wwwewwa-sashaddfeess.ru Open in urlscan Pro
2606:4700:3037::6815:573b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wwwewwa-sashaddfeess.ru/main
Effective URL:
https://wwwewwa-sashaddfeess.ru/main
Submission: On November 30 via automatic, source openphish (November 30th 2024, 2:13:20 pm UTC) — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3037::6815:573b, located in United States and belongs to CLOUDFLARENET, US. The main domain is wwwewwa-sashaddfeess.ru.
TLS certificate: Issued by WE1 on November 7th 2024. Valid for: 3 months.

This is the only time wwwewwa-sashaddfeess.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3037::6815:573b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	172.67.141.250 172.67.141.250	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	4

3 2606:4700:3037::6815:573b (United States)

ASN13335 (CLOUDFLARENET, US)

wwwewwa-sashaddfeess.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.67.141.250 (United States)

ASN13335 (CLOUDFLARENET, US)

wwwewwa-sashaddfeess.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	wwwewwa-sashaddfeess.ru wwwewwa-sashaddfeess.ru	244 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	19 KB
23	2

	Domain	Requested by
16	wwwewwa-sashaddfeess.ru	wwwewwa-sashaddfeess.ru cdn.jsdelivr.net
1	cdn.jsdelivr.net	wwwewwa-sashaddfeess.ru
23	2

This site contains no links.

Subject Issuer	Validity	Valid
wwwewwa-sashaddfeess.ru WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wwwewwa-sashaddfeess.ru/main
Frame ID: FE03CACCA68E5DE37BEA9AC3AE5152CB
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram Web

Page URL History Show full URLs

http://wwwewwa-sashaddfeess.ru/main HTTP 307
https://wwwewwa-sashaddfeess.ru/main Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

23
Requests

74 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

4
IPs

1
Countries

263 kB
Transfer

1015 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wwwewwa-sashaddfeess.ru/main HTTP 307
https://wwwewwa-sashaddfeess.ru/main Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request main Show response
wwwewwa-sashaddfeess.ru/
Redirect Chain

http://wwwewwa-sashaddfeess.ru/main
https://wwwewwa-sashaddfeess.ru/main

15 KB
7 KB

275ms
160ms

Document
text/html

2606:4700:3037::6815:573b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:573b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b171db41d29e787f28dc29eadc2d50f414aba3e6e85f6249b119956d265e0dfa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8eab6fe848b7d2a8-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 14:13:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kf7ZGi5Du3C%2BNzdFLcgPSslaFTqYna5lte4OhqKDjwcNbCzejWPHfwV%2BeyMQxP%2F7JItD0xmMMd1o%2BnbTVtDDQ2X4bpNi08TTU66oO6HUbatKXM44bZzo6lX%2BNiu4pi74FjpydavqX3AmwtEBAWPXs4ev%2BD1U7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5769&min_rtt=5738&rtt_var=958&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2304&delivery_rate=697602&cwnd=253&unsent_bytes=0&cid=9fff668f9d6bd9fe&ts=165&x=0"
vary: Accept-Encoding

Redirect headers

Location: https://wwwewwa-sashaddfeess.ru/main
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 index-e-jlGVAF.js Show response
wwwewwa-sashaddfeess.ru/ 133 KB
48 KB 22ms
21ms Script
text/javascript 2606:4700:3037::6815:573b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:573b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b04e833ae43c5493e983f070356392a25e11942e3f4ec8fd705b0e8e8950f8b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer: https://wwwewwa-sashaddfeess.ru/main

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "21298-625384f5aa200-gzip"
age: 6920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sFvquitMn7XMbX0qZPmh1g8m6hFPtoPWuy3Jw50VP4wSuDPVgGX6gws0oPtIqJYg8YbT2orkUrQfyZG6VMhWELHfVrTBL2rjAiCiYfB8i28ZO4%2BkzzRdCaMhvao0NBW%2B7ZksEkJsBrTDn1i13dumhuC%2FUKT%2BoA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5796&min_rtt=5738&rtt_var=353&sent=69&recv=17&lost=0&retrans=0&sent_bytes=74998&recv_bytes=2581&delivery_rate=1742164&cwnd=257&unsent_bytes=20759&cid=9fff668f9d6bd9fe&ts=201&x=0"
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Thu, 24 Oct 2024 12:40:40 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fe96b2dd2a8-FRA
accept-ranges: bytes
content-length: 48447
server: cloudflare

GET
H2 200 index-vX_PR0Tt.css
wwwewwa-sashaddfeess.ru/ 477 KB
82 KB 15ms
14ms Stylesheet
text/css 2606:4700:3037::6815:573b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/index-vX_PR0Tt.css
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:573b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer: https://wwwewwa-sashaddfeess.ru/main

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: "77466-623b840a87380-gzip"
age: 6920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9g84dMexM9h8tBV9WnHDrV2m%2FeAsVq8pk5KTKfNIoy8l2AcE4MbADL4R4TxeIpaqomUSM4dyswBiAgXtAbYFY2p%2Fwg7Gr4Y57KEHrEDvWCa6o%2BAFgAkoiBlB5giaQufJ1p%2FUc1%2FlELCuXFkda3s66mU0W4WWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eab6fe96b29d2a8-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5796&min_rtt=5738&rtt_var=353&sent=17&recv=17&lost=0&retrans=0&sent_bytes=10870&recv_bytes=2581&delivery_rate=1742164&cwnd=257&unsent_bytes=0&cid=9fff668f9d6bd9fe&ts=198&x=0"
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/css
last-modified: Sat, 05 Oct 2024 10:28:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 axios.min.js Show response
cdn.jsdelivr.net/npm/axios/dist/ 53 KB
19 KB 55ms
25ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js

Requested by

Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724e723b933b271f38e93bcb021508976db20764d505a67c924a33cac6ff680c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wwwewwa-sashaddfeess.ru/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"d322-CZa5X+zJB9CWwyZJehT4xqgGU80"
age: 36040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rN6jETGHoaYr0zGOhQNrhvpAoNuGpKK5bIK8HgrdZuRTgH0HH9haE22W5onKqR9FMKfGvebCa8oNFree8LzLmG8HvXM2TQ2mT6Lx3cBr2ZZKqfllZw2BZnzHloaskJUk8q9tiCHuhVGeZmxGkAk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220107-FRA, cache-lga21921-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eab6fe99b643a49-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18369
server: cloudflare
x-jsd-version: 1.7.8

GET
H3 200 send.php Show response
wwwewwa-sashaddfeess.ru/server/ 6 B
666 B 368ms
367ms XHR
application/json 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/server/send.php?check&service=Telegram
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abdfbffecbe18ed94df9829819e596ee285b52a94aa108514452a9121721c789

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://wwwewwa-sashaddfeess.ru/main

Response headers

access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KV1dFrBK%2FxrHuZh9SXVsTMVuFIGlEEhkRytVVHco%2Bb4GDGVsXkwNiV%2FntFc1jxB7vsK%2FloVURFWCrRGzN2rnHQgaD7VKVz0Dnf7iNqsE6Hq0qcR7Zjv%2BEFZ5dSpGT0qaOfwobUeztiwGAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eab6fe9c8bcbbd7-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 6
server-timing: cfL4;desc="?proto=QUIC&rtt=6422&min_rtt=5837&rtt_var=302&sent=345&recv=95&lost=0&retrans=0&sent_bytes=382462&recv_bytes=12309&delivery_rate=1307857&cwnd=157200&unsent_bytes=0&cid=578008acf2580b68&ts=423&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: application/json
server: cloudflare
priority: u=1,i

GET mtproto.worker-ByDWDGLw.js
wwwewwa-sashaddfeess.ru/ 0
0

GET crypto.worker-CfCshcpI.js
wwwewwa-sashaddfeess.ru/ 0
0

GET
DATA 200
OK truncated
/ 369 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 crypto.worker-CfCshcpI.js Show response
wwwewwa-sashaddfeess.ru/ 67 KB
24 KB 16ms
16ms Fetch
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/crypto.worker-CfCshcpI.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wwwewwa-sashaddfeess.ru/main

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "10d02-623b840a87380-gzip"
age: 6919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DLh80BREX75CTmFXkDHeImDu3md%2Bnf8KSqLBBaG1SH3t2YgtLI8kbOATXWlvqF89hC%2FC1OX3EYv24rfjuwyLdMybjIYVOvFjST1tY4GCIikL8otKr00cy0gGazGv7a%2BkpqhhcCca9NSB5w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6488&min_rtt=5929&rtt_var=1604&sent=15&recv=14&lost=0&retrans=0&sent_bytes=4342&recv_bytes=5654&delivery_rate=893&cwnd=12000&unsent_bytes=0&cid=578008acf2580b68&ts=93&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:46 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fe9e8dabbd7-FRA
accept-ranges: bytes
content-length: 23808
server: cloudflare

GET
DATA 200
OK truncated
/ 59 B
59 B Image
image/jxl

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jxl

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/avif

GET
H3 200 favicon.ico
wwwewwa-sashaddfeess.ru/assets/img/ 15 KB
4 KB 18ms
18ms Other
image/vnd.microsoft.icon 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/assets/img/favicon.ico?v=jw3mK7G9Ry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wwwewwa-sashaddfeess.ru/main

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"3aee-623b840e57c80"
age: 6919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B9bTcD935sQGkAtWJR9XLOu%2BaP0YrZknw0ynNybUqCUtLZGfZEN4kvAttdkxezxE9QZfBT%2Fixsenc%2FEU2kMTSz62ecsKHHsOoBbrKhke7IyYC4X0FypuJQQpjINaod%2Buik782dgBH8ZzEw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6488&min_rtt=5929&rtt_var=1604&sent=25&recv=14&lost=0&retrans=0&sent_bytes=16342&recv_bytes=5654&delivery_rate=893&cwnd=12000&unsent_bytes=0&cid=578008acf2580b68&ts=98&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: image/vnd.microsoft.icon
last-modified: Sat, 05 Oct 2024 10:28:50 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fe9e8e1bbd7-FRA
server: cloudflare

GET
H3 200 lang-CNYDDQNH.js Show response
wwwewwa-sashaddfeess.ru/ 137 KB
40 KB 18ms
18ms Script
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/lang-CNYDDQNH.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 084e02dc3f7facf0f9744705d2211e97633cc8127ce579a95fa50337e92df665

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2247a-623b840a87380-gzip"
age: 6919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=erSWOPh1TVlgEe1s7Sp8z9s0spdrRbvPqMddPrls1MolVCSKX7wK1OtHuPt0p4Q6EEFD3%2FXqRiVgKIWN%2F9F4%2BKzPS2J3aLOO83WB%2FrtNwYbjtAr6muabfqFT63hh%2FXEfgGmcmu2qfUCAlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6759&min_rtt=5837&rtt_var=257&sent=112&recv=49&lost=0&retrans=0&sent_bytes=116329&recv_bytes=8170&delivery_rate=6287837&cwnd=63600&unsent_bytes=0&cid=578008acf2580b68&ts=112&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:46 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fea08fdbbd7-FRA
accept-ranges: bytes
content-length: 39939
server: cloudflare

GET
H3 200 langSign-CN-ja8rh.js Show response
wwwewwa-sashaddfeess.ru/ 2 KB
1 KB 18ms
18ms Script
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/langSign-CN-ja8rh.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "66e-623b840a87380-gzip"
age: 6919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Udim9mbMjMd7pndASvbLd3W%2Bv0IEZo0ns6t4IYQzaUfrKyhHOY0b1oGvXRKxCcgxy32d3I4nXS2O3LkuKQId%2FdscWpnEd4DScBwUHdxieDNKSMlrZqTsMSkaNyXt0cXm3hGRvHcy8ZQ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6532&min_rtt=5837&rtt_var=444&sent=110&recv=42&lost=0&retrans=0&sent_bytes=114765&recv_bytes=7864&delivery_rate=4553755&cwnd=63600&unsent_bytes=0&cid=578008acf2580b68&ts=112&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:46 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fea08ffbbd7-FRA
accept-ranges: bytes
content-length: 809
server: cloudflare

GET
H3 200 countries-CzeCvYH8.js Show response
wwwewwa-sashaddfeess.ru/ 24 KB
5 KB 23ms
22ms Script
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/countries-CzeCvYH8.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "5e21-623b840a87380-gzip"
age: 6919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LEukeaC32y4SSMGnuurPBdBuC6LwA7n7cC5etVGG%2F%2FPh2R5KItiZuMuerzvtnz1MNnZRXFqQFOBK4hDA9cMuXoY4%2Ft4dZiXRZKlP%2FuzmvxAPyjBXtt2x4eq7JLDI5%2FZxT3gibBDchgiKUg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6759&min_rtt=5837&rtt_var=257&sent=135&recv=49&lost=0&retrans=0&sent_bytes=143072&recv_bytes=8170&delivery_rate=6287837&cwnd=63600&unsent_bytes=0&cid=578008acf2580b68&ts=114&x=1", cfExtPri, cfHdrFlush;dur=4
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:46 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fea0901bbd7-FRA
accept-ranges: bytes
content-length: 4048
server: cloudflare

GET
H3 200 pageSignQR-C3lXUpHx.js Show response
wwwewwa-sashaddfeess.ru/ 5 KB
3 KB 27ms
26ms Script
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/pageSignQR-C3lXUpHx.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 879d4f4091627258a6b4f30e1ffa7e12273c302c77387b870c2e7c63d76bdfcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "15a0-623b840c6f800-gzip"
age: 6919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tAW4yrefmn8%2B3UyGuw2AW9HHR4UGFJ8LofqsdC2lAe2m11AXMO3EUwTWfxyrCe1i9oP0RWKNm1CmpHCybeoV%2BtUxyUUNfJ6QJLodRg7pHYdxF2e%2F1DjpPEl33OxsmW4ixUxHclFHFiaNfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6292&min_rtt=5837&rtt_var=130&sent=324&recv=89&lost=0&retrans=0&sent_bytes=359775&recv_bytes=11442&delivery_rate=430835&cwnd=157200&unsent_bytes=0&cid=578008acf2580b68&ts=180&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fea6953bbd7-FRA
accept-ranges: bytes
content-length: 2611
server: cloudflare

GET
H3 200 page-BMz-rky6.js Show response
wwwewwa-sashaddfeess.ru/ 10 KB
5 KB 22ms
21ms Script
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/page-BMz-rky6.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c83e96a914db1e2c858e798c86cdbf9c0cb372241d2d8e925bbd79457d1703b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "290c-623b840c6f800-gzip"
age: 6919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2Fww8J3RLE0biMZB3Scd7ImcnfwElYanxsvLJHKDbwFuGDuyc65%2FeIWEzefJgQGXnIIzNKDhSYUqE%2FzUMqC979tE3quQNFOUfKN6aoaNMkJUZ3Tt41f2Th2ZRwEbSAc8qcBQoC8wsHUM0A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6304&min_rtt=5837&rtt_var=141&sent=317&recv=88&lost=0&retrans=0&sent_bytes=353603&recv_bytes=11398&delivery_rate=21542448&cwnd=157200&unsent_bytes=0&cid=578008acf2580b68&ts=174&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fea6956bbd7-FRA
accept-ranges: bytes
content-length: 4114
server: cloudflare

GET
H3 200 button-DNOYFSTy.js Show response
wwwewwa-sashaddfeess.ru/ 9 KB
4 KB 19ms
19ms Script
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/button-DNOYFSTy.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53215a998c994f1475191e266b3658282cec121c0ce01db226313eba52644565

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "241a-623b840a87380-gzip"
age: 6919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7vn8HuxY2Jl%2Fdsh%2FhrSD6%2FRmXXjjDttUzY2sjPfYkp7knkLsgoYKf3cHx0Ve54MlyoN6yV8fmLLGrxNxGzDNsrEeiDZJ%2Ffhds7WE4dYv5vAetdHN0gB3nhdgqNBHLSKrfdB3vMTk%2FcdpA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6304&min_rtt=5837&rtt_var=141&sent=312&recv=88&lost=0&retrans=0&sent_bytes=347933&recv_bytes=11398&delivery_rate=21542448&cwnd=157200&unsent_bytes=0&cid=578008acf2580b68&ts=172&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:46 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fea6957bbd7-FRA
accept-ranges: bytes
content-length: 3854
server: cloudflare

GET
H3 200 putPreloader-CByTF1BW.js Show response
wwwewwa-sashaddfeess.ru/ 699 B
1 KB 21ms
21ms Script
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/putPreloader-CByTF1BW.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b565e185c7c2c3cdcac2c73df77098ff3aa6cce17102ce9e01cfc9f4ac408d73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2bb-623b840c6f800-gzip"
age: 6919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GzMYGcHRUTSW1P78pFrpEvyYZ12pA2Icf7dSsNBveMp0fmsHimZTxfooFjunIU3aKMwk8%2BJXt1QJi%2FJsl8paIz3CNw8Ptbu3wu8qoraPXHKrw7H8mhrbgQy2ylO3Vltcr4FxChU4Dg8wyA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6304&min_rtt=5837&rtt_var=141&sent=322&recv=88&lost=0&retrans=0&sent_bytes=358548&recv_bytes=11398&delivery_rate=21542448&cwnd=157200&unsent_bytes=0&cid=578008acf2580b68&ts=174&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fea6958bbd7-FRA
accept-ranges: bytes
content-length: 471
server: cloudflare

GET
H3 200 textToSvgURL-Cnw_Q8Rw.js Show response
wwwewwa-sashaddfeess.ru/ 357 B
984 B 20ms
19ms Script
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/textToSvgURL-Cnw_Q8Rw.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "165-623b840c6f800-gzip"
age: 6919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGPaSluSnRgmdkdWrp8uen2LjmgVdp8NELPSZ0BLPCCHTkKyPwVtBQN4lAd4WudSQeyhwSoHtnM1HCCpLDs5q62kwUad02OYg5isJEJxq67JtlpKYBANU0xceGsXtqqSBbjszryDVTVTdw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6304&min_rtt=5837&rtt_var=141&sent=316&recv=88&lost=0&retrans=0&sent_bytes=352596&recv_bytes=11398&delivery_rate=21542448&cwnd=157200&unsent_bytes=0&cid=578008acf2580b68&ts=174&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fea6959bbd7-FRA
accept-ranges: bytes
content-length: 277
server: cloudflare

GET 9cdc46b9-e301-475d-8bc9-1935f794aa1f
https://wwwewwa-sashaddfeess.ru/ 0
0

GET 33446c36-6dfe-4ee5-8f90-8fed92e764ce
https://wwwewwa-sashaddfeess.ru/ 0
0

GET fb273883-11be-4c7e-b4b7-3739a64c734b
https://wwwewwa-sashaddfeess.ru/ 0
0

GET
H3 200 qr-code-styling-CvBVNv73.js Show response
wwwewwa-sashaddfeess.ru/ 65 KB
18 KB 16ms
16ms Script
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/qr-code-styling-CvBVNv73.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "10251-623b840c6f800-gzip"
age: 6918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMjJLQPdh5vo4DrduWUb8AKJTF5LfwW4NU%2FKWv6NaLQJDVFJbRcnHsk%2BFmdcbWqRCt8afKwm3u%2FLQwfOxSp3GbOf%2Fk%2BFsgXyO%2FPQvnWJrKtykDO4b4JCZJ6JU0adWDXmoz0%2B1oRRJpnSxw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6420&min_rtt=5837&rtt_var=531&sent=329&recv=93&lost=0&retrans=0&sent_bytes=364148&recv_bytes=12220&delivery_rate=508134&cwnd=157200&unsent_bytes=0&cid=578008acf2580b68&ts=201&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fea9988bbd7-FRA
accept-ranges: bytes
content-length: 17206
server: cloudflare

GET
H3 200 _commonjsHelpers-Cpj98o6Y.js Show response
wwwewwa-sashaddfeess.ru/ 290 B
936 B 16ms
15ms Script
text/javascript 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/_commonjsHelpers-Cpj98o6Y.js
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/index-e-jlGVAF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wwwewwa-sashaddfeess.ru
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "122-623b84089ef00-gzip"
age: 6918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOeBM3tTSRsX51M0eF1GDM5yOLyR9QswGrp3Y9CLzrFTU1QNf9gGkBU1r8h6uaguuThsGhf555vMiuZ86ri3m5hkiqRNf7wAkNGFS92d5RZ0F%2FmOK%2BKwoXKvt0rXReUsBPO%2B8aKv%2Fb0pbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6420&min_rtt=5837&rtt_var=531&sent=328&recv=93&lost=0&retrans=0&sent_bytes=363189&recv_bytes=12220&delivery_rate=508134&cwnd=157200&unsent_bytes=0&cid=578008acf2580b68&ts=200&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:16 GMT
content-type: text/javascript
last-modified: Sat, 05 Oct 2024 10:28:44 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eab6fea9989bbd7-FRA
accept-ranges: bytes
content-length: 228
server: cloudflare

GET
H3 200 logo_padded.svg Show response
wwwewwa-sashaddfeess.ru/assets/img/ 1 KB
0 116ms
116ms Fetch
image/svg+xml

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwewwa-sashaddfeess.ru/assets/img/logo_padded.svg
Requested by: Host: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/pageSignQR-C3lXUpHx.js
Protocol: H3
Server: -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wwwewwa-sashaddfeess.ru/main

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"42d-623b840e57c80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXbd1giEpIpvMmBToqctxBzzrYnbDZFWg6LlaNOUoD7ah7%2BwzI8NunSU%2FC5Esgrakl5V61djK4%2FyT%2Fgep%2B4kfLniadw8SgVVn8QgQ54mJmPni%2ByJikmwShdmE%2F%2FyAVfgt31dYMJ%2Blm0qzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eab6ff45988bbd7-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6349&min_rtt=5837&rtt_var=373&sent=347&recv=97&lost=0&retrans=0&sent_bytes=383176&recv_bytes=12720&delivery_rate=81585&cwnd=157200&unsent_bytes=0&cid=578008acf2580b68&ts=1857&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:13:18 GMT
content-type: image/svg+xml
last-modified: Sat, 05 Oct 2024 10:28:50 GMT
server: cloudflare
priority: u=1,i
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/mtproto.worker-ByDWDGLw.js

Domain: wwwewwa-sashaddfeess.ru
URL: https://wwwewwa-sashaddfeess.ru/crypto.worker-CfCshcpI.js

Domain: wwwewwa-sashaddfeess.ru
URL: blob:https://wwwewwa-sashaddfeess.ru/9cdc46b9-e301-475d-8bc9-1935f794aa1f

Domain: wwwewwa-sashaddfeess.ru
URL: blob:https://wwwewwa-sashaddfeess.ru/33446c36-6dfe-4ee5-8f90-8fed92e764ce

Domain: wwwewwa-sashaddfeess.ru
URL: blob:https://wwwewwa-sashaddfeess.ru/fb273883-11be-4c7e-b4b7-3739a64c734b

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wwwewwa-sashaddfeess.ru/	1970-01-21 01:22:56	Name: token_abc Value: b9b9a97fb1c6cd03237a93f95fd51a9a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://wwwewwa-sashaddfeess.ru/main Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D00B41E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
wwwewwa-sashaddfeess.ru
wwwewwa-sashaddfeess.ru
172.67.141.250
2606:4700:3037::6815:573b
2606:4700::6812:bb1f
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
084e02dc3f7facf0f9744705d2211e97633cc8127ce579a95fa50337e92df665
2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4
4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896
53215a998c994f1475191e266b3658282cec121c0ce01db226313eba52644565
55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a
6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
724e723b933b271f38e93bcb021508976db20764d505a67c924a33cac6ff680c
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48
879d4f4091627258a6b4f30e1ffa7e12273c302c77387b870c2e7c63d76bdfcb
88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998
abdfbffecbe18ed94df9829819e596ee285b52a94aa108514452a9121721c789
b04e833ae43c5493e983f070356392a25e11942e3f4ec8fd705b0e8e8950f8b0
b171db41d29e787f28dc29eadc2d50f414aba3e6e85f6249b119956d265e0dfa
b565e185c7c2c3cdcac2c73df77098ff3aa6cce17102ce9e01cfc9f4ac408d73
c83e96a914db1e2c858e798c86cdbf9c0cb372241d2d8e925bbd79457d1703b3
db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4

wwwewwa-sashaddfeess.ru Open in urlscan Pro 2606:4700:3037::6815:573b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

74 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

4 IPs

1 Countries

263 kBTransfer

1015 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

33 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

wwwewwa-sashaddfeess.ru Open in urlscan Pro
2606:4700:3037::6815:573b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

74 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

4
IPs

1
Countries

263 kB
Transfer

1015 kB
Size

1
Cookies

23 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!