Submitted URL: http://byrut.org.ru/0.6114289077267572
Effective URL: https://byrut.org.ru/0.6114289077267572
Submission: On October 26 via api from US — Scanned from NL

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 30 HTTP transactions. The main IP is 95.164.86.158, located in Meppel, Netherlands and belongs to STARK-INDUSTRIES, GB. The main domain is byrut.org.ru.
TLS certificate: Issued by R11 on October 15th 2024. Valid for: 3 months.
This is the only time byrut.org.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 95.164.86.158 44477 (STARK-IND...)
10 104.21.49.218 13335 (CLOUDFLAR...)
2 31.172.68.8 44051 (FORNEX-AS)
1 193.200.64.159 6681 (GIVEME-CLOUD)
1 193.200.64.24 6681 (GIVEME-CLOUD)
1 193.200.65.30 6681 (GIVEME-CLOUD)
1 2 88.212.201.204 39134 (UNITEDNET)
2 193.200.65.116 6681 (GIVEME-CLOUD)
1 185.177.93.190 39572 (ADVANCEDH...)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 193.200.65.68 6681 (GIVEME-CLOUD)
4 193.200.65.13 6681 (GIVEME-CLOUD)
30 13
Apex Domain
Subdomains
Transfer
10 domain100.ru
jp.domain100.ru
7 KB
6 ppimdog.com
ppimdog.com
cs11.ppimdog.com
106 KB
3 tobipovsem.com
cdn.tobipovsem.com — Cisco Umbrella Rank: 574186
track.tobipovsem.com — Cisco Umbrella Rank: 621956
s1.tobipovsem.com
9 KB
3 org.ru
byrut.org.ru
10 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 15187
1 KB
2 ipvertnet.com
ipvertnet.com — Cisco Umbrella Rank: 416495
8 KB
1 ru.net
bluestacks.ru.net
12 KB
1 analitycs.net
track.analitycs.net — Cisco Umbrella Rank: 277520
606 B
1 trutheyesstab.com
trutheyesstab.com
2 KB
1 oritooep.win
oritooep.win — Cisco Umbrella Rank: 648178
422 B
0 ska4at.ru Failed
ska4at.ru Failed
30 11
Domain Requested by
10 jp.domain100.ru byrut.org.ru
4 cs11.ppimdog.com ppimdog.com
3 byrut.org.ru byrut.org.ru
2 ppimdog.com jp.domain100.ru
ppimdog.com
2 counter.yadro.ru 1 redirects byrut.org.ru
2 ipvertnet.com jp.domain100.ru
ipvertnet.com
1 bluestacks.ru.net byrut.org.ru
1 s1.tobipovsem.com byrut.org.ru
1 track.analitycs.net cdn.tobipovsem.com
1 track.tobipovsem.com cdn.tobipovsem.com
1 cdn.tobipovsem.com jp.domain100.ru
1 trutheyesstab.com jp.domain100.ru
1 oritooep.win jp.domain100.ru
0 ska4at.ru Failed
30 14

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
byrut.org.ru
R11
2024-10-15 -
2025-01-13
3 months crt.sh
domain100.ru
WE1
2024-09-18 -
2024-12-17
3 months crt.sh
vivarevasta.top
E6
2024-09-05 -
2024-12-04
3 months crt.sh
oritooep.win
R10
2024-09-11 -
2024-12-10
3 months crt.sh
trutheyesstab.com
R11
2024-10-03 -
2025-01-01
3 months crt.sh
tobipovsem.com
R11
2024-09-10 -
2024-12-09
3 months crt.sh
analitycs.net
R11
2024-10-16 -
2025-01-14
3 months crt.sh
bluestacks.ru.net
WE1
2024-09-19 -
2024-12-18
3 months crt.sh
ppimdog.com
R10
2024-10-03 -
2025-01-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://byrut.org.ru/0.6114289077267572
Frame ID: 8DF6EC76D50374A14BEB639AFFD784D5
Requests: 32 HTTP requests in this frame

Screenshot

Page Title

404 Not Found

Page URL History Show full URLs

  1. http://byrut.org.ru/0.6114289077267572 HTTP 307
    https://byrut.org.ru/0.6114289077267572 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->

Page Statistics

30
Requests

93 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

13
IPs

4
Countries

154 kB
Transfer

251 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://byrut.org.ru/0.6114289077267572 HTTP 307
    https://byrut.org.ru/0.6114289077267572 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://counter.yadro.ru/hit?t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.6114289077267572;h404%20Not%20Found;0.9703179954358783 HTTP 302
  • https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.6114289077267572;h404%20Not%20Found;0.9703179954358783
Request Chain 21
  • https://byrut.org.ru/cdn-cgi/rum HTTP 0
  • http://ska4at.ru/

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 0.6114289077267572
byrut.org.ru/
Redirect Chain
  • http://byrut.org.ru/0.6114289077267572
  • https://byrut.org.ru/0.6114289077267572
2 KB
1 KB
Document
General
Full URL
https://byrut.org.ru/0.6114289077267572
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.164.86.158 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm1706573.stark-industries.solutions
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ae7b08b41183e467ba85c584b99762a02acb423ff27e6a66610349390b0ba1b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 26 Oct 2024 15:33:30 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Location
https://byrut.org.ru/0.6114289077267572
Non-Authoritative-Reason
HttpsUpgrades
vcd15cbe7772f49c399c6a5babf22c1241717689176015
byrut.org.ru/o__static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://byrut.org.ru/o__static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.164.86.158 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm1706573.stark-industries.solutions
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://byrut.org.ru
Referer
https://byrut.org.ru/0.6114289077267572

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Date
Sat, 26 Oct 2024 15:33:30 GMT
Content-Type
text/javascript;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
script1.js
jp.domain100.ru/
343 B
925 B
Script
General
Full URL
https://jp.domain100.ru/script1.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384430573c631fd252baba6e91496351952eff6a215560289812f2ad3e69d779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"65aa761b-157"
age
20554
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbAUdRF6bS61KqGk5iioKvJiwHUM9qGt8whDRByL9GMebgYYIL18HG%2BH6823xR2W74LtckVOXZRyxJdRwmUqVMesnI%2FFLM6x7BigCtGMd1vjxH2O1i%2FKPYO82LglYkBBVCM%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 27 Oct 2024 09:50:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12129&sent=10&recv=20&lost=0&retrans=0&sent_bytes=4012&recv_bytes=2764&delivery_rate=313738&cwnd=254&unsent_bytes=0&cid=0b7678caea580157&ts=43&x=0"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript
last-modified
Fri, 19 Jan 2024 13:16:11 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8b8150da40b8e8-AMS
server
cloudflare
script2.js
jp.domain100.ru/
1002 B
940 B
Script
General
Full URL
https://jp.domain100.ru/script2.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cca5f50531d3ecbcfb6dafcca5cd46dfd5d4c11f57c26e27c6fe5293c11c3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66d9f856-3ea"
age
20554
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAK%2FoS7uNbpEmtIystcu9%2BhCdzAKlpyX3uQJF1MZ0m7W8QIRRCluuBwpG5tZ7KEIp6LTKmgvYQOdZgZHv4BBxl5Iw47RxtBOC%2BHvbwE6oNJWMwv72%2BPTBcuAwPFCrkG2iSQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 27 Oct 2024 09:50:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12129&sent=16&recv=20&lost=0&retrans=0&sent_bytes=6379&recv_bytes=2764&delivery_rate=313738&cwnd=254&unsent_bytes=0&cid=0b7678caea580157&ts=45&x=0"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 18:28:38 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8b8150da42b8e8-AMS
server
cloudflare
script3.js
jp.domain100.ru/
954 B
817 B
Script
General
Full URL
https://jp.domain100.ru/script3.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edffceb7b22abd431a5605fd61bf4f71021bdf7d47f21486cab33861c9061ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6718c637-3ba"
age
20554
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJlaJ1q8CI1PNIW8IQLxXPKLoOZ1RSCakSq0LyMpgQ5Zjx14PHGSCx34d%2FObo8UWA0PHsad3ZKqaWCDYWMAqeQP9kxxNbqslNb3IQeQZYehJWsm3Ci%2BpgPO5r3sSNdSJ2uk%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 27 Oct 2024 09:50:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12129&sent=23&recv=20&lost=0&retrans=0&sent_bytes=8966&recv_bytes=2764&delivery_rate=313738&cwnd=254&unsent_bytes=0&cid=0b7678caea580157&ts=52&x=0"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 09:47:35 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8b8150ea4eb8e8-AMS
server
cloudflare
script4.js
jp.domain100.ru/
0
432 B
Script
General
Full URL
https://jp.domain100.ru/script4.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"633d5643-0"
age
20554
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2F6kxNyYHGByJ6cBnuXFist9yAyuDood%2BTkAHTdHaw%2FYLr2tcm6KQyHQCdnXv9DSzNWsskqw7gv3DmVRpgHkF%2FiIXJnDMPAHJWsS%2FunVKa71QszBidjxSge%2FbfEJ7UiN5og%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 27 Oct 2024 09:50:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12129&sent=13&recv=20&lost=0&retrans=0&sent_bytes=5003&recv_bytes=2764&delivery_rate=313738&cwnd=254&unsent_bytes=0&cid=0b7678caea580157&ts=43&x=0"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript
last-modified
Wed, 05 Oct 2022 10:02:43 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8b8150da39b8e8-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script5.js
jp.domain100.ru/
623 B
868 B
Script
General
Full URL
https://jp.domain100.ru/script5.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a28aa2b0099fed75392c65e051e0f2e3e871e42a5e577bc80e76c566864458a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e1a33a-26f"
age
79531
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZaInpdkm0kjndCPp6zEhFafTqGXh8ThtQ3hKVAjXE96NQ3afnn81Td0TQ0tSwteiGASH0ad1691s9rmAps%2F5vwh9jGO87TO8gH9ikFZOAe7GHuOXqVrQYk%2BeQ6PQuvQpZbc%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 17:27:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12129&sent=20&recv=20&lost=0&retrans=0&sent_bytes=8032&recv_bytes=2764&delivery_rate=313738&cwnd=254&unsent_bytes=0&cid=0b7678caea580157&ts=49&x=0"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 14:03:38 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8b8150da47b8e8-AMS
server
cloudflare
script6.js
jp.domain100.ru/
372 B
713 B
Script
General
Full URL
https://jp.domain100.ru/script6.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f456cdd3c95fbe8f61f43b80001d67ecd3c3af89d1b5ecd8390d3371d50864c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e3272c-174"
age
20554
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDreB%2FYhbxUDU32ocElFZ3x0wYjs4Khk%2FdzUNy8oE6%2FzsVxDOFnF%2BIpsEnGkBmLLxiENmybTBzIivag1ZXi6bwjW43Ge320bcn4iNlg%2BleKGz5FqSGzk9DBVOn7BR6WhHF4%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 27 Oct 2024 09:50:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12129&sent=25&recv=20&lost=0&retrans=0&sent_bytes=9849&recv_bytes=2764&delivery_rate=313738&cwnd=254&unsent_bytes=0&cid=0b7678caea580157&ts=54&x=0"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript
last-modified
Thu, 12 Sep 2024 17:38:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8b8150da3cb8e8-AMS
server
cloudflare
script7.js
jp.domain100.ru/
0
426 B
Script
General
Full URL
https://jp.domain100.ru/script7.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"66db336e-0"
age
20554
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOdsh13VIEc29s70VF%2B%2B6XZ3j1je8y6p%2BzYlapjSBNCS6NCrsOqb66eesArVJtm4FqAMkeNF16BSOlJkbifsi17OfT9Lv4%2F%2FZY75XbUqWttsS%2B7aXZhiEu%2BTbP5Xsz%2BWQog%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 27 Oct 2024 09:50:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12129&sent=15&recv=20&lost=0&retrans=0&sent_bytes=5931&recv_bytes=2764&delivery_rate=313738&cwnd=254&unsent_bytes=0&cid=0b7678caea580157&ts=44&x=0"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript
last-modified
Fri, 06 Sep 2024 16:53:02 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8b8150da45b8e8-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script8.js
jp.domain100.ru/
0
625 B
Script
General
Full URL
https://jp.domain100.ru/script8.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"6298eb08-0"
age
20554
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DyRcvelOBktEC7bjjAgEDAg%2BH2a8r3bWRH6sHr1faruPoAXUJACR7TDUtTsgZlQ%2FkakCeAuIDwrjEhhKfPGEU7kwefsbIFAUEhLaJdjkL8jORDDNffPXSVAUBU6QzYg8zts%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 27 Oct 2024 09:50:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12129&sent=19&recv=20&lost=0&retrans=0&sent_bytes=7385&recv_bytes=2764&delivery_rate=313738&cwnd=254&unsent_bytes=0&cid=0b7678caea580157&ts=45&x=0"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript
last-modified
Thu, 02 Jun 2022 16:53:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8b8150da48b8e8-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script9.js
jp.domain100.ru/
0
452 B
Script
General
Full URL
https://jp.domain100.ru/script9.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"6298eb10-0"
age
78346
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvY8HzvFg2K6kK9J30RQHl5%2BJPlp6%2FHDN7t3Na653dUwL8L0xDA8ZkQlzWOfjjFb%2FQVK%2FErw%2Bqok4Qb3PBC2mjaxIBVSTM2U7UiA5DwT2E9EtiUynpx6S8rsXbxiwldRdJ0%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 17:47:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12129&sent=14&recv=20&lost=0&retrans=0&sent_bytes=5457&recv_bytes=2764&delivery_rate=313738&cwnd=254&unsent_bytes=0&cid=0b7678caea580157&ts=44&x=0"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript
last-modified
Thu, 02 Jun 2022 16:53:36 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8b8150da3fb8e8-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script10.js
jp.domain100.ru/
0
458 B
Script
General
Full URL
https://jp.domain100.ru/script10.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"6298eb19-0"
age
20537
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=voykjZ1rj8HWKVKOjdKyuu3KszmkeobDSPKy9WcEItl8AXIoYHru%2BtOlo97P55X7IS1w7STaGzWKn26570wGFQ3h0Eco7QsU5ogi55PN2SP%2BRoVCJZqb8G%2B%2BRu%2FSwQc2jo4%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 27 Oct 2024 09:51:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12072&sent=28&recv=30&lost=0&retrans=0&sent_bytes=10628&recv_bytes=2764&delivery_rate=874109&cwnd=257&unsent_bytes=0&cid=0b7678caea580157&ts=58&x=0"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript
last-modified
Thu, 02 Jun 2022 16:53:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8b8150ea50b8e8-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
/
ipvertnet.com/1hjo18mf0m/
23 KB
7 KB
Script
General
Full URL
https://ipvertnet.com/1hjo18mf0m/?bid=&sid=28258&rand=0.9174498290591349
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.172.68.8 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),
Reverse DNS
dsde1469-1.fornex.org
Software
nginx /
Resource Hash
34130d05ad9113fb367ffcd79520681ceaf1f450cbd56a7ee695b761d0727d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

strict-transport-security
max-age=31536000;
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
-1
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
/
oritooep.win/wcm/
0
422 B
Script
General
Full URL
https://oritooep.win/wcm/?sh=byrut.org.ru&sth=ff384397b7691e933c80e6f3e511037d&m=009f7c3dc58c132081eada00e43a8332&sid=564_624460_365804949&stime=1160.10&curpage=https%3A%2F%2Fbyrut.org.ru%2F0.6114289077267572&rand=0.911330839250454
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.159 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cache-control
no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
timing-allow-origin
*
pragma
no-cache
accept-ch
Downlink, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version
expires
0
content-length
0
p3p
CP="NON DSP COR CURa TIA"
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
text/plain;charset=UTF-8
x-msr
TRUE
/
trutheyesstab.com/services/
1 KB
2 KB
Script
General
Full URL
https://trutheyesstab.com/services/?id=147721
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.24 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
cs05.etarg.network
Software
nginx /
Resource Hash
f377f1f6524290cd069b0918efe571fe19c81902fe6d31a7f9e29d36367b28ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Content-Length
1489
Date
Sat, 26 Oct 2024 15:33:30 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
CmsQQitYJScgmjSr65sMopt
cdn.tobipovsem.com/Ps0lZdefX3k9T/
17 KB
7 KB
Script
General
Full URL
https://cdn.tobipovsem.com/Ps0lZdefX3k9T/CmsQQitYJScgmjSr65sMopt?p_id=971&sdl=1&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=byrut.org.ru
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.30 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
noty.info
Software
nginx /
Resource Hash
685e8a5a75eb99e2c0792305a924b44cd8a932e9beff5a6601f55ca97c2f6255

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Sat, 26 Oct 2024 15:33:30 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.6114289077267572;h404%20Not%20Found;0.9703179954358783
  • https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.6114289077267572;h404%20Not%20Found;0.9703179954358783
140 B
626 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.6114289077267572;h404%20Not%20Found;0.9703179954358783
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
8260d7d211509da6c1bda6cec1b355285fddeb4c352c64aa3f1cf6b0ab97e739
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 26 Oct 2023 21:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
140
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Sat, 26 Oct 2024 15:33:30 GMT
Content-Type
image/gif
Server
nginx/1.17.9

Redirect headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Location
https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.6114289077267572;h404%20Not%20Found;0.9703179954358783
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 26 Oct 2023 21:00:00 GMT
Content-Length
32
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Sat, 26 Oct 2024 15:33:30 GMT
Content-Type
text/html
Server
nginx/1.17.9
/
track.tobipovsem.com/lctm/
13 B
606 B
Fetch
General
Full URL
https://track.tobipovsem.com/lctm/?action=get_subs
Requested by
Host: cdn.tobipovsem.com
URL: https://cdn.tobipovsem.com/Ps0lZdefX3k9T/CmsQQitYJScgmjSr65sMopt?p_id=971&sdl=1&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=byrut.org.ru
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.116 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Accept-CH
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-Ch-Ua-Form-Factors, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64, Sec-CH-UA-Model, ECT, RTT, Save-Data
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
https://byrut.org.ru
Content-Length
13
Date
Sat, 26 Oct 2024 15:33:30 GMT
Content-Type
application/json; charset=utf-8
Server
nginx
Access-Control-Allow-Headers
Content-Type
/
track.analitycs.net/ctmv2/
13 B
606 B
Fetch
General
Full URL
https://track.analitycs.net/ctmv2/?action=get_subs
Requested by
Host: cdn.tobipovsem.com
URL: https://cdn.tobipovsem.com/Ps0lZdefX3k9T/CmsQQitYJScgmjSr65sMopt?p_id=971&sdl=1&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=byrut.org.ru
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.116 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Accept-CH
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-Ch-Ua-Form-Factors, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64, Sec-CH-UA-Model, ECT, RTT, Save-Data
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
https://byrut.org.ru
Content-Length
13
Date
Sat, 26 Oct 2024 15:33:30 GMT
Content-Type
application/json; charset=utf-8
Server
nginx
Access-Control-Allow-Headers
Content-Type
18064d61b6f93dab8681a460779b8429-10560-0.6485302166911571.json
ipvertnet.com/vast/
642 B
945 B
XHR
General
Full URL
https://ipvertnet.com/vast/18064d61b6f93dab8681a460779b8429-10560-0.6485302166911571.json?bid=0
Requested by
Host: ipvertnet.com
URL: https://ipvertnet.com/1hjo18mf0m/?bid=&sid=28258&rand=0.9174498290591349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.172.68.8 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),
Reverse DNS
dsde1469-1.fornex.org
Software
nginx /
Resource Hash
3ef739aa7f2ca769f12c057a7a1858b59247bc481e36ae640089c0dca41a50c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000;
access-control-max-age
86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache, no-cache
access-control-allow-credentials
true
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
access-control-allow-origin
https://byrut.org.ru
date
Sat, 26 Oct 2024 15:33:30 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx
arrow.png
s1.tobipovsem.com/img/
1 KB
2 KB
Image
General
Full URL
https://s1.tobipovsem.com/img/arrow.png
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.177.93.190 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-93-190.ah-server.com
Software
nginx /
Resource Hash
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
max-age=86400
ETag
"60ab978a-5c5"
Accept-CH
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-Ch-Ua-Form-Factors, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64, Sec-CH-UA-Model, ECT, RTT, Save-Data
Connection
keep-alive
Expires
Sun, 27 Oct 2024 15:33:30 GMT
Accept-Ranges
bytes
Content-Length
1477
Date
Sat, 26 Oct 2024 15:33:30 GMT
Content-Type
image/png
Last-Modified
Mon, 24 May 2021 12:09:46 GMT
Server
nginx
/
ska4at.ru/
Redirect Chain
  • https://byrut.org.ru/cdn-cgi/rum?
  • http://ska4at.ru/
0
0

favicon.ico
byrut.org.ru/
2 KB
1 KB
Other
General
Full URL
https://byrut.org.ru/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.164.86.158 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm1706573.stark-industries.solutions
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
194e5c957a46fc0ca7d12a27b39c7130da5900b67a98c78ae873d98d13a1f013

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/0.6114289077267572

Response headers

Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Date
Sat, 26 Oct 2024 15:33:31 GMT
Content-Type
text/html; charset=utf-8
Server
nginx/1.18.0 (Ubuntu)
vinos.js
bluestacks.ru.net/bens/
76 KB
12 KB
Script
General
Full URL
https://bluestacks.ru.net/bens/vinos.js?23484&v=2&u=null&a=0.3714080910150146
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.6114289077267572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cffcde8efd5f27813accd3990621232a5aeb1cf12ad0960bce88b98a1f89d09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RaK5tbXw0dmDkIvLfiiTEZ9Up4HTQ2qIpoabBBh6eirnkp%2F%2FugHF6Mlo5UUyHpK7yhtsC8KhVb%2FBFBHMkyu1yPetxF4KX6tYfFU7TtuHr8Aj6PHzmQFSQTt6Z5sHIXxXveyvjA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8b81553c699f87-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19917&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4218&recv_bytes=4447&delivery_rate=736&cwnd=12000&unsent_bytes=0&cid=fd8881c15f18e52a&ts=91&x=1", cfExtPri, cfHdrFlush;dur=0
p3p
CP="NON DSP COR CURa TIA"
date
Sat, 26 Oct 2024 15:33:31 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
morning5.js
ppimdog.com/friend/
29 KB
30 KB
Script
General
Full URL
https://ppimdog.com/friend/morning5.js?24616a0.6300065928861216
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.68 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
6c04d9d128380b76db2d445c1e348484ff0988c484aff54fdd9ffed24529f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Transfer-Encoding
chunked
Date
Sat, 26 Oct 2024 15:33:30 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
morning.js
ppimdog.com/friend/
532 B
874 B
Script
General
Full URL
https://ppimdog.com/friend/morning.js?24616&mode=list&u=null&r=0.48018664340174744
Requested by
Host: ppimdog.com
URL: https://ppimdog.com/friend/morning5.js?24616a0.6300065928861216
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.68 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
a9f8810346b74aa11475e5c4887426655947814349a0d73ebe6754abd3623eb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Content-Length
532
P3P
CP="NON DSP COR CURa TIA"
Date
Sat, 26 Oct 2024 15:33:31 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
audio.mp3
cs11.ppimdog.com/files/
11 KB
11 KB
XHR
General
Full URL
https://cs11.ppimdog.com/files/audio.mp3?domain=byrut.org.ru
Requested by
Host: ppimdog.com
URL: https://ppimdog.com/friend/morning5.js?24616a0.6300065928861216
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
8f6fe530630792e5d9116987cf1a4f109d4f4ee07ec95f5ca2493a8e59a416ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

ETag
"60944162-2af7"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://byrut.org.ru
Content-Length
10999
Date
Sat, 26 Oct 2024 15:33:31 GMT
Content-Type
audio/mpeg
Last-Modified
Thu, 06 May 2021 19:20:02 GMT
Server
nginx
3480846.jpg
cs11.ppimdog.com/content/60067/
12 KB
13 KB
Image
General
Full URL
https://cs11.ppimdog.com/content/60067/3480846.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
24e21f0e2012dc892a3cd38d265ee23fce2282f17f22f3216deb21592b3b21e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
public, max-age=28800
ETag
"6712639f-3157"
Connection
keep-alive
Access-Control-Allow-Methods
OPTIONS, POST, GET
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
12631
Date
Sat, 26 Oct 2024 15:33:31 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 18 Oct 2024 13:33:19 GMT
Server
nginx
Access-Control-Allow-Headers
Content-Type
3480846_2.webp
cs11.ppimdog.com/content/60067/
30 KB
31 KB
Image
General
Full URL
https://cs11.ppimdog.com/content/60067/3480846_2.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
9e881b0c264bfd014a94404f469c0b0173041935840e273d40cf139a1741b4c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
public, max-age=28800
ETag
"6712639f-7988"
Connection
keep-alive
Access-Control-Allow-Methods
OPTIONS, POST, GET
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
31112
Date
Sat, 26 Oct 2024 15:33:31 GMT
Content-Type
image/webp
Last-Modified
Fri, 18 Oct 2024 13:33:19 GMT
Server
nginx
Access-Control-Allow-Headers
Content-Type
truncated
/
479 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f397378ee2e4d4f210d299f975ef8862668f8a80aad53f007ddc9e5447aa9098

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
sprite.svg
cs11.ppimdog.com/files/inpage/
20 KB
21 KB
Image
General
Full URL
https://cs11.ppimdog.com/files/inpage/sprite.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
13dbf87dd28bf5ef81ffa7ca883bb2b10ccca4544534a758f55d69808089b7e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
max-age=86400
ETag
"612118fa-50fa"
Connection
keep-alive
Expires
Sun, 27 Oct 2024 15:33:31 GMT
Accept-Ranges
bytes
Content-Length
20730
Date
Sat, 26 Oct 2024 15:33:31 GMT
Content-Type
image/svg+xml
Last-Modified
Sat, 21 Aug 2021 15:17:14 GMT
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ska4at.ru
URL
http://ska4at.ru/

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| hts object| _0xc50e function| _0xe13c string| e31f4f7be2_country string| e31f4f7be2_domain string| e31f4f7be2_path string| e31f4f7be2_file object| __cfBeacon function| _0x3232 function| _0x13fb string| ms_cu_started number| time string| ms_cu_transparent number| ms_cu_timeout string| ms_cu_logactive string| ms_cu_allactions boolean| ms_cu_preclick_only function| setCookie_e31f4f7be2 function| getCookie_e31f4f7be2 function| efe31f4f7be2 number| e31f4f7be2_view_flag number| e31f4f7be2_click_flag number| e31f4f7be2_close_flag object| e31f4f7be2_ims function| efe41f089caf string| cookie_expires object| cuet_options object| system object| _parent object| banner_clases boolean| linux object| main number| cur_time object| _997726831831 object| cd string| dt object| clck_elements string| user_agent boolean| ua_chrome number| cou object| b0 object| items

9 Cookies

Domain/Path Name / Value
byrut.org.ru/ Name: PHPSESSID
Value: 6132fb6e6ac4fb1cf9970f828b1db4fb
oritooep.win/ Name: mrmn_uid
Value: 1f0bc1fac2a036bd91fb81e0a65006b6
.yadro.ru/ Name: FTID
Value: 1d7GlA2CzGeu1d7GlA002Muv
.yadro.ru/ Name: VID
Value: 0WUHga1H1heu1d7GlA002MvP
.ppimdog.com/ Name: uuid
Value: 17299568106829674172
.byrut.org.ru/ Name: e31f4f7be2_view_1
Value: on
.bluestacks.ru.net/ Name: uuid
Value: 17299568115694616172
.byrut.org.ru/ Name: u_count
Value: %5B0%2C0%5D
byrut.org.ru/ Name: webPush.Interval
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://byrut.org.ru/0.6114289077267572
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://byrut.org.ru/0.6114289077267572
Message:
Mixed Content: The page at 'https://byrut.org.ru/0.6114289077267572' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://ska4at.ru/'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://byrut.org.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other error URL: https://byrut.org.ru/0.6114289077267572
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bluestacks.ru.net
byrut.org.ru
cdn.tobipovsem.com
counter.yadro.ru
cs11.ppimdog.com
ipvertnet.com
jp.domain100.ru
oritooep.win
ppimdog.com
s1.tobipovsem.com
ska4at.ru
track.analitycs.net
track.tobipovsem.com
trutheyesstab.com
ska4at.ru
104.21.49.218
185.177.93.190
188.114.96.3
193.200.64.159
193.200.64.24
193.200.65.116
193.200.65.13
193.200.65.30
193.200.65.68
31.172.68.8
88.212.201.204
95.164.86.158
0a28aa2b0099fed75392c65e051e0f2e3e871e42a5e577bc80e76c566864458a
13dbf87dd28bf5ef81ffa7ca883bb2b10ccca4544534a758f55d69808089b7e0
194e5c957a46fc0ca7d12a27b39c7130da5900b67a98c78ae873d98d13a1f013
24e21f0e2012dc892a3cd38d265ee23fce2282f17f22f3216deb21592b3b21e6
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684
34130d05ad9113fb367ffcd79520681ceaf1f450cbd56a7ee695b761d0727d5f
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96
384430573c631fd252baba6e91496351952eff6a215560289812f2ad3e69d779
3ef739aa7f2ca769f12c057a7a1858b59247bc481e36ae640089c0dca41a50c0
685e8a5a75eb99e2c0792305a924b44cd8a932e9beff5a6601f55ca97c2f6255
6c04d9d128380b76db2d445c1e348484ff0988c484aff54fdd9ffed24529f1df
8260d7d211509da6c1bda6cec1b355285fddeb4c352c64aa3f1cf6b0ab97e739
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8cffcde8efd5f27813accd3990621232a5aeb1cf12ad0960bce88b98a1f89d09
8f456cdd3c95fbe8f61f43b80001d67ecd3c3af89d1b5ecd8390d3371d50864c
8f6fe530630792e5d9116987cf1a4f109d4f4ee07ec95f5ca2493a8e59a416ea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cca5f50531d3ecbcfb6dafcca5cd46dfd5d4c11f57c26e27c6fe5293c11c3fe
9e881b0c264bfd014a94404f469c0b0173041935840e273d40cf139a1741b4c8
a9f8810346b74aa11475e5c4887426655947814349a0d73ebe6754abd3623eb2
ae7b08b41183e467ba85c584b99762a02acb423ff27e6a66610349390b0ba1b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edffceb7b22abd431a5605fd61bf4f71021bdf7d47f21486cab33861c9061ec4
f377f1f6524290cd069b0918efe571fe19c81902fe6d31a7f9e29d36367b28ea
f397378ee2e4d4f210d299f975ef8862668f8a80aad53f007ddc9e5447aa9098