t-wbpbqeys.123tt.ru Open in urlscan Pro
172.67.203.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t-wbpbqeys.123tt.ru/adv.php
Effective URL:
https://t-wbpbqeys.123tt.ru/adv.php
Submission: On August 20 via api (August 20th 2024, 5:14:40 am UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 172.67.203.11, located in United States and belongs to CLOUDFLARENET, US. The main domain is t-wbpbqeys.123tt.ru.
TLS certificate: Issued by WE1 on August 19th 2024. Valid for: 3 months.

This is the only time t-wbpbqeys.123tt.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	172.67.203.11 172.67.203.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
28	3

22 172.67.203.11 (United States)

ASN13335 (CLOUDFLARENET, US)

t-wbpbqeys.123tt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	123tt.ru t-wbpbqeys.123tt.ru	378 KB
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	4 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	58 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9685	1 KB
28	4

	Domain	Requested by
22	t-wbpbqeys.123tt.ru	t-wbpbqeys.123tt.ru
6	mc.yandex.com	3 redirects t-wbpbqeys.123tt.ru mc.yandex.ru
3	mc.yandex.ru	1 redirects t-wbpbqeys.123tt.ru
2	counter.yadro.ru	1 redirects t-wbpbqeys.123tt.ru
28	4

This site contains no links.

Subject Issuer	Validity	Valid
123tt.ru WE1	`2024-08-19` - `2024-11-17`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh

This page contains 2 frames:

Primary Page: https://t-wbpbqeys.123tt.ru/adv.php
Frame ID: 4C4B435E12DA504067EF54636F8B0BAC
Requests: 27 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: DFA1BCB63E1E7EFDBA7F9DBC6CE5C510
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

rutor.org :: Свободный торрент трекер :: rutor.org закрыли, rutor org заблокирован, rutor org не работает, rutor org переехал, рутор орг зеркало

Page URL History Show full URLs

http://t-wbpbqeys.123tt.ru/adv.php HTTP 307
https://t-wbpbqeys.123tt.ru/adv.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

89 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

437 kB
Transfer

681 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t-wbpbqeys.123tt.ru/adv.php HTTP 307
https://t-wbpbqeys.123tt.ru/adv.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//t-wbpbqeys.123tt.ru/adv.php;hrutor.org%20%3A%3A%20%u0421%u0432%u043E%u0431%u043E%u0434%u043D%u044B%u0439%20%u0442%u043E%u0440%u0440%u0435%u043D%u0442%20%u0442%u0440%u0435%u043A%u0435%u0440%20%3A%3A%20rutor.org%20%u0437%u0430%u043A%u0440%u044B%u043B%u0438%2C%20rutor%20org%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432;0.4876388463454975 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//t-wbpbqeys.123tt.ru/adv.php;hrutor.org%20%3A%3A%20%u0421%u0432%u043E%u0431%u043E%u0434%u043D%u044B%u0439%20%u0442%u043E%u0440%u0440%u0435%u043D%u0442%20%u0442%u0440%u0435%u043A%u0435%u0440%20%3A%3A%20rutor.org%20%u0437%u0430%u043A%u0440%u044B%u043B%u0438%2C%20rutor%20org%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432;0.4876388463454975

Request Chain 22

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10467.OEi1awzgRPbM1HwnESv48PaBFMvu1vU4kYJv71VpDaOj5Uu4UAt9h1JYOa3DCbFs.wlSwmLZ3jPN-ZR7tXvr4py17QkI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10467.ccc9TXyGMnnj3Yt5MCjTj48bLB0MYjxsX4ErlENIbRjrxO9uZv3eN4C_vw6xcm5x7ztogPAsLmLWMtU5b4hsX_mfobpchrk5Cpy57O8tX6ht94s11NeDs5Rf32mc0y-ndTV82hMEq6pq0rFc1IPHJGtD-3QwdJ1gWN4Q1FfdTm9HWhlUvihQRB9lJGnkFJTWX-7X9ieN-DKwM9DGl_ShhzkhT9aWrwAUlInveQzoXgg%2C.X2BbkquMvoFWc_aPky7fqITFYF0%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10467.IIz6r603tc7PloFlsTvZDJH1JOFeomSX_CWe8Tm3YWDBlcs9-11nRnoL_KPf0KQxG7Ouokft0W6uepdcGTsheXeFhU0GOwLveULVqoT-_EWW_QetzTw50_nELeuuGzKowjAbeIQaMUajwH_gd1YgGNneUvwMnZ8PqC2disV6woPxT7Jl9N5xISyo1pmZ-OKnlJkUa4ASaSOY1w8HzmpENA%2C%2C.LAU4DAzuTJd6r02RmERBJxflLAo%2C

Request Chain 25

https://mc.yandex.com/watch/89157584?wmode=7&page-url=https%3A%2F%2Ft-wbpbqeys.123tt.ru%2Fadv.php&charset=utf-8&site-info=%7B%22korjik_from%22%3A%22--%22%2C%22server%22%3A%22fast%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A5hhtndq4m7gdrr9ncc0y4hs3h7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1329160126595%3Ahid%3A721723314%3Az%3A120%3Ai%3A20240820071434%3Aet%3A1724130875%3Ac%3A1%3Arn%3A336621469%3Arqn%3A1%3Au%3A1724130875859979256%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A506%3Ads%3A6%2C50%2C118%2C7%2C3%2C0%2C%2C271%2C1%2C%2C%2C%2C456%3Aco%3A0%3Acpf%3A1%3Ans%3A1724130873988%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724130875%3At%3Arutor.org%20%3A%3A%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%BD%D1%8B%D0%B9%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%3A%3A%20rutor.org%20%D0%B7%D0%B0%D0%BA%D1%80%D1%8B%D0%BB%D0%B8%2C%20rutor%20org%20%D0%B7%D0%B0%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%2C%20rutor%20org%20%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D0%B5%D1%82%2C%20rutor%20org%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B5%D1%85%D0%B0%D0%BB%2C%20%D1%80%D1%83%D1%82%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3183360)ti(1) HTTP 302
https://mc.yandex.com/watch/89157584/1?wmode=7&page-url=https%3A%2F%2Ft-wbpbqeys.123tt.ru%2Fadv.php&charset=utf-8&site-info=%7B%22korjik_from%22%3A%22--%22%2C%22server%22%3A%22fast%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A5hhtndq4m7gdrr9ncc0y4hs3h7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1329160126595%3Ahid%3A721723314%3Az%3A120%3Ai%3A20240820071434%3Aet%3A1724130875%3Ac%3A1%3Arn%3A336621469%3Arqn%3A1%3Au%3A1724130875859979256%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A506%3Ads%3A6%2C50%2C118%2C7%2C3%2C0%2C%2C271%2C1%2C%2C%2C%2C456%3Aco%3A0%3Acpf%3A1%3Ans%3A1724130873988%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724130875%3At%3Arutor.org%20%3A%3A%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%BD%D1%8B%D0%B9%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%3A%3A%20rutor.org%20%D0%B7%D0%B0%D0%BA%D1%80%D1%8B%D0%BB%D0%B8%2C%20rutor%20org%20%D0%B7%D0%B0%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%2C%20rutor%20org%20%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D0%B5%D1%82%2C%20rutor%20org%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B5%D1%85%D0%B0%D0%BB%2C%20%D1%80%D1%83%D1%82%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283183360%29ti%281%29

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request adv.php Show response
t-wbpbqeys.123tt.ru/
Redirect Chain

http://t-wbpbqeys.123tt.ru/adv.php
https://t-wbpbqeys.123tt.ru/adv.php

10 KB
4 KB

175ms
119ms

Document
text/html

172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.45-0+deb7u14
Resource Hash: 31d6e8beba2a583190f4f45abcbb770bd34485d45c19cabb5fa62c22db519c20

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b5fe68aeecf5d5b-FRA
content-encoding: br
content-type: text/html
date: Tue, 20 Aug 2024 05:14:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rV%2FEwMrM1sKVhNdX17iU%2F%2Fec2sj6%2FKEK8v93Bh7gCQpDLefGm3DvBCrXSdW%2B%2FCQP62oid8EwNtffZt9KQ2nl96McNlsS9I1EvOJCF1k53AUER45JIEv9wMsRnzzee0H4UnDPRGKT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.4.45-0+deb7u14

Redirect headers

Location: https://t-wbpbqeys.123tt.ru/adv.php
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 css.css
t-wbpbqeys.123tt.ru/parse/s.rutor.org/ 7 KB
3 KB 95ms
95ms Stylesheet
text/css 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/css.css
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa3d36b7b649920bc8419fee4edece4f5801a9fbd828dab2fdf4179935af1b2a

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2055
last-modified: Fri, 13 Mar 2015 12:51:21 GMT
server: cloudflare
etag: "6fe46da-1c0f-5112af50b2440"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AelVSG6G50tU5lx8wmDcCk%2BPVvN6Dt%2B%2F9SjuyQ93YhcujGD83JuofoabwvRnlieHrpxzdNfHunEKHJr4G0zZTo2X4wh0%2BnqxJZcRR10WiPmSd8fCXco3%2F887IZbSUw%2FetSy9QbOT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef6b5d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 jquery.min.js Show response
t-wbpbqeys.123tt.ru/zax/ 70 KB
25 KB 121ms
120ms Script
application/javascript 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/zax/jquery.min.js
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 24606
last-modified: Mon, 25 Apr 2016 17:14:40 GMT
server: cloudflare
etag: "6f067e3-119ee-531524fd66db2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7ZZq%2FvY%2F85jhiITQQAIjaTFsEmGD1BfrTSQXxfd0AhO8EJT39E3eMDAVieBDa%2FC6L7nVkVsfKJjIxjgz4r5U485NBuMXgax6oZh%2FiurjYQJy%2B%2B1bYrLHp%2FH34pwziV9kU5Q757h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef6f5d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 jquery.cookie-min.js Show response
t-wbpbqeys.123tt.ru/parse/s.rutor.org/ 732 B
1005 B 152ms
151ms Script
application/javascript 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/jquery.cookie-min.js
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874d19eae19d9f20a884d976ccca6092c91da6ee8c71d8be1c5c893acbad9159

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 421
last-modified: Fri, 09 May 2014 14:49:17 GMT
server: cloudflare
etag: "6fe46dd-2dc-4f8f8b3bd6ed1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zua0psVA24eKiJwPskA91T1hPQVuj9x0p85yK22Me7AkqPtXhDywA0UTE09TS7wb5hIpdubT4pjDqVYgajqxOiZBaFTSwesdX%2FjdUi5mlygYF2J9ZFgJgwkAtcAfM5oKY2etXFoP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef705d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 functions.js Show response
t-wbpbqeys.123tt.ru/parse/s.rutor.org/t/ 3 KB
2 KB 114ms
113ms Script
application/javascript 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/t/functions.js
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d47ad6a2c2fa3bbd326ea77e4a328ea45e13f67593684237859ef21ed594222d

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1327
last-modified: Fri, 09 May 2014 14:49:17 GMT
server: cloudflare
etag: "6fe46dc-d40-4f8f8b3bd4f91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vnTv9B5Fa90oosj1ys4x0vptMSw45DPwmpx%2Fls7DRAatMokGRqRW1uYIfk%2FCzRK%2FHBakeJGqI1CiNNAXywQofIVaeKT3Mckdz%2Bp%2FEwYSml6xbq3wyKg%2FV6fRHr2h4HUgywTwCJW%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef715d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 css.css
t-wbpbqeys.123tt.ru/css/ 9 KB
3 KB 132ms
131ms Stylesheet
text/css 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/css/css.css?27047
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8735685644d31eab561aa5ef335c22cac01ba223879825e8c0de1b50d1ef673b

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2731
last-modified: Wed, 29 May 2024 06:08:50 GMT
server: cloudflare
etag: "6dc1bc8-2233-6199195890080"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDOjwG6A3CPrXsHiOmXbToXZBp3CjaESuLZBznPaXAuNNoE2cQ1E36xwbIgr1b6x3ro%2FQFjyfQXJ9Ps0qNSo0Sb4WLEyKgAHspgNG1nXENVXJxSbBjCzawNyxRx52IeBysIrBuQ5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef745d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 web-mirror.css
t-wbpbqeys.123tt.ru/css/ 63 B
603 B 132ms
132ms Stylesheet
text/html 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/css/web-mirror.css?2
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.45-0+deb7u14
Resource Hash: b8388dd9cf762de7fb6dbcc5191fb91666cb5f477fee21779bf576ac9180a026

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.45-0+deb7u14
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gJqcM3MiYpoR%2BYjzvRhUirf0v8ydSfsBd7ClyciVqMJoUIsAjU7Bev6QMlgHTEm1%2FWBgrsWHXk2Ss2vmagwcp6OYXaAYjeecILVPoQegXBr6mSV3BeWpv9r4KoIv7ZA2Hfdc%2FwJD"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-credentials: true
cf-ray: 8b5fe68bef775d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
alt-svc: h3=":443"; ma=86400

GET
H3 200 js.js Show response
t-wbpbqeys.123tt.ru/southcentral/ 3 KB
2 KB 151ms
151ms Script
text/html 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/southcentral/js.js?08
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.45-0+deb7u14
Resource Hash: 6ede838c510b030a60f27b0e3466376607a480c6d0cab4e0d2f2f19d92d16af9

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.45-0+deb7u14
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G5a7O2KElcWjjAOQ6%2Bt8SsYNG1KaNZHjPG2lzqVdalmug8%2FZYt01t1izdDpUiOhBKGVfKEp7aiPA7NIbGQG5j6f86ANTuzHbFgm3SEYBEwDzazVJA8UyddG%2FIes8HRECOsuqskzE"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-credentials: true
cf-ray: 8b5fe68bef785d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.tablesorter.new-rutor.min.js Show response
t-wbpbqeys.123tt.ru/css/ 18 KB
6 KB 152ms
151ms Script
application/javascript 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/css/jquery.tablesorter.new-rutor.min.js?1
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb736e8586695a5db7c37884ebfd5860cb016a3a587b00b17fcc3053b5681048

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5693
last-modified: Sat, 14 Jun 2014 10:27:07 GMT
server: cloudflare
etag: "6dc2b20-48bf-4fbc93c6394c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39SvTl%2FZrQyqcIpcAJRsT01oPy0Ezoq2p0ckWWplSRexn3zh7FPoAQs42CeqX7Q%2FuqclDYzhOsoJhZTag1y4u4JYqTEaZUofDTpMH%2Bk%2FqEAcuyioVXOB83eESUgq1lCL40aUvZXM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef795d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 s.css
t-wbpbqeys.123tt.ru/grannypatries/ 9 KB
3 KB 202ms
201ms Stylesheet
text/css 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/grannypatries/s.css?12s37
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856bc26520b6e0dfc14d78183326f78db6a15f2c750499d6791161b28a87f96a

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2764
last-modified: Sun, 02 Jun 2024 12:45:48 GMT
server: cloudflare
etag: "6dc1bc4-2394-619e798905700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2qd1%2BANMvH6A%2B%2FX1x4Qly8pMYiYETPuCtVJq4XA4qQfuAS6V7kXOfx03zdhTFvJM1KMcCISoyTR2Zz61iua7iQTsvr5wfi46sWB0%2Bfr1Is2k%2FAqQab34oL55d4sEfK4K7Ec1iYr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef7b5d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 pluso-like-small.js Show response
t-wbpbqeys.123tt.ru/css/ 2 KB
2 KB 201ms
200ms Script
application/javascript 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/css/pluso-like-small.js?10
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e786f1e87ef6054b4aab3d26780d3525a14975b8d4de5bae54f095fa07ed5b08

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 972
last-modified: Sat, 24 Jun 2023 16:08:50 GMT
server: cloudflare
etag: "6f4079e-8da-5fee25541e880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03O7eghO6ogZFkqb4StBfdHmrDJ2CL0ZEaQXhnzFrnFS6P9mrAbtIU6nRZrTCq%2F7VGCdx6NxmpSaxVZB8ZzyBtbFoK%2F%2BuABNQSuiC3o5%2FWxxwr8Kke7yTh50G8L0KXw51l6BcDxo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef7c5d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 pluso.css
t-wbpbqeys.123tt.ru/css/ 78 KB
7 KB 201ms
200ms Stylesheet
text/css 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/css/pluso.css?12s5
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bdc9500d9c5b13f9e5581d12caa13fd71feb0f5c2e61d4de26944b159bad332

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6982
last-modified: Wed, 27 Mar 2019 07:21:56 GMT
server: cloudflare
etag: "6f409d5-137a8-5850e4ae34d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IeXGvPFX31I4V4%2BJ8WtCmj4dU%2FJJPJPLdM2yTbrZNalzEmV%2BMVayeUm53WQR67weVqmF2M92cbSq9K%2BzX%2BiHZqjaVWEMhqcX8b%2FtTJEHXye6S9wImqZxdeOhDx6N2SH9QOimfptR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef7d5d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 rutor-logo.jpg
t-wbpbqeys.123tt.ru/ 40 KB
41 KB 201ms
200ms Image
image/jpeg 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-wbpbqeys.123tt.ru/rutor-logo.jpg
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c22baf90cbd403ab7d173f6fa65999a6246d71612d6859181ea7642e98a75279

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 40987
last-modified: Sun, 06 Oct 2013 21:18:39 GMT
server: cloudflare
etag: "6dc110c-a01b-4e819144909c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwGsK6rxxm2%2Fnmb883XLyQy3golV160Jpcjw6gGmsNqA4u2MvF5%2FpIsjdIQ1SL6vQ4GF%2F9iDCjihFYbxnMccUngkBNlyqwWqFhxO9AtNPNsBAXIymvaQC5PJUXm05yVDuAFaLeuR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef7e5d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 top.gif
t-wbpbqeys.123tt.ru/parse/s.rutor.org/t/ 612 B
1 KB 238ms
236ms Image
image/gif 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/t/top.gif
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79df9f5b18cac4dbaec0808448c15e094b5fe20d04aabfe7bed9e6ae07739dfd

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 612
last-modified: Fri, 09 May 2014 14:49:17 GMT
server: cloudflare
etag: "6fe1e9a-264-4f8f8b3bd20b1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MvNCfSV5y6xfErVJ3BxGkRUzAC6LWRF6H7LkI9Y5QTqcupN2hz02%2Bw3EwyO0mHzJ3a%2FFp7gssjUJiPuZzi0nRUC5rutpBgJD0WFHx7HzJM5Mb37O0Z4gja1ndRcYNPcD0N03tum4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68bef805d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 forum.gif
t-wbpbqeys.123tt.ru/parse/s.rutor.org/i/ 6 KB
6 KB 103ms
102ms Image
image/gif 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/i/forum.gif
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9fd75312b80aa988432407952a1fa963f6a6ca7496d5a7533242475b20c600e

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6049
last-modified: Fri, 09 May 2014 14:49:17 GMT
server: cloudflare
etag: "6fe46c1-17a1-4f8f8b3bd3ff1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9PS4ptJ9614kULwkDFNS7PTCjnPUOd4vNUiOEs6YQbnZpgINkPkPT9kCqj3%2B3hfaSxGdHeBtHDDaxEi8UREoujXh3xq26xQGrvfeuh223m726cGu7zP4aWdNNCo2ZC42w2h0uNQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68d385b5d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 lupa.gif
t-wbpbqeys.123tt.ru/parse/s.rutor.org/i/ 3 KB
4 KB 94ms
93ms Image
image/gif 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/i/lupa.gif
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6946c64a41b61a1e8708b7bcf8274274c71cdc23932aab32da5b868d19212b3a

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3079
last-modified: Fri, 09 May 2014 14:49:17 GMT
server: cloudflare
etag: "6fe4b8d-c07-4f8f8b3bc3652"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YK3p98fJsO9QbV4ZZn5u%2B0qpzT%2F%2FDdbYANg34ZK7%2FlkwuQ2l545%2FaGoXvO5TkReDtAEspU6FWhfTUPlle2oOcmSvoUJZwMJs3SrlgLTstU5htBNdn8F2T%2FnSUElLTOpt9N9RUtsT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68d385e5d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 157 KB
57 KB 350ms
171ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b57bea2adfc7b0808a369e963ee65d0f71c797309ef9d896886d3811ab8818ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://t-wbpbqeys.123tt.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 20 Aug 2024 05:14:34 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-ddff"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 56831
expires: Tue, 20 Aug 2024 06:14:34 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//t-wbpbqeys.123tt.ru/adv.php;hrutor.org%20%3A%3A%20%u0421%u0432%u043E%u0431%u043E%u0434%u043D%u044B%u0439%20%u0442%u043E%u0440%u0440%u0435%u04...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//t-wbpbqeys.123tt.ru/adv.php;hrutor.org%20%3A%3A%20%u0421%u0432%u043E%u0431%u043E%u0434%u043D%u044B%u0439%20%u0442%u043E%u0440%u0440%u0435%u...

43 B
528 B

78ms
77ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//t-wbpbqeys.123tt.ru/adv.php;hrutor.org%20%3A%3A%20%u0421%u0432%u043E%u0431%u043E%u0434%u043D%u044B%u0439%20%u0442%u043E%u0440%u0440%u0435%u043D%u0442%20%u0442%u0440%u0435%u043A%u0435%u0440%20%3A%3A%20rutor.org%20%u0437%u0430%u043A%u0440%u044B%u043B%u0438%2C%20rutor%20org%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432;0.4876388463454975

Requested by

Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://t-wbpbqeys.123tt.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Aug 2024 05:14:34 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 20 Aug 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Aug 2024 05:14:34 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//t-wbpbqeys.123tt.ru/adv.php;hrutor.org%20%3A%3A%20%u0421%u0432%u043E%u0431%u043E%u0434%u043D%u044B%u0439%20%u0442%u043E%u0440%u0440%u0435%u043D%u0442%20%u0442%u0440%u0435%u043A%u0435%u0440%20%3A%3A%20rutor.org%20%u0437%u0430%u043A%u0440%u044B%u043B%u0438%2C%20rutor%20org%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432;0.4876388463454975
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 20 Aug 2023 21:00:00 GMT

GET
H3 200 sprite.png
t-wbpbqeys.123tt.ru/css/img/pluso/ 253 KB
254 KB 115ms
114ms Image
image/png 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-wbpbqeys.123tt.ru/css/img/pluso/sprite.png?1
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/css/pluso.css?12s5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59dd7e1dce6b861ded439efde90acabebbe955f48f96c990abdd471af1b5f026

Request headers

Referer: https://t-wbpbqeys.123tt.ru/css/pluso.css?12s5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 259091
last-modified: Tue, 14 Apr 2015 04:47:19 GMT
server: cloudflare
etag: "78e0019-3f413-513a7eced63c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vzXYIx8DebmUgwNjwxQ%2BMW4FmfgA35m8K%2BelI%2BagEZ%2FUO0wQrRNOKuIDl2VdQcIZajr1%2FEz0Vn3LBkM%2FMA%2BbA8mYWP21Z7tyqlZohV8BuLTiLjYp69ZZ2TW7TaS0kTugpWb48XQp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68d48635d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 bbackgr.png
t-wbpbqeys.123tt.ru/parse/s.rutor.org/i/ 3 KB
3 KB 101ms
100ms Image
image/png 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/i/bbackgr.png
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a682fdf55d12206673fd39d71e37893badd8286e7c511dfa95e05c0b509b9618

Request headers

Referer: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/css.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2859
last-modified: Fri, 09 May 2014 14:49:17 GMT
server: cloudflare
etag: "6fe480b-b2b-4f8f8b3bd6ed1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WhGszu7Xb41eqRGBq2Y6ftY5wyptmFIkFtLCCuGAq0BgyrThAPFG%2FbvddI6PecR%2FWJmq2cIW8x9FRw8PckJ6rPPSYEoeCUnIZhsQiePn6%2BfSskK40rId8RTu5uNpYLTNS74oqbR5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68d48645d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 menu_b1.gif
t-wbpbqeys.123tt.ru/parse/s.rutor.org/i/ 2 KB
3 KB 109ms
108ms Image
image/gif 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/i/menu_b1.gif
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04b184eb5417b9a81ab455fc07378efa326bbed2a5c74869b3d876b287307d8

Request headers

Referer: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/css.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2487
last-modified: Fri, 09 May 2014 14:49:17 GMT
server: cloudflare
etag: "6fe5c60-9b7-4f8f8b3bd4f91"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gXzRmAov8rzN%2FKNqGKnSUxfgMwuJLcLgste8r%2B4EqCSKJri1krLKvW0QoNYQiWn6SDA32CyhGU5%2FVr2MBADeRBpc7FNbaeDOM60ImYQ%2FP1glpDfjCDLC2CoShom0QPclnH%2Bg5ypZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68d48665d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 movies_btn.gif
t-wbpbqeys.123tt.ru/agrrr/img/ 3 KB
4 KB 107ms
106ms Image
image/gif 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-wbpbqeys.123tt.ru/agrrr/img/movies_btn.gif
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/css/css.css?27047
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00568b506987f6412fbceb9b5880521a0212706d7e392eb48c315dabc7a900e5

Request headers

Referer: https://t-wbpbqeys.123tt.ru/css/css.css?27047
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3036
last-modified: Sun, 15 Mar 2015 23:32:06 GMT
server: cloudflare
etag: "6f47e88-bdc-5115c243a0980"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mpqxLRql%2FQJBncz2L8D6KcOK05UvHgcAoIpGkEYHg209zf1e2wGAf6%2Bb7ocmcV9YBWQhHdFCzeMLq7DE2Y%2BMZEFZqLSgvrRzh4G3bLCI0GV4Dti123xZNEdVs0r9pAQmAlSwZ9KD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68d48675d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H3 200 poisk_bg.gif
t-wbpbqeys.123tt.ru/parse/s.rutor.org/i/ 2 KB
3 KB 125ms
124ms Image
image/gif 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/i/poisk_bg.gif
Requested by: Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4912841156c4582948d016867a6c71845a0221f1dd6419ea911f6f83bbc431d7

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1998
last-modified: Fri, 09 May 2014 14:49:17 GMT
server: cloudflare
etag: "6fe48ba-7ce-4f8f8b3bd3ff1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KhFe668I2mFlRlQjoE67Ba5Iwm0xcLednnpGJYW8gBc%2BX9FBElbF1T4P8MDRIpSqbQHq%2Fogb9DUsTM6oAoqgO5wXhTTNPfC77kxRio01ipoh5ST%2BZCAwFXA7uaSNzAZap4KHEKCP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b5fe68d48685d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
expires: Thu, 19 Sep 2024 05:15:39 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10467.OEi1awzgRPbM1HwnESv48PaBFMvu1vU4kYJv71VpDaOj5Uu4UAt9h1JYOa3DCbFs.wlSwmLZ3jPN-ZR7tXvr4py17QkI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10467.ccc9TXyGMnnj3Yt5MCjTj48bLB0MYjxsX4ErlENIbRjrxO9uZv3eN4C_vw6xcm5x7ztogPAsLmLWMtU5b4hsX_mfobpchrk5Cpy57O8tX6ht94s11NeDs5Rf32mc0y-ndTV82hMEq6...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10467.IIz6r603tc7PloFlsTvZDJH1JOFeomSX_CWe8Tm3YWDBlcs9-11nRnoL_KPf0KQxG7Ouokft0W6uepdcGTsheXeFhU0GOwLveULVqoT-_EWW_...

43 B
586 B

92ms
91ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10467.IIz6r603tc7PloFlsTvZDJH1JOFeomSX_CWe8Tm3YWDBlcs9-11nRnoL_KPf0KQxG7Ouokft0W6uepdcGTsheXeFhU0GOwLveULVqoT-_EWW_QetzTw50_nELeuuGzKowjAbeIQaMUajwH_gd1YgGNneUvwMnZ8PqC2disV6woPxT7Jl9N5xISyo1pmZ-OKnlJkUa4ASaSOY1w8HzmpENA%2C%2C.LAU4DAzuTJd6r02RmERBJxflLAo%2C

Requested by

Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t-wbpbqeys.123tt.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:35 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10467.IIz6r603tc7PloFlsTvZDJH1JOFeomSX_CWe8Tm3YWDBlcs9-11nRnoL_KPf0KQxG7Ouokft0W6uepdcGTsheXeFhU0GOwLveULVqoT-_EWW_QetzTw50_nELeuuGzKowjAbeIQaMUajwH_gd1YgGNneUvwMnZ8PqC2disV6woPxT7Jl9N5xISyo1pmZ-OKnlJkUa4ASaSOY1w8HzmpENA%2C%2C.LAU4DAzuTJd6r02RmERBJxflLAo%2C
strict-transport-security: max-age=31536000
date: Tue, 20 Aug 2024 05:14:35 GMT
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
573 B 133ms
132ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: t-wbpbqeys.123tt.ru
URL: https://t-wbpbqeys.123tt.ru/adv.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://t-wbpbqeys.123tt.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:34 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 20 Aug 2024 06:14:34 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame DFA1 0
0 258ms
89ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://t-wbpbqeys.123tt.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Tue, 20 Aug 2024 05:14:35 GMT
etag: "66b1ec49-416"
expires: Tue, 20 Aug 2024 06:14:35 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/89157584/
Redirect Chain

https://mc.yandex.com/watch/89157584?wmode=7&page-url=https%3A%2F%2Ft-wbpbqeys.123tt.ru%2Fadv.php&charset=utf-8&site-info=%7B%22korjik_from%22%3A%22--%22%2C%22server%22%3A%22fast%22%7D&uah=chm%0A%3...
https://mc.yandex.com/watch/89157584/1?wmode=7&page-url=https%3A%2F%2Ft-wbpbqeys.123tt.ru%2Fadv.php&charset=utf-8&site-info=%7B%22korjik_from%22%3A%22--%22%2C%22server%22%3A%22fast%22%7D&uah=chm%0A...

603 B
863 B

90ms
88ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/89157584/1?wmode=7&page-url=https%3A%2F%2Ft-wbpbqeys.123tt.ru%2Fadv.php&charset=utf-8&site-info=%7B%22korjik_from%22%3A%22--%22%2C%22server%22%3A%22fast%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A5hhtndq4m7gdrr9ncc0y4hs3h7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1329160126595%3Ahid%3A721723314%3Az%3A120%3Ai%3A20240820071434%3Aet%3A1724130875%3Ac%3A1%3Arn%3A336621469%3Arqn%3A1%3Au%3A1724130875859979256%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A506%3Ads%3A6%2C50%2C118%2C7%2C3%2C0%2C%2C271%2C1%2C%2C%2C%2C456%3Aco%3A0%3Acpf%3A1%3Ans%3A1724130873988%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724130875%3At%3Arutor.org%20%3A%3A%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%BD%D1%8B%D0%B9%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%3A%3A%20rutor.org%20%D0%B7%D0%B0%D0%BA%D1%80%D1%8B%D0%BB%D0%B8%2C%20rutor%20org%20%D0%B7%D0%B0%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%2C%20rutor%20org%20%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D0%B5%D1%82%2C%20rutor%20org%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B5%D1%85%D0%B0%D0%BB%2C%20%D1%80%D1%83%D1%82%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283183360%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f52f9d5afd38aa716b5bcbe81330b258c25d534d983864ad244c4b50f02f9e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t-wbpbqeys.123tt.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 20 Aug 2024 05:14:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 20-Aug-2024 05:14:35 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://t-wbpbqeys.123tt.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 603
x-xss-protection: 1; mode=block
expires: Tue, 20-Aug-2024 05:14:35 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Aug 2024 05:14:35 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 20-Aug-2024 05:14:35 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://t-wbpbqeys.123tt.ru
location: /watch/89157584/1?wmode=7&page-url=https%3A%2F%2Ft-wbpbqeys.123tt.ru%2Fadv.php&charset=utf-8&site-info=%7B%22korjik_from%22%3A%22--%22%2C%22server%22%3A%22fast%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A5hhtndq4m7gdrr9ncc0y4hs3h7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1329160126595%3Ahid%3A721723314%3Az%3A120%3Ai%3A20240820071434%3Aet%3A1724130875%3Ac%3A1%3Arn%3A336621469%3Arqn%3A1%3Au%3A1724130875859979256%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A506%3Ads%3A6%2C50%2C118%2C7%2C3%2C0%2C%2C271%2C1%2C%2C%2C%2C456%3Aco%3A0%3Acpf%3A1%3Ans%3A1724130873988%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724130875%3At%3Arutor.org%20%3A%3A%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%BD%D1%8B%D0%B9%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%3A%3A%20rutor.org%20%D0%B7%D0%B0%D0%BA%D1%80%D1%8B%D0%BB%D0%B8%2C%20rutor%20org%20%D0%B7%D0%B0%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%2C%20rutor%20org%20%D0%BD%D0%B5%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D0%B5%D1%82%2C%20rutor%20org%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B5%D1%85%D0%B0%D0%BB%2C%20%D1%80%D1%83%D1%82%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283183360%29ti%281%29
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 20-Aug-2024 05:14:35 GMT

GET
H3 200 favicon.ico
t-wbpbqeys.123tt.ru/parse/s.rutor.org/ 894 B
1 KB 96ms
96ms Other
image/vnd.microsoft.icon 172.67.203.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t-wbpbqeys.123tt.ru/parse/s.rutor.org/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e68d4b7f22b5027fef4672cc5ba884fb52ac248fd1ca4648c9ac89d95b0e58f4

Request headers

Referer: https://t-wbpbqeys.123tt.ru/adv.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 05:14:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 30 May 2014 11:59:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7002811-37e-4fa9cc83b1500"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQru9Z5SJcSDVg1ZAc0OMZi4mZA%2F4e8iGXAmmBSksJRP7oxsdWeeCDj8uPI2gj0YJyYCkjaEl5DH6mtcCQG3zy%2Fq4Jb05dbrkeHpOKn6IGbvWge9IdD6fjcpQzFWFnrnLH3thzy6"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: chrome-extension://pmlihfbibgfoklgdkkeipenneifojopk
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-credentials: true
cf-ray: 8b5fe6933c445d5b-FRA
access-control-allow-headers: office, content-type, Content-Type, Accept, x-requested-with
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-21 07:40:37	Name: FTID Value: 1cn2Ow1lg38s1cn2Ow001BZh
.yadro.ru/	1970-01-21 07:40:37	Name: VID Value: 3g3HUR0ld_Os1cn2Ow001Ba7
.yandex.ru/	1970-01-21 07:41:06	Name: yashr Value: 6994953871724130874
.123tt.ru/	1970-01-21 07:41:06	Name: _ym_uid Value: 1724130875859979256
.123tt.ru/	1970-01-21 07:41:06	Name: _ym_d Value: 1724130875
.mc.yandex.com/	1970-01-20 22:55:31	Name: sync_cookie_csrf Value: 1107472128fake
.123tt.ru/	1970-01-20 22:56:42	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 22:55:31	Name: sync_cookie_csrf Value: 3905454615fake
.yandex.com/	1970-01-21 08:31:30	Name: i Value: Vxs4M/cPewzq412QCtkdx7BWiIADopHFuEUMQNUqv9gMbw+ipCNYUl3q0pHeefL5JjPyfLPRVWykJjwn93p5+4nMKK4=
.yandex.com/	1970-01-21 07:41:06	Name: yandexuid Value: 5785078851724130875
.yandex.com/	1970-01-21 07:41:06	Name: yashr Value: 1580683351724130875
.mc.yandex.com/	1970-01-20 22:56:57	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 08:31:30	Name: yandexuid Value: 6063744181724130874
.yandex.ru/	1970-01-21 08:31:30	Name: yuidss Value: 6063744181724130874
.yandex.ru/	1970-01-21 08:31:30	Name: i Value: i5vuKKczKUO9Na+wdcxiSjaSa1PKCgGbRlnYYmFK1+RlIhj7Y4MFGKngHXUixx2aOUXHEUKjM8p3e5G8kHZ4QJVEMrI=
.yandex.ru/	1970-01-21 08:31:30	Name: yp Value: 1724217275.yu.2179871931724130874
.yandex.ru/	1970-01-21 07:41:06	Name: ymex Value: 1726722875.oyu.2179871931724130874
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1092988701724130875
.yandex.com/	1970-01-21 07:41:06	Name: yuidss Value: 5785078851724130875
.yandex.com/	1970-01-21 07:41:06	Name: ymex Value: 1755666875.yrts.1724130875
.yandex.com/	1970-01-21 07:41:06	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 08:31:30	Name: bh Value: KgI/MGC7zJC2Bg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
mc.yandex.com
mc.yandex.ru
t-wbpbqeys.123tt.ru
172.67.203.11
2a02:6b8::1:119
88.212.201.198
00568b506987f6412fbceb9b5880521a0212706d7e392eb48c315dabc7a900e5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31d6e8beba2a583190f4f45abcbb770bd34485d45c19cabb5fa62c22db519c20
4912841156c4582948d016867a6c71845a0221f1dd6419ea911f6f83bbc431d7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59dd7e1dce6b861ded439efde90acabebbe955f48f96c990abdd471af1b5f026
6946c64a41b61a1e8708b7bcf8274274c71cdc23932aab32da5b868d19212b3a
6ede838c510b030a60f27b0e3466376607a480c6d0cab4e0d2f2f19d92d16af9
79df9f5b18cac4dbaec0808448c15e094b5fe20d04aabfe7bed9e6ae07739dfd
856bc26520b6e0dfc14d78183326f78db6a15f2c750499d6791161b28a87f96a
8735685644d31eab561aa5ef335c22cac01ba223879825e8c0de1b50d1ef673b
874d19eae19d9f20a884d976ccca6092c91da6ee8c71d8be1c5c893acbad9159
9bdc9500d9c5b13f9e5581d12caa13fd71feb0f5c2e61d4de26944b159bad332
a682fdf55d12206673fd39d71e37893badd8286e7c511dfa95e05c0b509b9618
aa3d36b7b649920bc8419fee4edece4f5801a9fbd828dab2fdf4179935af1b2a
b57bea2adfc7b0808a369e963ee65d0f71c797309ef9d896886d3811ab8818ed
b8388dd9cf762de7fb6dbcc5191fb91666cb5f477fee21779bf576ac9180a026
c22baf90cbd403ab7d173f6fa65999a6246d71612d6859181ea7642e98a75279
d47ad6a2c2fa3bbd326ea77e4a328ea45e13f67593684237859ef21ed594222d
d9fd75312b80aa988432407952a1fa963f6a6ca7496d5a7533242475b20c600e
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e68d4b7f22b5027fef4672cc5ba884fb52ac248fd1ca4648c9ac89d95b0e58f4
e786f1e87ef6054b4aab3d26780d3525a14975b8d4de5bae54f095fa07ed5b08
f04b184eb5417b9a81ab455fc07378efa326bbed2a5c74869b3d876b287307d8
f52f9d5afd38aa716b5bcbe81330b258c25d534d983864ad244c4b50f02f9e0a
fb736e8586695a5db7c37884ebfd5860cb016a3a587b00b17fcc3053b5681048

t-wbpbqeys.123tt.ru Open in urlscan Pro 172.67.203.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

89 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

437 kBTransfer

681 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

t-wbpbqeys.123tt.ru Open in urlscan Pro
172.67.203.11 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

89 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

437 kB
Transfer

681 kB
Size

22
Cookies

28 HTTP transactions
0 data transactions