| byruthub.org/templates/byrut/images/logo.png | 188.114.97.1 | 200 OK | 5.1 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/logo.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 274 x 60, 8-bit colormap, non-interlaced Hash393140752ab9c52a7d15da4e830c8a52 fc14d5c4b79abc39a9f871d05ebbefe51c7c0685 eccbcfd79314410c101e40bdc6b7a0f40e428dc4dc241cbf09d004f5fcf74ce8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/logo.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 5050
last-modified: Sun, 05 Nov 2023 07:08:48 GMT
etag: "65473f80-13ba"
expires: Wed, 05 Jun 2024 13:49:40 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448826
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SC1ChqsVM6e4FTpbu5EGUDOXchkAz6TXCC0jRXNeVea7ri3iXR963LgQ%2Fx%2BHq0XahFyh3BxIVWTyM6TUSy5%2BwB46gSiZ%2FagXjzGSNFQGyypHfFYCAG5CSVyp%2B1gshKQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1b9295687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2023-09/starfield.jpg | 188.114.97.1 | 200 OK | 31 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2023-09/starfield.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash1b683832aa999b5bf047e1547ee694ed 2a4a380c40521f462b75e5b3fabb9aaaffb0c826 92292b13614b82e13279f86594cc3748f5864ed672def9ac770eb300178e7e93
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2023-09/starfield.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/jpeg
content-length: 31088
last-modified: Mon, 02 Oct 2023 05:22:09 GMT
etag: "651a5381-7970"
expires: Wed, 05 Jun 2024 14:59:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 444623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EaOv%2BBcSaZ0nNtzD6aaG8UofZUSlIYPpZ%2BFW46I1d0h9KVYGw0dlH9fkKSfUiKXpM6e%2FQFrICDy4NDsQt9ESrzseUMoG5MhqPmRrL3trs1F8%2Fkryao9%2B3C7GJg10tB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1b92c5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/icons/1n.png | 188.114.97.1 | 200 OK | 2.9 kB |
URL GET HTTP/3byruthub.org/uploads/icons/1n.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 108 x 124, 8-bit colormap, non-interlaced Hashd57a9e979bf823fd5de5d87b66b83a83 f360eec5268cc8a0c01c43e5b889ecb049854d4b 769a1f6ee232ef22d85d5b6631fe342b68ce9711bc92384ff388a7cb38371eed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/icons/1n.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 2912
last-modified: Mon, 17 Oct 2022 17:38:33 GMT
etag: "634d9319-b60"
expires: Wed, 05 Jun 2024 14:17:53 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 447133
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckaoJ5CFc%2FmK09OLSSjZPKzKjGbHSFqUWE0tWRTx%2FoklE7AyQHGGqWEMqFJdYQ7o0djraOklmiRWgxYsgb9IrOKrM6F%2FJTgggqLr2P8eiaMojaUkN506F9y7klgF2Ic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1b92e5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n | 188.114.97.1 | 200 OK | 30 kB |
URL GET HTTP/3byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash4f0fa0ea2ed2bd3abcba54438900f124 0ced4961d59a49eb41977ae8c759d59713223c19 5f55e209be722b88bb75df5b584e8e9030a85db8b96c806149ab1f5538aedcd0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /engine/classes/min/index.php?g=general3&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 30393
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 14 Jan 2024 16:06:55 GMT
etag: "pub1705248415;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 45262
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VTbwUKSSgRYoLuw35tfUiIAzpbWCnLnn7HAfRS%2FZgutdYIQtG%2FcF%2BUtrVny4nQHOM7RFU1z7QOz4EsOYs4c4josoMskgBz15ARSRuV9A3hc5MIIT0ecmYbCMlZ58lyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1c94f5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n | 188.114.97.1 | 200 OK | 46 kB |
URL GET HTTP/3byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64742) Hashdda805648c4c2019d9ad8eb458831e17 5e70a1ce929daf8e6c7a3805c4ecb27f3634d3f6 91f79ae04f21e997227b5335d340bd817dc2e14502dea7bff1695458acbebbd5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 46426
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 14 Jan 2024 16:06:56 GMT
etag: "pub1705248416;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 45262
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nPWmIx4lgAOxFI%2BL7th5D7ZEX%2FpzS2LY6Ji29VU484ieuGXksPen2yhTxW2hgGFXv%2FWhRNlNpGu0TCYUxpg18rvFHsb226ySSD5SuaOWPWU7ZhbL8AlXzzVXFDLwr00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1c9515687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n | 188.114.97.1 | 200 OK | 100 kB |
URL GET HTTP/3byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typetroff or preprocessor input, ASCII text Size100 kB (100271 bytes) Hashe2af714cc5049514c469957a43c3b6c4 4265c52a3db5b50633fbf24acfacb9a0a71d3e7d a6e08a8370d9e48905c733d901d3fa6a1ec6f6e57038034b3f60fd8bae806a11
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: text/css; charset=utf-8
content-length: 100271
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 05 Nov 2023 07:09:49 GMT
etag: "pub1699168189;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 45262
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OtvecN9hgvVZsizzYRgyGcrJPh56DS%2FwZ0qj0CnwA%2B8AX6NbLaFuZnHbwJYRFs%2F3%2Bh0dcO2c04EwotcFNEO9c2q5UN0Jej8Uun1K3DtoOPB%2FZiGqlRNP64wGQkoQpqs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1c9535687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/3byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31911) Hashc946c33cc6c45b1bdfa528482d898f24 2f790e85c4d153627bfffb5f8e5bdc1ec66ad73b 7395940bf2b6e2ea209207cd8be98f2107c5b5531585254082fcc1a35c0f7207
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 37050
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 05 May 2024 12:28:24 GMT
etag: "pub1714912104;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 45260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKsqJ5VEt8lmPKo4AMSZzKycFuJ70sSulocesyqTqi9qRr%2FW%2FHKOd46QoPr9ACZ0TYVyXgxBT0VSrnrDy6HyB2%2BKKINbYygertwde%2Fi15hEiv9ZNRv2Y8AVURQxdToc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1c9545687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha | 104.17.2.184 | 302 Found | 0 B |
URL GET HTTP/2challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha IP104.17.2.184:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?compat=recaptcha HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 18:30:06 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/1b3559406bc8/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bffa349197127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1 | 142.250.74.72 | 200 OK | 96 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1 IP142.250.74.72:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashfd9622fd3bbf8b30290c9b55a40dc634 09db40a1f0dc3c3f7a847d0aceeaf3b454bcfe4f 7c134e2c11e58551593b7c2ceb9e10b03daf4ed4e580f78bb7f89ca9a7557225
GET /gtag/js?id=G-QX7E7T8PJ1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 18:30:06 GMT
expires: Fri, 10 May 2024 18:30:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.akamai.steamstatic.com/steam/apps/256969669/microtrailer.webm | 23.36.76.241 | 206 Partial Content | 1.4 MB |
URL GET HTTP/1.1cdn.akamai.steamstatic.com/steam/apps/256969669/microtrailer.webm IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
Size1.4 MB (1364061 bytes) Hash1d276b83cc6f70158c94b24c56a2a139 8467dc717a986809a3675aa778c19b876938ab2a b408fd89565a18dbf9733f7fddd413c8dec7d0ec1bdf3d3a56e2be3a32cbe246
GET /steam/apps/256969669/microtrailer.webm HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx
Content-Type: video/webm
Last-Modified: Thu, 14 Sep 2023 18:14:52 GMT
ETag: "65034d9c-14d05d"
Accept-Ranges: bytes
Date: Fri, 10 May 2024 18:30:06 GMT
Content-Range: bytes 0-1364060/1364061
Content-Length: 1364061
Connection: keep-alive
|
|
| byruthub.org/templates/byrut/images/rating.png | 188.114.97.1 | 200 OK | 2.3 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/rating.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 88 x 263, 8-bit colormap, non-interlaced Hash22063375dd8258d84b95d1ee79e8ded4 d6e75431003741b5c847e8d76a4bbafc24bf3c13 9d0b588363b7ada4fe7d8c7b422fa4e953a49463d0aae20483bd2504b0a7eecf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/rating.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 2293
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-8f5"
expires: Wed, 05 Jun 2024 13:50:28 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448778
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7N9%2FDv9uSjHSE6dxaSjJ9ylAU4cfTBmN0ZCrEDg026w66%2BXT6expwRiXynA97xDyXbQajS78LnAKzXeSBD6Lpk%2BEFSV0wPaFL9SaL9bcus%2BE6ERr4AXqHzTA1ZLPvD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ebe5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/top22.png | 188.114.97.1 | 200 OK | 1.5 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/top22.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hash79b0227cbaa7268aa28730dacc5d6840 2fec7563de6010c50287768ec0ad4172a279ec1a c08507e4c48295cae51420335ea81f5890d8f3a569e44076767699a7e9ab7111
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/top22.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 1458
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-5b2"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l9ipo928XmkM7qWgnHb7ghcALXGT2izC8UUcL2X2kwJx3c3j91jlPmlE%2Bt0WMeX6qRNouf5w01qJLdu8t3Sb2sG67eeH6ktcrakg7QLfLf%2FlC6LZKbCyqFSPRslSNNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec95687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap | 142.250.74.106 | 200 OK | 2.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap IP142.250.74.106:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash3c3bf2e5325c57f6c46267a4e2280c9e ea1c90769e5343f9fa4d8aa4a2d5fa6de676c3ba 51f6c5522508909f71da513181cb80d973436762abd895cb87318cf0cd968f48
GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 18:30:06 GMT
date: Fri, 10 May 2024 18:30:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js | 104.17.2.184 | 200 OK | 15 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js IP104.17.2.184:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42616) Hash86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4
GET /turnstile/v0/g/1b3559406bc8/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bffa3bf5256aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/css/styles.css?v=b4x9n | 188.114.97.1 | 200 OK | 27 kB |
URL GET HTTP/3byruthub.org/templates/byrut/css/styles.css?v=b4x9n IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typegzip compressed data, from Unix Hash3d9dadd4003de911de4367990f7e6ad2 be9bd2ff77b362933739d0c408cab0a8b8214264 3205ceba329b7360f1194c82ef65d3c0cc8e68704f466bf8168c06e21306c8a7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/css/styles.css?v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: text/css
last-modified: Tue, 23 Jan 2024 04:25:17 GMT
etag: W/"65af3fad-191d4"
expires: Mon, 10 Jun 2024 05:55:44 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 45262
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIC2FCszFagtig7lFJ9oI%2F%2Bhpfr9I9EcJiC5be5aF0MS7%2FK5G27EZp7l7iVt3qIBRMobTmuTwsvwN4Ioc0u5%2FKerHYuv%2FAp4Tad1IIAOfk3kO3089A3qarBSMkJ%2FsBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1a9235687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/fixcom.png | 188.114.97.1 | 200 OK | 1.6 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/fixcom.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashbfe3d1ac9bc7454a75d41c34842f3cc6 012bcc884c14f1ff8c80e69db1df8a5fe46fb987 91dc915b8c3f0bb128584e574cec46350ea75e059c7a6453bd450e8a201e82fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/fixcom.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 1557
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-615"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448763
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dbe1a9LGtZ%2F08PQa%2FYQW5eT1FkzwQA0cWxQgEuh3AA2Av3ZYGL%2BjgQ7ORMMPv5OgKUdeUdd1k7WLfi1MZgrb%2BcCHLPGoMbHVdCDSSurEhVonvezz%2F2TiHULTzCklBas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec45687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/d.gif | 188.114.97.1 | 200 OK | 359 B |
URL GET HTTP/3byruthub.org/templates/byrut/images/d.gif IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeGIF image data, version 89a, 13 x 13 Hash3def66024a583b6ca763e249acb3c426 82f2f897d3e2746181b889811ac675565dcaf0fa 7d4fb7d5a9e681b2313ca88338e3255364aa452f243d6397aa905783e98bfca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/d.gif HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/gif
content-length: 359
last-modified: Sun, 05 Nov 2023 07:08:49 GMT
etag: "65473f81-167"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448763
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FoXnMNbFJSE37eC4ClccI8rpmgGCCCVf%2F80ocCy3wEd1zG%2FLuCbAbTDwVSq%2FlzA2SNIGTQ2uL9yztYQ8gGcj%2B2iUYL07w3v0UlRcXhxh2Wpig%2FrPRU6YOIUT0kGauPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec05687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-02/king-arthur-legion-ix.jpg | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-02/king-arthur-legion-ix.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashbabd079ec05ba8a83a46827e25141caf 4fdf978cef2ff27eb80bcaa151a0925c365c4b7c eeda74a472a1d5919be5f1b5265f8b50dd597f3663d0c28e0deb7cbdcb3f11b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-02/king-arthur-legion-ix.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 28337
last-modified: Sat, 02 Mar 2024 13:26:02 GMT
etag: "65e328ea-6eb1"
expires: Wed, 05 Jun 2024 14:41:52 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 445695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aMp1JrXlOp5GS7llR3QTjyWMRNqj3v3ysbcmBkIvcP3VGS1x4KyOxw7yCq7Dc%2F4osryF8edXf0sPCiycxBtBHvmlPks8z%2FH0fLsWowSHXyaudzTkkja33FxRwJL3WA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759e25687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2022-05/v-rising-poster.png | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2022-05/v-rising-poster.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hasha606394e97b9b9957056c116c3455c41 9fcc8caf352968c51c72c880727dcf6ae0c29a32 dd5ddd4c891fa45235a04982a1689e3051b8b4ad5098a1e9b4150129e8963038
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2022-05/v-rising-poster.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/png
content-length: 17696
last-modified: Sat, 18 Mar 2023 11:44:21 GMT
etag: "6415a415-4520"
expires: Wed, 05 Jun 2024 15:02:20 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 444467
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znaGmf0LV7mwb1pu1G9t2a9KkN8y2k6wv7%2BHVnFQ29C6cft9CaK2Ak9UAL6XehOqGAm0v%2F1gEN1R%2F1G%2BOce6ZBDt63EwgjfC2f7PJQEsflcf4q197d6SNNF6VnwvpJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759e65687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg | 188.114.97.1 | 200 OK | 30 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashcca866cd6fcafc39cac2cfcf63dfd9d6 d52ca8a0f42f96c3362771714b92d9929a404da3 2b7990bd541e744e5c22e393125f11d0ed72ed987a2144b92006b8c5c480d690
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 30012
last-modified: Sat, 02 Mar 2024 13:22:11 GMT
etag: "65e32803-753c"
expires: Thu, 06 Jun 2024 17:59:08 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 347459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CHzRLvinDAjwHYnTrCyz%2BgLiQ%2FwyUZWQslflY9sQa5uZWtq1AfEYE3EIdY64ExwMA6wRrXNlmLxks0IpaTwYOXxZlKOCZkDypeiQ6ii0V89w%2BkKwUkdcwXSWPVHI90%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759e55687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-04/abiotic-factor.jpg | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-04/abiotic-factor.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashd441e68c8e71dd837fd5c33d2cc75da7 3500f7a146e16bc996418a536454685a446fc235 3b222b85c2f933f4ba4a5fb586b6e593a2689cac85cf661761b4a28943df4e92
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-04/abiotic-factor.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 37104
last-modified: Fri, 03 May 2024 14:20:19 GMT
etag: "6634f2a3-90f0"
expires: Wed, 05 Jun 2024 13:50:21 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448786
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fmYZWOyAlQYJnl1KCTfIiyc6MT5ymteuk3ufI7leQ5ALaaW%2B9cNcaFgcPv8Y7O%2BuaMvm9GmScJbVpZNIPJH5VVj6613ImYH99p4BBZp7rFSU0SPjh0GU%2Fag%2BSjWVnpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759f25687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg | 188.114.97.1 | 200 OK | 31 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash35baa9a417e43fa13731932280526c26 00d6f5dddcbf4ccbecac9b21ddd7d5049ae872a5 d317eee4887dbda5aa499276aad9b7f67fa80465ed3b7dc8a12cd36ceff0b00f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 30626
last-modified: Fri, 03 May 2024 14:26:25 GMT
etag: "6634f411-77a2"
expires: Wed, 05 Jun 2024 14:41:52 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 445695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=20grvVHZBNV8sY8X7h%2Bv2Yic4qQvYj8itvbcrWdLDgM8jryHP7j%2BpV1GhlAyK6AW%2F3Ray3RqFoFfyPX55DR6kbRe62UtF3c8h5a49%2FJ6XUvoPe6BAPIkK3pVUMBNL%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759ea5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-04/hades-ii.jpg | 188.114.97.1 | 200 OK | 40 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-04/hades-ii.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashf00a957c498ad034d5648a58854df911 37d1897a0aaf0f85e6f61b0eb1c01f1f8afee591 0e388e3d32b7eceefc166401b3ad5715d3c802cf13ede8eb5f1ef5fd72413a60
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-04/hades-ii.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 40284
last-modified: Fri, 03 May 2024 14:26:19 GMT
etag: "6634f40b-9d5c"
expires: Wed, 05 Jun 2024 16:23:10 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 439617
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Qar0kdQFpv7FeRtHrXrkau568cVa%2BvD4RPaGm9aRVXEa%2FoyfEqX5s6tz17kihgeNneWlmxll1ioiHJ312bBFZsZG7Cf7lcIJ80IISPhF7cQy6YKpWe4%2BZ8qpXwA9Ek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759ef5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-03/pools.jpg | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-03/pools.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash0b760610ee6678c0d8c2219241295ffa 3046e23fd134fdc2c785e5e4f27f8badb41e2661 c6a7046604cc35898ba6112e3cca5d63a1ed1c8c8260589f9b5c584c2b1881ac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-03/pools.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 22143
last-modified: Fri, 05 Apr 2024 04:00:45 GMT
etag: "660f776d-567f"
expires: Wed, 05 Jun 2024 21:05:07 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 422700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGSLH4IGlSoK3lkfN%2F2rYUwQqcTw6LTET0OeJAA7V3vrArDCbz72oNnPlxfJH0FxdPpDBzkyQKAWnN1VHqzReOqCRVJG0njFpTB1BHXL%2BWIZJ7OneQOBUVGGW5KSePM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759f65687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-04/foundry-9384.jpg | 188.114.97.1 | 200 OK | 44 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-04/foundry-9384.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash57ef318c6bfed87726ac3ea8d8457996 3b9cc58c465ca31b685be5e6c3c7b597f9912446 498b90922071f6a93d18ab2c1f7c441f6d3a6087894351de2a5808c372e46df0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-04/foundry-9384.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 43931
last-modified: Fri, 03 May 2024 14:25:16 GMT
etag: "6634f3cc-ab9b"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6W14KbMfvFVoc5nji%2FwpsonwBrmNH7cNiTj2bH6xhu3A23MkVeSby3twbfifjzy41p2waQkuZB9TKbB1wPwvCe7Eva39oVNlv4fHSt5bHbfNX9REzPWMLkDsXW1P7IQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759f45687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/close.svg | 188.114.97.1 | 200 OK | 706 B |
URL GET HTTP/3byruthub.org/templates/byrut/images/close.svg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typegzip compressed data, from Unix Hashbba2aa28a0424fedb60b70be5086ceef 0430f2cc3429c3efc4700f34d0a9f421a7728654 d1e1ac80ecb4b3058523ff9aa3e85d2540cfb8c0cc9a1b55d1a3b93b2ab8b4a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/close.svg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Nov 2023 07:08:47 GMT
etag: W/"65473f7f-15e"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 448823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GxaJbeGqF1MNfVSckY9VqQXUAUg8IXSjufyJ3JJSaN4VM05Y8VzFoLR3%2BC%2BPW10NggUTi0iNCiNGzZqryFgmuGtZ%2FxWKDVNBedkv16wXA0Cvt6mjVw1VVrXmY%2BcJNg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ebb5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-02/manor-lords-7834.jpg | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-02/manor-lords-7834.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash09c819e68ad8d0c8776f0e1775a23561 9ee3acdaa78dfa7a05ed294ff77ff8a7b6269c5c c66f0535a8f9e8a5b01c913c7ad6bf3d5250e57e02a2737cf1c8cdbe1479f097
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-02/manor-lords-7834.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 36849
last-modified: Sat, 02 Mar 2024 13:27:03 GMT
etag: "65e32927-8ff1"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBJf9ZCf6TsFXXPN4yDYxV0fMJQBHtUDmjT5SgCt50Ywf%2Fy8PHwHknUe%2BWjCU8Ip0UJT3aDqBvCJ7ihEZCfa6hxK7T8QnLL%2FDgh4jgBxIVe3DOI4aNBkC%2FBo96yD44E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759f95687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2023-03/another-crabs-treasure.jpg | 188.114.97.1 | 200 OK | 33 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2023-03/another-crabs-treasure.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash0a03ad2317e77c98d4d8ccb206434f59 a2e5d7083b75d99404566f9709c104a675eab8d6 093cf2ca594819111a0a7ff8ab02ae2979024ac003b5df7ba1b4eab85c2c0a08
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2023-03/another-crabs-treasure.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 33313
last-modified: Sun, 02 Apr 2023 11:55:21 GMT
etag: "64296d29-8221"
expires: Wed, 05 Jun 2024 16:23:30 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 439597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yILKN9G%2BaeEHuAeqkRlG%2F65%2FlsI7qxn97py8lvfElG3QfUYVqyrRiPbbTiWnjFUc6JbcZyMp%2Bk3Zp1umi%2FP2WcQv5OtfmX%2Fhts7fklgpvowIf0qu2ga%2FpAuROkOoTSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759ff5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg | 188.114.97.1 | 200 OK | 55 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash0eccb284fa373b0e38abb036a6ccf8fd accaa1bd7a2e396f512e551e89018f217245a678 caf1fe202893050379dd5f868d222ae31d06279e57f1f2da4d9163347a86f44d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 54843
last-modified: Mon, 02 Oct 2023 05:34:39 GMT
etag: "651a566f-d63b"
expires: Wed, 05 Jun 2024 15:38:40 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 442287
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLIoGU7K65bWOCjRxQPX6BhQM3pMcZvoftz4J6tyuxQt22UFNcnUJ%2BDwsF%2FKdaqPFq5Cel%2FhOynROEAbLbkX9Pfv6bqQPoYCwwgC6qP3ypVGb1uZO6yA0RRLlJd6AZ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa76a005687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-05/bellwright-1248791847.jpg | 188.114.97.1 | 200 OK | 49 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-05/bellwright-1248791847.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x450, components 3 Hasha8a0514df479d1abb2b32950f98d90ec c4f82373e50b81a8e31fdb374f5166bf82b8807f a0a93d61d8144053c911ab7e6dc48cca1674c985d09e67a82ee28db206bf11ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-05/bellwright-1248791847.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 48840
last-modified: Sun, 05 May 2024 09:50:16 GMT
etag: "66375658-bec8"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YH6HDu%2B6ZI1vM5aelF1rbEPrAYqHwB7qogfFLSOH4BY32r%2BeAc3x0QYEXZW6rR7%2F7qeiwx5oeiLJ%2FwxgmBNg3g7%2FBgpEtwCRHkMlNFX%2FoVPydPoyH%2BdHdwrEW7nkzQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa76a0a5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-02/no-rest-for-the-wicked.jpg | 188.114.97.1 | 200 OK | 33 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-02/no-rest-for-the-wicked.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashd3e485dfc2f379ecdf79558a0a3c60f2 b29b76c6b349fe32cbdff1393c703b7eb7fe031e ee45689f3a370b1e784c352350b607cb129ff932ae99b67c889a9e774fc36147
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-02/no-rest-for-the-wicked.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 32790
last-modified: Sat, 02 Mar 2024 13:28:31 GMT
etag: "65e3297f-8016"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wT1nWSxCKt2skmVs2NpAzDtCSdTqR4f%2F3w1zNWTO806PfppJ4Gq2IRC2SlV4ifJo7pZ0iv%2F6gLbOwSjRhDigH4BHCSxWVE9bl15nwRP2WSQyJTScb%2FThpQ2fFQlw9Xk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa77a1c5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-02/sker-ritual-4369.jpg | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-02/sker-ritual-4369.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashc2531e578cee9721efe654321c707be4 6e1a0a6b0b4ae646a03e6dab23ddce1dc33dc840 c0bde3dbc37c711ce558e38ccf4d1a4224f4581ceffd253353d52b16377b06bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-02/sker-ritual-4369.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 20561
last-modified: Sat, 02 Mar 2024 13:32:20 GMT
etag: "65e32a64-5051"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbWXfOfKWTCQBr3WVNOB8K0fdD8RXdMdKC2yqrpT0Bh83zILYZwreJ19LDQt2zcf2rsuFxljpx9eJZBZeFXjZ5AtHZJZvvqkftQBUw0nJ5Rg9Dkb225gimNmNHL4YQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa77a1f5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2023-02/thumbs/summer-story.jpg | 188.114.97.1 | 200 OK | 5.0 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2023-02/thumbs/summer-story.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3 Hash710d4064f747d282cf60c2d27c4a9b5f d0d9e0595710b22cd72defddccd48fc89c107c3d b03a5e7b2ba8891ca0414d0c447a0595025389ffeb36c61dfcf8c4d4f686e17d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2023-02/thumbs/summer-story.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 4980
last-modified: Tue, 23 Jan 2024 02:13:23 GMT
etag: "65af20c3-1374"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 10611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExQXj7TaM0zrw3J4joq0gaNrMqnouGKWS8cgKWaXktm8HM4XgOn1EvPvlpKYHQt75gEbB5k%2FMuTeHSyJL488FiAzH5r6uemXntE6SgwtNXG%2FI1DiHPGaRajt77Ls8%2BI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa7ba845687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-03/thumbs/breeze-of-passion.jpg | 188.114.97.1 | 200 OK | 5.1 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-03/thumbs/breeze-of-passion.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3 Hash3585f57e8c17e450a15ebad65b009f1c cc79f719950d1a556f8bf52d43362956fe153657 791d315eb5113fb46979cd970387855bf3f8df0e8176594525c0212270e8ba6f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-03/thumbs/breeze-of-passion.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 5128
last-modified: Fri, 05 Apr 2024 03:44:57 GMT
etag: "660f73b9-1408"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 10611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVYyejuD8fwGk%2B4uYTUy40fKFxXrpYHqESbFtTBjwHK2jzHQH3ei%2BkZc6kTpRgSNHotGOo4lBap4mJAHUnF7FuKQOU7SLnwpJps3%2FVsRLXX2dSY9thtE1J2upWuVZPI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa7ba805687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2023-02/thumbs/refuge-of-embers.jpg | 188.114.97.1 | 200 OK | 5.9 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2023-02/thumbs/refuge-of-embers.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3 Hash2823e2e272b4643eb386a910729e9445 a9db785f6afe3ea6e913a165cfc290b692e21728 1741fb0c2434e62ca016c8d6d80a4feedf261222e9028cd101cb2b7c821ae363
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2023-02/thumbs/refuge-of-embers.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 5899
last-modified: Tue, 23 Jan 2024 02:12:20 GMT
etag: "65af2084-170b"
expires: Mon, 10 Jun 2024 14:33:12 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 14215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DoYPKTXNuwP%2FmFNlAhXVMNZ%2B1IELPyAMqDv9jKe5XPngZSeG4MFm4UPcO3DDYoYiA%2F8l0Bgtj%2Ft5IREGWdTjjFvF2bgRwKtunfKuipXuxi%2FSFnrsWk%2BbbpxyRFIFhdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa7ba865687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2022-12/thumbs/milfs-of-sunville.jpg | 188.114.97.1 | 200 OK | 5.0 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2022-12/thumbs/milfs-of-sunville.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x124, components 3 Hash1c3c4049013fb56a122a2c5821e8abc4 22c2505a61acac9e97c27913d598039ee36509e3 5edc0e086c0839f15d2b9e428842176e9916a7594619f84449b40ead0fbdd60a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2022-12/thumbs/milfs-of-sunville.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 5023
last-modified: Tue, 31 Jan 2023 15:32:43 GMT
etag: "63d9349b-139f"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 10611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vbjWIY960F5Nnyi15q3yc1bS8Jf%2FcRsHu4u%2FE1mpiH9ji%2FdIX%2Bl9XIhQRRQai%2BCZvoh%2BmbCXpetodtjIx4qOmt%2BfwJFdRK%2B2sBDrBTI9Tf%2Br6C%2BunTYHVqjM%2Buv53Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa7ba7c5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2022-05/thumbs/a-struggle-with-sin-poster.jpg | 188.114.97.1 | 200 OK | 6.3 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2022-05/thumbs/a-struggle-with-sin-poster.jpg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3 Hash7253edeac528bfba0d5b7eeea6a16091 fd4b898e1f7d1fb634650dc35247c77bb9fa9a1e f07dab026f170cb054478490728a0aed587e01c8882b7c339cd494eda048217c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2022-05/thumbs/a-struggle-with-sin-poster.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 6273
last-modified: Mon, 22 Jan 2024 12:02:29 GMT
etag: "65ae5955-1881"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 10611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDuZVJvE79eWWwNJiJOr4QwNzmZdpTG9LwxKY0j6fH7TQogFQ%2FoNZdMmlYNjW7bWQ70fXKV7EwB5qIaTFGIQ90DQO%2Fw20B1%2BGkaeO19VBAsx%2BfqqKsFnGhbXSDUh2mQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa7ba825687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:03:54 GMT
expires: Fri, 09 May 2025 02:03:54 GMT
cache-control: public, max-age=31536000
age: 145573
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 | 216.58.207.227 | 200 OK | 9.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 IP216.58.207.227:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9840, version 1.0 Hash7b08b9e11fc6b8a8a1398b357e874144 4b5fb5790fae1c96655aaa7a426b697f5ab986d0 3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:09:53 GMT
expires: Sat, 10 May 2025 06:09:53 GMT
cache-control: public, max-age=31536000
age: 44414
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 | 216.58.207.227 | 200 OK | 9.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 IP216.58.207.227:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9628, version 1.0 Hashd9ac47c7e500fb7083b8d595eaf6fe12 112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 372950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 | 216.58.207.227 | 200 OK | 9.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 IP216.58.207.227:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9644, version 1.0 Hash6f112ec2b932ee12379442c42853244e b2e73c8c70d6261e1d187f41693c43ac4fe0809d 6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:53:48 GMT
expires: Fri, 09 May 2025 01:53:48 GMT
cache-control: public, max-age=31536000
age: 146179
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| byruthub.org/templates/byrut/css/webfonts/fa-solid-900.woff2 | 188.114.97.1 | 200 OK | 328 kB |
URL GET HTTP/3byruthub.org/templates/byrut/css/webfonts/fa-solid-900.woff2 IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 328480, version 769.256 Size328 kB (328480 bytes) Hash988a9731afe6bb99003283038799f4d3 e62b834496e8808e09d69b157dd8d30767ab281d 86f3981f7218b89863ef8f6308268144f450b3b4ccc8da51139e01fc791bd685
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/css/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: application/octet-stream
content-length: 328480
last-modified: Sun, 05 Nov 2023 07:09:50 GMT
etag: "65473fbe-50320"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UuZ%2BFj1mFtO%2BpYdXoqvcqHeOP7OpDToYiIl8a1eHFz7xfb9hLjmnA%2B%2ByeTzy08ugmFN5uyMkE1RdU4Z4%2FybiNNdXlW6xO4vxLN4P9mR%2BbY9rPC7dMr%2FDKUEl%2B%2BFBGgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa81b375687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/css/webfonts/fa-regular-400.woff2 | 188.114.97.1 | 200 OK | 389 kB |
URL GET HTTP/3byruthub.org/templates/byrut/css/webfonts/fa-regular-400.woff2 IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 388876, version 769.256 Size389 kB (388876 bytes) Hash7289c4ce3f03d1e25a23aec2f1ca1989 63bee62a49b1e129dd410a7804c36f600e45e9ef 13ddcd2880dbcccbf67a22e8f8dc4d48a0ec5891553bb99141eb4923528f3901
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/css/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: application/octet-stream
content-length: 388876
last-modified: Sun, 05 Nov 2023 07:09:40 GMT
etag: "65473fb4-5ef0c"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1L3H%2FOjr56%2BsTro%2B3nYfMtuIOYW7R6K2z4dEhLNcM2s%2BZCS13gGUcX2XH3jUu666w9n2qJRKDsEd6bVXWYpuuQqU5gSIN4h4kiMu5KLuMmV4uEDsGremJzQjZezHs4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa81b395687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 550890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| byruthub.org/templates/byrut/css/webfonts/fa-light-300.woff2 | 188.114.97.1 | 200 OK | 424 kB |
URL GET HTTP/3byruthub.org/templates/byrut/css/webfonts/fa-light-300.woff2 IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 423780, version 769.256 Size424 kB (423780 bytes) Hash288cd41746be38a75c591812b9f623d5 43e3f3b70a4a803054641c8d946b46978dfcbc23 c3691090231fdc9199d216264abb4ad09aeebe9968fe942fa22fb6881248190c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/css/webfonts/fa-light-300.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: application/octet-stream
content-length: 423780
last-modified: Sun, 05 Nov 2023 07:09:54 GMT
etag: "65473fc2-67764"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448764
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gd%2FRnHI4JNkBZYuFYFVBS8GjahNwGxCFvc%2FkZ50rilNIjsvoeBvkjQGPABJhDPBKmZUWgpcMUB40dwQ0YrJYNC%2BcNdT8D2lI%2F7%2Fw4aM6c8B7S%2Bq8Sn4zEeMfeg3%2BX0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa81b3b5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 146107
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| byruthub.org/templates/byrut/css/webfonts/fa-brands-400.woff2 | 188.114.97.1 | 200 OK | 106 kB |
URL GET HTTP/3byruthub.org/templates/byrut/css/webfonts/fa-brands-400.woff2 IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 105796, version 769.256 Size106 kB (105796 bytes) Hash4dea63c16bf81f5c579f8d4f8ba040b5 132096157a1bd06ee90d0e099b30858e55f44a2f 5d878915657ccc71bc447db9d8a48ef33ffaf36b0c5d94aaa784caa779e1c8e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/css/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: application/octet-stream
content-length: 105796
last-modified: Sun, 05 Nov 2023 07:09:53 GMT
etag: "65473fc1-19d44"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448764
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPJE1MkYD8mSNAfIe7SJkG%2BLvy4F7ddP2j5DheJHt7AaFrZzOJCJfYdCAT7iNllf2lbSNXT74TQxy%2Br5IpiUR9fw%2Bf7%2FhtPIXB2XcWUleeTGrqk3uid1KGtSqCunJRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa84b845687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js | 151.101.65.229 | 200 OK | 94 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js IP151.101.65.229:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (563) Hashe7f9fbd21ab7cc5c330233c9f5ff418e c482cc1072e7188fb2d3ba257854a618983dc453 de8e0ef9f88a849fa060e988763e2ef944edbe764e3898d03dec776b1dd9a9dd
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.325.0
x-jsd-version-type: version
etag: W/"37afa-xILMEHLnGI+y07oleFSmGJg9xFM"
content-encoding: br
accept-ranges: bytes
date: Fri, 10 May 2024 18:30:07 GMT
age: 39006
x-served-by: cache-fra-eddf8230100-FRA, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 93487
X-Firefox-Spdy: h2
|
|
| byruthub.org/favicon-120x120.png | 188.114.97.1 | 200 OK | 8.0 kB |
URL GET HTTP/3byruthub.org/favicon-120x120.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 120 x 120, 8-bit colormap, non-interlaced Hash58dab9c132a665c4f525eda08ac2b478 5cb0348bb7c1ab453de686e650116d103c2ded46 b8a881fcaf7e4f0855fd5ee5d398d431ff1fb3fcb2744f556493f29953ad8e5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon-120x120.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/png
content-length: 7960
last-modified: Sun, 14 Jan 2024 16:18:21 GMT
etag: "65a4094d-1f18"
expires: Wed, 05 Jun 2024 13:49:49 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448818
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IM62WpDf4L7DT6n3gMjhefQjeWNee9FSlrif503CTqLtC%2F7umbbzeE7FMq4L%2FPl2i7cTy%2FjOw7WiMES9p9J%2BdfgUWMmbwZ2382I769Vv4cjIk3w%2BZhGxh2IPjBo6Idk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffab780e5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/favicon-120x120.png | 188.114.97.1 | 200 OK | 8.0 kB |
URL GET HTTP/3byruthub.org/favicon-120x120.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 120 x 120, 8-bit colormap, non-interlaced Hash58dab9c132a665c4f525eda08ac2b478 5cb0348bb7c1ab453de686e650116d103c2ded46 b8a881fcaf7e4f0855fd5ee5d398d431ff1fb3fcb2744f556493f29953ad8e5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon-120x120.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/png
content-length: 7960
last-modified: Sun, 14 Jan 2024 16:18:21 GMT
etag: "65a4094d-1f18"
expires: Wed, 05 Jun 2024 13:49:49 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448818
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZjgmbNQ5u6GI64v%2BaOFqlKZRcN%2BPlMpdwoY%2BKDy7mBJZ2Yjs0b1OfrxyWskAUM3ZQVQMonigi%2BsxYc%2FQGp%2BhAhpP7joPdnw1PXQCvLZhkDI9f6457AzdQFnnFXY96A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffab78125687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:08 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 881bffabfc1356aa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal | 104.17.2.184 | 200 OK | 23 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal IP104.17.2.184:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (42150) Hash84087e62962ed2326791e4b1c842b045 60b08662bfea33cc2e17fee4449ca714e02b3d68 f6e7d07bba009f6bd0305795e6e47d439cae0ed44b75fb687d6e686eff99f730
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
origin-agent-cluster: ?1
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server: cloudflare
cf-ray: 881bffab0aae56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mc.webvisor.org/watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1 | 87.250.251.119 | 200 OK | 465 B |
URL GET HTTP/2mc.webvisor.org/watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1 IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
Hash37cc338abe1b4e66affa948da1b8cd97 6115de589d07a6e1307ea621db14d9a78d4eafc2 9e12ce1fdf5dd2208a04daceea9d54cc4b3bbcaa4b4874ec593b66eb48e351d4
GET /watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1 HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://byruthub.org
Referer: https://byruthub.org/
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 465
date: Fri, 10 May 2024 18:30:08 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:08 GMT
last-modified: Fri, 10-May-2024 18:30:08 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881bffab0aae56aa/1715365808550/iW3H9uZQ9pQKR5u | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881bffab0aae56aa/1715365808550/iW3H9uZQ9pQKR5u IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 79 x 14, 8-bit/color RGB, non-interlaced Hash39a69295456793a81966592e187a4c4d 554176334063dcb02e86ce20a31ab94e07adc3d5 ee04254180e268aac8984abe18512c87acab5a9b535a1b9ecc7a79ea37074e90
GET /cdn-cgi/challenge-platform/h/g/i/881bffab0aae56aa/1715365808550/iW3H9uZQ9pQKR5u HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:09 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 881bffb59a4956aa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881bffab0aae56aa/1715365808556/419a0791d646cf3ce4d860e2dbc6f9ef2a690d03d3ffb3b883c1541e6a5d3e3a/UywTRafAQflWze5 | 104.17.2.184 | 401 Unauthorized | 1 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881bffab0aae56aa/1715365808556/419a0791d646cf3ce4d860e2dbc6f9ef2a690d03d3ffb3b883c1541e6a5d3e3a/UywTRafAQflWze5 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/881bffab0aae56aa/1715365808556/419a0791d646cf3ce4d860e2dbc6f9ef2a690d03d3ffb3b883c1541e6a5d3e3a/UywTRafAQflWze5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Fri, 10 May 2024 18:30:10 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gQZoHkdZGzzzk2GDi28b57yppDQPT_7O4g8FUHmpdPjoAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIEGaB5HWRs885Nhg4tvG-e8qaQ0D0_-zuIPBVB5qXT46ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 881bffbb2a4956aa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=383553823&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365816%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183015%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365816&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=383553823&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365816%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183015%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365816&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=383553823&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365816%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183015%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365816&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 503224
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:16 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:16 GMT
last-modified: Fri, 10-May-2024 18:30:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=459265394&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=459265394&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=459265394&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 147
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:16 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:16 GMT
last-modified: Fri, 10-May-2024 18:30:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1) | 87.250.251.119 | 302 Found | 43 B |
URL GET HTTP/2mc.webvisor.org/watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: /watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1
date: Fri, 10 May 2024 18:30:08 GMT
access-control-allow-origin: https://byruthub.org
set-cookie: yabs-sid=1667040461715365808; Path=/; SameSite=None; Secure
i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; Expires=Mon, 08-May-2034 18:30:08 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=9015859681715365808; Expires=Mon, 08-May-2034 18:30:08 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=9015859681715365808; Expires=Sat, 10-May-2025 18:30:08 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808; Expires=Sat, 10-May-2025 18:30:08 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:08 GMT
last-modified: Fri, 10-May-2024 18:30:08 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=486022611&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=486022611&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=486022611&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 328
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:16 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:16 GMT
last-modified: Fri, 10-May-2024 18:30:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=223433809&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=223433809&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=223433809&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 53
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:17 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:17 GMT
last-modified: Fri, 10-May-2024 18:30:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=317898051&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=317898051&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=317898051&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 306
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:17 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:17 GMT
last-modified: Fri, 10-May-2024 18:30:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=78033272&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=78033272&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=78033272&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 44
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:19 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:19 GMT
last-modified: Fri, 10-May-2024 18:30:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=675282600&browser-info=we%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=675282600&browser-info=we%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=675282600&browser-info=we%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 145
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:19 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:19 GMT
last-modified: Fri, 10-May-2024 18:30:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=6&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=168777436&browser-info=we%3A1%3Aet%3A1715365821%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183021%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365821&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=6&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=168777436&browser-info=we%3A1%3Aet%3A1715365821%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183021%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365821&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=6&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=168777436&browser-info=we%3A1%3Aet%3A1715365821%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183021%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365821&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 191
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:21 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:21 GMT
last-modified: Fri, 10-May-2024 18:30:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=7&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=465363908&browser-info=we%3A1%3Aet%3A1715365823%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183023%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365823&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=7&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=465363908&browser-info=we%3A1%3Aet%3A1715365823%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183023%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365823&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=7&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=465363908&browser-info=we%3A1%3Aet%3A1715365823%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183023%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365823&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 260
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:23 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:23 GMT
last-modified: Fri, 10-May-2024 18:30:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=8&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=765379597&browser-info=we%3A1%3Aet%3A1715365825%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183025%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365825&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=8&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=765379597&browser-info=we%3A1%3Aet%3A1715365825%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183025%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365825&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=8&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=765379597&browser-info=we%3A1%3Aet%3A1715365825%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183025%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365825&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 100
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:25 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:25 GMT
last-modified: Fri, 10-May-2024 18:30:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=949567589&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=949567589&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=949567589&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 44
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:27 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:27 GMT
last-modified: Fri, 10-May-2024 18:30:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=9&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=123798414&browser-info=we%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=9&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=123798414&browser-info=we%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=9&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=123798414&browser-info=we%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 344
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:27 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:27 GMT
last-modified: Fri, 10-May-2024 18:30:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=30297388&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1) | 87.250.251.119 | | 43 B |
URL mc.webvisor.org/webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=30297388&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1) IP87.250.251.119:0
CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=30297388&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 45
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:29 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:29 GMT
last-modified: Fri, 10-May-2024 18:30:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=10&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=1031466501&browser-info=we%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1) | 87.250.251.119 | | 43 B |
URL mc.webvisor.org/webvisor/97198497?wv-part=10&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=1031466501&browser-info=we%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1) IP87.250.251.119:0
CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=10&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=1031466501&browser-info=we%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 56
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:29 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:29 GMT
last-modified: Fri, 10-May-2024 18:30:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=11&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=724149875&browser-info=we%3A1%3Aet%3A1715365831%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183031%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365831&t=gdpr(14)ti(1) | 87.250.251.119 | | 43 B |
URL mc.webvisor.org/webvisor/97198497?wv-part=11&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=724149875&browser-info=we%3A1%3Aet%3A1715365831%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183031%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365831&t=gdpr(14)ti(1) IP87.250.251.119:0
CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=11&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=724149875&browser-info=we%3A1%3Aet%3A1715365831%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183031%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365831&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 320
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:31 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:31 GMT
last-modified: Fri, 10-May-2024 18:30:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881bffab0aae56aa | 104.17.2.184 | 200 OK | 440 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881bffab0aae56aa IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size440 kB (439908 bytes) Hash01315a29eb59eff6933a778755e59a8d 5db3e382b28e4b4962439e128038cc3d21f01231 4fcf01116621f05cd7fd202a1a393e5070fda464c4064a0d442b8ec6a46d6117
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881bffab0aae56aa HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:08 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 881bffabfc1756aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/tags.png | 188.114.97.1 | 200 OK | 484 B |
URL GET HTTP/3byruthub.org/templates/byrut/images/tags.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashe25aa5414ea580ee9171f0495dd8614f 0f55896ee1d6c06440326f6d9160799517237763 59172f212518edd429b2e697c77a1e9a91f3769c57dda16798e90aec360b8d97
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/tags.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 484
last-modified: Sun, 05 Nov 2023 07:08:48 GMT
etag: "65473f80-1e4"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdYVOPwf2iyxUZFINyTnVKC8wJaIdC%2BSTQYBYqZrd%2FY%2F%2B%2FlBBFB6xjpTrufq%2FABQvlst7HUBDpk0%2FRtSPNVi51ZXcNZZVc3LPWmMo7xAvVNZf5vxzCeS%2Fc7%2FY%2FzHgk4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec15687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750 | 104.17.2.184 | 200 OK | 22 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22364), with no line terminators Hash340b6e973a67da8ea71c766206d7b04b e3b98442695d9ddeedff35c0ff9b9ed7d71c5ee6 5180253291ad96f77eba2274d585e16f6ff62a5f3425e745b373977c738a8207
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b1630b123e30750
Content-Length: 27767
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:10 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: UHzGC5sJAUQnHsO8xZjH/e0VEpTbL5mKk4qlenDJfE42jmOE8jnx0aD2YwEuhSea$uGXSlUXlzyj0I7LMVEwTbg==
server: cloudflare
cf-ray: 881bffbc2bef56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/upd-publ.png | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/upd-publ.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hash554a3815f3c1821ac11ff40655ce775d 13d34bc29df63a642f0ea2b1fe867b5a233cbda4 e25dd5f2a89109b540d6c365d5fd87a611c819cbbbfdcf828c4f2e395832a686
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/upd-publ.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 1414
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-586"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vHaWpZBJf3c%2BcwtHTY1WZm%2F%2BoIPxXZkNXntPPxBtxvu2VsSJzw391zgDHhDzcBostFrok7gbEq58kh70P2TDuIYTns7IEAXCz5JLlp%2B5MbH%2Fx%2F7GAvEKi9sIcRsA9a4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec85687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750 | 104.17.2.184 | 200 OK | 115 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size115 kB (114576 bytes) Hasha9cc91cce3876c6f734af15bd83aa2db d43f674193e4e6c3e2e85e63afb505acc24bfcf3 3227fa11f3597223c77bd41f67652b77684d56a83f4a0ec8797c2cff66fa7464
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b1630b123e30750
Content-Length: 2502
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:08 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: UlKhHiONEyP/gMZBYaIZ7QYEzjxX9VwxsPnf1Zf0wE2e+VIHMvNdxsfEU1+Bm9e+L/DaBooItlN7W8JKNT2VxEKSkLcF14aP2XkJjKUBXGfZNbDoGADFauWHxaHmT7VzmC9zGV43n3WPU/QpF97i+Dqe59i2aEok330GE3r7YPFqiLfBNJhbPxbC4xKh2k90S0oPqSKCbJun1E+++mzRTnapTzmPRrCFybfFTCgL69x0jEYrij3Pq60Lzc0pALPqLWca/LluRGxzbfrLc3FXX9mPhHYI/Tpt1DY9cCAF7Lqj2ViIcQlCMzouJ4X062wVV8MrytuvVLG6555RM5eYj3DoTDNoxURoPKOnuFINWrfA9FFu1L0pqq23KciDmMblwvN43vgXUyxqmdWlMEu22WwHNxa4Bu52tc9BLif6htNhGzSHAI2/jrr1K+hy78Rm$TzD3s3XjRKtVh73qcM2KVw==
server: cloudflare
cf-ray: 881bffaf48a056aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/23887-starfield.html | 188.114.97.1 | 200 OK | 342 kB |
URL User Request GET HTTP/2byruthub.org/23887-starfield.html IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
Size342 kB (341555 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /23887-starfield.html HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:30:05 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.1.19
set-cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZS9lELm5qlgh6d9jvA5JfSFYDlpWeFNfzDGObFcfwsZP6Rmvh9uIgNqRxnUXtDus8%2BFR1C5pnzI%2FSteKJ3vCFTPoyoreWTYoc11bFvHfwvqV8fNrk8ttAeUoDqE6OE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bff9e8fdeb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| byruthub.org/templates/byrut/images/night.svg | 188.114.97.1 | 200 OK | 955 B |
URL GET HTTP/3byruthub.org/templates/byrut/images/night.svg IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeSVG Scalable Vector Graphics image Hash11a004733cdc59ef8503bf800dcf29ff 241665f3defcad3a5aab12fdc76f5877da511907 c8b1f29433a168187adbf562e653519398d39f613e5aa2ab5e61bbc43a9e1add
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/night.svg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Nov 2023 07:08:51 GMT
etag: W/"65473f83-3bb"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 448823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cz5HdGTCxG3f2%2F8DVuRwy03DYW%2BZu%2BSnlEANjtcLOaYU3kZOuhDDVWU4vM8LvaaHKPInFUbsUFGGgeB4C4JJX7HvWCtC%2BHxtvr73QvSgxOLmBADjxNXTQajymt0q%2BBs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ebc5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/updnews.png | 188.114.97.1 | 200 OK | 2.3 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/updnews.png IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 64 x 69, 8-bit colormap, non-interlaced Hashc5328ae64b721c1e828ddb36a8810404 50ca3d753ce43d6859d90e6cbab2cd6f6e9507a1 a66e1a3d8b6ac9aa6c3cb0f12523e152ec26bdad81521d2d37e836532ae34ddf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/updnews.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 2304
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-900"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T473xup1gVbvwtQ6bX7m8ADzGxZ2CXewPKUYMgnfusV6hIh6U0QqbYVYtY1jdy9nBhgwwW4ydXc9FV5nd3Do7Nf2z2U%2Bgs17uH46ym8vV%2F%2BKqDd8F57h1iPhQNiZZDE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec55687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ufiler-pro2.ru/tools/js/appUbarButton.js.php | 188.42.196.4 | 200 OK | 11 kB |
URL GET HTTP/2ufiler-pro2.ru/tools/js/appUbarButton.js.php IP188.42.196.4:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subject*.ufiler-pro2.ru Fingerprint0D:9E:0D:BA:C1:69:8F:89:42:BA:D7:B5:C8:0E:40:8D:68:E9:43:97 ValidityWed, 21 Feb 2024 09:15:47 GMT - Tue, 21 May 2024 09:15:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/js/appUbarButton.js.php HTTP/1.1
Host: ufiler-pro2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:30:08 GMT
content-type: text/javascript;charset=UTF-8
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| byruthub.org/templates/byrut/js/sc.js?v=b4x9n | 188.114.97.1 | 200 OK | 2.0 kB |
URL GET HTTP/3byruthub.org/templates/byrut/js/sc.js?v=b4x9n IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeASCII text, with very long lines (2116), with no line terminators Hash8379ac005e1fa3f9e59c79a911e32441 aa78f4c0fd8f5b697efe0befe31a0751724fbcd2 baccb7e2bd3a211e63dd09e7b1d2c4997cb699c634e29384bc1c6793fd321dc8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/js/sc.js?v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sun, 05 Nov 2023 07:08:56 GMT
etag: W/"65473f88-7d7"
expires: Mon, 10 Jun 2024 05:55:44 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 45262
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPtuUeBmQIKbLhU673RJ%2FLOxuaDZYbdriRrJavCfg3TYA99At3qS0XdppAvf3Gq%2BCN5KygaIl5F%2BgaKAxoeeR2%2Bpo9VcvV8eaAz3cKj2bsdaYHA%2BQxuIlDidzeh2M%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1b9315687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/engine/ajax/controller.php?mod=adminfunction&id=23887&action=newsread&user_hash=e8a5142cca9fd127c565601a4aaba4cab966538a | 188.114.97.1 | 200 OK | 5 B |
URL GET HTTP/3byruthub.org/engine/ajax/controller.php?mod=adminfunction&id=23887&action=newsread&user_hash=e8a5142cca9fd127c565601a4aaba4cab966538a IP188.114.97.1:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeASCII text, with no line terminators Hashcb5e100e5a9a3e7f6d1fd97512215282 11f9578d05e6f7bb58a3cdd00107e9f4e3882671 ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /engine/ajax/controller.php?mod=adminfunction&id=23887&action=newsread&user_hash=e8a5142cca9fd127c565601a4aaba4cab966538a HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5; _ym_uid=1715365808248929091; _ym_d=1715365808; _ga_QX7E7T8PJ1=GS1.1.1715365808.1.0.1715365808.0.0.0; _ga=GA1.1.500578044.1715365808; _ym_isad=1; _ym_hostIndex=0-1%2C1-0; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.1.19
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6RyLxKSDhPpx0eHQs5%2FJcPrgAYAr9kiTHkZIZHv6peOmAfHlTwYqUWdiKjGeXCYYAZTYMz4DGn7q8lFfCAf4SMpuLwY7MJTkTj2DAJt9jdGVsMnyvwQ%2FL%2B946rAiGQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffcdfe7e5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mc.webvisor.org/webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=889060157&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) | 87.250.251.119 | 200 OK | 43 B |
URL POST HTTP/2mc.webvisor.org/webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=889060157&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) IP87.250.251.119:443
Requested byhttps://byruthub.org/23887-starfield.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=889060157&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 44
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:16 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:16 GMT
last-modified: Fri, 10-May-2024 18:30:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|