker-CfCshcpI.js Show response helen.helena-small.sbs/auth/	165 KB 44 KB	21ms 21ms	Fetch application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/crypto.worker-CfCshcpI.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `97432cfa2bb58b56d9949e2b240dea56f0f65ed96bae37b9c47c2283e5e35dca` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://helen.helena-small.sbs/really.type.connect/votings Response headers content-encoding gzip cf-cache-status HIT etag W/"67207b00-29254" age 25604 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbwnfgakxnI71PtHjd0ZP9nbmgTkuQyk9oP6FhuE7vSTmhnExN543ysFqS%2FFQ9PIP5DWZVQc0D7KSFiDH4nNzipV90C%2Bqz7GPOut93FBBj2LWLmKazKPegWjQGvbkacgojFb52iN2V339MlqTkVcmWDYCBd1"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:45:59 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8795&sent=21&recv=18&lost=0&retrans=0&sent_bytes=10325&recv_bytes=5914&delivery_rate=712608&cwnd=12000&unsent_bytes=0&cid=3e904b2188b65804&ts=764&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:43 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:48 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd904890c333-EWR server cloudflare
GET DATA	200 OK	truncated /	59 B 59 B		Image image/jxl
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jxl
GET DATA	200 OK	truncated /	311 B 0		Image image/avif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/avif
GET H3	200	favicon.ico helen.helena-small.sbs/auth/assets/img/	15 KB 4 KB	64ms 63ms	Other image/vnd.microsoft.icon	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/assets/img/favicon.ico?v=jw3mK7G9Ry Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://helen.helena-small.sbs/really.type.connect/votings Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"3aee-62243d5992280" age 6342 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZeOYMmPEK7EvMp1Lg5lWvjfNH8ZLE6CCWa8T1aGgVi%2FNFNqRdiksez4lanXYJK7vgF4%2BkXCV1L0qrhnn%2Bz5pwfoYxb034q3mm9VshnfD%2BX9tgsly5mx%2FqE%2B7wnxLD3vcG%2Fp59KA3xs1Vr6OV4QwwIcumJhlB"}],"group":"cf-nel","max_age":604800} cf-ray 8e21fd90589ac333-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8795&sent=31&recv=18&lost=0&retrans=0&sent_bytes=22325&recv_bytes=5914&delivery_rate=712608&cwnd=12000&unsent_bytes=0&cid=3e904b2188b65804&ts=771&x=1", cfHdrFlush;dur=1 date Wed, 13 Nov 2024 21:52:43 GMT content-type image/vnd.microsoft.icon last-modified Mon, 16 Sep 2024 22:10:02 GMT vary Accept-Encoding server cloudflare
GET H3	200	1e2zxrwqko73.js Show response helen.helena-small.sbs/auth/	205 KB 54 KB	49ms 48ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/1e2zxrwqko73.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `453b67012d7e4d07f6f6716cd4d617f7104bd1c6e3e2f6fedd74e34895e2eeaa` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Response headers content-encoding gzip cf-cache-status HIT etag W/"67207afe-334db" age 25604 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RfmdHKkrGcFTJ5PcAKJclhLfDcZzR9zbM1rYKXimM4BHLSH%2FdBLEZGtl2ClS%2B5T2xV%2B0xLelggqilTnGsBj9YRiN4%2BSAapfHfKl1rGnGaiAKE5JF1C37uqjdlDAaph3xC1DIjVD8yLK%2Bg%2BmLnRvrk72%2FICA7"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:45:59 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9025&sent=164&recv=56&lost=0&retrans=0&sent_bytes=180748&recv_bytes=8568&delivery_rate=6003858&cwnd=86400&unsent_bytes=0&cid=3e904b2188b65804&ts=792&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:43 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:46 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd9068afc333-EWR server cloudflare
GET H3	200	dme3z2oeb1ps.js Show response helen.helena-small.sbs/auth/	4 KB 2 KB	50ms 49ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/dme3z2oeb1ps.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `864b831bce12cd808834bfd5e6ccf2f1198f6d954ce6917e2a5b4e95f80a8576` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Response headers content-encoding gzip cf-cache-status HIT etag W/"67207b00-e19" age 25604 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9OQab2uOBOtlO28jqSpaG%2Fv48Kgd0zQqD3yiLu2JAUipCxNNT2wjwx8WKEA1Fk%2B3Q0WvZd%2Bn686b7jt2Rt4bPlaZmDbZd%2BCuhux1HKKEtjQVeaMDkZbY6Jcty4MtV6%2BawlIHX04TNeHHpGsg%2BvlKWF%2BLdzo"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:45:59 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8439&sent=92&recv=36&lost=0&retrans=0&sent_bytes=94348&recv_bytes=7692&delivery_rate=2921156&cwnd=48000&unsent_bytes=0&cid=3e904b2188b65804&ts=786&x=1", cfHdrFlush;dur=3 date Wed, 13 Nov 2024 21:52:43 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:48 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd9068b1c333-EWR server cloudflare
GET H3	200	og7xpzqmw7um.js Show response helen.helena-small.sbs/auth/	36 KB 7 KB	50ms 49ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/og7xpzqmw7um.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4d805d30f9431557194d4e74cff59e2bba533e7b640a753b233c695e513a932d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Response headers content-encoding gzip cf-cache-status HIT etag W/"67207b06-904d" age 25604 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FG%2BLmD10HmcOa36fjMx8FsQJXn5qblcb7j%2FleHzPkhqsVDQzbTQJkNrRPOPS57ooEYfuoezmXfBNyBVn9VzZ1bq6vHqPVhabQhg77OypEL1rv5mtLSSzlaeZmC5jV%2FbP9bXgoBx7YRRVuGpsdbDchraQfWth"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:45:59 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9025&sent=164&recv=56&lost=0&retrans=0&sent_bytes=180748&recv_bytes=8568&delivery_rate=6003858&cwnd=86400&unsent_bytes=0&cid=3e904b2188b65804&ts=791&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:43 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:54 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd9068b4c333-EWR server cloudflare
GET H3	200	no4v2n7rutpv.js Show response helen.helena-small.sbs/auth/	12 KB 5 KB	22ms 21ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/no4v2n7rutpv.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `79a0096b9ff340d10ebaef504a0c91066170d9066b3d7436556878d10c6979fc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"67207b06-2f04" age 25603 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJG66LCg%2F3SsaXsEdNhbe%2Fv4%2BaGEudG5GAcAhXNB0xEa69xZAZxL7HfnoEC4bvTO%2FNbxhSqzeBhESuG08%2BStF4iHY2wwlYmPSbydZdZj7QW9Q8isn44OJgN8%2B5xDD0hfOtvED5QinZkIdpFGtYyKnYBYQHCy"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:46:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11101&sent=504&recv=108&lost=0&retrans=0&sent_bytes=581613&recv_bytes=12369&delivery_rate=22753507&cwnd=268800&unsent_bytes=0&cid=3e904b2188b65804&ts=938&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:43 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:54 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd9159cac333-EWR server cloudflare
GET H3	200	sjq9ujb51usb.js Show response helen.helena-small.sbs/auth/	24 KB 8 KB	20ms 19ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/sjq9ujb51usb.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `52ecc22685362b333f1325fceecf4bfde2c9290d7c38b2da1628b89becb310e0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"67207b06-5e91" age 25603 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zb8p8bklDIzbjQ9wSbymWPCb5VKZ8oSyiRbTXu1kJA65olV9p3t6cs%2BFhCQKtFfY3ftA5Xxuf4Ge%2BdBORVDsgMJj63Joi3xp42HLBTU53LFSHiOUqO6VxPl7fueH2dD2BVl3WVz2UQnBpSj220BpGoSnVxXy"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:46:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11101&sent=496&recv=108&lost=0&retrans=0&sent_bytes=573013&recv_bytes=12369&delivery_rate=22753507&cwnd=268800&unsent_bytes=0&cid=3e904b2188b65804&ts=937&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:43 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:54 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd9159cbc333-EWR server cloudflare
GET H3	200	41w6p6ticd3f.js Show response helen.helena-small.sbs/auth/	20 KB 7 KB	23ms 21ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/41w6p6ticd3f.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `03f2ad8b4d863ede4ed8ea91c52c1f2faa546c06d2217c3c8e0f3ebce4e0ff34` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"67207afe-4f1a" age 25603 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWnnH0SpZUjIBKDd34WIg1nfmkbMnTxPvEC8Ansfz%2Bv5KAGe1NVPuA1JGn3xkT8lXiSwzfOLPLtn7mBPYeP4Ortx%2F%2B5e1uVDEXapgoHgP1A%2B2IxMFUee3jGCbXxmdG2zOsmf6GHGea%2BFe6ubcL7o76PQibRm"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:46:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11101&sent=511&recv=108&lost=0&retrans=0&sent_bytes=588601&recv_bytes=12369&delivery_rate=22753507&cwnd=268800&unsent_bytes=0&cid=3e904b2188b65804&ts=939&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:43 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:46 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd9159ccc333-EWR server cloudflare
GET H3	200	otnbzocb0vxu.js Show response helen.helena-small.sbs/auth/	2 KB 2 KB	21ms 20ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/otnbzocb0vxu.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93094b43a65879e395c515ade0776e1f72f48cb9b8f707925d3979a9ffab365d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"67207b06-9be" age 25603 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCsaHca0HqxVrFEC%2BwapslyANIZVLiKp5tlyYlZr6ioD0y7eEI%2B6SqBlb%2Bs6hwyZTI3ZHCmcP8zyx2HahXzoBJj7jMrv5YntZ9j8wLfwFq6Z%2FY3%2B4Q2nQ70JtJON%2Fz6cg10yI4%2FdEdVbp8I0GLvUEh5hZtfr"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:46:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11101&sent=509&recv=108&lost=0&retrans=0&sent_bytes=586781&recv_bytes=12369&delivery_rate=22753507&cwnd=268800&unsent_bytes=0&cid=3e904b2188b65804&ts=938&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:43 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:54 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd9159cec333-EWR server cloudflare
GET H3	200	z4k49pitkmwt.js Show response helen.helena-small.sbs/auth/	2 KB 1 KB	25ms 24ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/z4k49pitkmwt.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7c30f097c12fa452e481a5e095f63e4d7b1a8bc9940a6b879fd905b5d08d8e70` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"67207b14-748" age 25603 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MTzu9vsbCeCnK45n%2FU1ouW%2Fl8Dbj4VS5P7fS4QaG2dpE0ey%2BDBnPQ6ZBd8r4tWer1ng7SO2OjcY5O2ae9ZF6MrcKumfICoXhXlp4an7uj6FYfR5yclX5FKYQJPNX1C2j8QMDL23KmuMPSeomAdzhoj6kpQ3%2F"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:46:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11101&sent=518&recv=108&lost=0&retrans=0&sent_bytes=595872&recv_bytes=12369&delivery_rate=22753507&cwnd=268800&unsent_bytes=0&cid=3e904b2188b65804&ts=942&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:43 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:05:08 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd9159d1c333-EWR server cloudflare
GET		a65ba54b-ecd9-46a0-8848-fd715d94cabf https://helen.helena-small.sbs/	0 0

GET		9246fd6c-6aa6-4669-bc69-2961302483fb https://helen.helena-small.sbs/	0 0

GET		1f366c6b-11a4-4b09-b45a-5d63e0f5d54c https://helen.helena-small.sbs/	0 0

GET H3	200	b7od778a8ynt.js Show response helen.helena-small.sbs/auth/	145 KB 38 KB	586ms 586ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/b7od778a8ynt.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ff5d5d7fe2ee3f3a9b140a28821608729f695a6da0c6ce6989e51647e6802868` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"67207afe-2429b" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dj4raCJqvPrZVMWHkESgJ0mw08Czjn3HfLGSgDUD949J4bFsAa62Qte9MvASLMw5M6ADikDeP4v6IPNFjocRrtc15ffgc5WYHrV5cjeA9LynR9dEwxL8vi3oK8J9TnD9HZfO0ZompEmz8mhY95tr93jhlSrh"}],"group":"cf-nel","max_age":604800} cf-ray 8e21fd919a20c333-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9789&sent=523&recv=115&lost=0&retrans=0&sent_bytes=598836&recv_bytes=13266&delivery_rate=45142&cwnd=268800&unsent_bytes=0&cid=3e904b2188b65804&ts=1542&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:44 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding server cloudflare last-modified Tue, 29 Oct 2024 06:04:46 GMT
GET H3	200	dumu5ptj42hb.js Show response helen.helena-small.sbs/auth/	1 KB 1 KB	32ms 31ms	Script application/javascript	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/dumu5ptj42hb.js Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/index-CLQ0rzaR.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a82b13d0ddef486d392796d8d96b7f8acaab9a0ba7a36ed534c71b7fa3ae3ca5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://helen.helena-small.sbs Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"67207b00-5c9" age 25585 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=acrrhwdZ2keHdO3ojGRD%2F6k71YTOVqQhLbuD9bvmuIlX7KF9tDpU%2BPIJl4y%2F6Ecjfh0ITNzij8qZyqHqkqGfun94jGDk7VwaIrTrzXsm7gGcZTv6RRnclAIFl7VvFzVJWu2cffQVpflsq8Yh5Ypxqz9HvjQi"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:46:18 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=10025&sent=521&recv=114&lost=0&retrans=0&sent_bytes=597444&recv_bytes=13221&delivery_rate=1446208&cwnd=268800&unsent_bytes=0&cid=3e904b2188b65804&ts=987&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:43 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding last-modified Tue, 29 Oct 2024 06:04:48 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fd919a23c333-EWR server cloudflare
GET H3	200	logo_padded.svg Show response helen.helena-small.sbs/auth/assets/img/	1 KB 1 KB	26ms 25ms	Fetch image/svg+xml	2606:4700:3031::6815:21c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helen.helena-small.sbs/auth/assets/img/logo_padded.svg Requested by Host: helen.helena-small.sbs URL: https://helen.helena-small.sbs/auth/no4v2n7rutpv.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:21c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://helen.helena-small.sbs/really.type.connect/votings Response headers content-encoding gzip cf-cache-status HIT etag W/"66e8acba-42d" age 25587 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jp49NqTppkn07uE7EAXAHyyRXkBunTsEFd%2FOoRz%2BL3bdE5jPvHQc4BS%2BJSVj4cRvdoseoC7y2chcDZ%2F1%2FeU%2B7zfkR2UJgE%2FBVlK4vYc%2F%2BdB03Le67%2F2swTiLXP99ZAbfSZybNx%2Bq4x7y2xf0%2B1e4SXtKZtx6"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 14:46:19 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9522&sent=558&recv=120&lost=0&retrans=0&sent_bytes=639063&recv_bytes=13810&delivery_rate=4613232&cwnd=268800&unsent_bytes=0&cid=3e904b2188b65804&ts=3783&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 21:52:46 GMT content-type image/svg+xml vary Accept-Encoding, Accept-Encoding last-modified Mon, 16 Sep 2024 22:10:02 GMT cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e21fda329bbc333-EWR server cloudflare
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: helen.helena-small.sbs
URL: https://helen.helena-small.sbs/auth/mtproto.worker-DpY9_Bdy.js

Domain: helen.helena-small.sbs
URL: https://helen.helena-small.sbs/auth/crypto.worker-CfCshcpI.js

Domain: helen.helena-small.sbs
URL: blob:https://helen.helena-small.sbs/a65ba54b-ecd9-46a0-8848-fd715d94cabf

Domain: helen.helena-small.sbs
URL: blob:https://helen.helena-small.sbs/9246fd6c-6aa6-4669-bc69-2961302483fb

Domain: helen.helena-small.sbs
URL: blob:https://helen.helena-small.sbs/1f366c6b-11a4-4b09-b45a-5d63e0f5d54c

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			helen.helena-small.sbs/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1ea1102c2bf0c42cecce6ccb43b56b71

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://helen.helena-small.sbs/really.type.connect/votings Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B00707AC1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

helen.helena-small.sbs
helen.helena-small.sbs
2606:4700:3031::6815:21c9
03f2ad8b4d863ede4ed8ea91c52c1f2faa546c06d2217c3c8e0f3ebce4e0ff34
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
30e1ee8db00221264847c851ba662da73e7aaf1c80865c668852711cdc063119
453b67012d7e4d07f6f6716cd4d617f7104bd1c6e3e2f6fedd74e34895e2eeaa
4d805d30f9431557194d4e74cff59e2bba533e7b640a753b233c695e513a932d
52ecc22685362b333f1325fceecf4bfde2c9290d7c38b2da1628b89becb310e0
55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
79a0096b9ff340d10ebaef504a0c91066170d9066b3d7436556878d10c6979fc
7c30f097c12fa452e481a5e095f63e4d7b1a8bc9940a6b879fd905b5d08d8e70
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
864b831bce12cd808834bfd5e6ccf2f1198f6d954ce6917e2a5b4e95f80a8576
93094b43a65879e395c515ade0776e1f72f48cb9b8f707925d3979a9ffab365d
97432cfa2bb58b56d9949e2b240dea56f0f65ed96bae37b9c47c2283e5e35dca
a82b13d0ddef486d392796d8d96b7f8acaab9a0ba7a36ed534c71b7fa3ae3ca5
ac9839ffe308b0fc9e9fc60a609876c1c41c121a70e99331f8d83970cb0b06e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4
ff5d5d7fe2ee3f3a9b140a28821608729f695a6da0c6ce6989e51647e6802868

helen.helena-small.sbs Open in urlscan Pro 2606:4700:3031::6815:21c9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

24 Requests

79 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

353 kBTransfer

2131 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

30 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

helen.helena-small.sbs Open in urlscan Pro
2606:4700:3031::6815:21c9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

79 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

353 kB
Transfer

2131 kB
Size

1
Cookies

24 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!