Submitted URL: http://byrut.org.ru/0.9592478416231067
Effective URL: https://byrut.org.ru/0.9592478416231067
Submission: On November 17 via api from US — Scanned from NL

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 28 HTTP transactions. The main IP is 95.164.86.158, located in Meppel, Netherlands and belongs to STARK-INDUSTRIES STARK INDUSTRIES SOLUTIONS LTD, GB. The main domain is byrut.org.ru.
TLS certificate: Issued by R11 on October 15th 2024. Valid for: 3 months.
This is the only time byrut.org.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 95.164.86.158 44477 (STARK-IND...)
10 104.21.49.218 13335 (CLOUDFLAR...)
2 31.172.68.8 44051 (FORNEX-AS...)
1 193.200.64.159 6681 (giveme-cl...)
1 193.200.64.24 6681 (giveme-cl...)
1 193.200.65.30 6681 (giveme-cl...)
1 2 88.212.202.52 39134 (UNITEDNET...)
2 193.200.65.116 6681 (giveme-cl...)
1 185.177.93.190 39572 (ADVANCEDH...)
2 193.200.65.68 6681 (giveme-cl...)
4 193.200.65.13 6681 (giveme-cl...)
28 12
Apex Domain
Subdomains
Transfer
10 domain100.ru
jp.domain100.ru
9 KB
6 ppimdog.com
ppimdog.com — Cisco Umbrella Rank: 414001
cs11.ppimdog.com
97 KB
3 tobipovsem.com
cdn.tobipovsem.com — Cisco Umbrella Rank: 704442
track.tobipovsem.com — Cisco Umbrella Rank: 797401
s1.tobipovsem.com
9 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 15372
1 KB
2 ipvertnet.com
ipvertnet.com — Cisco Umbrella Rank: 437918
8 KB
2 org.ru
byrut.org.ru
9 KB
1 analitycs.net
track.analitycs.net — Cisco Umbrella Rank: 255615
351 B
1 trutheyesstab.com
trutheyesstab.com — Cisco Umbrella Rank: 637927
2 KB
1 oritooep.win
oritooep.win — Cisco Umbrella Rank: 465910
545 B
0 ska4at.ru Failed
ska4at.ru Failed
28 10
Domain Requested by
10 jp.domain100.ru byrut.org.ru
4 cs11.ppimdog.com ppimdog.com
2 ppimdog.com jp.domain100.ru
ppimdog.com
2 counter.yadro.ru 1 redirects byrut.org.ru
2 ipvertnet.com jp.domain100.ru
ipvertnet.com
2 byrut.org.ru byrut.org.ru
1 s1.tobipovsem.com
1 track.analitycs.net cdn.tobipovsem.com
1 track.tobipovsem.com cdn.tobipovsem.com
1 cdn.tobipovsem.com jp.domain100.ru
1 trutheyesstab.com jp.domain100.ru
1 oritooep.win jp.domain100.ru
0 ska4at.ru Failed
28 13

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
byrut.org.ru
R11
2024-10-15 -
2025-01-13
3 months crt.sh
domain100.ru
WE1
2024-11-16 -
2025-02-14
3 months crt.sh
covivado.club
E5
2024-11-01 -
2025-01-30
3 months crt.sh
oritooep.win
R11
2024-11-10 -
2025-02-08
3 months crt.sh
trutheyesstab.com
R11
2024-10-03 -
2025-01-01
3 months crt.sh
tobipovsem.com
R11
2024-09-10 -
2024-12-09
3 months crt.sh
analitycs.net
R11
2024-10-16 -
2025-01-14
3 months crt.sh
ppimdog.com
R10
2024-10-03 -
2025-01-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://byrut.org.ru/0.9592478416231067
Frame ID: 3834ABCE33FAC3382CFE4882CA2AE45C
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

404 Not Found

Page URL History Show full URLs

  1. http://byrut.org.ru/0.9592478416231067 HTTP 307
    https://byrut.org.ru/0.9592478416231067 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->

Page Statistics

28
Requests

93 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

134 kB
Transfer

165 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://byrut.org.ru/0.9592478416231067 HTTP 307
    https://byrut.org.ru/0.9592478416231067 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://counter.yadro.ru/hit?t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.9592478416231067;h404%20Not%20Found;0.884206956089802 HTTP 302
  • https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.9592478416231067;h404%20Not%20Found;0.884206956089802
Request Chain 21
  • https://byrut.org.ru/cdn-cgi/rum HTTP 0
  • http://ska4at.ru/

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 0.9592478416231067
byrut.org.ru/
Redirect Chain
  • http://byrut.org.ru/0.9592478416231067
  • https://byrut.org.ru/0.9592478416231067
2 KB
1 KB
Document
General
Full URL
https://byrut.org.ru/0.9592478416231067
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.164.86.158 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES STARK INDUSTRIES SOLUTIONS LTD, GB),
Reverse DNS
vm1706573.stark-industries.solutions
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4b0303612af52c900944ce4b27f26eba7b0038d8bfe5879efb79c82b48b1be23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Nov 2024 23:07:14 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Location
https://byrut.org.ru/0.9592478416231067
Non-Authoritative-Reason
HttpsUpgrades
vcd15cbe7772f49c399c6a5babf22c1241717689176015
byrut.org.ru/o__static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://byrut.org.ru/o__static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.164.86.158 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES STARK INDUSTRIES SOLUTIONS LTD, GB),
Reverse DNS
vm1706573.stark-industries.solutions
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://byrut.org.ru
Referer
https://byrut.org.ru/0.9592478416231067

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Date
Sun, 17 Nov 2024 23:07:14 GMT
Content-Type
text/javascript;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
script1.js
jp.domain100.ru/
343 B
951 B
Script
General
Full URL
https://jp.domain100.ru/script1.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384430573c631fd252baba6e91496351952eff6a215560289812f2ad3e69d779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"65aa761b-157"
age
62975
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HEoyn%2FG3DkgIsYR28hV1qoKe92AMixl2NNwfy%2FKcV5JfPeflPYpUby6Ze3dORLCILx2C5hqMYW4z0Ta5WoKgNbPNB9hwIp%2Bfb8k%2B0%2FPvfDZBzR9Rj7fio0CXGtTtuw218qU%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 05:37:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16750&sent=24&recv=19&lost=0&retrans=0&sent_bytes=12359&recv_bytes=6970&delivery_rate=41563&cwnd=12000&unsent_bytes=0&cid=8f10a79beee06fe1&ts=87&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 23:07:14 GMT
content-type
application/javascript
last-modified
Fri, 19 Jan 2024 13:16:11 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e436039ed8d971f-AMS
server
cloudflare
script2.js
jp.domain100.ru/
1002 B
1 KB
Script
General
Full URL
https://jp.domain100.ru/script2.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cca5f50531d3ecbcfb6dafcca5cd46dfd5d4c11f57c26e27c6fe5293c11c3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66d9f856-3ea"
age
62975
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsp944zzXNVripKGNqSjaMedgWGjVajQ6qMiVMTpMF1pnHmnyDzbJw9MlzWxG1q%2BGI4pnRcRJwPCmiGlf4YTzwvn5FbAWqLV4L3udYOelarQL06BCGtuR8KY1G2gF1mdQlw%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 05:37:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16750&sent=15&recv=19&lost=0&retrans=0&sent_bytes=5446&recv_bytes=6970&delivery_rate=41563&cwnd=12000&unsent_bytes=0&cid=8f10a79beee06fe1&ts=80&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 23:07:14 GMT
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 18:28:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e436039ed82971f-AMS
server
cloudflare
script3.js
jp.domain100.ru/
954 B
1 KB
Script
General
Full URL
https://jp.domain100.ru/script3.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edffceb7b22abd431a5605fd61bf4f71021bdf7d47f21486cab33861c9061ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6718c637-3ba"
age
62975
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K365Ri0ai0U6AYfncjVbP5V8MgRjLSH%2Fa9MrD1XUWu20IvfOZsO9eV4JLP3%2BV6Ve5335Q3rqmzYRJBo6hqSiCG8eNO4N5hClrxSamGyFKSR5Gib%2Fe%2Fu8MXW8%2FSa3xQPeN4Q%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 05:37:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16750&sent=14&recv=19&lost=0&retrans=0&sent_bytes=4310&recv_bytes=6970&delivery_rate=41563&cwnd=12000&unsent_bytes=0&cid=8f10a79beee06fe1&ts=77&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 23:07:14 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 09:47:35 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e436039dd75971f-AMS
server
cloudflare
script4.js
jp.domain100.ru/
0
689 B
Script
General
Full URL
https://jp.domain100.ru/script4.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"633d5643-0"
age
53931
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gTNM4AiXLeIzRSh3U7sQ0cfkI5%2Fx7615vYMQmanblq4h6jNTwHHtvgsW4ws4Re2fxB0D7C%2FH1t18CqvhjmhdvinZsQ8Taz1q7Me4SVx1jFPKN3hPs8JSYJnFTfXvN%2FQvB38%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 08:08:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16750&sent=20&recv=19&lost=0&retrans=0&sent_bytes=9509&recv_bytes=6970&delivery_rate=41563&cwnd=12000&unsent_bytes=0&cid=8f10a79beee06fe1&ts=84&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 23:07:14 GMT
content-type
application/javascript
last-modified
Wed, 05 Oct 2022 10:02:43 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e436039ed85971f-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script5.js
jp.domain100.ru/
623 B
1 KB
Script
General
Full URL
https://jp.domain100.ru/script5.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a28aa2b0099fed75392c65e051e0f2e3e871e42a5e577bc80e76c566864458a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e1a33a-26f"
age
62975
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gy9uJ%2BYo38OJwzXYwrJCQDS%2Bnt2jYirqsdAe9PDBWU4p%2FVGqnxf17A1Ve2wjbr%2BzjlpPWMu%2Fq9pP1hntEFZ5f44YdK5l3St4hO%2BBic8PoVyV7Qd8k1j18QsurCqJjcjt67U%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 05:37:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16750&sent=17&recv=19&lost=0&retrans=0&sent_bytes=6685&recv_bytes=6970&delivery_rate=41563&cwnd=12000&unsent_bytes=0&cid=8f10a79beee06fe1&ts=82&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 23:07:14 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 14:03:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e436039ed86971f-AMS
server
cloudflare
script6.js
jp.domain100.ru/
372 B
963 B
Script
General
Full URL
https://jp.domain100.ru/script6.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f456cdd3c95fbe8f61f43b80001d67ecd3c3af89d1b5ecd8390d3371d50864c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e3272c-174"
age
67091
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqvubSZVZjSpGu7lvYCV5H4XYtsJKwdz6GKEooqWT56H42cunkRZiHxZXQlZY5kfiZoBwp2LfPZ5KAcAfcoXSflq0h79EIIs8qvrRIUTio78JzB4vy76ikXcFIuXo1IZKD8%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 04:29:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16750&sent=18&recv=19&lost=0&retrans=0&sent_bytes=7807&recv_bytes=6970&delivery_rate=41563&cwnd=12000&unsent_bytes=0&cid=8f10a79beee06fe1&ts=83&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 23:07:14 GMT
content-type
application/javascript
last-modified
Thu, 12 Sep 2024 17:38:52 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e436039ed87971f-AMS
server
cloudflare
script7.js
jp.domain100.ru/
0
693 B
Script
General
Full URL
https://jp.domain100.ru/script7.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"66db336e-0"
age
62975
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sM34%2FBn3i6J0OSgIBYJHKLRMExl4rfJ2pMol%2BMn%2Fpz4L%2BB%2B5Vfe48c9LGWtLbY5s5uR8ceKgYzh3sQe0ydYf9nWtufSfEpRwMqQSoF37rK2mVM7%2Fbtxc9OUrkMxnR0K4tMQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 05:37:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16750&sent=19&recv=19&lost=0&retrans=0&sent_bytes=8793&recv_bytes=6970&delivery_rate=41563&cwnd=12000&unsent_bytes=0&cid=8f10a79beee06fe1&ts=83&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 23:07:14 GMT
content-type
application/javascript
last-modified
Fri, 06 Sep 2024 16:53:02 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e436039ed88971f-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script8.js
jp.domain100.ru/
0
689 B
Script
General
Full URL
https://jp.domain100.ru/script8.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"6298eb08-0"
age
62975
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vb8phAyWtwXkuO9Y7ALGDGlvVkS2k04Dhyqz8K8dj0Fthg8dbWt2aKHGlOTLnxbT2WEPRATjU9nCHTdUYOC7qZiMkKUj5nxX2XR6g9a97Jzmdi9HOTG6rZhLOrBwrWTg3Qk%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 05:37:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16750&sent=23&recv=19&lost=0&retrans=0&sent_bytes=11647&recv_bytes=6970&delivery_rate=41563&cwnd=12000&unsent_bytes=0&cid=8f10a79beee06fe1&ts=86&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 23:07:14 GMT
content-type
application/javascript
last-modified
Thu, 02 Jun 2022 16:53:28 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e436039ed89971f-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script9.js
jp.domain100.ru/
0
688 B
Script
General
Full URL
https://jp.domain100.ru/script9.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"6298eb10-0"
age
59883
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3k%2BH8PCsvWbPl1xIoIw0vfVscMPmrvqMLq82bhDIUQStx7FG2V4cSdp9KJCkVwbqKks8kB8LzTXoMXqiBCgfHCMMpC8o7kd6PEKecwdZAELMFMFISFHmDCecTEXB4Lu7n1M%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 06:29:11 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16750&sent=21&recv=19&lost=0&retrans=0&sent_bytes=10221&recv_bytes=6970&delivery_rate=41563&cwnd=12000&unsent_bytes=0&cid=8f10a79beee06fe1&ts=84&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 23:07:14 GMT
content-type
application/javascript
last-modified
Thu, 02 Jun 2022 16:53:36 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e436039ed8a971f-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
script10.js
jp.domain100.ru/
0
692 B
Script
General
Full URL
https://jp.domain100.ru/script10.js
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cf-cache-status
HIT
etag
"6298eb19-0"
age
62975
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUUlTAPqEKSvYhpbloV%2BGTzCPvL6o3fwOCRgy44zLhZU3vuos7V8bgoKOlTy%2FavTio%2BhwiqIcduOaEekhibAbjl89D4L18AbCfTlhJtdSMx2a8HI0oKESWO5e%2BgD8OC9dns%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 05:37:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16750&sent=22&recv=19&lost=0&retrans=0&sent_bytes=10932&recv_bytes=6970&delivery_rate=41563&cwnd=12000&unsent_bytes=0&cid=8f10a79beee06fe1&ts=84&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 23:07:14 GMT
content-type
application/javascript
last-modified
Thu, 02 Jun 2022 16:53:45 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000;
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e436039ed8b971f-AMS
accept-ranges
bytes
content-length
0
server
cloudflare
/
ipvertnet.com/1hjo18mf0m/
23 KB
7 KB
Script
General
Full URL
https://ipvertnet.com/1hjo18mf0m/?bid=&sid=28258&rand=0.3679762793373689
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.172.68.8 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde1469-1.fornex.org
Software
nginx /
Resource Hash
34130d05ad9113fb367ffcd79520681ceaf1f450cbd56a7ee695b761d0727d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

strict-transport-security
max-age=31536000;
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
-1
date
Sun, 17 Nov 2024 23:07:15 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
/
oritooep.win/wcm/
0
545 B
Script
General
Full URL
https://oritooep.win/wcm/?sh=byrut.org.ru&sth=ff384397b7691e933c80e6f3e511037d&m=009f7c3dc58c132081eada00e43a8332&sid=588_824686_284435040&stime=930.70&curpage=https%3A%2F%2Fbyrut.org.ru%2F0.9592478416231067&rand=0.12960049271926732
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.159 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
unallocated.giveme.network
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

cache-control
no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
access-control-expose-headers
xid
timing-allow-origin
*
pragma
no-cache
accept-ch
Downlink, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version
xid
80e8f42d38ef7e827b2cfa10ba36a1f3
expires
0
content-length
0
p3p
CP="NON DSP COR CURa TIA"
date
Sun, 17 Nov 2024 23:07:15 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-msr
TRUE
/
trutheyesstab.com/services/
2 KB
2 KB
Script
General
Full URL
https://trutheyesstab.com/services/?id=147721
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.24 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
cs05.etarg.network
Software
nginx /
Resource Hash
21dd4cc6794df82029b8d529b4f756ea0988a4d71c46ddbb633e53e6b44ccb07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Content-Length
1569
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
CmsQQitYJScgmjSr65sMopt
cdn.tobipovsem.com/Ps0lZdefX3k9T/
17 KB
7 KB
Script
General
Full URL
https://cdn.tobipovsem.com/Ps0lZdefX3k9T/CmsQQitYJScgmjSr65sMopt?p_id=971&sdl=1&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=byrut.org.ru
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.30 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
noty.info
Software
nginx /
Resource Hash
ff731f0a7ba722974c8e68ccf7b87dc5258e7dffa8aad672d1f5ce7f2e4c182d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.9592478416231067;h404%20Not%20Found;0.884206956089802
  • https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.9592478416231067;h404%20Not%20Found;0.884206956089802
140 B
626 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.9592478416231067;h404%20Not%20Found;0.884206956089802
Requested by
Host: byrut.org.ru
URL: https://byrut.org.ru/0.9592478416231067
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
8260d7d211509da6c1bda6cec1b355285fddeb4c352c64aa3f1cf6b0ab97e739
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 18 Nov 2023 21:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
140
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
image/gif
Server
nginx/1.17.9

Redirect headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Location
https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//byrut.org.ru/0.9592478416231067;h404%20Not%20Found;0.884206956089802
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 18 Nov 2023 21:00:00 GMT
Content-Length
32
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
text/html
Server
nginx/1.17.9
/
track.tobipovsem.com/lctm/
13 B
351 B
Fetch
General
Full URL
https://track.tobipovsem.com/lctm/?action=get_subs
Requested by
Host: cdn.tobipovsem.com
URL: https://cdn.tobipovsem.com/Ps0lZdefX3k9T/CmsQQitYJScgmjSr65sMopt?p_id=971&sdl=1&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=byrut.org.ru
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.116 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
https://byrut.org.ru
Content-Length
13
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
application/json; charset=utf-8
Server
nginx
Access-Control-Allow-Headers
Content-Type
18064d61b6f93dab8681a460779b8429-10560-0.3448635772492199.json
ipvertnet.com/vast/
642 B
947 B
XHR
General
Full URL
https://ipvertnet.com/vast/18064d61b6f93dab8681a460779b8429-10560-0.3448635772492199.json?bid=0
Requested by
Host: ipvertnet.com
URL: https://ipvertnet.com/1hjo18mf0m/?bid=&sid=28258&rand=0.3679762793373689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.172.68.8 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde1469-1.fornex.org
Software
nginx /
Resource Hash
31ca8d13b4fe990e8969f46e1cc46f7e560695e634c893f8796206154b25bb36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000;
access-control-max-age
86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache, no-cache
access-control-allow-credentials
true
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
access-control-allow-origin
https://byrut.org.ru
date
Sun, 17 Nov 2024 23:07:15 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx
/
track.analitycs.net/ctmv2/
13 B
351 B
Fetch
General
Full URL
https://track.analitycs.net/ctmv2/?action=get_subs
Requested by
Host: cdn.tobipovsem.com
URL: https://cdn.tobipovsem.com/Ps0lZdefX3k9T/CmsQQitYJScgmjSr65sMopt?p_id=971&sdl=1&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=byrut.org.ru
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.116 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
https://byrut.org.ru
Content-Length
13
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
application/json; charset=utf-8
Server
nginx
Access-Control-Allow-Headers
Content-Type
arrow.png
s1.tobipovsem.com/img/
1 KB
2 KB
Image
General
Full URL
https://s1.tobipovsem.com/img/arrow.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.177.93.190 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
ip-185-177-93-190.ah-server.com
Software
nginx /
Resource Hash
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
max-age=86400
ETag
"60ab978a-5c5"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 23:07:15 GMT
Accept-Ranges
bytes
Content-Length
1477
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
image/png
Last-Modified
Mon, 24 May 2021 12:09:46 GMT
Server
nginx
/
ska4at.ru/
Redirect Chain
  • https://byrut.org.ru/cdn-cgi/rum?
  • http://ska4at.ru/
0
0

south5.js
ppimdog.com/morning/
29 KB
30 KB
Script
General
Full URL
https://ppimdog.com/morning/south5.js?24616a0.386530701876417
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.68 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
b77156de78ab661fed30e5925cf0f976a43d4c1d5e9f8a407b08dbdb0c4e88c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Transfer-Encoding
chunked
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
south.js
ppimdog.com/morning/
484 B
826 B
Script
General
Full URL
https://ppimdog.com/morning/south.js?24616&mode=list&u=null&r=0.09467146257203218
Requested by
Host: ppimdog.com
URL: https://ppimdog.com/morning/south5.js?24616a0.386530701876417
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.68 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
e126bec072444cb64bbd1ecc0cf4d43c8b34c8a2d345c6d1154e009e18d8fd73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Content-Length
484
P3P
CP="NON DSP COR CURa TIA"
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
text/javascript; charset=utf-8
Server
nginx
Connection
keep-alive
audio.mp3
cs11.ppimdog.com/files/
11 KB
11 KB
XHR
General
Full URL
https://cs11.ppimdog.com/files/audio.mp3?domain=byrut.org.ru
Requested by
Host: ppimdog.com
URL: https://ppimdog.com/morning/south5.js?24616a0.386530701876417
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
8f6fe530630792e5d9116987cf1a4f109d4f4ee07ec95f5ca2493a8e59a416ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

ETag
"60944162-2af7"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://byrut.org.ru
Content-Length
10999
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
audio/mpeg
Last-Modified
Thu, 06 May 2021 19:20:02 GMT
Server
nginx
3480358.jpg
cs11.ppimdog.com/content/60134/
9 KB
10 KB
Image
General
Full URL
https://cs11.ppimdog.com/content/60134/3480358.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
ca4d3aef37bc8543c9ecd0b881d5833b29551416577b29596cd4e295e0d181a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
public, max-age=28800
ETag
"67237ada-251a"
Connection
keep-alive
Access-Control-Allow-Methods
OPTIONS, POST, GET
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
9498
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
image/jpeg
Last-Modified
Thu, 31 Oct 2024 12:40:58 GMT
Server
nginx
Access-Control-Allow-Headers
Content-Type
3480358_2.webp
cs11.ppimdog.com/content/60134/
25 KB
25 KB
Image
General
Full URL
https://cs11.ppimdog.com/content/60134/3480358_2.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
d63633b4b8c6f02c990c6b91c90f4a847bbd48aa0805d5ae92883df02841cf7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
public, max-age=28800
ETag
"67237ada-639a"
Connection
keep-alive
Access-Control-Allow-Methods
OPTIONS, POST, GET
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
25498
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
image/webp
Last-Modified
Thu, 31 Oct 2024 12:40:58 GMT
Server
nginx
Access-Control-Allow-Headers
Content-Type
truncated
/
479 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f397378ee2e4d4f210d299f975ef8862668f8a80aad53f007ddc9e5447aa9098

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
sprite.svg
cs11.ppimdog.com/files/inpage/
20 KB
21 KB
Image
General
Full URL
https://cs11.ppimdog.com/files/inpage/sprite.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
13dbf87dd28bf5ef81ffa7ca883bb2b10ccca4544534a758f55d69808089b7e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://byrut.org.ru/

Response headers

Cache-Control
max-age=86400
ETag
"612118fa-50fa"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 23:07:15 GMT
Accept-Ranges
bytes
Content-Length
20730
Date
Sun, 17 Nov 2024 23:07:15 GMT
Content-Type
image/svg+xml
Last-Modified
Sat, 21 Aug 2021 15:17:14 GMT
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ska4at.ru
URL
http://ska4at.ru/

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| hts object| __cfBeacon object| _0xc1e function| _0xe88c string| e31f4f7be2_country string| e31f4f7be2_domain string| e31f4f7be2_path string| e31f4f7be2_file function| _0x3232 function| _0x13fb string| ms_cu_started number| time string| ms_cu_transparent number| ms_cu_timeout string| ms_cu_logactive string| ms_cu_allactions boolean| ms_cu_preclick_only function| setCookie_e31f4f7be2 function| getCookie_e31f4f7be2 function| efe31f4f7be2 number| e31f4f7be2_view_flag number| e31f4f7be2_click_flag number| e31f4f7be2_close_flag object| e31f4f7be2_ims

7 Cookies

Domain/Path Name / Value
byrut.org.ru/ Name: PHPSESSID
Value: 939211a77e5f972fede03aeea505ae6b
oritooep.win/ Name: mrmn_uid
Value: 80e8f42d38ef7e827b2cfa10ba36a1f3
.yadro.ru/ Name: FTID
Value: 1dEdSZ1Ozruv1dEdSZ003DyN
.yadro.ru/ Name: VID
Value: 2AeGu00PQJOv1dEdSZ003Ha7
.ppimdog.com/ Name: uuid
Value: 17318848356116760173
.byrut.org.ru/ Name: e31f4f7be2_view_1
Value: on
byrut.org.ru/ Name: webPush.Interval
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://byrut.org.ru/0.9592478416231067
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://byrut.org.ru/0.9592478416231067
Message:
Mixed Content: The page at 'https://byrut.org.ru/0.9592478416231067' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://ska4at.ru/'. This request has been blocked; the content must be served over HTTPS.
other error URL: https://byrut.org.ru/0.9592478416231067
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

byrut.org.ru
cdn.tobipovsem.com
counter.yadro.ru
cs11.ppimdog.com
ipvertnet.com
jp.domain100.ru
oritooep.win
ppimdog.com
s1.tobipovsem.com
ska4at.ru
track.analitycs.net
track.tobipovsem.com
trutheyesstab.com
ska4at.ru
104.21.49.218
185.177.93.190
193.200.64.159
193.200.64.24
193.200.65.116
193.200.65.13
193.200.65.30
193.200.65.68
31.172.68.8
88.212.202.52
95.164.86.158
0a28aa2b0099fed75392c65e051e0f2e3e871e42a5e577bc80e76c566864458a
13dbf87dd28bf5ef81ffa7ca883bb2b10ccca4544534a758f55d69808089b7e0
21dd4cc6794df82029b8d529b4f756ea0988a4d71c46ddbb633e53e6b44ccb07
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684
31ca8d13b4fe990e8969f46e1cc46f7e560695e634c893f8796206154b25bb36
34130d05ad9113fb367ffcd79520681ceaf1f450cbd56a7ee695b761d0727d5f
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96
384430573c631fd252baba6e91496351952eff6a215560289812f2ad3e69d779
4b0303612af52c900944ce4b27f26eba7b0038d8bfe5879efb79c82b48b1be23
8260d7d211509da6c1bda6cec1b355285fddeb4c352c64aa3f1cf6b0ab97e739
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8f456cdd3c95fbe8f61f43b80001d67ecd3c3af89d1b5ecd8390d3371d50864c
8f6fe530630792e5d9116987cf1a4f109d4f4ee07ec95f5ca2493a8e59a416ea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cca5f50531d3ecbcfb6dafcca5cd46dfd5d4c11f57c26e27c6fe5293c11c3fe
b77156de78ab661fed30e5925cf0f976a43d4c1d5e9f8a407b08dbdb0c4e88c2
ca4d3aef37bc8543c9ecd0b881d5833b29551416577b29596cd4e295e0d181a8
d63633b4b8c6f02c990c6b91c90f4a847bbd48aa0805d5ae92883df02841cf7b
e126bec072444cb64bbd1ecc0cf4d43c8b34c8a2d345c6d1154e009e18d8fd73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edffceb7b22abd431a5605fd61bf4f71021bdf7d47f21486cab33861c9061ec4
f397378ee2e4d4f210d299f975ef8862668f8a80aad53f007ddc9e5447aa9098
ff731f0a7ba722974c8e68ccf7b87dc5258e7dffa8aad672d1f5ce7f2e4c182d