urlscan.io logo urlscan.io
SecurityTrails logo

www.byrut.org.ru Open in urlscan Pro
95.164.86.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.byrut.org.ru/0.8330208238043393
Effective URL: https://www.byrut.org.ru/0.8330208238043393
Submission: On July 09 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 29 HTTP transactions. The main IP is 95.164.86.158, located in Meppel, Netherlands and belongs to STARK-INDUSTRIES, GB. The main domain is www.byrut.org.ru.
TLS certificate: Issued by R10 on June 15th 2024. Valid for: 3 months.
This is the only time www.byrut.org.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 95.164.86.158 44477 (STARK-IND...)
10 172.67.195.13 13335 (CLOUDFLAR...)
2 31.172.68.8 44051 (FORNEX-AS)
1 193.200.64.160 6681 (GIVEME-CLOUD)
1 193.200.64.24 6681 (GIVEME-CLOUD)
1 193.200.65.30 6681 (GIVEME-CLOUD)
1 195.201.37.79 24940 (HETZNER-AS)
1 2 88.212.201.204 39134 (UNITEDNET)
2 193.200.65.116 6681 (GIVEME-CLOUD)
1 185.177.94.27 39572 (ADVANCEDH...)
2 193.200.65.68 6681 (GIVEME-CLOUD)
3 193.200.65.11 6681 (GIVEME-CLOUD)
2 193.200.65.13 6681 (GIVEME-CLOUD)
29 14
2    95.164.86.158 (Meppel, Netherlands)

ASN44477 (STARK-INDUSTRIES, GB)
PTR: vm1706573.stark-industries.solutions
www.byrut.org.ru
10    172.67.195.13 (United States)

ASN13335 (CLOUDFLARENET, US)
jp.domain100.ru
2    31.172.68.8 (Frankfurt am Main, Germany)

ASN44051 (FORNEX-AS, ES)
PTR: dsde1469-1.fornex.org
ipvertnet.com
1    193.200.64.160 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network
mn230126pb.com
1    193.200.64.24 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: cs05.etarg.network
kissedthetrain.com
1    193.200.65.30 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: noty.info
cdn.my1elitclub.com
1    195.201.37.79 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.79.37.201.195.clients.your-server.de
mytdsclick.space
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
2    193.200.65.116 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network
track.my1elitclub.com
track.analitycs.net
1    185.177.94.27 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-27.ah-server.com
s1.my1elitclub.com
2    193.200.65.68 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network
ipsweets.com
3    193.200.65.11 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: etarg.ru
cs09.ipsweets.com
2    193.200.65.13 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: landings.etarg.ru
cs11.ipsweets.com
Apex Domain
Subdomains		 Transfer
10 domain100.ru
jp.domain100.ru
7 KB
7 ipsweets.com
ipsweets.com — Cisco Umbrella Rank: 202188
cs09.ipsweets.com — Cisco Umbrella Rank: 298507
cs11.ipsweets.com — Cisco Umbrella Rank: 292396
101 KB
3 my1elitclub.com
cdn.my1elitclub.com — Cisco Umbrella Rank: 187830
track.my1elitclub.com — Cisco Umbrella Rank: 206527
s1.my1elitclub.com
9 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8744
1 KB
2 ipvertnet.com
ipvertnet.com — Cisco Umbrella Rank: 246639
8 KB
2 org.ru
www.byrut.org.ru
2 KB
1 analitycs.net
track.analitycs.net — Cisco Umbrella Rank: 128929
355 B
1 mytdsclick.space
mytdsclick.space
510 B
1 kissedthetrain.com
kissedthetrain.com — Cisco Umbrella Rank: 180299
2 KB
1 mn230126pb.com
mn230126pb.com — Cisco Umbrella Rank: 117447
422 B
29 10
Domain Requested by
10 jp.domain100.ru www.byrut.org.ru
3 cs09.ipsweets.com ipsweets.com
2 cs11.ipsweets.com
2 ipsweets.com jp.domain100.ru
ipsweets.com
2 counter.yadro.ru 1 redirects www.byrut.org.ru
2 ipvertnet.com jp.domain100.ru
ipvertnet.com
2 www.byrut.org.ru
1 s1.my1elitclub.com
1 track.analitycs.net cdn.my1elitclub.com
1 track.my1elitclub.com cdn.my1elitclub.com
1 mytdsclick.space jp.domain100.ru
1 cdn.my1elitclub.com jp.domain100.ru
1 kissedthetrain.com jp.domain100.ru
1 mn230126pb.com jp.domain100.ru
29 14

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
byrut.org.ru
R10		 2024-06-15 -
2024-09-13		 3 months crt.sh
domain100.ru
GTS CA 1P5		 2024-05-23 -
2024-08-21		 3 months crt.sh
vivarevasta.top
E5		 2024-07-07 -
2024-10-05		 3 months crt.sh
mn230126pb.com
R3		 2024-05-20 -
2024-08-18		 3 months crt.sh
kissedthetrain.com
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
my1elitclub.com
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
mytdsclick.space
R11		 2024-06-24 -
2024-09-22		 3 months crt.sh
analitycs.net
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
ipsweets.com
R11		 2024-06-19 -
2024-09-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.byrut.org.ru/0.8330208238043393
Frame ID: 4EA4F0D99DB847FA57745F685A511A45
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page URL History Show full URLs

  1. http://www.byrut.org.ru/0.8330208238043393 HTTP 307
    https://www.byrut.org.ru/0.8330208238043393 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->

Page Statistics

29
Requests

97 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

130 kB
Transfer

152 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.byrut.org.ru/0.8330208238043393 HTTP 307
    https://www.byrut.org.ru/0.8330208238043393 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://counter.yadro.ru/hit?t50.3;r;s1600*1200*24;uhttps%3A//www.byrut.org.ru/0.8330208238043393;h404%20Not%20Found;0.8881836466641928 HTTP 302
  • https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//www.byrut.org.ru/0.8330208238043393;h404%20Not%20Found;0.8881836466641928

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.8330208238043393
www.byrut.org.ru/
Redirect Chain
  • http://www.byrut.org.ru/0.8330208238043393
  • https://www.byrut.org.ru/0.8330208238043393
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.byrut.org.ru/0.8330208238043393
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.164.86.158 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm1706573.stark-industries.solutions
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4d36837b8f897ae860b92e29096a779354651b0684fad4792d117b2bc9b3be07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jul 2024 22:43:09 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Location
https://www.byrut.org.ru/0.8330208238043393
Non-Authoritative-Reason
HttpsUpgrades
script1.js
jp.domain100.ru/ 		343 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.domain100.ru/script1.js
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384430573c631fd252baba6e91496351952eff6a215560289812f2ad3e69d779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
38174
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 13:16:11 GMT
server
cloudflare
etag
W/"65aa761b-157"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ff7uyoFKs%2FyKg5QZudU%2FuW2g1CDLilYN0u4EEtOHYDfQBmeFDkyV1798chJ3yyCIJ8Z6sTqoFE5aZYvGV5gTvAX0v9JnET3iWb3QnjqXQ6amyIv6hPnlV410S9Aj%2FwC87RQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8a0bd4d2cb4e0e7f-AMS
expires
Wed, 10 Jul 2024 12:06:55 GMT
script2.js
jp.domain100.ru/ 		1000 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.domain100.ru/script2.js
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80f2d55af7b1b84da32ab7ca22e485526fbe849d230f5351063d413628ca2a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
38174
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Apr 2024 18:04:11 GMT
server
cloudflare
etag
W/"66103d1b-3e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WX2I3hyGqMwE7Whw72z8I6s7IYRxnF2Zot6O1tLuh4IDmXxiPBTdS9IKkN1ld%2Fl9kI%2FpfJsFb9EY0aqTzSpCj6hIQcov9XQp5T0RFKk45Ir0drYMDAIqOJPZp%2BPaIFPz03o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8a0bd4d2cb4c0e7f-AMS
expires
Wed, 10 Jul 2024 12:06:55 GMT
script3.js
jp.domain100.ru/ 		955 B
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.domain100.ru/script3.js
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad6258328e647baedb02700f50789913de3fe82a024cde0a7d56f6eb9be6f5ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
38174
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 21 Feb 2024 10:58:10 GMT
server
cloudflare
etag
W/"65d5d742-3bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YHj3shaqBXd%2FdJpwT6b%2B8xh5rR54p4jHmiW0yKULpgFnQETmWiMIULKO%2FZBRzDZi43x42n2UH9lqVcGuFY7kqFokZwX086W9nMjYrdu2uC4uIHO2FtT0Vx1SpxcEXuvm%2FlE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8a0bd4d2cb520e7f-AMS
expires
Wed, 10 Jul 2024 12:06:55 GMT
script4.js
jp.domain100.ru/ 		0
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.domain100.ru/script4.js
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:09 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38174
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Wed, 05 Oct 2022 10:02:43 GMT
server
cloudflare
etag
"633d5643-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5GTPVgNBq8jH84X5oPOTE273IP4arDryogHwVX1JotJUtpA4yZzzN%2B6gWvIV5LBqabrGzmS13nQJsQ%2BSUrNdPajXmQWcdohHlUeLUq7H072M%2FcMNpzlFItmEwKRB4wV6Buk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0bd4d2cb500e7f-AMS
expires
Wed, 10 Jul 2024 12:06:55 GMT
script5.js
jp.domain100.ru/ 		634 B
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.domain100.ru/script5.js
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7e86db551260e2f153e6abfaf0384e5bec91579c5489525707730362e67c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
38174
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Jul 2024 12:04:23 GMT
server
cloudflare
etag
W/"66868fc7-27a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sILj4SfrzbYiI8zz2wFzXJLDXleSpyQieIeT7T0ZNwC68Zxe7F8KmHcyjgEccblQf1J3fKyF37WWSvDOkXTySZa5fBTDXKSBT0ifCU236fZXoEEuxjBulk%2BFfbpD7NmZ4Lg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8a0bd4d2cb4b0e7f-AMS
expires
Wed, 10 Jul 2024 12:06:55 GMT
script6.js
jp.domain100.ru/ 		379 B
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.domain100.ru/script6.js
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050b3f034e9746a692c3da354a96ebaa232495c5ab95e19cd55599fe2222a691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
38174
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 20 May 2024 07:27:42 GMT
server
cloudflare
etag
W/"664afb6e-17b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bg%2B0zOvfOs6bi%2BMAg7kGW18VAkPSz35ss7KYCj%2BYZGo1qmu%2BO9cQXZdG%2B6ebGZPpUKAfilufpSOFjs4fQwqJuHuofd1gMOgDoQSDn1qvbANv3Szeg%2F1lwrD9KH1%2BqDRaziQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8a0bd4d2cb410e7f-AMS
expires
Wed, 10 Jul 2024 12:06:55 GMT
script7.js
jp.domain100.ru/ 		0
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.domain100.ru/script7.js
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:09 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38174
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Thu, 02 Jun 2022 16:40:27 GMT
server
cloudflare
etag
"6298e7fb-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3vmyuuYm7Ea%2B4jtGy%2BKbLY6v1%2B4io%2BXRJ4zqJKuBbkG4wVZM7kAtQj64dD0%2B8Mg%2B9BN4Tx%2BM30f6R9x7OdFc28jHyCb0kxtKCD1m%2BFYbrVhm56kbB2nNK%2FRYRwMGSNfnWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0bd4d2cb450e7f-AMS
expires
Wed, 10 Jul 2024 12:06:55 GMT
script8.js
jp.domain100.ru/ 		0
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.domain100.ru/script8.js
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:09 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38174
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Thu, 02 Jun 2022 16:53:28 GMT
server
cloudflare
etag
"6298eb08-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ofsuw1Ny%2FsXiHHktIJHhfZS7RG8V2Fn1Tcu7fw8I%2BGnHLv4Sz75RDqDN%2B%2FxqYCGCnd6NMs8WXObaWav3trn1PGGmW39r8zJf5iyXVp8TYg9CND1ClwXneRflp%2F89lWzbOZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0bd4d2cb430e7f-AMS
expires
Wed, 10 Jul 2024 12:06:55 GMT
script9.js
jp.domain100.ru/ 		0
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.domain100.ru/script9.js
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:09 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38174
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Thu, 02 Jun 2022 16:53:36 GMT
server
cloudflare
etag
"6298eb10-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AgXnA5nTg%2BnenQl6z6HKvsFNdKAkGIkK00YsNL0tgiM0egQRKOIfQs%2BZ7106i4wL1q6ngLQVsVzfPymYTfmIXNfTBzz1XtrVx6B7GUagNDIt5C7rv3LHGTQDiP12S3x%2FE%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0bd4d2cb490e7f-AMS
expires
Wed, 10 Jul 2024 12:06:55 GMT
script10.js
jp.domain100.ru/ 		0
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.domain100.ru/script10.js
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:09 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38174
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Thu, 02 Jun 2022 16:53:45 GMT
server
cloudflare
etag
"6298eb19-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWExL5srC7mpGWGsP8a4bFuqYLbBA0%2FAtaejjpakqmEYoEC1yYEvykEhy2hH4IamGvNuVROJ9L7pQ5i3wJIqBJzUo%2BQ%2B%2BxL6%2BdDtJ73%2FLsi0%2F5f6SIUc5okge4t9kbF%2FKTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0bd4d2cb3d0e7f-AMS
expires
Wed, 10 Jul 2024 12:06:55 GMT
/
ipvertnet.com/1hjo18mf0m/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipvertnet.com/1hjo18mf0m/?bid=&sid=28258&rand=0.8064136731949532
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.172.68.8 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),
Reverse DNS
dsde1469-1.fornex.org
Software
nginx /
Resource Hash
34130d05ad9113fb367ffcd79520681ceaf1f450cbd56a7ee695b761d0727d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 22:43:09 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
expires
-1
/
mn230126pb.com/wcm/ 		0
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mn230126pb.com/wcm/?sh=byrut.org.ru&sth=ff384397b7691e933c80e6f3e511037d&m=009f7c3dc58c132081eada00e43a8332&sid=876_62928_951157690&stime=707.70&curpage=https%3A%2F%2Fwww.byrut.org.ru%2F0.8330208238043393&rand=0.3818164481158628
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.160 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 22:43:09 GMT
accept-ch
Downlink, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version
p3p
CP="NON DSP COR CURa TIA"
content-type
text/plain;charset=UTF-8
cache-control
no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
x-msr
TRUE
timing-allow-origin
*
content-length
0
expires
0
/
kissedthetrain.com/services/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kissedthetrain.com/services/?id=147721
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.24 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
cs05.etarg.network
Software
nginx /
Resource Hash
d786634adc6b0246f372816af4e5b460e0be316f9163a947acd3eb1e4a94682e

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:09 GMT
Server
nginx
Connection
keep-alive
Content-Length
1592
Content-Type
text/javascript; charset=utf-8
asTitcScHxmgrAJo8ZHc9pt
cdn.my1elitclub.com//d98sqrdxkEnkX/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.my1elitclub.com//d98sqrdxkEnkX/asTitcScHxmgrAJo8ZHc9pt?p_id=971&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=www.byrut.org.ru
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.30 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
noty.info
Software
nginx /
Resource Hash
c7638492cc8fa122c9b133ded9373559be2966e7b9923bc18bbc44b52f956efe

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:09 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
hMUEbCaV1J.js
mytdsclick.space/ 		30 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mytdsclick.space/hMUEbCaV1J.js
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.37.79 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.79.37.201.195.clients.your-server.de
Software
nginx /
Resource Hash
089af77922537448c61601a23af8d12e9ac26d994689493134f23a8edbe48e08

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:43:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Authorization
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t50.3;r;s1600*1200*24;uhttps%3A//www.byrut.org.ru/0.8330208238043393;h404%20Not%20Found;0.8881836466641928
  • https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//www.byrut.org.ru/0.8330208238043393;h404%20Not%20Found;0.8881836466641928
140 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//www.byrut.org.ru/0.8330208238043393;h404%20Not%20Found;0.8881836466641928
Requested by
Host: www.byrut.org.ru
URL: https://www.byrut.org.ru/0.8330208238043393
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
8260d7d211509da6c1bda6cec1b355285fddeb4c352c64aa3f1cf6b0ab97e739
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jul 2024 22:43:10 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
140
Expires
Mon, 10 Jul 2023 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Jul 2024 22:43:10 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t50.3;r;s1600*1200*24;uhttps%3A//www.byrut.org.ru/0.8330208238043393;h404%20Not%20Found;0.8881836466641928
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Mon, 10 Jul 2023 21:00:00 GMT
/
track.my1elitclub.com/lctm/ 		13 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.my1elitclub.com/lctm/?action=get_subs
Requested by
Host: cdn.my1elitclub.com
URL: https://cdn.my1elitclub.com//d98sqrdxkEnkX/asTitcScHxmgrAJo8ZHc9pt?p_id=971&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=www.byrut.org.ru
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.116 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:10 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.byrut.org.ru
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
13
18064d61b6f93dab8681a460779b8429-10560-0.7916825155067224.json
ipvertnet.com/vast/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipvertnet.com/vast/18064d61b6f93dab8681a460779b8429-10560-0.7916825155067224.json?bid=0
Requested by
Host: ipvertnet.com
URL: https://ipvertnet.com/1hjo18mf0m/?bid=&sid=28258&rand=0.8064136731949532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.172.68.8 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),
Reverse DNS
dsde1469-1.fornex.org
Software
nginx /
Resource Hash
f20b0538569d9072194e21d0299dfbbf4ca9f06626935a1ece83841b951c51d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept
application/json
Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache, no-cache
date
Tue, 09 Jul 2024 22:43:10 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.byrut.org.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
/
track.analitycs.net/ctmv2/ 		13 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.analitycs.net/ctmv2/?action=get_subs
Requested by
Host: cdn.my1elitclub.com
URL: https://cdn.my1elitclub.com//d98sqrdxkEnkX/asTitcScHxmgrAJo8ZHc9pt?p_id=971&hold=1.00&subid_4=sitescript&bv=0J3QsNC20LzQuNGC0LUgItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&arr=1&htext=ItCg0LDQt9GA0LXRiNC40YLRjCIsINGH0YLQvtCx0Ysg0L%2FQvtC70YPRh9Cw0YLRjCDRg9Cy0LXQtNC%2B0LzQu9C10L3QuNGP&lid=2&subid_5=www.byrut.org.ru
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.116 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:10 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.byrut.org.ru
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
13
favicon.ico
www.byrut.org.ru/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.byrut.org.ru/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.164.86.158 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm1706573.stark-industries.solutions
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4d36837b8f897ae860b92e29096a779354651b0684fad4792d117b2bc9b3be07

Request headers

Referer
https://www.byrut.org.ru/0.8330208238043393
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jul 2024 22:43:10 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
arrow.png
s1.my1elitclub.com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.my1elitclub.com/img/arrow.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.177.94.27 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-27.ah-server.com
Software
nginx /
Resource Hash
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:10 GMT
Last-Modified
Mon, 24 May 2021 12:09:46 GMT
Server
nginx
ETag
"60ab978a-5c5"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1477
Expires
Wed, 10 Jul 2024 22:43:10 GMT
cross5.js
ipsweets.com/question/ 		29 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipsweets.com/question/cross5.js?24616a0.9532023509067435
Requested by
Host: jp.domain100.ru
URL: https://jp.domain100.ru/script3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.68 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
c9aca1deb8642d6d64252599e6e1256116972c295de0a7658297db1f6a77c02e

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
cross.js
ipsweets.com/question/ 		482 B
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipsweets.com/question/cross.js?24616&mode=list&u=null&r=0.7482522135320497
Requested by
Host: ipsweets.com
URL: https://ipsweets.com/question/cross5.js?24616a0.9532023509067435
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.68 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
7bccc6da809a71fe6d4387fad9754b5878452300fa9635af6122a0a5a634ce46

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript; charset=utf-8
Date
Tue, 09 Jul 2024 22:43:10 GMT
Server
nginx
Connection
keep-alive
Content-Length
482
P3P
CP="NON DSP COR CURa TIA"
audio.mp3
cs09.ipsweets.com/files/ 		11 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cs09.ipsweets.com/files/audio.mp3?domain=www.byrut.org.ru
Requested by
Host: ipsweets.com
URL: https://ipsweets.com/question/cross5.js?24616a0.9532023509067435
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.11 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
etarg.ru
Software
nginx /
Resource Hash
8f6fe530630792e5d9116987cf1a4f109d4f4ee07ec95f5ca2493a8e59a416ea

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:10 GMT
Last-Modified
Thu, 06 May 2021 19:20:02 GMT
Server
nginx
ETag
"60944162-2af7"
Content-Type
audio/mpeg
Access-Control-Allow-Origin
https://www.byrut.org.ru
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10999
3467590.jpg
cs11.ipsweets.com/content/59741/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs11.ipsweets.com/content/59741/3467590.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
564889d2bf78f7daa16308f01bcb45cc3f4ecdd29b9b1a30736dd9fc63400a22

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:10 GMT
Last-Modified
Fri, 21 Jun 2024 09:32:09 GMT
Server
nginx
ETag
"66754899-267a"
Access-Control-Allow-Methods
OPTIONS, POST, GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
9850
3467590_2.webp
cs11.ipsweets.com/content/59741/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs11.ipsweets.com/content/59741/3467590_2.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.13 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
landings.etarg.ru
Software
nginx /
Resource Hash
bd8065f9d88139bd413b44b4b89a0f39c6ba8a5b3e1cd96aaabc446a9aaea42e

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:10 GMT
Last-Modified
Fri, 21 Jun 2024 09:32:09 GMT
Server
nginx
ETag
"66754899-6f88"
Access-Control-Allow-Methods
OPTIONS, POST, GET
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
28552
truncated
/ 		479 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f397378ee2e4d4f210d299f975ef8862668f8a80aad53f007ddc9e5447aa9098

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
pis.png
cs09.ipsweets.com/files/inpage/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs09.ipsweets.com/files/inpage/pis.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.11 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
etarg.ru
Software
nginx /
Resource Hash
596947043bb8602804643c44616d823e16958dff8399a7ec66bb29211ebc2aa6

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:10 GMT
Last-Modified
Tue, 04 Jul 2023 05:38:09 GMT
Server
nginx
ETag
"64a3b041-327"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
807
Expires
Wed, 10 Jul 2024 22:43:10 GMT
sprite.svg
cs09.ipsweets.com/files/inpage/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs09.ipsweets.com/files/inpage/sprite.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.11 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
etarg.ru
Software
nginx /
Resource Hash
13dbf87dd28bf5ef81ffa7ca883bb2b10ccca4544534a758f55d69808089b7e0

Request headers

Referer
https://www.byrut.org.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:43:10 GMT
Last-Modified
Sat, 21 Aug 2021 15:17:14 GMT
Server
nginx
ETag
"612118fa-50fa"
Content-Type
image/svg+xml
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20730
Expires
Wed, 10 Jul 2024 22:43:10 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| hts function| serious object| _0xc49e function| _0xe61c string| e31f4f7be2_country string| e31f4f7be2_domain string| e31f4f7be2_path string| e31f4f7be2_file function| _0x3232 function| _0x13fb string| ms_cu_started number| time string| ms_cu_transparent number| ms_cu_timeout string| ms_cu_logactive string| ms_cu_allactions string| ms_cu_href string| ms_cu_action_impression string| ms_cu_action_start string| ms_cu_action_first string| ms_cu_action_mid string| ms_cu_action_three string| ms_cu_action_complete string| ms_cu_action_skipad string| ms_cu_action_close string| ms_cu_action_preclick object| ms_cu_window_json number| ms_cu_sitecap string| ms_cu_isuniq string| opentype string| selector string| href function| setCookie_e31f4f7be2 function| getCookie_e31f4f7be2 function| efe31f4f7be2 number| e31f4f7be2_view_flag number| e31f4f7be2_click_flag number| e31f4f7be2_close_flag object| e31f4f7be2_ims

7 Cookies

Domain/Path Name / Value
www.byrut.org.ru/ Name: PHPSESSID
Value: b1bda0f6e701f1d27b4b88a162b244a6
mn230126pb.com/ Name: mrmn_uid
Value: 94f024c2e01992a566e9588e326c01f6
.yadro.ru/ Name: FTID
Value: 1cZRp-3lhJOq1cZRp-002EnV
.yadro.ru/ Name: VID
Value: 0u3n_R2ldJuq1cZRp-002Td4
.ipsweets.com/ Name: uuid
Value: 17205649904763512172
.byrut.org.ru/ Name: e31f4f7be2_view_1
Value: on
www.byrut.org.ru/ Name: webPush.Interval
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://www.byrut.org.ru/0.8330208238043393
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.byrut.org.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other error URL: https://www.byrut.org.ru/0.8330208238043393
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.my1elitclub.com
counter.yadro.ru
cs09.ipsweets.com
cs11.ipsweets.com
ipsweets.com
ipvertnet.com
jp.domain100.ru
kissedthetrain.com
mn230126pb.com
mytdsclick.space
s1.my1elitclub.com
track.analitycs.net
track.my1elitclub.com
www.byrut.org.ru
172.67.195.13
185.177.94.27
193.200.64.160
193.200.64.24
193.200.65.11
193.200.65.116
193.200.65.13
193.200.65.30
193.200.65.68
195.201.37.79
31.172.68.8
88.212.201.204
95.164.86.158
050b3f034e9746a692c3da354a96ebaa232495c5ab95e19cd55599fe2222a691
089af77922537448c61601a23af8d12e9ac26d994689493134f23a8edbe48e08
13dbf87dd28bf5ef81ffa7ca883bb2b10ccca4544534a758f55d69808089b7e0
2c7e86db551260e2f153e6abfaf0384e5bec91579c5489525707730362e67c00
2e6bda5dee9fca2a4f4309b274e19923fe3a9e09ce8158c6c7237dd722970684
34130d05ad9113fb367ffcd79520681ceaf1f450cbd56a7ee695b761d0727d5f
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96
384430573c631fd252baba6e91496351952eff6a215560289812f2ad3e69d779
4d36837b8f897ae860b92e29096a779354651b0684fad4792d117b2bc9b3be07
564889d2bf78f7daa16308f01bcb45cc3f4ecdd29b9b1a30736dd9fc63400a22
596947043bb8602804643c44616d823e16958dff8399a7ec66bb29211ebc2aa6
7bccc6da809a71fe6d4387fad9754b5878452300fa9635af6122a0a5a634ce46
8260d7d211509da6c1bda6cec1b355285fddeb4c352c64aa3f1cf6b0ab97e739
8f6fe530630792e5d9116987cf1a4f109d4f4ee07ec95f5ca2493a8e59a416ea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ad6258328e647baedb02700f50789913de3fe82a024cde0a7d56f6eb9be6f5ae
bd8065f9d88139bd413b44b4b89a0f39c6ba8a5b3e1cd96aaabc446a9aaea42e
c7638492cc8fa122c9b133ded9373559be2966e7b9923bc18bbc44b52f956efe
c9aca1deb8642d6d64252599e6e1256116972c295de0a7658297db1f6a77c02e
d786634adc6b0246f372816af4e5b460e0be316f9163a947acd3eb1e4a94682e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80f2d55af7b1b84da32ab7ca22e485526fbe849d230f5351063d413628ca2a4
f20b0538569d9072194e21d0299dfbbf4ca9f06626935a1ece83841b951c51d2
f397378ee2e4d4f210d299f975ef8862668f8a80aad53f007ddc9e5447aa9098