Submitted URL: http://byrut.org.ru/0.8072617089995175
Effective URL: https://byrut.org.ru/0.8072617089995175
Submission: On October 25 via api from US — Scanned from NL

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 30 HTTP transactions. The main IP is 95.164.86.158, located in Meppel, Netherlands and belongs to STARK-INDUSTRIES, GB. The main domain is byrut.org.ru.
TLS certificate: Issued by R11 on October 15th 2024. Valid for: 3 months.
This is the only time byrut.org.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 95.164.86.158 44477 (STARK-IND...)
10 172.67.195.13 13335 (CLOUDFLAR...)
2 31.172.68.8 44051 (FORNEX-AS)
1 193.200.64.160 6681 (GIVEME-CLOUD)
1 193.200.64.24 6681 (GIVEME-CLOUD)
1 193.200.65.30 6681 (GIVEME-CLOUD)
1 2 88.212.201.198 39134 (UNITEDNET)
2 193.200.65.116 6681 (GIVEME-CLOUD)
1 185.177.93.190 39572 (ADVANCEDH...)
2 193.200.65.68 6681 (GIVEME-CLOUD)
1 188.114.97.3 13335 (CLOUDFLAR...)
2 193.200.65.11 6681 (GIVEME-CLOUD)
2 193.200.65.13 6681 (GIVEME-CLOUD)
30 14
Apex Domain
Subdomains
Transfer
10 domain100.ru
jp.domain100.ru
9 KB
6 ppimdog.com
ppimdog.com
cs09.ppimdog.com
cs11.ppimdog.com
95 KB
3 tobipovsem.com
cdn.tobipovsem.com — Cisco Umbrella Rank: 574186
track.tobipovsem.com — Cisco Umbrella Rank: 621956
s1.tobipovsem.com
9 KB
3 org.ru
byrut.org.ru
10 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 15187
1 KB
2 ipvertnet.com
ipvertnet.com — Cisco Umbrella Rank: 416495
8 KB
1 ru.net
bluestacks.ru.net
12 KB
1 analitycs.net
track.analitycs.net — Cisco Umbrella Rank: 277520
606 B
1 trutheyesstab.com
trutheyesstab.com
2 KB
1 oritooep.win
oritooep.win — Cisco Umbrella Rank: 648178
421 B
0 ska4at.ru Failed
ska4at.ru Failed
30 11
Domain Requested by
10 jp.domain100.ru byrut.org.ru
3 byrut.org.ru byrut.org.ru
2 cs11.ppimdog.com
2 cs09.ppimdog.com ppimdog.com
2 ppimdog.com jp.domain100.ru
ppimdog.com
2 counter.yadro.ru 1 redirects byrut.org.ru
2 ipvertnet.com jp.domain100.ru
ipvertnet.com
1 bluestacks.ru.net byrut.org.ru
1 s1.tobipovsem.com
1 track.analitycs.net cdn.tobipovsem.com
1 track.tobipovsem.com cdn.tobipovsem.com
1 cdn.tobipovsem.com jp.domain100.ru
1 trutheyesstab.com jp.domain100.ru
1 oritooep.win jp.domain100.ru
0 ska4at.ru Failed
30 15

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
byrut.org.ru
R11
2024-10-15 -
2025-01-13
3 months crt.sh
domain100.ru
WE1
2024-09-18 -
2024-12-17
3 months crt.sh
vivarevasta.top
E6
2024-09-05 -
2024-12-04
3 months crt.sh
oritooep.win
R10
2024-09-11 -
2024-12-10
3 months crt.sh
trutheyesstab.com
R11
2024-10-03 -
2025-01-01
3 months crt.sh
tobipovsem.com
R11
2024-09-10 -
2024-12-09
3 months crt.sh
analitycs.net
R11
2024-10-16 -
2025-01-14
3 months crt.sh
ppimdog.com
R10
2024-10-03 -
2025-01-01
3 months crt.sh
bluestacks.ru.net
WE1
2024-09-19 -
2024-12-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://byrut.org.ru/0.8072617089995175
Frame ID: 4DF28CC30B717AF12C0078BCC8CBB510
Requests: 32 HTTP requests in this frame

Screenshot

Page Title

404 Not Found

Page URL History Show full URLs

  1. http://byrut.org.ru/0.8072617089995175 HTTP 307
    https://byrut.org.ru/0.8072617089995175 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->

Page Statistics

30
Requests

93 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

14
IPs

4
Countries

145 kB
Transfer

241 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://byrut.org.ru/0.8072617089995175 HTTP 307
    https://byrut.org.ru/0.8072617089995175 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://counter.yadro.ru/hit?t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.8072617089995175;h404%20Not%20Found;0.2061230047050404 HTTP 302
  • https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.8072617089995175;h404%20Not%20Found;0.2061230047050404
Request Chain 20
  • https://byrut.org.ru/cdn-cgi/rum HTTP 0
  • http://ska4at.ru/

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 0.8072617089995175
byrut.org.ru/
Redirect Chain
  • http://byrut.org.ru/0.8072617089995175
  • https://byrut.org.ru/0.8072617089995175
2 KB
1 KB
Document
General
Full URL
https://byrut.org.ru/0.8072617089995175
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.164.86.158 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm1706573.stark-industries.solutions
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
95067891d6d9882e8e50e5df42c7d17a8a98c765a6cfcce14682f956f1fe5e1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 25 Oct 2024 04:30:33 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Location
https://byrut.org.ru/0.8072617089995175
Non-Authoritative-Reason
HttpsUpgrades
vcd15cbe7772f49c399c6a5babf22c1241717689176015
byrut.org.ru/o__static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://byrut.org.ru/o__static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.164.86.158 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm1706573.stark-industries.solutions
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://byrut.org.ru
Referer
https://byrut.org.ru/0.8072617089995175

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Date
Fri, 25 Oct 2024 04:30:33 GMT
Content-Type
text/javascript;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
script1.js
jp.domain100.ru/
343 B
985 B
Script
General
Full URL
https://jp.domain100.ru/script1.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384430573c631fd252baba6e91496351952eff6a215560289812f2ad3e69d779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"65aa761b-157"
age
67208
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFOdz0G66rUAuOn5g5kcWSzi9QlVUU%2FBOlPu1HH2v%2FNnewAXuzrZHyJm24BAPrO8ubJawKgnwP08ekPngpM0uu%2F17579NSQQ5aPqvRz0T9%2BtbntxT74fzMHRGymeuME06is%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 09:50:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13546&sent=13&recv=17&lost=0&retrans=0&sent_bytes=4198&recv_bytes=6876&delivery_rate=205848&cwnd=12000&unsent_bytes=0&cid=32ecb14b2f25f1e9&ts=358&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript
last-modified
Fri, 19 Jan 2024 13:16:11 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7f78d408044242-AMS
server
cloudflare
script2.js
jp.domain100.ru/
1002 B
1 KB
Script
General
Full URL
https://jp.domain100.ru/script2.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cca5f50531d3ecbcfb6dafcca5cd46dfd5d4c11f57c26e27c6fe5293c11c3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66d9f856-3ea"
age
67208
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQXE4y9GRM4bVvj0m8%2Bvj3dsDTLOb9fHlxgCeKoWO74HTbSfqBjUM5qMiWkfCTf6vQCK0KbFLM01GGQVrF6xw7DpFOkuSZsTiXwnDAFLI%2BqAW6917fAoY7RK7tVT9js6RWk%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 09:50:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13546&sent=17&recv=17&lost=0&retrans=0&sent_bytes=8424&recv_bytes=6876&delivery_rate=205848&cwnd=12000&unsent_bytes=0&cid=32ecb14b2f25f1e9&ts=360&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 18:28:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7f78d408094242-AMS
server
cloudflare
script3.js
jp.domain100.ru/
954 B
1 KB
Script
General
Full URL
https://jp.domain100.ru/script3.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edffceb7b22abd431a5605fd61bf4f71021bdf7d47f21486cab33861c9061ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6718c637-3ba"
age
67208
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1nHruMafnBoqLTgrQokxvGAcAVpVhjjKdIGVJJ%2FbwC10RXCsWqj0vxcB5OWP%2FUAfBqvJjS1BhNhKlwGMzreQBVGWpRWr4PivkECzaIdMqDSSPqPa69ICWnUUjuCutMnUNc%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 09:50:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13546&sent=15&recv=17&lost=0&retrans=0&sent_bytes=6329&recv_bytes=6876&delivery_rate=205848&cwnd=12000&unsent_bytes=0&cid=32ecb14b2f25f1e9&ts=360&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 09:47:35 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7f78d408064242-AMS
server
cloudflare
script4.js
jp.domain100.ru/
0
690 B
Script
General
Full URL
https://jp.domain100.ru/script4.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"633d5643-0"
age
67208
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CXtCEzOguNWhy0Mwh1bNL6Wl%2Fn4iJQiXlPIE66mviGtNti4O%2B%2Fro5kB14Kg7uv3bcrgUp8dqEU3ze4JxiCbk5xmAlEWA3DvaJSwTrQTA52RSO4wE3mpAlAwU63adsPLp01o%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 09:50:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13546&sent=20&recv=17&lost=0&retrans=0&sent_bytes=10385&recv_bytes=6876&delivery_rate=205848&cwnd=12000&unsent_bytes=0&cid=32ecb14b2f25f1e9&ts=361&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript
last-modified
Wed, 05 Oct 2022 10:02:43 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7f78d408084242-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script5.js
jp.domain100.ru/
623 B
1 KB
Script
General
Full URL
https://jp.domain100.ru/script5.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a28aa2b0099fed75392c65e051e0f2e3e871e42a5e577bc80e76c566864458a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e1a33a-26f"
age
39756
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RbMUQNOtF%2BrZ7N8%2FAboMLdWo3cvBImvNUtVNvI00BRdf4JeFSCNkK1zXc7Xzax%2B5m0TJSqR9Iza7VxjR8ox836u9qW3uUgl6yKPJzFnNz3I%2Be3JVSaer%2FbS6iSyIrxUdPoQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 17:27:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13546&sent=14&recv=17&lost=0&retrans=0&sent_bytes=5206&recv_bytes=6876&delivery_rate=205848&cwnd=12000&unsent_bytes=0&cid=32ecb14b2f25f1e9&ts=359&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 14:03:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7f78d408054242-AMS
server
cloudflare
script6.js
jp.domain100.ru/
372 B
973 B
Script
General
Full URL
https://jp.domain100.ru/script6.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f456cdd3c95fbe8f61f43b80001d67ecd3c3af89d1b5ecd8390d3371d50864c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e3272c-174"
age
67208
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=px93OD2JGuvNIZ0gHdqqo4rt3k5%2FAAm5KUGYxRmEaKli8%2F3iwwe7ElVP%2FkPn%2B189IqVB%2BCfYmbBbQvGOwrkcZvJGSwGgGs2U6Qtu8M7zeD0d0ieB5%2FZVFaGxHuDBIE2aEcM%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 09:50:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13546&sent=15&recv=17&lost=0&retrans=0&sent_bytes=6329&recv_bytes=6876&delivery_rate=205848&cwnd=12000&unsent_bytes=0&cid=32ecb14b2f25f1e9&ts=360&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript
last-modified
Thu, 12 Sep 2024 17:38:52 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7f78d408074242-AMS
server
cloudflare
script7.js
jp.domain100.ru/
0
694 B
Script
General
Full URL
https://jp.domain100.ru/script7.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"66db336e-0"
age
67208
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HtOn%2BGcv8uqaWg7TtErtYY4uRM%2BzeobjYhS%2BVxRM1kFppEtn5WRquYZ7UyOyNzvx%2FeHd7y4y2EjBz6Nfbd2XB2wQJx3uMUx0i0MARHoqcoEy5%2FGhAT5yVJk6eWUgsqxoo4%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 09:50:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13546&sent=21&recv=17&lost=0&retrans=0&sent_bytes=11098&recv_bytes=6876&delivery_rate=205848&cwnd=12000&unsent_bytes=0&cid=32ecb14b2f25f1e9&ts=361&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript
last-modified
Fri, 06 Sep 2024 16:53:02 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7f78d4080d4242-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script8.js
jp.domain100.ru/
0
695 B
Script
General
Full URL
https://jp.domain100.ru/script8.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"6298eb08-0"
age
67208
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uT33U7yUjUp8d%2FGTwlRIbKnzWe%2FmqZmkI7nz3rS0cRFpzm5AXUDib6ddCIzlnQMWJqKPyCzkLXxF%2BXafZNy8gmvfY%2FY7PaWMbYnrfHOAEuR5lNIJulg3xMRa3O4M6R8s4uU%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 09:50:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13546&sent=19&recv=17&lost=0&retrans=0&sent_bytes=9667&recv_bytes=6876&delivery_rate=205848&cwnd=12000&unsent_bytes=0&cid=32ecb14b2f25f1e9&ts=360&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript
last-modified
Thu, 02 Jun 2022 16:53:28 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7f78d4080a4242-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script9.js
jp.domain100.ru/
0
687 B
Script
General
Full URL
https://jp.domain100.ru/script9.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"6298eb10-0"
age
38587
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FzY27hrVsgh54A640s3NIFISKDoAtwD73ZlJQR7Py8btTXIywZqbmEql1DpVrz1niLqGN5cfrBFdB0z92WmRrpLEnSeKaso31m4KrGMO220DsADc5T3wJ5GldUxh7Of7C8%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 17:47:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14005&sent=24&recv=19&lost=0&retrans=0&sent_bytes=12562&recv_bytes=6966&delivery_rate=37235&cwnd=12000&unsent_bytes=0&cid=32ecb14b2f25f1e9&ts=365&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript
last-modified
Thu, 02 Jun 2022 16:53:36 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7f78d4080c4242-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script10.js
jp.domain100.ru/
0
696 B
Script
General
Full URL
https://jp.domain100.ru/script10.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"6298eb19-0"
age
67208
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdVOt0mLS1Dd2iLGqIHOQ7Ev6795ZSo%2BJL8wmnLDXbF9o%2Bd9fw8%2F9jfETznYgrqpsvRuXBWae0PqO9QqgvGe2UT0jh9DifGSX6N5M8CU%2FWfEEWWUHQgUAFLRiwj3%2B1z9Pis%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 09:50:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13546&sent=22&recv=17&lost=0&retrans=0&sent_bytes=11815&recv_bytes=6876&delivery_rate=205848&cwnd=12000&unsent_bytes=0&cid=32ecb14b2f25f1e9&ts=362&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript
last-modified
Thu, 02 Jun 2022 16:53:45 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7f78d4080b4242-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
/
ipvertnet.com/1hjo18mf0m/
23 KB
7 KB
Script
General
Full URL
https://ipvertnet.com/1hjo18mf0m/?bid=&sid=28258&rand=0.13341621814643712
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.172.68.8 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),
Reverse DNS
dsde1469-1.fornex.org
Software
nginx /
Resource Hash
34130d05ad9113fb367ffcd79520681ceaf1f450cbd56a7ee695b761d0727d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

strict-transport-security
max-age=31536000;
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
-1
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
/
oritooep.win/wcm/
0
421 B
Script
General
Full URL
https://oritooep.win/wcm/?sh=byrut.org.ru&sth=ff384397b7691e933c80e6f3e511037d&m=009f7c3dc58c132081eada00e43a8332&sid=699_984356_318554174&stime=971.80&curpage=https%3A%2F%2Fbyrut.org.ru%2F0.8072617089995175&rand=0.4506230173543775
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.160 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cache-control
no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
timing-allow-origin
*
pragma
no-cache
accept-ch
Downlink, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version
expires
0
content-length
0
p3p
CP="NON DSP COR CURa TIA"
date
Fri, 25 Oct 2024 04:30:33 GMT
content-type
text/plain;charset=UTF-8
x-msr
TRUE
/
trutheyesstab.com/services/
2 KB
2 KB
Script
General
Full URL
https://trutheyesstab.com/services/?id=147721
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.24 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
cs05.etarg.network
Software
nginx /
Resource Hash
97d2a488ead968657e6f2aa92a7652025b0627be2d1195fb8cc1f0e91dbff189

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Content-Length
1555
Date
Fri, 25 Oct 2024 04:30:33 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
CmsQQitYJScgmjSr65sMopt
cdn.tobipovsem.com/Ps0lZdefX3k9T/
17 KB
7 KB
Script
General
Full URL
https://cdn.tobipovsem.com/Ps0lZdefX3k9T/CmsQQitYJScgmjSr65sMopt?p_id=971&sdl=1&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=byrut.org.ru
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.30 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
noty.info
Software
nginx /
Resource Hash
3864a8610673405328245151ec8ae06f7e0e8b3250de41a9f68614f3b24c04c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Fri, 25 Oct 2024 04:30:33 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.8072617089995175;h404%20Not%20Found;0.2061230047050404
  • https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.8072617089995175;h404%20Not%20Found;0.2061230047050404
140 B
626 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.8072617089995175;h404%20Not%20Found;0.2061230047050404
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
8260d7d211509da6c1bda6cec1b355285fddeb4c352c64aa3f1cf6b0ab97e739
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Pragma
no-cache
Connection
keep-alive
Expires
Wed, 25 Oct 2023 21:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
140
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Fri, 25 Oct 2024 04:30:33 GMT
Content-Type
image/gif
Server
nginx/1.17.9

Redirect headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Location
https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.8072617089995175;h404%20Not%20Found;0.2061230047050404
Pragma
no-cache
Connection
keep-alive
Expires
Wed, 25 Oct 2023 21:00:00 GMT
Content-Length
32
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Fri, 25 Oct 2024 04:30:33 GMT
Content-Type
text/html
Server
nginx/1.17.9
/
track.tobipovsem.com/lctm/
13 B
606 B
Fetch
General
Full URL
https://track.tobipovsem.com/lctm/?action=get_subs
Requested by
Host: cdn.tobipovsem.com
URL: https://cdn.tobipovsem.com/Ps0lZdefX3k9T/CmsQQitYJScgmjSr65sMopt?p_id=971&sdl=1&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=byrut.org.ru
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.116 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Accept-CH
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-Ch-Ua-Form-Factors, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64, Sec-CH-UA-Model, ECT, RTT, Save-Data
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
https://byrut.org.ru
Content-Length
13
Date
Fri, 25 Oct 2024 04:30:33 GMT
Content-Type
application/json; charset=utf-8
Server
nginx
Access-Control-Allow-Headers
Content-Type
18064d61b6f93dab8681a460779b8429-10560-0.7973746114332754.json
ipvertnet.com/vast/
642 B
947 B
XHR
General
Full URL
https://ipvertnet.com/vast/18064d61b6f93dab8681a460779b8429-10560-0.7973746114332754.json?bid=0
Requested by
Host: ipvertnet.com
URL: https://ipvertnet.com/1hjo18mf0m/?bid=&sid=28258&rand=0.13341621814643712
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.172.68.8 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),
Reverse DNS
dsde1469-1.fornex.org
Software
nginx /
Resource Hash
5a2d25787c4955378846ede83b1d5e60f0e207569c8cd22f37a2dddbfcc363f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000;
access-control-max-age
86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache, no-cache
access-control-allow-credentials
true
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
access-control-allow-origin
https://byrut.org.ru
date
Fri, 25 Oct 2024 04:30:34 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx
/
track.analitycs.net/ctmv2/
13 B
606 B
Fetch
General
Full URL
https://track.analitycs.net/ctmv2/?action=get_subs
Requested by
Host: cdn.tobipovsem.com
URL: https://cdn.tobipovsem.com/Ps0lZdefX3k9T/CmsQQitYJScgmjSr65sMopt?p_id=971&sdl=1&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=byrut.org.ru
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.116 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Accept-CH
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-Ch-Ua-Form-Factors, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64, Sec-CH-UA-Model, ECT, RTT, Save-Data
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
https://byrut.org.ru
Content-Length
13
Date
Fri, 25 Oct 2024 04:30:34 GMT
Content-Type
application/json; charset=utf-8
Server
nginx
Access-Control-Allow-Headers
Content-Type
/
ska4at.ru/
Redirect Chain
  • https://byrut.org.ru/cdn-cgi/rum?
  • http://ska4at.ru/
0
0

favicon.ico
byrut.org.ru/
2 KB
1 KB
Other
General
Full URL
https://byrut.org.ru/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.164.86.158 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm1706573.stark-industries.solutions
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4d36837b8f897ae860b92e29096a779354651b0684fad4792d117b2bc9b3be07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/0.8072617089995175

Response headers

Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Date
Fri, 25 Oct 2024 04:30:34 GMT
Content-Type
text/html; charset=utf-8
Server
nginx/1.18.0 (Ubuntu)
arrow.png
s1.tobipovsem.com/img/
1 KB
2 KB
Image
General
Full URL
https://s1.tobipovsem.com/img/arrow.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.177.93.190 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-93-190.ah-server.com
Software
nginx /
Resource Hash
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
max-age=86400
ETag
"60ab978a-5c5"
Accept-CH
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-Ch-Ua-Form-Factors, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64, Sec-CH-UA-Model, ECT, RTT, Save-Data
Connection
keep-alive
Expires
Sat, 26 Oct 2024 04:30:34 GMT
Accept-Ranges
bytes
Content-Length
1477
Date
Fri, 25 Oct 2024 04:30:34 GMT
Content-Type
image/png
Last-Modified
Mon, 24 May 2021 12:09:46 GMT
Server
nginx
nothing5.js
ppimdog.com/wheel/
29 KB
30 KB
Script
General
Full URL
https://ppimdog.com/wheel/nothing5.js?24616a0.6372441080319222
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.68 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
c6941e8da48025772de6e2382e3eb788b3c0d8f68649f05e6d66064bc3912e56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Transfer-Encoding
chunked
Date
Fri, 25 Oct 2024 04:30:34 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
nothing.js
ppimdog.com/wheel/
539 B
881 B
Script
General
Full URL
https://ppimdog.com/wheel/nothing.js?24616&mode=list&u=null&r=0.6680609900593895
Requested by
Host: ppimdog.com
URL: https://ppimdog.com/wheel/nothing5.js?24616a0.6372441080319222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.68 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
e31e064676b3bef231056f96ae65fbf4fa828c8374d2b5fce92107626fa90529

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Content-Length
539
P3P
CP="NON DSP COR CURa TIA"
Date
Fri, 25 Oct 2024 04:30:34 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
vinos.js
bluestacks.ru.net/bens/
76 KB
12 KB
Script
General
Full URL
https://bluestacks.ru.net/bens/vinos.js?23484&v=2&u=null&a=0.09998405805697241
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.8072617089995175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d37777544a5369ebd5a3e414552a550916382f130a092803d41b6bc6716d53a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3l%2BDPZ2WMIwFpx9PWozQEOgybhjLkzGhU%2F0Q1xpwWzzJCPAfH2E%2FH94skrO7vt8QO3fkwqMnXJeKIzjj3uj0BsCY%2BDNeknRmle%2FtXAm1bhOhCvm%2BpU5G4MQnOcQMLNyWqO%2Fcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7f78d91ed10b4a-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13611&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4195&recv_bytes=4404&delivery_rate=41832&cwnd=12000&unsent_bytes=0&cid=ca432572f5551494&ts=97&x=1", cfExtPri, cfHdrFlush;dur=0
p3p
CP="NON DSP COR CURa TIA"
date
Fri, 25 Oct 2024 04:30:34 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
audio.mp3
cs09.ppimdog.com/files/
11 KB
11 KB
XHR
General
Full URL
https://cs09.ppimdog.com/files/audio.mp3?domain=byrut.org.ru
Requested by
Host: ppimdog.com
URL: https://ppimdog.com/wheel/nothing5.js?24616a0.6372441080319222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.11 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
etarg.ru
Software
nginx /
Resource Hash
8f6fe530630792e5d9116987cf1a4f109d4f4ee07ec95f5ca2493a8e59a416ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

ETag
"60944162-2af7"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://byrut.org.ru
Content-Length
10999
Date
Fri, 25 Oct 2024 04:30:34 GMT
Content-Type
audio/mpeg
Last-Modified
Thu, 06 May 2021 19:20:02 GMT
Server
nginx
3480848.jpg
cs11.ppimdog.com/content/60063/
11 KB
11 KB
Image
General
Full URL
https://cs11.ppimdog.com/content/60063/3480848.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
27222c732160a2bbbde170de1841ea7f5af3a3163db90d52b85d025db30bd0f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
public, max-age=28800
ETag
"67126567-2c63"
Connection
keep-alive
Access-Control-Allow-Methods
OPTIONS, POST, GET
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
11363
Date
Fri, 25 Oct 2024 04:30:34 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 18 Oct 2024 13:40:55 GMT
Server
nginx
Access-Control-Allow-Headers
Content-Type
3480848_2.webp
cs11.ppimdog.com/content/60063/
21 KB
21 KB
Image
General
Full URL
https://cs11.ppimdog.com/content/60063/3480848_2.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
d27d8fde4574d14e251dc083a0345ad74228a86b460ca4da1f989a6b68db7465

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
public, max-age=28800
ETag
"67126567-52ce"
Connection
keep-alive
Access-Control-Allow-Methods
OPTIONS, POST, GET
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
21198
Date
Fri, 25 Oct 2024 04:30:34 GMT
Content-Type
image/webp
Last-Modified
Fri, 18 Oct 2024 13:40:55 GMT
Server
nginx
Access-Control-Allow-Headers
Content-Type
truncated
/
479 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f397378ee2e4d4f210d299f975ef8862668f8a80aad53f007ddc9e5447aa9098

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
sprite.svg
cs09.ppimdog.com/files/inpage/
20 KB
21 KB
Image
General
Full URL
https://cs09.ppimdog.com/files/inpage/sprite.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.11 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
etarg.ru
Software
nginx /
Resource Hash
13dbf87dd28bf5ef81ffa7ca883bb2b10ccca4544534a758f55d69808089b7e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
max-age=86400
ETag
"612118fa-50fa"
Connection
keep-alive
Expires
Sat, 26 Oct 2024 04:30:34 GMT
Accept-Ranges
bytes
Content-Length
20730
Date
Fri, 25 Oct 2024 04:30:34 GMT
Content-Type
image/svg+xml
Last-Modified
Sat, 21 Aug 2021 15:17:14 GMT
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ska4at.ru
URL
http://ska4at.ru/

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| hts object| __cfBeacon object| _0xc11e function| _0xe35c string| e31f4f7be2_country string| e31f4f7be2_domain string| e31f4f7be2_path string| e31f4f7be2_file function| _0x3232 function| _0x13fb string| ms_cu_started number| time string| ms_cu_transparent number| ms_cu_timeout string| ms_cu_logactive string| ms_cu_allactions function| setCookie_e31f4f7be2 function| getCookie_e31f4f7be2 function| efe31f4f7be2 number| e31f4f7be2_view_flag number| e31f4f7be2_click_flag number| e31f4f7be2_close_flag object| e31f4f7be2_ims boolean| ms_cu_preclick_only function| efe41f089caf string| cookie_expires object| cuet_options object| system object| _parent object| banner_clases boolean| linux object| main number| cur_time object| _997726831831 object| cd string| dt object| clck_elements string| user_agent boolean| ua_chrome number| cou object| b0 object| items

9 Cookies

Domain/Path Name / Value
byrut.org.ru/ Name: PHPSESSID
Value: ae530a7309d90a3955b82aa6e8660de8
oritooep.win/ Name: mrmn_uid
Value: e04dc0192c6f0b2da26845e24d1a2e21
.yadro.ru/ Name: FTID
Value: 1d6nxf3Bvbuu1d6nxf00132x
.yadro.ru/ Name: VID
Value: 0PT65H2zKMOu1d6nxf001338
.ppimdog.com/ Name: uuid
Value: 17298306348923115172
.byrut.org.ru/ Name: e31f4f7be2_view_1
Value: on
.bluestacks.ru.net/ Name: uuid
Value: 17298306348925208172
.byrut.org.ru/ Name: u_count
Value: %5B0%2C0%5D
byrut.org.ru/ Name: webPush.Interval
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://byrut.org.ru/0.8072617089995175
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://byrut.org.ru/0.8072617089995175
Message:
Mixed Content: The page at 'https://byrut.org.ru/0.8072617089995175' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://ska4at.ru/'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://byrut.org.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other error URL: https://byrut.org.ru/0.8072617089995175
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bluestacks.ru.net
byrut.org.ru
cdn.tobipovsem.com
counter.yadro.ru
cs09.ppimdog.com
cs11.ppimdog.com
ipvertnet.com
jp.domain100.ru
oritooep.win
ppimdog.com
s1.tobipovsem.com
ska4at.ru
track.analitycs.net
track.tobipovsem.com
trutheyesstab.com
ska4at.ru
172.67.195.13
185.177.93.190
188.114.97.3
193.200.64.160
193.200.64.24
193.200.65.11
193.200.65.116
193.200.65.13
193.200.65.30
193.200.65.68
31.172.68.8
88.212.201.198
95.164.86.158
0a28aa2b0099fed75392c65e051e0f2e3e871e42a5e577bc80e76c566864458a
0d37777544a5369ebd5a3e414552a550916382f130a092803d41b6bc6716d53a
13dbf87dd28bf5ef81ffa7ca883bb2b10ccca4544534a758f55d69808089b7e0
27222c732160a2bbbde170de1841ea7f5af3a3163db90d52b85d025db30bd0f5
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684
34130d05ad9113fb367ffcd79520681ceaf1f450cbd56a7ee695b761d0727d5f
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96
384430573c631fd252baba6e91496351952eff6a215560289812f2ad3e69d779
3864a8610673405328245151ec8ae06f7e0e8b3250de41a9f68614f3b24c04c2
4d36837b8f897ae860b92e29096a779354651b0684fad4792d117b2bc9b3be07
5a2d25787c4955378846ede83b1d5e60f0e207569c8cd22f37a2dddbfcc363f5
8260d7d211509da6c1bda6cec1b355285fddeb4c352c64aa3f1cf6b0ab97e739
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8f456cdd3c95fbe8f61f43b80001d67ecd3c3af89d1b5ecd8390d3371d50864c
8f6fe530630792e5d9116987cf1a4f109d4f4ee07ec95f5ca2493a8e59a416ea
95067891d6d9882e8e50e5df42c7d17a8a98c765a6cfcce14682f956f1fe5e1b
97d2a488ead968657e6f2aa92a7652025b0627be2d1195fb8cc1f0e91dbff189
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cca5f50531d3ecbcfb6dafcca5cd46dfd5d4c11f57c26e27c6fe5293c11c3fe
c6941e8da48025772de6e2382e3eb788b3c0d8f68649f05e6d66064bc3912e56
d27d8fde4574d14e251dc083a0345ad74228a86b460ca4da1f989a6b68db7465
e31e064676b3bef231056f96ae65fbf4fa828c8374d2b5fce92107626fa90529
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edffceb7b22abd431a5605fd61bf4f71021bdf7d47f21486cab33861c9061ec4
f397378ee2e4d4f210d299f975ef8862668f8a80aad53f007ddc9e5447aa9098