urlscan.io logo urlscan.io
SecurityTrails logo

ftp.s-sniffer.top Open in urlscan Pro
2606:4700:30::681c:32d  Public Scan

Go To Rescan Add Verdict Report
URL: https://ftp.s-sniffer.top/metro2033/
Submission: On September 30 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 26 HTTP transactions. The main IP is 2606:4700:30::681c:32d, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is ftp.s-sniffer.top.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 30th 2018. Valid for: a year.
This is the only time ftp.s-sniffer.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2606:4700:30:... 13335 (CLOUDFLAR...)
1 5 2a02:6b8::1:119 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
26 3
Apex Domain
Subdomains		 Transfer
20 s-sniffer.top
ftp.s-sniffer.top
1021 KB
5 yandex.ru
mc.yandex.ru
45 KB
2 google-analytics.com
www.google-analytics.com
16 KB
26 3
Domain Requested by
20 ftp.s-sniffer.top ftp.s-sniffer.top
5 mc.yandex.ru 1 redirects ftp.s-sniffer.top
2 www.google-analytics.com ftp.s-sniffer.top
26 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-09-30 -
2019-09-30		 a year crt.sh
bs.yandex.ru
Yandex CA		 2017-11-23 -
2019-11-23		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ftp.s-sniffer.top/metro2033/
Frame ID: D42F0CC8DECEB2537F0F77420C3FF885
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

26
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

1080 kB
Transfer

1239 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://mc.yandex.ru/watch/27653073?wmode=7&page-url=https%3A%2F%2Fftp.s-sniffer.top%2Fmetro2033%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1538340204355%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180930204325%3Aet%3A1538340205%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A378761329%3Ahid%3A520098624%3Ads%3A0%2C0%2C587%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A712%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538340205%3Au%3A153834020598874245%3At%3A%D0%9C%D0%B5%D1%82%D1%80%D0%BE%202033%20%D0%92%D0%9A%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%BA%D0%B0%D1%87%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%20%D0%B3%D0%BE%D0%BB%D0%BE%D1%81%D0%BE%D0%B2! HTTP 302
  • https://mc.yandex.ru/watch/27653073/1?wmode=7&page-url=https%3A%2F%2Fftp.s-sniffer.top%2Fmetro2033%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1538340204355%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180930204325%3Aet%3A1538340205%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A378761329%3Ahid%3A520098624%3Ads%3A0%2C0%2C587%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A712%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538340205%3Au%3A153834020598874245%3At%3A%D0%9C%D0%B5%D1%82%D1%80%D0%BE%202033%20%D0%92%D0%9A%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%BA%D0%B0%D1%87%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%20%D0%B3%D0%BE%D0%BB%D0%BE%D1%81%D0%BE%D0%B2!

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ftp.s-sniffer.top/metro2033/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
80fd495e6f4a03cb40cc25d255e7b6565170f32ea31b90f2fb691b125b7f78ed

Request headers

:method
GET
:authority
ftp.s-sniffer.top
:scheme
https
:path
/metro2033/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sun, 30 Sep 2018 20:43:24 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204; expires=Mon, 30-Sep-19 20:43:24 GMT; path=/; domain=.s-sniffer.top; HttpOnly
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
462985853c4996be-FRA
content-encoding
gzip
jquery.js
ftp.s-sniffer.top/metro2033/file/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ftp.s-sniffer.top/metro2033/file/jquery.js
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
904c5ab48d6cf01125d6f7133c6731986503bd6403671890f03524274b0d8561

Request headers

:path
/metro2033/file/jquery.js
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
W/"5ba256b4-11908"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
462985890f9d96be-FRA
expires
Mon, 01 Oct 2018 00:43:24 GMT
cookie.js
ftp.s-sniffer.top/metro2033/file/ 		997 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ftp.s-sniffer.top/metro2033/file/cookie.js
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1bce79806c0836d291727def7bf65ed8080dcfdd63db2838f34b1b7076be6fe

Request headers

:path
/metro2033/file/cookie.js
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
W/"5ba256b4-3e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
462985890f9e96be-FRA
expires
Mon, 01 Oct 2018 00:43:24 GMT
window_mail.js
ftp.s-sniffer.top/metro2033/file/ 		1 KB
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ftp.s-sniffer.top/metro2033/file/window_mail.js
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd06cfec19348ffe10273fd439d67aa84268c794b194b873abade8f025055aa

Request headers

:path
/metro2033/file/window_mail.js
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
W/"5ba256b4-460"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
462985890f9f96be-FRA
expires
Mon, 01 Oct 2018 00:43:24 GMT
window_social.js
ftp.s-sniffer.top/metro2033/file/ 		1003 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ftp.s-sniffer.top/metro2033/file/window_social.js
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee6e1c267ab3171c460fb20a2a9d6266cd6981949da773644decaa3fc4d5bb4

Request headers

:path
/metro2033/file/window_social.js
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
W/"5ba256b4-3eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
462985890fa096be-FRA
expires
Mon, 01 Oct 2018 00:43:24 GMT
script.js
ftp.s-sniffer.top/metro2033/js/ 		445 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ftp.s-sniffer.top/metro2033/js/script.js
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c6a720e7f51a6c2e7555f6f6c2da7faf10563a1c373f2c80de8ee164a1fa48

Request headers

:path
/metro2033/js/script.js
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
W/"5ba256b4-1bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
462985890fa196be-FRA
expires
Mon, 01 Oct 2018 00:43:24 GMT
style.css
ftp.s-sniffer.top/metro2033/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ftp.s-sniffer.top/metro2033/css/style.css
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0935137c34127df4a61245090e8439e2ad615e1cf6942e72093123c16e8d116c

Request headers

:path
/metro2033/css/style.css
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
W/"5ba256b4-b6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
462985890f9b96be-FRA
expires
Mon, 01 Oct 2018 00:43:24 GMT
showbox.css
ftp.s-sniffer.top/metro2033/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ftp.s-sniffer.top/metro2033/css/showbox.css
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
db8a6c5088b73af4f575cc9710fd0df0781e0c5806d3fa9f5f94116fa6f47990

Request headers

:path
/metro2033/css/showbox.css
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
W/"5ba256b4-c0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
462985890f9c96be-FRA
expires
Mon, 01 Oct 2018 00:43:24 GMT
it4.png
ftp.s-sniffer.top/metro2033/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.s-sniffer.top/metro2033/img/it4.png
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6cc064719b8c50f8428d221c455a7e65b8507604fccd955c2ae9af25d7d9e67

Request headers

:path
/metro2033/img/it4.png
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
"5ba256b4-163d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
46298589781796be-FRA
content-length
5693
expires
Mon, 01 Oct 2018 00:43:25 GMT
it5.png
ftp.s-sniffer.top/metro2033/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.s-sniffer.top/metro2033/img/it5.png
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c005d30511380e8cf2d86890212cd29bf4d0160a3caeb04fdb9bca5a6489fab1

Request headers

:path
/metro2033/img/it5.png
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
"5ba256b4-1891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
46298589882c96be-FRA
content-length
6289
expires
Mon, 01 Oct 2018 00:43:25 GMT
it1.png
ftp.s-sniffer.top/metro2033/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.s-sniffer.top/metro2033/img/it1.png
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b1ad9cc9b94c527af27f3adc6e32c4c5b89364ae8134d12fe00ab221e795c3

Request headers

:path
/metro2033/img/it1.png
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
"5ba256b4-158d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
46298589882d96be-FRA
content-length
5517
expires
Mon, 01 Oct 2018 00:43:25 GMT
it2.png
ftp.s-sniffer.top/metro2033/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.s-sniffer.top/metro2033/img/it2.png
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee0b04b25e42c61e2e4a1fc1cea4516f86cf4b7a3257cc15e3194852d37b8253

Request headers

:path
/metro2033/img/it2.png
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
"5ba256b4-12a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
46298589882e96be-FRA
content-length
4775
expires
Mon, 01 Oct 2018 00:43:25 GMT
it3.png
ftp.s-sniffer.top/metro2033/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.s-sniffer.top/metro2033/img/it3.png
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
be445a2f45600a3c03a335210090ff9fe84520547e31003fec066b9f6a392568

Request headers

:path
/metro2033/img/it3.png
pragma
no-cache
cookie
wx_date=07.07.2015; wx_zif=00426282; __cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
"5ba256b4-b74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
46298589983196be-FRA
content-length
2932
expires
Mon, 01 Oct 2018 00:43:25 GMT
it6.png
ftp.s-sniffer.top/metro2033/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.s-sniffer.top/metro2033/img/it6.png
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e09d39863d06a83708e2f48881d53f7353dcda25d58ba2fa0fe34cef9821d7

Request headers

:path
/metro2033/img/it6.png
pragma
no-cache
cookie
wx_date=07.07.2015; wx_zif=00426282; __cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
"5ba256b4-be0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
46298589984196be-FRA
content-length
3040
expires
Mon, 01 Oct 2018 00:43:25 GMT
jquery.livequery.js
ftp.s-sniffer.top/metro2033/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ftp.s-sniffer.top/metro2033/js/jquery.livequery.js
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
201011fa55c63ef7c0f85890559a10590896eae038e87a0c38c9d753dd9dd4f9

Request headers

:path
/metro2033/js/jquery.livequery.js
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
W/"5ba256b4-cfc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
462985894fe096be-FRA
expires
Mon, 01 Oct 2018 00:43:25 GMT
showbox.js
ftp.s-sniffer.top/metro2033/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ftp.s-sniffer.top/metro2033/showbox.js
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/metro2033/showbox.js
pragma
no-cache
cookie
__cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
46298589882b96be-FRA
expires
Mon, 01 Oct 2018 00:43:25 GMT
watch.js
mc.yandex.ru/metrika/ 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b90f2e7392bb93e6873953c0101ae514b1ae392ec3a8144cbd25029d056afae9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 30 Sep 2018 20:43:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Sep 2018 14:26:36 GMT
Server
nginx/1.12.2
ETag
"5b9bc51c-a769"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
42857
Expires
Sun, 30 Sep 2018 21:43:25 GMT
analytics.js
www.google-analytics.com/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 23:12:19 GMT
server
Golfe2
age
3859
date
Sun, 30 Sep 2018 19:39:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16173
expires
Sun, 30 Sep 2018 21:39:06 GMT
bag.jpg
ftp.s-sniffer.top/metro2033/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.s-sniffer.top/metro2033/img/bag.jpg
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2326ef61e78426ef6a753558f141653f4168acd23b13209766e8caf6d147179

Request headers

:path
/metro2033/img/bag.jpg
pragma
no-cache
cookie
wx_date=07.07.2015; wx_zif=00426282; __cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/css/style.css
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
"5ba256b4-7ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
46298589983d96be-FRA
content-length
1966
expires
Mon, 01 Oct 2018 00:43:25 GMT
fon.jpg
ftp.s-sniffer.top/metro2033/img/ 		946 KB
947 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.s-sniffer.top/metro2033/img/fon.jpg
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b164fbec3b6e17f547d9d6791d06a3ca1840ed3fafc16a5755e22adbdea19fe7

Request headers

:path
/metro2033/img/fon.jpg
pragma
no-cache
cookie
wx_date=07.07.2015; wx_zif=00426282; __cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/css/style.css
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
"5ba256b4-ec63d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
46298589983e96be-FRA
content-length
968253
expires
Mon, 01 Oct 2018 00:43:25 GMT
pr.jpg
ftp.s-sniffer.top/metro2033/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.s-sniffer.top/metro2033/img/pr.jpg
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede47973132dfeeb2127e437b10814fffe76de3a3783970e16b929b3dd73049d

Request headers

:path
/metro2033/img/pr.jpg
pragma
no-cache
cookie
wx_date=07.07.2015; wx_zif=00426282; __cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/css/style.css
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
"5ba256b4-27a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
46298589984096be-FRA
content-length
10153
expires
Mon, 01 Oct 2018 00:43:25 GMT
edit.jpg
ftp.s-sniffer.top/metro2033/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.s-sniffer.top/metro2033/img/edit.jpg
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:32d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c044386028be5bae5d0b47a82290a830de45567d20beaddcf02bd666d73fc4b

Request headers

:path
/metro2033/img/edit.jpg
pragma
no-cache
cookie
wx_date=07.07.2015; wx_zif=00426282; __cfduid=d07fc8d03bdc2de25c0d0394202da33171538340204
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ftp.s-sniffer.top
referer
https://ftp.s-sniffer.top/metro2033/css/style.css
:scheme
https
:method
GET
Referer
https://ftp.s-sniffer.top/metro2033/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 30 Sep 2018 20:43:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Sep 2018 14:01:24 GMT
server
cloudflare
etag
"5ba256b4-8a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
46298589983f96be-FRA
content-length
2215
expires
Mon, 01 Oct 2018 00:43:25 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j69&a=121569500&t=pageview&_s=1&dl=https%3A%2F%2Fftp.s-sniffer.top%2Fmetro2033%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B5%D1%82%D1%80%D0%BE%202033%20%D0%92%D0%9A%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%BA%D0%B0%D1%87%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%20%D0%B3%D0%BE%D0%BB%D0%BE%D1%81%D0%BE%D0%B2!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=916826190&gjid=875566035&cid=25379323.1538340205&tid=UA-58017958-1&_gid=2078768907.1538340205&_r=1&z=1272981961
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Sep 2018 20:43:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/27653073/
Redirect Chain
  • https://mc.yandex.ru/watch/27653073?wmode=7&page-url=https%3A%2F%2Fftp.s-sniffer.top%2Fmetro2033%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1538340204355%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A21661...
  • https://mc.yandex.ru/watch/27653073/1?wmode=7&page-url=https%3A%2F%2Fftp.s-sniffer.top%2Fmetro2033%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1538340204355%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/27653073/1?wmode=7&page-url=https%3A%2F%2Fftp.s-sniffer.top%2Fmetro2033%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1538340204355%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180930204325%3Aet%3A1538340205%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A378761329%3Ahid%3A520098624%3Ads%3A0%2C0%2C587%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A712%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538340205%3Au%3A153834020598874245%3At%3A%D0%9C%D0%B5%D1%82%D1%80%D0%BE%202033%20%D0%92%D0%9A%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%BA%D0%B0%D1%87%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%20%D0%B3%D0%BE%D0%BB%D0%BE%D1%81%D0%BE%D0%B2!
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Sep 2018 20:43:25 GMT
Last-Modified
Sun, 30 Sep 2018 20:43:25 GMT
Server
nginx/1.12.2
Location
https://mc.yandex.ru/watch/27653073/1?wmode=7&page-url=https%3A%2F%2Fftp.s-sniffer.top%2Fmetro2033%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1538340204355%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180930204325%3Aet%3A1538340205%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A378761329%3Ahid%3A520098624%3Ads%3A0%2C0%2C587%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A712%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538340205%3Au%3A153834020598874245%3At%3A%D0%9C%D0%B5%D1%82%D1%80%D0%BE%202033%20%D0%92%D0%9A%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%BA%D0%B0%D1%87%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%20%D0%B3%D0%BE%D0%BB%D0%BE%D1%81%D0%BE%D0%B2!
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
https://ftp.s-sniffer.top
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sun, 30 Sep 2018 20:43:25 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Sep 2018 20:43:25 GMT
Last-Modified
Sun, 30 Sep 2018 20:43:25 GMT
Server
nginx/1.12.2
Location
https://mc.yandex.ru/watch/27653073/1?wmode=7&page-url=https%3A%2F%2Fftp.s-sniffer.top%2Fmetro2033%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1538340204355%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180930204325%3Aet%3A1538340205%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A378761329%3Ahid%3A520098624%3Ads%3A0%2C0%2C587%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A712%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538340205%3Au%3A153834020598874245%3At%3A%D0%9C%D0%B5%D1%82%D1%80%D0%BE%202033%20%D0%92%D0%9A%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%BA%D0%B0%D1%87%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%20%D0%B3%D0%BE%D0%BB%D0%BE%D1%81%D0%BE%D0%B2!
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
https://ftp.s-sniffer.top
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sun, 30 Sep 2018 20:43:25 GMT
1
mc.yandex.ru/watch/27653073/ 		114 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/27653073/1?wmode=7&page-url=https%3A%2F%2Fftp.s-sniffer.top%2Fmetro2033%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1538340204355%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180930204325%3Aet%3A1538340205%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A378761329%3Ahid%3A520098624%3Ads%3A0%2C0%2C587%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A712%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538340205%3Au%3A153834020598874245%3At%3A%D0%9C%D0%B5%D1%82%D1%80%D0%BE%202033%20%D0%92%D0%9A%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%BA%D0%B0%D1%87%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%20%D0%B3%D0%BE%D0%BB%D0%BE%D1%81%D0%BE%D0%B2!
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e0ebf6d0c08f29433353b6106d5ed3c9c20a70edebd1e570634c73f8ce55af82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ftp.s-sniffer.top/metro2033/
Origin
https://ftp.s-sniffer.top
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 30 Sep 2018 20:43:25 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 30 Sep 2018 20:43:25 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
https://ftp.s-sniffer.top
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
114
X-XSS-Protection
1; mode=block
Expires
Sun, 30 Sep 2018 20:43:25 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: ftp.s-sniffer.top
URL: https://ftp.s-sniffer.top/metro2033/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ftp.s-sniffer.top/metro2033/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 30 Sep 2018 20:43:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Sun, 30 Sep 2018 21:43:25 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| window_mail function| window_social string| GoogleAnalyticsObject function| ga function| good_answer string| sing_up number| sing_up_acces function| answer_window_social object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData object| Ya object| yaCounter27653073

9 Cookies

Domain/Path Name / Value
.s-sniffer.top/ Name: _ym_uid
Value: 153834020598874245
.s-sniffer.top/ Name: _gat
Value: 1
.s-sniffer.top/ Name: _gid
Value: GA1.2.2078768907.1538340205
.s-sniffer.top/ Name: _ym_d
Value: 1538340205
.s-sniffer.top/ Name: _ga
Value: GA1.2.25379323.1538340205
.s-sniffer.top/ Name: _ym_isad
Value: 2
.s-sniffer.top/ Name: __cfduid
Value: d07fc8d03bdc2de25c0d0394202da33171538340204
ftp.s-sniffer.top/metro2033 Name: wx_zif
Value: 00426282
ftp.s-sniffer.top/metro2033 Name: wx_date
Value: 07.07.2015

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ftp.s-sniffer.top
mc.yandex.ru
www.google-analytics.com
2606:4700:30::681c:32d
2a00:1450:4001:817::200e
2a02:6b8::1:119
0935137c34127df4a61245090e8439e2ad615e1cf6942e72093123c16e8d116c
14e09d39863d06a83708e2f48881d53f7353dcda25d58ba2fa0fe34cef9821d7
1bd06cfec19348ffe10273fd439d67aa84268c794b194b873abade8f025055aa
201011fa55c63ef7c0f85890559a10590896eae038e87a0c38c9d753dd9dd4f9
4c044386028be5bae5d0b47a82290a830de45567d20beaddcf02bd666d73fc4b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
80fd495e6f4a03cb40cc25d255e7b6565170f32ea31b90f2fb691b125b7f78ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ee6e1c267ab3171c460fb20a2a9d6266cd6981949da773644decaa3fc4d5bb4
904c5ab48d6cf01125d6f7133c6731986503bd6403671890f03524274b0d8561
b164fbec3b6e17f547d9d6791d06a3ca1840ed3fafc16a5755e22adbdea19fe7
b2326ef61e78426ef6a753558f141653f4168acd23b13209766e8caf6d147179
b90f2e7392bb93e6873953c0101ae514b1ae392ec3a8144cbd25029d056afae9
be445a2f45600a3c03a335210090ff9fe84520547e31003fec066b9f6a392568
c005d30511380e8cf2d86890212cd29bf4d0160a3caeb04fdb9bca5a6489fab1
d1bce79806c0836d291727def7bf65ed8080dcfdd63db2838f34b1b7076be6fe
db8a6c5088b73af4f575cc9710fd0df0781e0c5806d3fa9f5f94116fa6f47990
e0ebf6d0c08f29433353b6106d5ed3c9c20a70edebd1e570634c73f8ce55af82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b1ad9cc9b94c527af27f3adc6e32c4c5b89364ae8134d12fe00ab221e795c3
e6cc064719b8c50f8428d221c455a7e65b8507604fccd955c2ae9af25d7d9e67
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
ede47973132dfeeb2127e437b10814fffe76de3a3783970e16b929b3dd73049d
ee0b04b25e42c61e2e4a1fc1cea4516f86cf4b7a3257cc15e3194852d37b8253
f9c6a720e7f51a6c2e7555f6f6c2da7faf10563a1c373f2c80de8ee164a1fa48