Report - byruthub.org/23887-starfield.html

Report Overview

Submitted URL
byruthub.org/23887-starfield.html
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 18:30:35
Access
public
Website Title
Скачать Starfield (последняя версия) на ПК торрент
Final URL
byruthub.org/23887-starfield.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
90

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	3.1 kB	82 kB	216.58.207.227
mc.webvisor.org	17571	2009-08-25	2017-08-16	2024-05-09	20 kB	12 kB	87.250.251.119
ufiler-pro2.ru	unknown	2020-07-10	2020-07-10	2023-03-11	417 B	11 kB	188.42.196.4
byruthub.org	unknown	unknown	No data	No data	25 kB	2.4 MB	188.114.97.1
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-10	5.6 kB	620 kB	104.17.2.184
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	419 B	97 kB	142.250.74.72
cdn.akamai.steamstatic.com	8614	2013-11-07	2014-04-02	2024-05-10	520 B	1.4 MB	23.36.76.241
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	454 B	2.8 kB	142.250.74.106
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-09	419 B	94 kB	151.101.65.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed

ThreatFox

No alerts detected

JavaScript (59)

	URL	Size	First Seen	Last Seen
	byruthub.org/templates/byrut/js/sc.js?v=b4x9n	2.0 kB	2023-12-12	2024-05-17
Pretty URL byruthub.org/templates/byrut/js/sc.js?v=b4x9n IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-12 13:04:44 Last Seen2024-05-17 10:29:11 Times Seen11 Hash 9ff2b283bb824f97d2e01f1db11f9bb9 091f88703e0af12dce2e4768851bb388d72ea796 02043d0f28a9f63557cd3638d6a3ea9e2c3c7fec45018d7580c67c41037363a9 Loading...

	www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1	282 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:44 Times Seen2 Hash fd9622fd3bbf8b30290c9b55a40dc634 09db40a1f0dc3c3f7a847d0aceeaf3b454bcfe4f 7c134e2c11e58551593b7c2ceb9e10b03daf4ed4e580f78bb7f89ca9a7557225 Loading...

	cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js	228 kB	2024-05-03	2024-05-17
Pretty URL cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 03:32:46 Last Seen2024-05-17 04:48:51 Times Seen38 Hash 6e0389489fbf6661a294053d080b7f68 595ecd76a361a4d376a6e905cb23e54de4904f4e b422d3d8546ec006550b595c77b26b78e58c7c16cb71eac33a1b26e738444aa3 Loading...

	byruthub.org/23887-starfield.html	4.7 kB	2024-05-10	2024-05-10
Pretty URL byruthub.org/23887-starfield.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash d1b9728241adc5a2126dc7854f2ab7d7 71c082224d5ac9de0125495a5366a1d58926a3bd 9e909491cbc7bdfc95b926481576e89ae41feefdb8ee868b3b071bca2820d8ee Loading...

	byruthub.org/23887-starfield.html	504 B	2024-05-10	2024-05-17
Pretty URL byruthub.org/23887-starfield.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-17 10:29:11 Times Seen5 Hash a891740448065e8995763b522a382b78 99741aa5549349ff3c58afd7ff0e5e807acc26c5 75a5ad93a2f788e8605f4fadd8f5b06545894d0afab6416d99230742934012a3 Loading...

	byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n	134 kB	2024-05-10	2024-05-17
Pretty URL byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-17 10:29:13 Times Seen10 Hash c946c33cc6c45b1bdfa528482d898f24 2f790e85c4d153627bfffb5f8e5bdc1ec66ad73b 7395940bf2b6e2ea209207cd8be98f2107c5b5531585254082fcc1a35c0f7207 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal	3.6 kB	2024-05-10	2024-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 16d7a7ed683f4bc9446e611a83c2fc9d cf7789b9681fe2aa0d0fec5ae3dd97d6352ae09f 192b8d52a096f9d439a7327f2b4a64f032099bba62a4f975f990ae2559b8226f Loading...

	byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n	88 kB	2023-06-29	2024-05-19
Pretty URL byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-29 16:14:30 Last Seen2024-05-19 14:10:59 Times Seen374 Hash 4f0fa0ea2ed2bd3abcba54438900f124 0ced4961d59a49eb41977ae8c759d59713223c19 5f55e209be722b88bb75df5b584e8e9030a85db8b96c806149ab1f5538aedcd0 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881bffab0aae56aa	440 kB	2024-05-10	2024-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881bffab0aae56aa IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:45 Times Seen2 Hash 01315a29eb59eff6933a778755e59a8d 5db3e382b28e4b4962439e128038cc3d21f01231 4fcf01116621f05cd7fd202a1a393e5070fda464c4064a0d442b8ec6a46d6117 Loading...

	byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n	177 kB	2024-01-21	2024-05-17
Pretty URL byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-21 22:18:25 Last Seen2024-05-17 10:29:13 Times Seen18 Hash dda805648c4c2019d9ad8eb458831e17 5e70a1ce929daf8e6c7a3805c4ecb27f3634d3f6 91f79ae04f21e997227b5335d340bd817dc2e14502dea7bff1695458acbebbd5 Loading...

	byruthub.org/23887-starfield.html	201 B	2023-04-13	2024-05-17
Pretty URL byruthub.org/23887-starfield.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-13 14:51:46 Last Seen2024-05-17 10:29:11 Times Seen76 Hash 07a8276b29e1b9299dd016fa8c32efde 25e2caa2fc8d05e32f4c67eb1d6fc889d8ec336a 70549591817f9f020404165fea5c95f31c8cc8d69c7e928dae1b0476485742c3 Loading...

	byruthub.org/23887-starfield.html	506 B	2023-04-13	2024-05-17
Pretty URL byruthub.org/23887-starfield.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-13 14:51:46 Last Seen2024-05-17 10:29:11 Times Seen76 Hash b8d4229ba85ef8f6021c001a40cc419f 6d0de20329edc6288594eb66d8decc766eeb7f8b e8f77cc5190581cc8ef3b4c7447738c7892ae5960fcae8e6da2d96377ad2c10e Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha	43 kB	2024-05-08	2024-05-17
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:17:22 Last Seen2024-05-17 15:34:59 Times Seen1392 Hash 86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4 Loading...

	ufiler-pro2.ru/tools/js/appUbarButton.js.php	11 kB	2023-04-07	2024-05-17
Pretty URL ufiler-pro2.ru/tools/js/appUbarButton.js.php IP 188.42.196.4 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 19:58:06 Last Seen2024-05-17 10:29:11 Times Seen82 Hash c17b8db269190ea11f1e99708e6470da e2fafa37a4d976d189421517854c03c5980731d2 b6592b53eea560cc2b8792837845abd02514f1da3c377d90db3e5d944de144e9 Loading...

	byruthub.org/23887-starfield.html	2.2 kB	2023-09-17	2024-05-17
Pretty URL byruthub.org/23887-starfield.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-17 09:38:38 Last Seen2024-05-17 10:29:11 Times Seen24 Hash 4801978111ffd3cf30d6804ddfa0663d b18c198dab289c70b296a332a2cd255037248299 c42c13f37fbd5eaee1e355ef84ce888b7c399619a4fbcec36675a98f88de54f7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 32584a5333cc7e98c2d4f4edf1885a47	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 32584a5333cc7e98c2d4f4edf1885a47 3d97237477beed189de6ba5ce4db1667e27c53f4 6b6a89980fc8ead6586df8c907a3930a392a79a6720f99a114f09de82e504479 Loading...

	#2 Eval - dac70f2f347631d8297c0ec783cb9d3e	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash dac70f2f347631d8297c0ec783cb9d3e e9ded7fa71acf19a470c61b9f7fe3d7c205ad6ef 148d95fdca39fb2140b58f68929246dc622c84d571bf22e9aa7e000f590eab6a Loading...

	#3 Eval - 8bda5398d30fbd7dafc2486c906c1e10	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 8bda5398d30fbd7dafc2486c906c1e10 97cdfcb0bb47bc188bffd8d862737c4b58d86d38 5d71254d727fbecf45b9ecd1cb77683dae4831039c6fa36e16476a9595e0f6f8 Loading...

	#4 Eval - 0dea0223c0c30b285ed8473046068bee	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 0dea0223c0c30b285ed8473046068bee bcf0aa5a1c6eb0468bf1419c491aa42ebbcdcde3 7c1e70df47670a7879d660e0e52a08e7a0b2d80812e8f2edbb73da652a560aeb Loading...

	#5 Eval - 3723c7835c2d85439b4451a97dff7e6e	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 3723c7835c2d85439b4451a97dff7e6e 779d7669bed210ff8ff593bdfc252134632ac7b2 c553d73f18019c89b22d46060773b377575f7feba099924aa047cbdee6dbcbfe Loading...

	#6 Eval - 2104e51b45819fb48be29bd684a7a765	62 B	2024-05-08	2024-05-17
Pretty Observations First Seen2024-05-08 21:17:23 Last Seen2024-05-17 15:34:57 Times Seen967 Hash 2104e51b45819fb48be29bd684a7a765 4c63e1a706403ae3b72fd6bd15bb42ba662b456c 409852cd2d9ad570bc66e5cc8c403b729033ebacfadc90fd9548df7f494a5869 Loading...

	#7 Eval - 54caa737eaaff69671ccda5d85542233	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 54caa737eaaff69671ccda5d85542233 aa7ebfa981081288acfb49b8049a4353b4952af0 5480931e3c855a3186f80d9902e6d36e6f9372b9fe46e8d75bcf47a0ec804b22 Loading...

	#8 Eval - 26a146e71eeb2674f9645e1c92c255db	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 26a146e71eeb2674f9645e1c92c255db 62338fb1fada03d954822eb3725fa396f755acc0 f125abccabc564bcbb93e1980d7ac19fff13d25a59b53fcfa867ce65b1918ef4 Loading...

	#9 Eval - 9509f6b7e69e5aa4845d58bb274055d3	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 9509f6b7e69e5aa4845d58bb274055d3 8e390ec7d32786824c47cf64f38116ec2245dcb4 571895c43fe9566ee2ad67bf6df22b3e95fad6e59328674ae085f07d500e06cf Loading...

	#10 Eval - 2ad0493b65b07b054b95f6db636b6dfd	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 2ad0493b65b07b054b95f6db636b6dfd b08b038e58f4627a272a6deabad0290fadff9dd1 b8bb91101fbb98ec4f3ba0add047193a66691ee25f6c471a1d8acb968d8d7989 Loading...

	#11 Eval - 7b6f40e295ad42ef86b54079c7a27e83	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 7b6f40e295ad42ef86b54079c7a27e83 5630870ef171380ebb9cfe2594d04352c44a4a50 cc6244c78ec421c3ea4b5d10ff9ef8cb19efe59fbb995ef8464e088f3de06446 Loading...

	#12 Eval - eaf02fb6b319bcc95cef192ab32995d5	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash eaf02fb6b319bcc95cef192ab32995d5 e439102c61257bef239adba5993b9dc0cee325e2 b8f8a9e4a28aabefd6f89403014099f9f745ccd0dec144f8346aa9cb16734e67 Loading...

	#13 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-20 19:33:32 Times Seen354003 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#14 Eval - 985ce4a75e74443450b3ca892017c1c0	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 985ce4a75e74443450b3ca892017c1c0 d5547540b98981a0f3b2738dae1c051ff9dd889b 4d637582b71d8e7307d88d7c6db7c69e6962af4853a0909fc014b2bbb96873d2 Loading...

	#15 Eval - cbbfb43d9191660073f57bd21ab5f775	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash cbbfb43d9191660073f57bd21ab5f775 88b3528f32640407ecc520bf7c11f252be79c906 e3c78aa63e0c0be8090ad438b13b4874f2a3a76c0da7513762a5cd9232774af3 Loading...

	#16 Eval - 958e8cde94242e7cd9777fc25744dfd1	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 958e8cde94242e7cd9777fc25744dfd1 bfe7796a91e646a4269f711157f369ab7d11d90a 84f18228bbbd20f3d2aefd44355d2980c1da7997146b6f2256ff7447c5363405 Loading...

	#17 Eval - 4f1a1c9a9e2b34a4fc2f403d0732db77	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 4f1a1c9a9e2b34a4fc2f403d0732db77 c9dfbdd375b04d753254e5685219156d55ad14fd 80deee8ec228c892c8ed9d0f0e8f99d3e3b984110d482c0dc04eba24caec89ce Loading...

	#18 Eval - 436ab79022efc5d218df1b7b4036f8c1	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 436ab79022efc5d218df1b7b4036f8c1 f14f517240c208420f7e3e325e2a68023b142fe7 5b7d5fcf43d0c406631b7ee862d43bec8b3a177a19d1669f150069653c1dcdec Loading...

	#19 Eval - 2c803dab3a06afd7054c9c9544369da9	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 2c803dab3a06afd7054c9c9544369da9 ec56625f4ee78b5239f13e1151705307ef3b8dff c95a1cbdba6d9c10a0187bd5b786d976fc4c0dd6cb5068e855b29c78f7b68082 Loading...

	#20 Eval - 6543c7d4e9f95d6c1156285fa3c15865	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:43 Times Seen1 Hash 6543c7d4e9f95d6c1156285fa3c15865 681b0682a0479fc87fa0b50822118b86e43330e2 11a6b2df9da8cd55b5caa78712bc5b66e9759f3b73f5e905b36d12b115643eed Loading...

	#21 Eval - 4695993e4c241c95de6ab94b65faa92e	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:43 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 4695993e4c241c95de6ab94b65faa92e d3f013cc6d94bf4e14b7fa9b46084de53ffd9563 2e85f84b662579060b217bbe9867c6dc405b630e7ff724c55f1b71105864253d Loading...

	#22 Eval - cd4060d268b8ee3f90d578536d2fd226	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash cd4060d268b8ee3f90d578536d2fd226 808871e1b8990ffac249e1acfc80c3e257a1bbd5 75aac0641222c401c1941136a3676ec7ee4e89aa3ba894d2706aa84d66dea0fb Loading...

	#23 Eval - c8f603583c0b2d3af56a664a1dff20fa	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash c8f603583c0b2d3af56a664a1dff20fa 98e6c818b5db9a824e81d826feb9e0ffbf1c2d9a 377561aad2c94b2c63e7c95cb8368516e74c905a8ea2d53b14b4f94f7a93f3cf Loading...

	#24 Eval - f0e3c19ff346df47cbed626679692645	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash f0e3c19ff346df47cbed626679692645 050da9a0321c08632baa25f3ea94d060aba6629d ac91f27ee3fe7ea51a1764e1db59bf3d5213c9b6a81b39fbbccb7727c451c319 Loading...

	#25 Eval - fe76e9a90f21620b193bc853f4814276	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash fe76e9a90f21620b193bc853f4814276 3c3563ddc4c3ab106b2c7345666313918225b774 aead020fead3de632a0aa4369ace86345585a0ff2a9bf45089bd02563c5772a5 Loading...

	#26 Eval - ea6ff339bd0e5e57f9b130888b0eb675	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash ea6ff339bd0e5e57f9b130888b0eb675 42754b5bcaee68425ea8066ec62cdbf2d82b608d 51e650e8df45d63c3abd8c651657f990eaa7370a28e11f6ad9b0894dd9e1b599 Loading...

	#27 Eval - 91eed0f90051bd53965c8e2fd77721f4	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 91eed0f90051bd53965c8e2fd77721f4 f193b639900a541ec7d2a33f633adda2e507c0d2 63020c2c021b4e68505c2b442abdb37908dc085a2a82d7b0388aef5b6ca03879 Loading...

	#28 Eval - 433849948b1d9b7b49fe160912fc1d8c	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 433849948b1d9b7b49fe160912fc1d8c fa0118d13e89eaf60e8b8616b53ad68997cd7763 d5531571d758412e1c0c3e19c926f933e5db9fdd56771277f1ab2bedb20d87ef Loading...

	#29 Eval - ca4aa9d133d66ce170ad351f892fdaae	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash ca4aa9d133d66ce170ad351f892fdaae 949a1f908208519a8ee83716dd18a4f19629b921 0869dea1cee85c989a8652419b523db5aa3c2d98aed28d52ee4d339c6c517bcf Loading...

	#30 Eval - 6672a717255cef8f989f01f7f4a4de96	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 6672a717255cef8f989f01f7f4a4de96 eea69c61082aff158a7b5a513f9c106f647e6771 febd3f5476cd55f1aa8c9d0b73fbbb890f322dafcf5d2e208e9a2ec8c3caffa7 Loading...

	#31 Eval - 48e0aa4700b3d5e7f8fe340bdd559d90	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 48e0aa4700b3d5e7f8fe340bdd559d90 cf6d0434f0fa7f1f62931a5cbef4694e7378a036 909a2461c83f54e9ef6a279426f901ac3f25a394e2036fa43d37207ddad97b28 Loading...

	#32 Eval - 3f79932cdbc50dd524ff275827841065	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 3f79932cdbc50dd524ff275827841065 25e7d2f9300a0b4bbb0b9f833139a385e0f472f5 06e6c1cd92f6206a5df81d7eb11e42789ded1d37d480bef781d3c4b1840d0930 Loading...

	#33 Eval - d757331a74792c0c092d53675a86940e	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash d757331a74792c0c092d53675a86940e 45126a628fc9d4e6de286d8f27a1390cb9412803 ba02b0ac8031a8ca43de45f2b09a21243669540ad20b418ba325843940b4f9c4 Loading...

	#34 Eval - 2169e4311a1d337bb174284196d7b321	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 2169e4311a1d337bb174284196d7b321 b0901f18c075395757411d05adffcb48096eec1d f5e97cb367b46b89a9aa0027798513b95412d85edda0b73834ae3a8ea1d0711f Loading...

	#35 Eval - 382c0944c166328f5a43fde0b750036e	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 382c0944c166328f5a43fde0b750036e ce890ad6121d50aa83acb73b5e5e0dec6037c947 52a8e7a79cc4207873f5a41a5a2e6a9f27d4bebec05cd32b10084c6d16dd9c01 Loading...

	#36 Eval - 9add091734cfa65f99242c6711f06af7	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 9add091734cfa65f99242c6711f06af7 9bc7e2ded32f60477a476f784294ded3fd95e27e cdeedcc9a592726f7094f38ae8717e98041edd979139ad042d80df2b7397fefd Loading...

	#37 Eval - d954a010b7617bc03e5305efcfe62ac0	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash d954a010b7617bc03e5305efcfe62ac0 7da23b694e32dbeeaafc0bd438a917d52c1f1dba b6827240749cf5cbeb2d6576e19239692406fb73ac0229a9f10fdd48b57b2fe5 Loading...

	#38 Eval - 08555ff92675b06d8e17f6de04499500	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 08555ff92675b06d8e17f6de04499500 d7fa26b0b8259bdb5b36415f77ea2270cab3e514 0382cc577b6b661edff7971188161520f5ec284c963a7618dc62127dd548d791 Loading...

	#39 Eval - 9fa144542fdd06f14683c79c6ebe6d1e	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 9fa144542fdd06f14683c79c6ebe6d1e a325c742b1ab3a5b9cc8366729cc34683ed66bb6 cdacd917b2d6f2f1ddd71a03185e4f4fab73029efe6f2b333751ca55f19e1d64 Loading...

	#40 Eval - e413405c317fad7fa2800166063d08c9	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash e413405c317fad7fa2800166063d08c9 e41998ee0c27fd5ec8d1f9a85d7234a85464d6df 23c1bd1bae3febabb66cfec59787ae1f4cb76e79b1db0c3cf78fac344036e4f8 Loading...

	#41 Eval - 0e073915356eb34a399b27a3353b3de3	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 0e073915356eb34a399b27a3353b3de3 f418b4d6f8d4e2d17a85cea6252ddb806e1adb98 7d7706383d518b705d9171ec2bb15c3832d5b5259fcd1455a2db14002752f8e9 Loading...

	#42 Eval - 8f38ab4e19eb838fa7a8697c2473a0eb	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 8f38ab4e19eb838fa7a8697c2473a0eb 50dcc4d046969e0f24451b75beca554d537d06ff f48031eebfc5071b91e220a74c4d9bd736bcbe72e444e41230fc71d4354de565 Loading...

	#43 Eval - d73c8dead3281fadc790094e1fb9f37a	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash d73c8dead3281fadc790094e1fb9f37a 479ce0b05c7aae9e7a2ab33028ee249b365418fb 81296bf486bef490ba9f55d60523fb46e7368c4747a198c44f761c5615abd978 Loading...

	#44 Eval - 5413389ed88e59745e86f2a029ba8050	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:30:44 Last Seen2024-05-10 20:30:44 Times Seen1 Hash 5413389ed88e59745e86f2a029ba8050 da3c6ac8cd94fa2b06b2ea1c1e93fbf685685899 fa21ffcd10b625d9f886b00092d7f5a80edbc05c168a6c15fd0b9c1dd14914f8 Loading...

HTTP Transactions (83)

URL IP Response Size

byruthub.org/templates/byrut/images/logo.png

188.114.97.1

200 OK

5.1 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/logo.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 274 x 60, 8-bit colormap, non-interlaced
Size
5.1 kB (5050 bytes)
Hash
393140752ab9c52a7d15da4e830c8a52
fc14d5c4b79abc39a9f871d05ebbefe51c7c0685
eccbcfd79314410c101e40bdc6b7a0f40e428dc4dc241cbf09d004f5fcf74ce8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/logo.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 5050
last-modified: Sun, 05 Nov 2023 07:08:48 GMT
etag: "65473f80-13ba"
expires: Wed, 05 Jun 2024 13:49:40 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448826
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SC1ChqsVM6e4FTpbu5EGUDOXchkAz6TXCC0jRXNeVea7ri3iXR963LgQ%2Fx%2BHq0XahFyh3BxIVWTyM6TUSy5%2BwB46gSiZ%2FagXjzGSNFQGyypHfFYCAG5CSVyp%2B1gshKQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1b9295687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2023-09/starfield.jpg

188.114.97.1

200 OK

31 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2023-09/starfield.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
31 kB (31088 bytes)
Hash
1b683832aa999b5bf047e1547ee694ed
2a4a380c40521f462b75e5b3fabb9aaaffb0c826
92292b13614b82e13279f86594cc3748f5864ed672def9ac770eb300178e7e93

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2023-09/starfield.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/jpeg
content-length: 31088
last-modified: Mon, 02 Oct 2023 05:22:09 GMT
etag: "651a5381-7970"
expires: Wed, 05 Jun 2024 14:59:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 444623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EaOv%2BBcSaZ0nNtzD6aaG8UofZUSlIYPpZ%2BFW46I1d0h9KVYGw0dlH9fkKSfUiKXpM6e%2FQFrICDy4NDsQt9ESrzseUMoG5MhqPmRrL3trs1F8%2Fkryao9%2B3C7GJg10tB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1b92c5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/icons/1n.png

188.114.97.1

200 OK

2.9 kB

URL GET HTTP/3
byruthub.org/uploads/icons/1n.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 108 x 124, 8-bit colormap, non-interlaced
Size
2.9 kB (2912 bytes)
Hash
d57a9e979bf823fd5de5d87b66b83a83
f360eec5268cc8a0c01c43e5b889ecb049854d4b
769a1f6ee232ef22d85d5b6631fe342b68ce9711bc92384ff388a7cb38371eed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/icons/1n.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 2912
last-modified: Mon, 17 Oct 2022 17:38:33 GMT
etag: "634d9319-b60"
expires: Wed, 05 Jun 2024 14:17:53 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 447133
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckaoJ5CFc%2FmK09OLSSjZPKzKjGbHSFqUWE0tWRTx%2FoklE7AyQHGGqWEMqFJdYQ7o0djraOklmiRWgxYsgb9IrOKrM6F%2FJTgggqLr2P8eiaMojaUkN506F9y7klgF2Ic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1b92e5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n

188.114.97.1

200 OK

30 kB

URL GET HTTP/3
byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
30 kB (30393 bytes)
Hash
4f0fa0ea2ed2bd3abcba54438900f124
0ced4961d59a49eb41977ae8c759d59713223c19
5f55e209be722b88bb75df5b584e8e9030a85db8b96c806149ab1f5538aedcd0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /engine/classes/min/index.php?g=general3&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 30393
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 14 Jan 2024 16:06:55 GMT
etag: "pub1705248415;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 45262
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VTbwUKSSgRYoLuw35tfUiIAzpbWCnLnn7HAfRS%2FZgutdYIQtG%2FcF%2BUtrVny4nQHOM7RFU1z7QOz4EsOYs4c4josoMskgBz15ARSRuV9A3hc5MIIT0ecmYbCMlZ58lyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1c94f5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n

188.114.97.1

200 OK

46 kB

URL GET HTTP/3
byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64742)
Size
46 kB (46426 bytes)
Hash
dda805648c4c2019d9ad8eb458831e17
5e70a1ce929daf8e6c7a3805c4ecb27f3634d3f6
91f79ae04f21e997227b5335d340bd817dc2e14502dea7bff1695458acbebbd5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 46426
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 14 Jan 2024 16:06:56 GMT
etag: "pub1705248416;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 45262
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nPWmIx4lgAOxFI%2BL7th5D7ZEX%2FpzS2LY6Ji29VU484ieuGXksPen2yhTxW2hgGFXv%2FWhRNlNpGu0TCYUxpg18rvFHsb226ySSD5SuaOWPWU7ZhbL8AlXzzVXFDLwr00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1c9515687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n

188.114.97.1

200 OK

100 kB

URL GET HTTP/3
byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
troff or preprocessor input, ASCII text
Size
100 kB (100271 bytes)
Hash
e2af714cc5049514c469957a43c3b6c4
4265c52a3db5b50633fbf24acfacb9a0a71d3e7d
a6e08a8370d9e48905c733d901d3fa6a1ec6f6e57038034b3f60fd8bae806a11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: text/css; charset=utf-8
content-length: 100271
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 05 Nov 2023 07:09:49 GMT
etag: "pub1699168189;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 45262
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OtvecN9hgvVZsizzYRgyGcrJPh56DS%2FwZ0qj0CnwA%2B8AX6NbLaFuZnHbwJYRFs%2F3%2Bh0dcO2c04EwotcFNEO9c2q5UN0Jej8Uun1K3DtoOPB%2FZiGqlRNP64wGQkoQpqs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1c9535687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n

188.114.97.1

200 OK

37 kB

URL GET HTTP/3
byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (31911)
Size
37 kB (37050 bytes)
Hash
c946c33cc6c45b1bdfa528482d898f24
2f790e85c4d153627bfffb5f8e5bdc1ec66ad73b
7395940bf2b6e2ea209207cd8be98f2107c5b5531585254082fcc1a35c0f7207

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 37050
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 05 May 2024 12:28:24 GMT
etag: "pub1714912104;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 45260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKsqJ5VEt8lmPKo4AMSZzKycFuJ70sSulocesyqTqi9qRr%2FW%2FHKOd46QoPr9ACZ0TYVyXgxBT0VSrnrDy6HyB2%2BKKINbYygertwde%2Fi15hEiv9ZNRv2Y8AVURQxdToc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1c9545687-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha

104.17.2.184

302 Found

0 B

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?compat=recaptcha HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 18:30:06 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/1b3559406bc8/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bffa349197127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1

142.250.74.72

200 OK

96 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
96 kB (96357 bytes)
Hash
fd9622fd3bbf8b30290c9b55a40dc634
09db40a1f0dc3c3f7a847d0aceeaf3b454bcfe4f
7c134e2c11e58551593b7c2ceb9e10b03daf4ed4e580f78bb7f89ca9a7557225

HTTP Headers

GET /gtag/js?id=G-QX7E7T8PJ1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 18:30:06 GMT
expires: Fri, 10 May 2024 18:30:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.akamai.steamstatic.com/steam/apps/256969669/microtrailer.webm

23.36.76.241

206 Partial Content

1.4 MB

URL GET HTTP/1.1
cdn.akamai.steamstatic.com/steam/apps/256969669/microtrailer.webm
IP
23.36.76.241:443
ASN
#20940 Akamai International B.V.

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectcdn.akamai.steamstatic.com
FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74
ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT

File type
WebM
Size
1.4 MB (1364061 bytes)
Hash
1d276b83cc6f70158c94b24c56a2a139
8467dc717a986809a3675aa778c19b876938ab2a
b408fd89565a18dbf9733f7fddd413c8dec7d0ec1bdf3d3a56e2be3a32cbe246

HTTP Headers

GET /steam/apps/256969669/microtrailer.webm HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Content-Type: video/webm
Last-Modified: Thu, 14 Sep 2023 18:14:52 GMT
ETag: "65034d9c-14d05d"
Accept-Ranges: bytes
Date: Fri, 10 May 2024 18:30:06 GMT
Content-Range: bytes 0-1364060/1364061
Content-Length: 1364061
Connection: keep-alive

byruthub.org/templates/byrut/images/rating.png

188.114.97.1

200 OK

2.3 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/rating.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 88 x 263, 8-bit colormap, non-interlaced
Size
2.3 kB (2293 bytes)
Hash
22063375dd8258d84b95d1ee79e8ded4
d6e75431003741b5c847e8d76a4bbafc24bf3c13
9d0b588363b7ada4fe7d8c7b422fa4e953a49463d0aae20483bd2504b0a7eecf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/rating.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 2293
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-8f5"
expires: Wed, 05 Jun 2024 13:50:28 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448778
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7N9%2FDv9uSjHSE6dxaSjJ9ylAU4cfTBmN0ZCrEDg026w66%2BXT6expwRiXynA97xDyXbQajS78LnAKzXeSBD6Lpk%2BEFSV0wPaFL9SaL9bcus%2BE6ERr4AXqHzTA1ZLPvD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ebe5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/top22.png

188.114.97.1

200 OK

1.5 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/top22.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1458 bytes)
Hash
79b0227cbaa7268aa28730dacc5d6840
2fec7563de6010c50287768ec0ad4172a279ec1a
c08507e4c48295cae51420335ea81f5890d8f3a569e44076767699a7e9ab7111

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/top22.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 1458
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-5b2"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l9ipo928XmkM7qWgnHb7ghcALXGT2izC8UUcL2X2kwJx3c3j91jlPmlE%2Bt0WMeX6qRNouf5w01qJLdu8t3Sb2sG67eeH6ktcrakg7QLfLf%2FlC6LZKbCyqFSPRslSNNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec95687-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

142.250.74.106

200 OK

2.1 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
2.1 kB (2127 bytes)
Hash
3c3bf2e5325c57f6c46267a4e2280c9e
ea1c90769e5343f9fa4d8aa4a2d5fa6de676c3ba
51f6c5522508909f71da513181cb80d973436762abd895cb87318cf0cd968f48

HTTP Headers

GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 18:30:06 GMT
date: Fri, 10 May 2024 18:30:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js

104.17.2.184

200 OK

15 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42616)
Size
15 kB (14788 bytes)
Hash
86183dd14ee10d1dee92b37b5069d716
9ec32d650ece484bbe624ca734a0a65e22d35dd6
ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4

HTTP Headers

GET /turnstile/v0/g/1b3559406bc8/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bffa3bf5256aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/css/styles.css?v=b4x9n

188.114.97.1

200 OK

27 kB

URL GET HTTP/3
byruthub.org/templates/byrut/css/styles.css?v=b4x9n
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
gzip compressed data, from Unix
Size
27 kB (27039 bytes)
Hash
3d9dadd4003de911de4367990f7e6ad2
be9bd2ff77b362933739d0c408cab0a8b8214264
3205ceba329b7360f1194c82ef65d3c0cc8e68704f466bf8168c06e21306c8a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/css/styles.css?v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: text/css
last-modified: Tue, 23 Jan 2024 04:25:17 GMT
etag: W/"65af3fad-191d4"
expires: Mon, 10 Jun 2024 05:55:44 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 45262
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIC2FCszFagtig7lFJ9oI%2F%2Bhpfr9I9EcJiC5be5aF0MS7%2FK5G27EZp7l7iVt3qIBRMobTmuTwsvwN4Ioc0u5%2FKerHYuv%2FAp4Tad1IIAOfk3kO3089A3qarBSMkJ%2FsBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1a9235687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/fixcom.png

188.114.97.1

200 OK

1.6 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/fixcom.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1557 bytes)
Hash
bfe3d1ac9bc7454a75d41c34842f3cc6
012bcc884c14f1ff8c80e69db1df8a5fe46fb987
91dc915b8c3f0bb128584e574cec46350ea75e059c7a6453bd450e8a201e82fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/fixcom.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 1557
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-615"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448763
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dbe1a9LGtZ%2F08PQa%2FYQW5eT1FkzwQA0cWxQgEuh3AA2Av3ZYGL%2BjgQ7ORMMPv5OgKUdeUdd1k7WLfi1MZgrb%2BcCHLPGoMbHVdCDSSurEhVonvezz%2F2TiHULTzCklBas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec45687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/d.gif

188.114.97.1

200 OK

359 B

URL GET HTTP/3
byruthub.org/templates/byrut/images/d.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
GIF image data, version 89a, 13 x 13
Size
359 B (359 bytes)
Hash
3def66024a583b6ca763e249acb3c426
82f2f897d3e2746181b889811ac675565dcaf0fa
7d4fb7d5a9e681b2313ca88338e3255364aa452f243d6397aa905783e98bfca0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/d.gif HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/gif
content-length: 359
last-modified: Sun, 05 Nov 2023 07:08:49 GMT
etag: "65473f81-167"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448763
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FoXnMNbFJSE37eC4ClccI8rpmgGCCCVf%2F80ocCy3wEd1zG%2FLuCbAbTDwVSq%2FlzA2SNIGTQ2uL9yztYQ8gGcj%2B2iUYL07w3v0UlRcXhxh2Wpig%2FrPRU6YOIUT0kGauPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec05687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/king-arthur-legion-ix.jpg

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/king-arthur-legion-ix.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
28 kB (28337 bytes)
Hash
babd079ec05ba8a83a46827e25141caf
4fdf978cef2ff27eb80bcaa151a0925c365c4b7c
eeda74a472a1d5919be5f1b5265f8b50dd597f3663d0c28e0deb7cbdcb3f11b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/king-arthur-legion-ix.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 28337
last-modified: Sat, 02 Mar 2024 13:26:02 GMT
etag: "65e328ea-6eb1"
expires: Wed, 05 Jun 2024 14:41:52 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 445695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aMp1JrXlOp5GS7llR3QTjyWMRNqj3v3ysbcmBkIvcP3VGS1x4KyOxw7yCq7Dc%2F4osryF8edXf0sPCiycxBtBHvmlPks8z%2FH0fLsWowSHXyaudzTkkja33FxRwJL3WA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759e25687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2022-05/v-rising-poster.png

188.114.97.1

200 OK

18 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2022-05/v-rising-poster.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
18 kB (17696 bytes)
Hash
a606394e97b9b9957056c116c3455c41
9fcc8caf352968c51c72c880727dcf6ae0c29a32
dd5ddd4c891fa45235a04982a1689e3051b8b4ad5098a1e9b4150129e8963038

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2022-05/v-rising-poster.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/png
content-length: 17696
last-modified: Sat, 18 Mar 2023 11:44:21 GMT
etag: "6415a415-4520"
expires: Wed, 05 Jun 2024 15:02:20 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 444467
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znaGmf0LV7mwb1pu1G9t2a9KkN8y2k6wv7%2BHVnFQ29C6cft9CaK2Ak9UAL6XehOqGAm0v%2F1gEN1R%2F1G%2BOce6ZBDt63EwgjfC2f7PJQEsflcf4q197d6SNNF6VnwvpJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759e65687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg

188.114.97.1

200 OK

30 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
30 kB (30012 bytes)
Hash
cca866cd6fcafc39cac2cfcf63dfd9d6
d52ca8a0f42f96c3362771714b92d9929a404da3
2b7990bd541e744e5c22e393125f11d0ed72ed987a2144b92006b8c5c480d690

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 30012
last-modified: Sat, 02 Mar 2024 13:22:11 GMT
etag: "65e32803-753c"
expires: Thu, 06 Jun 2024 17:59:08 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 347459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CHzRLvinDAjwHYnTrCyz%2BgLiQ%2FwyUZWQslflY9sQa5uZWtq1AfEYE3EIdY64ExwMA6wRrXNlmLxks0IpaTwYOXxZlKOCZkDypeiQ6ii0V89w%2BkKwUkdcwXSWPVHI90%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759e55687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-04/abiotic-factor.jpg

188.114.97.1

200 OK

37 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-04/abiotic-factor.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
37 kB (37104 bytes)
Hash
d441e68c8e71dd837fd5c33d2cc75da7
3500f7a146e16bc996418a536454685a446fc235
3b222b85c2f933f4ba4a5fb586b6e593a2689cac85cf661761b4a28943df4e92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-04/abiotic-factor.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 37104
last-modified: Fri, 03 May 2024 14:20:19 GMT
etag: "6634f2a3-90f0"
expires: Wed, 05 Jun 2024 13:50:21 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448786
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fmYZWOyAlQYJnl1KCTfIiyc6MT5ymteuk3ufI7leQ5ALaaW%2B9cNcaFgcPv8Y7O%2BuaMvm9GmScJbVpZNIPJH5VVj6613ImYH99p4BBZp7rFSU0SPjh0GU%2Fag%2BSjWVnpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759f25687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg

188.114.97.1

200 OK

31 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
31 kB (30626 bytes)
Hash
35baa9a417e43fa13731932280526c26
00d6f5dddcbf4ccbecac9b21ddd7d5049ae872a5
d317eee4887dbda5aa499276aad9b7f67fa80465ed3b7dc8a12cd36ceff0b00f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 30626
last-modified: Fri, 03 May 2024 14:26:25 GMT
etag: "6634f411-77a2"
expires: Wed, 05 Jun 2024 14:41:52 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 445695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=20grvVHZBNV8sY8X7h%2Bv2Yic4qQvYj8itvbcrWdLDgM8jryHP7j%2BpV1GhlAyK6AW%2F3Ray3RqFoFfyPX55DR6kbRe62UtF3c8h5a49%2FJ6XUvoPe6BAPIkK3pVUMBNL%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759ea5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-04/hades-ii.jpg

188.114.97.1

200 OK

40 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-04/hades-ii.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
40 kB (40284 bytes)
Hash
f00a957c498ad034d5648a58854df911
37d1897a0aaf0f85e6f61b0eb1c01f1f8afee591
0e388e3d32b7eceefc166401b3ad5715d3c802cf13ede8eb5f1ef5fd72413a60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-04/hades-ii.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 40284
last-modified: Fri, 03 May 2024 14:26:19 GMT
etag: "6634f40b-9d5c"
expires: Wed, 05 Jun 2024 16:23:10 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 439617
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Qar0kdQFpv7FeRtHrXrkau568cVa%2BvD4RPaGm9aRVXEa%2FoyfEqX5s6tz17kihgeNneWlmxll1ioiHJ312bBFZsZG7Cf7lcIJ80IISPhF7cQy6YKpWe4%2BZ8qpXwA9Ek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759ef5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-03/pools.jpg

188.114.97.1

200 OK

22 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-03/pools.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
22 kB (22143 bytes)
Hash
0b760610ee6678c0d8c2219241295ffa
3046e23fd134fdc2c785e5e4f27f8badb41e2661
c6a7046604cc35898ba6112e3cca5d63a1ed1c8c8260589f9b5c584c2b1881ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-03/pools.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 22143
last-modified: Fri, 05 Apr 2024 04:00:45 GMT
etag: "660f776d-567f"
expires: Wed, 05 Jun 2024 21:05:07 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 422700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGSLH4IGlSoK3lkfN%2F2rYUwQqcTw6LTET0OeJAA7V3vrArDCbz72oNnPlxfJH0FxdPpDBzkyQKAWnN1VHqzReOqCRVJG0njFpTB1BHXL%2BWIZJ7OneQOBUVGGW5KSePM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759f65687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-04/foundry-9384.jpg

188.114.97.1

200 OK

44 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-04/foundry-9384.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
44 kB (43931 bytes)
Hash
57ef318c6bfed87726ac3ea8d8457996
3b9cc58c465ca31b685be5e6c3c7b597f9912446
498b90922071f6a93d18ab2c1f7c441f6d3a6087894351de2a5808c372e46df0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-04/foundry-9384.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 43931
last-modified: Fri, 03 May 2024 14:25:16 GMT
etag: "6634f3cc-ab9b"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6W14KbMfvFVoc5nji%2FwpsonwBrmNH7cNiTj2bH6xhu3A23MkVeSby3twbfifjzy41p2waQkuZB9TKbB1wPwvCe7Eva39oVNlv4fHSt5bHbfNX9REzPWMLkDsXW1P7IQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759f45687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/close.svg

188.114.97.1

200 OK

706 B

URL GET HTTP/3
byruthub.org/templates/byrut/images/close.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
gzip compressed data, from Unix
Size
706 B (706 bytes)
Hash
bba2aa28a0424fedb60b70be5086ceef
0430f2cc3429c3efc4700f34d0a9f421a7728654
d1e1ac80ecb4b3058523ff9aa3e85d2540cfb8c0cc9a1b55d1a3b93b2ab8b4a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/close.svg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Nov 2023 07:08:47 GMT
etag: W/"65473f7f-15e"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 448823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GxaJbeGqF1MNfVSckY9VqQXUAUg8IXSjufyJ3JJSaN4VM05Y8VzFoLR3%2BC%2BPW10NggUTi0iNCiNGzZqryFgmuGtZ%2FxWKDVNBedkv16wXA0Cvt6mjVw1VVrXmY%2BcJNg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ebb5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/manor-lords-7834.jpg

188.114.97.1

200 OK

37 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/manor-lords-7834.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
37 kB (36849 bytes)
Hash
09c819e68ad8d0c8776f0e1775a23561
9ee3acdaa78dfa7a05ed294ff77ff8a7b6269c5c
c66f0535a8f9e8a5b01c913c7ad6bf3d5250e57e02a2737cf1c8cdbe1479f097

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/manor-lords-7834.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 36849
last-modified: Sat, 02 Mar 2024 13:27:03 GMT
etag: "65e32927-8ff1"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBJf9ZCf6TsFXXPN4yDYxV0fMJQBHtUDmjT5SgCt50Ywf%2Fy8PHwHknUe%2BWjCU8Ip0UJT3aDqBvCJ7ihEZCfa6hxK7T8QnLL%2FDgh4jgBxIVe3DOI4aNBkC%2FBo96yD44E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759f95687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2023-03/another-crabs-treasure.jpg

188.114.97.1

200 OK

33 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2023-03/another-crabs-treasure.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
33 kB (33313 bytes)
Hash
0a03ad2317e77c98d4d8ccb206434f59
a2e5d7083b75d99404566f9709c104a675eab8d6
093cf2ca594819111a0a7ff8ab02ae2979024ac003b5df7ba1b4eab85c2c0a08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2023-03/another-crabs-treasure.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 33313
last-modified: Sun, 02 Apr 2023 11:55:21 GMT
etag: "64296d29-8221"
expires: Wed, 05 Jun 2024 16:23:30 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 439597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yILKN9G%2BaeEHuAeqkRlG%2F65%2FlsI7qxn97py8lvfElG3QfUYVqyrRiPbbTiWnjFUc6JbcZyMp%2Bk3Zp1umi%2FP2WcQv5OtfmX%2Fhts7fklgpvowIf0qu2ga%2FpAuROkOoTSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa759ff5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg

188.114.97.1

200 OK

55 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
55 kB (54843 bytes)
Hash
0eccb284fa373b0e38abb036a6ccf8fd
accaa1bd7a2e396f512e551e89018f217245a678
caf1fe202893050379dd5f868d222ae31d06279e57f1f2da4d9163347a86f44d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 54843
last-modified: Mon, 02 Oct 2023 05:34:39 GMT
etag: "651a566f-d63b"
expires: Wed, 05 Jun 2024 15:38:40 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 442287
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLIoGU7K65bWOCjRxQPX6BhQM3pMcZvoftz4J6tyuxQt22UFNcnUJ%2BDwsF%2FKdaqPFq5Cel%2FhOynROEAbLbkX9Pfv6bqQPoYCwwgC6qP3ypVGb1uZO6yA0RRLlJd6AZ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa76a005687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-05/bellwright-1248791847.jpg

188.114.97.1

200 OK

49 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-05/bellwright-1248791847.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x450, components 3
Size
49 kB (48840 bytes)
Hash
a8a0514df479d1abb2b32950f98d90ec
c4f82373e50b81a8e31fdb374f5166bf82b8807f
a0a93d61d8144053c911ab7e6dc48cca1674c985d09e67a82ee28db206bf11ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-05/bellwright-1248791847.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 48840
last-modified: Sun, 05 May 2024 09:50:16 GMT
etag: "66375658-bec8"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YH6HDu%2B6ZI1vM5aelF1rbEPrAYqHwB7qogfFLSOH4BY32r%2BeAc3x0QYEXZW6rR7%2F7qeiwx5oeiLJ%2FwxgmBNg3g7%2FBgpEtwCRHkMlNFX%2FoVPydPoyH%2BdHdwrEW7nkzQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa76a0a5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/no-rest-for-the-wicked.jpg

188.114.97.1

200 OK

33 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/no-rest-for-the-wicked.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
33 kB (32790 bytes)
Hash
d3e485dfc2f379ecdf79558a0a3c60f2
b29b76c6b349fe32cbdff1393c703b7eb7fe031e
ee45689f3a370b1e784c352350b607cb129ff932ae99b67c889a9e774fc36147

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/no-rest-for-the-wicked.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 32790
last-modified: Sat, 02 Mar 2024 13:28:31 GMT
etag: "65e3297f-8016"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wT1nWSxCKt2skmVs2NpAzDtCSdTqR4f%2F3w1zNWTO806PfppJ4Gq2IRC2SlV4ifJo7pZ0iv%2F6gLbOwSjRhDigH4BHCSxWVE9bl15nwRP2WSQyJTScb%2FThpQ2fFQlw9Xk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa77a1c5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/sker-ritual-4369.jpg

188.114.97.1

200 OK

21 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/sker-ritual-4369.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
21 kB (20561 bytes)
Hash
c2531e578cee9721efe654321c707be4
6e1a0a6b0b4ae646a03e6dab23ddce1dc33dc840
c0bde3dbc37c711ce558e38ccf4d1a4224f4581ceffd253353d52b16377b06bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/sker-ritual-4369.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 20561
last-modified: Sat, 02 Mar 2024 13:32:20 GMT
etag: "65e32a64-5051"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbWXfOfKWTCQBr3WVNOB8K0fdD8RXdMdKC2yqrpT0Bh83zILYZwreJ19LDQt2zcf2rsuFxljpx9eJZBZeFXjZ5AtHZJZvvqkftQBUw0nJ5Rg9Dkb225gimNmNHL4YQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa77a1f5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2023-02/thumbs/summer-story.jpg

188.114.97.1

200 OK

5.0 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2023-02/thumbs/summer-story.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3
Size
5.0 kB (4980 bytes)
Hash
710d4064f747d282cf60c2d27c4a9b5f
d0d9e0595710b22cd72defddccd48fc89c107c3d
b03a5e7b2ba8891ca0414d0c447a0595025389ffeb36c61dfcf8c4d4f686e17d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2023-02/thumbs/summer-story.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 4980
last-modified: Tue, 23 Jan 2024 02:13:23 GMT
etag: "65af20c3-1374"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 10611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExQXj7TaM0zrw3J4joq0gaNrMqnouGKWS8cgKWaXktm8HM4XgOn1EvPvlpKYHQt75gEbB5k%2FMuTeHSyJL488FiAzH5r6uemXntE6SgwtNXG%2FI1DiHPGaRajt77Ls8%2BI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa7ba845687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-03/thumbs/breeze-of-passion.jpg

188.114.97.1

200 OK

5.1 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-03/thumbs/breeze-of-passion.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3
Size
5.1 kB (5128 bytes)
Hash
3585f57e8c17e450a15ebad65b009f1c
cc79f719950d1a556f8bf52d43362956fe153657
791d315eb5113fb46979cd970387855bf3f8df0e8176594525c0212270e8ba6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-03/thumbs/breeze-of-passion.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 5128
last-modified: Fri, 05 Apr 2024 03:44:57 GMT
etag: "660f73b9-1408"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 10611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVYyejuD8fwGk%2B4uYTUy40fKFxXrpYHqESbFtTBjwHK2jzHQH3ei%2BkZc6kTpRgSNHotGOo4lBap4mJAHUnF7FuKQOU7SLnwpJps3%2FVsRLXX2dSY9thtE1J2upWuVZPI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa7ba805687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2023-02/thumbs/refuge-of-embers.jpg

188.114.97.1

200 OK

5.9 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2023-02/thumbs/refuge-of-embers.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3
Size
5.9 kB (5899 bytes)
Hash
2823e2e272b4643eb386a910729e9445
a9db785f6afe3ea6e913a165cfc290b692e21728
1741fb0c2434e62ca016c8d6d80a4feedf261222e9028cd101cb2b7c821ae363

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2023-02/thumbs/refuge-of-embers.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 5899
last-modified: Tue, 23 Jan 2024 02:12:20 GMT
etag: "65af2084-170b"
expires: Mon, 10 Jun 2024 14:33:12 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 14215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DoYPKTXNuwP%2FmFNlAhXVMNZ%2B1IELPyAMqDv9jKe5XPngZSeG4MFm4UPcO3DDYoYiA%2F8l0Bgtj%2Ft5IREGWdTjjFvF2bgRwKtunfKuipXuxi%2FSFnrsWk%2BbbpxyRFIFhdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa7ba865687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2022-12/thumbs/milfs-of-sunville.jpg

188.114.97.1

200 OK

5.0 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2022-12/thumbs/milfs-of-sunville.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x124, components 3
Size
5.0 kB (5023 bytes)
Hash
1c3c4049013fb56a122a2c5821e8abc4
22c2505a61acac9e97c27913d598039ee36509e3
5edc0e086c0839f15d2b9e428842176e9916a7594619f84449b40ead0fbdd60a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2022-12/thumbs/milfs-of-sunville.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 5023
last-modified: Tue, 31 Jan 2023 15:32:43 GMT
etag: "63d9349b-139f"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 10611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vbjWIY960F5Nnyi15q3yc1bS8Jf%2FcRsHu4u%2FE1mpiH9ji%2FdIX%2Bl9XIhQRRQai%2BCZvoh%2BmbCXpetodtjIx4qOmt%2BfwJFdRK%2B2sBDrBTI9Tf%2Br6C%2BunTYHVqjM%2Buv53Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa7ba7c5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2022-05/thumbs/a-struggle-with-sin-poster.jpg

188.114.97.1

200 OK

6.3 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2022-05/thumbs/a-struggle-with-sin-poster.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3
Size
6.3 kB (6273 bytes)
Hash
7253edeac528bfba0d5b7eeea6a16091
fd4b898e1f7d1fb634650dc35247c77bb9fa9a1e
f07dab026f170cb054478490728a0aed587e01c8882b7c339cd494eda048217c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2022-05/thumbs/a-struggle-with-sin-poster.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/jpeg
content-length: 6273
last-modified: Mon, 22 Jan 2024 12:02:29 GMT
etag: "65ae5955-1881"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 10611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDuZVJvE79eWWwNJiJOr4QwNzmZdpTG9LwxKY0j6fH7TQogFQ%2FoNZdMmlYNjW7bWQ70fXKV7EwB5qIaTFGIQ90DQO%2Fw20B1%2BGkaeO19VBAsx%2BfqqKsFnGhbXSDUh2mQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa7ba825687-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:03:54 GMT
expires: Fri, 09 May 2025 02:03:54 GMT
cache-control: public, max-age=31536000
age: 145573
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

216.58.207.227

200 OK

9.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9840, version 1.0
Size
9.8 kB (9840 bytes)
Hash
7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:09:53 GMT
expires: Sat, 10 May 2025 06:09:53 GMT
cache-control: public, max-age=31536000
age: 44414
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 372950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9644, version 1.0
Size
9.6 kB (9644 bytes)
Hash
6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:53:48 GMT
expires: Fri, 09 May 2025 01:53:48 GMT
cache-control: public, max-age=31536000
age: 146179
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

byruthub.org/templates/byrut/css/webfonts/fa-solid-900.woff2

188.114.97.1

200 OK

328 kB

URL GET HTTP/3
byruthub.org/templates/byrut/css/webfonts/fa-solid-900.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 328480, version 769.256
Size
328 kB (328480 bytes)
Hash
988a9731afe6bb99003283038799f4d3
e62b834496e8808e09d69b157dd8d30767ab281d
86f3981f7218b89863ef8f6308268144f450b3b4ccc8da51139e01fc791bd685

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/css/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: application/octet-stream
content-length: 328480
last-modified: Sun, 05 Nov 2023 07:09:50 GMT
etag: "65473fbe-50320"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UuZ%2BFj1mFtO%2BpYdXoqvcqHeOP7OpDToYiIl8a1eHFz7xfb9hLjmnA%2B%2ByeTzy08ugmFN5uyMkE1RdU4Z4%2FybiNNdXlW6xO4vxLN4P9mR%2BbY9rPC7dMr%2FDKUEl%2B%2BFBGgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa81b375687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/css/webfonts/fa-regular-400.woff2

188.114.97.1

200 OK

389 kB

URL GET HTTP/3
byruthub.org/templates/byrut/css/webfonts/fa-regular-400.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 388876, version 769.256
Size
389 kB (388876 bytes)
Hash
7289c4ce3f03d1e25a23aec2f1ca1989
63bee62a49b1e129dd410a7804c36f600e45e9ef
13ddcd2880dbcccbf67a22e8f8dc4d48a0ec5891553bb99141eb4923528f3901

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/css/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: application/octet-stream
content-length: 388876
last-modified: Sun, 05 Nov 2023 07:09:40 GMT
etag: "65473fb4-5ef0c"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1L3H%2FOjr56%2BsTro%2B3nYfMtuIOYW7R6K2z4dEhLNcM2s%2BZCS13gGUcX2XH3jUu666w9n2qJRKDsEd6bVXWYpuuQqU5gSIN4h4kiMu5KLuMmV4uEDsGremJzQjZezHs4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa81b395687-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 550890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

byruthub.org/templates/byrut/css/webfonts/fa-light-300.woff2

188.114.97.1

200 OK

424 kB

URL GET HTTP/3
byruthub.org/templates/byrut/css/webfonts/fa-light-300.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 423780, version 769.256
Size
424 kB (423780 bytes)
Hash
288cd41746be38a75c591812b9f623d5
43e3f3b70a4a803054641c8d946b46978dfcbc23
c3691090231fdc9199d216264abb4ad09aeebe9968fe942fa22fb6881248190c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/css/webfonts/fa-light-300.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: application/octet-stream
content-length: 423780
last-modified: Sun, 05 Nov 2023 07:09:54 GMT
etag: "65473fc2-67764"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448764
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gd%2FRnHI4JNkBZYuFYFVBS8GjahNwGxCFvc%2FkZ50rilNIjsvoeBvkjQGPABJhDPBKmZUWgpcMUB40dwQ0YrJYNC%2BcNdT8D2lI%2F7%2Fw4aM6c8B7S%2Bq8Sn4zEeMfeg3%2BX0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa81b3b5687-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 146107
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

byruthub.org/templates/byrut/css/webfonts/fa-brands-400.woff2

188.114.97.1

200 OK

106 kB

URL GET HTTP/3
byruthub.org/templates/byrut/css/webfonts/fa-brands-400.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 105796, version 769.256
Size
106 kB (105796 bytes)
Hash
4dea63c16bf81f5c579f8d4f8ba040b5
132096157a1bd06ee90d0e099b30858e55f44a2f
5d878915657ccc71bc447db9d8a48ef33ffaf36b0c5d94aaa784caa779e1c8e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/css/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: application/octet-stream
content-length: 105796
last-modified: Sun, 05 Nov 2023 07:09:53 GMT
etag: "65473fc1-19d44"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448764
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPJE1MkYD8mSNAfIe7SJkG%2BLvy4F7ddP2j5DheJHt7AaFrZzOJCJfYdCAT7iNllf2lbSNXT74TQxy%2Br5IpiUR9fw%2Bf7%2FhtPIXB2XcWUleeTGrqk3uid1KGtSqCunJRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa84b845687-OSL
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

151.101.65.229

200 OK

94 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (563)
Size
94 kB (93487 bytes)
Hash
e7f9fbd21ab7cc5c330233c9f5ff418e
c482cc1072e7188fb2d3ba257854a618983dc453
de8e0ef9f88a849fa060e988763e2ef944edbe764e3898d03dec776b1dd9a9dd

HTTP Headers

GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.325.0
x-jsd-version-type: version
etag: W/"37afa-xILMEHLnGI+y07oleFSmGJg9xFM"
content-encoding: br
accept-ranges: bytes
date: Fri, 10 May 2024 18:30:07 GMT
age: 39006
x-served-by: cache-fra-eddf8230100-FRA, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 93487
X-Firefox-Spdy: h2

byruthub.org/favicon-120x120.png

188.114.97.1

200 OK

8.0 kB

URL GET HTTP/3
byruthub.org/favicon-120x120.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
8.0 kB (7960 bytes)
Hash
58dab9c132a665c4f525eda08ac2b478
5cb0348bb7c1ab453de686e650116d103c2ded46
b8a881fcaf7e4f0855fd5ee5d398d431ff1fb3fcb2744f556493f29953ad8e5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon-120x120.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/png
content-length: 7960
last-modified: Sun, 14 Jan 2024 16:18:21 GMT
etag: "65a4094d-1f18"
expires: Wed, 05 Jun 2024 13:49:49 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448818
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IM62WpDf4L7DT6n3gMjhefQjeWNee9FSlrif503CTqLtC%2F7umbbzeE7FMq4L%2FPl2i7cTy%2FjOw7WiMES9p9J%2BdfgUWMmbwZ2382I769Vv4cjIk3w%2BZhGxh2IPjBo6Idk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffab780e5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/favicon-120x120.png

188.114.97.1

200 OK

8.0 kB

URL GET HTTP/3
byruthub.org/favicon-120x120.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
8.0 kB (7960 bytes)
Hash
58dab9c132a665c4f525eda08ac2b478
5cb0348bb7c1ab453de686e650116d103c2ded46
b8a881fcaf7e4f0855fd5ee5d398d431ff1fb3fcb2744f556493f29953ad8e5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon-120x120.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: image/png
content-length: 7960
last-modified: Sun, 14 Jan 2024 16:18:21 GMT
etag: "65a4094d-1f18"
expires: Wed, 05 Jun 2024 13:49:49 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448818
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZjgmbNQ5u6GI64v%2BaOFqlKZRcN%2BPlMpdwoY%2BKDy7mBJZ2Yjs0b1OfrxyWskAUM3ZQVQMonigi%2BsxYc%2FQGp%2BhAhpP7joPdnw1PXQCvLZhkDI9f6457AzdQFnnFXY96A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffab78125687-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:08 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 881bffabfc1356aa-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal

104.17.2.184

200 OK

23 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (42150)
Size
23 kB (23391 bytes)
Hash
84087e62962ed2326791e4b1c842b045
60b08662bfea33cc2e17fee4449ca714e02b3d68
f6e7d07bba009f6bd0305795e6e47d439cae0ed44b75fb687d6e686eff99f730

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:07 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
origin-agent-cluster: ?1
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server: cloudflare
cf-ray: 881bffab0aae56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mc.webvisor.org/watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1

87.250.251.119

200 OK

465 B

URL GET HTTP/2
mc.webvisor.org/watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
JSON text data
Size
465 B (465 bytes)
Hash
37cc338abe1b4e66affa948da1b8cd97
6115de589d07a6e1307ea621db14d9a78d4eafc2
9e12ce1fdf5dd2208a04daceea9d54cc4b3bbcaa4b4874ec593b66eb48e351d4

HTTP Headers

GET /watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1 HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://byruthub.org
Referer: https://byruthub.org/
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 465
date: Fri, 10 May 2024 18:30:08 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:08 GMT
last-modified: Fri, 10-May-2024 18:30:08 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881bffab0aae56aa/1715365808550/iW3H9uZQ9pQKR5u

104.17.2.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881bffab0aae56aa/1715365808550/iW3H9uZQ9pQKR5u
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 79 x 14, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
39a69295456793a81966592e187a4c4d
554176334063dcb02e86ce20a31ab94e07adc3d5
ee04254180e268aac8984abe18512c87acab5a9b535a1b9ecc7a79ea37074e90

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/881bffab0aae56aa/1715365808550/iW3H9uZQ9pQKR5u HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:09 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 881bffb59a4956aa-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881bffab0aae56aa/1715365808556/419a0791d646cf3ce4d860e2dbc6f9ef2a690d03d3ffb3b883c1541e6a5d3e3a/UywTRafAQflWze5

104.17.2.184

401 Unauthorized

1 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881bffab0aae56aa/1715365808556/419a0791d646cf3ce4d860e2dbc6f9ef2a690d03d3ffb3b883c1541e6a5d3e3a/UywTRafAQflWze5
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/881bffab0aae56aa/1715365808556/419a0791d646cf3ce4d860e2dbc6f9ef2a690d03d3ffb3b883c1541e6a5d3e3a/UywTRafAQflWze5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 10 May 2024 18:30:10 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gQZoHkdZGzzzk2GDi28b57yppDQPT_7O4g8FUHmpdPjoAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIEGaB5HWRs885Nhg4tvG-e8qaQ0D0_-zuIPBVB5qXT46ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 881bffbb2a4956aa-OSL
alt-svc: h3=":443"; ma=86400

mc.webvisor.org/webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=383553823&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365816%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183015%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365816&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=383553823&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365816%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183015%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365816&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=383553823&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365816%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183015%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365816&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 503224
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:16 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:16 GMT
last-modified: Fri, 10-May-2024 18:30:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=459265394&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=459265394&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=1&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=459265394&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 147
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:16 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:16 GMT
last-modified: Fri, 10-May-2024 18:30:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1)

87.250.251.119

302 Found

43 B

URL GET HTTP/2
mc.webvisor.org/watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: /watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A634736047453%3Ahid%3A537140994%3Az%3A0%3Ai%3A20240510183008%3Aet%3A1715365808%3Ac%3A1%3Arn%3A250321347%3Arqn%3A1%3Au%3A1715365808248929091%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1299%3Awv%3A2%3Ads%3A1%2C28%2C85%2C40%2C29%2C0%2C%2C1439%2C183%2C%2C%2C%2C1879%3Aco%3A0%3Acpf%3A1%3Ans%3A1715365805778%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715365808%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Starfield%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1
date: Fri, 10 May 2024 18:30:08 GMT
access-control-allow-origin: https://byruthub.org
set-cookie: yabs-sid=1667040461715365808; Path=/; SameSite=None; Secure
i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; Expires=Mon, 08-May-2034 18:30:08 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=9015859681715365808; Expires=Mon, 08-May-2034 18:30:08 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=9015859681715365808; Expires=Sat, 10-May-2025 18:30:08 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808; Expires=Sat, 10-May-2025 18:30:08 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:08 GMT
last-modified: Fri, 10-May-2024 18:30:08 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=486022611&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=486022611&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=486022611&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 328
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:16 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:16 GMT
last-modified: Fri, 10-May-2024 18:30:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=223433809&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=223433809&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=223433809&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 53
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:17 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:17 GMT
last-modified: Fri, 10-May-2024 18:30:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=317898051&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=317898051&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=317898051&browser-info=we%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183017%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 306
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:17 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:17 GMT
last-modified: Fri, 10-May-2024 18:30:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=78033272&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=78033272&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=3&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=78033272&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 44
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:19 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:19 GMT
last-modified: Fri, 10-May-2024 18:30:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=675282600&browser-info=we%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=675282600&browser-info=we%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=675282600&browser-info=we%3A1%3Aet%3A1715365819%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183019%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365819&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 145
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:19 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:19 GMT
last-modified: Fri, 10-May-2024 18:30:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=6&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=168777436&browser-info=we%3A1%3Aet%3A1715365821%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183021%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365821&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=6&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=168777436&browser-info=we%3A1%3Aet%3A1715365821%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183021%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365821&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=6&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=168777436&browser-info=we%3A1%3Aet%3A1715365821%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183021%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365821&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 191
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:21 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:21 GMT
last-modified: Fri, 10-May-2024 18:30:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=7&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=465363908&browser-info=we%3A1%3Aet%3A1715365823%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183023%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365823&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=7&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=465363908&browser-info=we%3A1%3Aet%3A1715365823%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183023%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365823&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=7&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=465363908&browser-info=we%3A1%3Aet%3A1715365823%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183023%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365823&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 260
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:23 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:23 GMT
last-modified: Fri, 10-May-2024 18:30:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=8&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=765379597&browser-info=we%3A1%3Aet%3A1715365825%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183025%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365825&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=8&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=765379597&browser-info=we%3A1%3Aet%3A1715365825%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183025%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365825&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=8&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=765379597&browser-info=we%3A1%3Aet%3A1715365825%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183025%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365825&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 100
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:25 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:25 GMT
last-modified: Fri, 10-May-2024 18:30:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=949567589&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=949567589&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=4&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=949567589&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 44
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:27 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:27 GMT
last-modified: Fri, 10-May-2024 18:30:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=9&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=123798414&browser-info=we%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=9&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=123798414&browser-info=we%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=9&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=123798414&browser-info=we%3A1%3Aet%3A1715365827%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183027%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365827&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 344
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:27 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:27 GMT
last-modified: Fri, 10-May-2024 18:30:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=30297388&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1)

87.250.251.119

43 B

URL
mc.webvisor.org/webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=30297388&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=5&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=30297388&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 45
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:29 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:29 GMT
last-modified: Fri, 10-May-2024 18:30:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=10&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=1031466501&browser-info=we%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1)

87.250.251.119

43 B

URL
mc.webvisor.org/webvisor/97198497?wv-part=10&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=1031466501&browser-info=we%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=10&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=1031466501&browser-info=we%3A1%3Aet%3A1715365829%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183029%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365829&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 56
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:29 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:29 GMT
last-modified: Fri, 10-May-2024 18:30:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/webvisor/97198497?wv-part=11&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=724149875&browser-info=we%3A1%3Aet%3A1715365831%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183031%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365831&t=gdpr(14)ti(1)

87.250.251.119

43 B

URL
mc.webvisor.org/webvisor/97198497?wv-part=11&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=724149875&browser-info=we%3A1%3Aet%3A1715365831%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183031%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365831&t=gdpr(14)ti(1)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=11&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=724149875&browser-info=we%3A1%3Aet%3A1715365831%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183031%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365831&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 320
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:31 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:31 GMT
last-modified: Fri, 10-May-2024 18:30:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881bffab0aae56aa

104.17.2.184

200 OK

440 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881bffab0aae56aa
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
440 kB (439908 bytes)
Hash
01315a29eb59eff6933a778755e59a8d
5db3e382b28e4b4962439e128038cc3d21f01231
4fcf01116621f05cd7fd202a1a393e5070fda464c4064a0d442b8ec6a46d6117

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881bffab0aae56aa HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:08 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 881bffabfc1756aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/tags.png

188.114.97.1

200 OK

484 B

URL GET HTTP/3
byruthub.org/templates/byrut/images/tags.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
484 B (484 bytes)
Hash
e25aa5414ea580ee9171f0495dd8614f
0f55896ee1d6c06440326f6d9160799517237763
59172f212518edd429b2e697c77a1e9a91f3769c57dda16798e90aec360b8d97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/tags.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 484
last-modified: Sun, 05 Nov 2023 07:08:48 GMT
etag: "65473f80-1e4"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdYVOPwf2iyxUZFINyTnVKC8wJaIdC%2BSTQYBYqZrd%2FY%2F%2B%2FlBBFB6xjpTrufq%2FABQvlst7HUBDpk0%2FRtSPNVi51ZXcNZZVc3LPWmMo7xAvVNZf5vxzCeS%2Fc7%2FY%2FzHgk4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec15687-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750

104.17.2.184

200 OK

22 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (22364), with no line terminators
Size
22 kB (22364 bytes)
Hash
340b6e973a67da8ea71c766206d7b04b
e3b98442695d9ddeedff35c0ff9b9ed7d71c5ee6
5180253291ad96f77eba2274d585e16f6ff62a5f3425e745b373977c738a8207

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b1630b123e30750
Content-Length: 27767
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:10 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: UHzGC5sJAUQnHsO8xZjH/e0VEpTbL5mKk4qlenDJfE42jmOE8jnx0aD2YwEuhSea$uGXSlUXlzyj0I7LMVEwTbg==
server: cloudflare
cf-ray: 881bffbc2bef56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/upd-publ.png

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/upd-publ.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1414 bytes)
Hash
554a3815f3c1821ac11ff40655ce775d
13d34bc29df63a642f0ea2b1fe867b5a233cbda4
e25dd5f2a89109b540d6c365d5fd87a611c819cbbbfdcf828c4f2e395832a686

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/upd-publ.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 1414
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-586"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vHaWpZBJf3c%2BcwtHTY1WZm%2F%2BoIPxXZkNXntPPxBtxvu2VsSJzw391zgDHhDzcBostFrok7gbEq58kh70P2TDuIYTns7IEAXCz5JLlp%2B5MbH%2Fx%2F7GAvEKi9sIcRsA9a4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec85687-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750

104.17.2.184

200 OK

115 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
115 kB (114576 bytes)
Hash
a9cc91cce3876c6f734af15bd83aa2db
d43f674193e4e6c3e2e85e63afb505acc24bfcf3
3227fa11f3597223c77bd41f67652b77684d56a83f4a0ec8797c2cff66fa7464

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1878768365:1715364736:nEZIvZr75j3t7cSIAaON-lQUFmBCbEucZA_nlLHATxU/881bffab0aae56aa/b1630b123e30750 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a0ey/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b1630b123e30750
Content-Length: 2502
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:08 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: UlKhHiONEyP/gMZBYaIZ7QYEzjxX9VwxsPnf1Zf0wE2e+VIHMvNdxsfEU1+Bm9e+L/DaBooItlN7W8JKNT2VxEKSkLcF14aP2XkJjKUBXGfZNbDoGADFauWHxaHmT7VzmC9zGV43n3WPU/QpF97i+Dqe59i2aEok330GE3r7YPFqiLfBNJhbPxbC4xKh2k90S0oPqSKCbJun1E+++mzRTnapTzmPRrCFybfFTCgL69x0jEYrij3Pq60Lzc0pALPqLWca/LluRGxzbfrLc3FXX9mPhHYI/Tpt1DY9cCAF7Lqj2ViIcQlCMzouJ4X062wVV8MrytuvVLG6555RM5eYj3DoTDNoxURoPKOnuFINWrfA9FFu1L0pqq23KciDmMblwvN43vgXUyxqmdWlMEu22WwHNxa4Bu52tc9BLif6htNhGzSHAI2/jrr1K+hy78Rm$TzD3s3XjRKtVh73qcM2KVw==
server: cloudflare
cf-ray: 881bffaf48a056aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

byruthub.org/23887-starfield.html

188.114.97.1

200 OK

342 kB

URL User Request GET HTTP/2
byruthub.org/23887-starfield.html
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type

Size
342 kB (341555 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /23887-starfield.html HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:30:05 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.1.19
set-cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZS9lELm5qlgh6d9jvA5JfSFYDlpWeFNfzDGObFcfwsZP6Rmvh9uIgNqRxnUXtDus8%2BFR1C5pnzI%2FSteKJ3vCFTPoyoreWTYoc11bFvHfwvqV8fNrk8ttAeUoDqE6OE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bff9e8fdeb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

byruthub.org/templates/byrut/images/night.svg

188.114.97.1

200 OK

955 B

URL GET HTTP/3
byruthub.org/templates/byrut/images/night.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
SVG Scalable Vector Graphics image
Size
955 B (955 bytes)
Hash
11a004733cdc59ef8503bf800dcf29ff
241665f3defcad3a5aab12fdc76f5877da511907
c8b1f29433a168187adbf562e653519398d39f613e5aa2ab5e61bbc43a9e1add

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/night.svg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Nov 2023 07:08:51 GMT
etag: W/"65473f83-3bb"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 448823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cz5HdGTCxG3f2%2F8DVuRwy03DYW%2BZu%2BSnlEANjtcLOaYU3kZOuhDDVWU4vM8LvaaHKPInFUbsUFGGgeB4C4JJX7HvWCtC%2BHxtvr73QvSgxOLmBADjxNXTQajymt0q%2BBs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ebc5687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/updnews.png

188.114.97.1

200 OK

2.3 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/updnews.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 64 x 69, 8-bit colormap, non-interlaced
Size
2.3 kB (2304 bytes)
Hash
c5328ae64b721c1e828ddb36a8810404
50ca3d753ce43d6859d90e6cbab2cd6f6e9507a1
a66e1a3d8b6ac9aa6c3cb0f12523e152ec26bdad81521d2d37e836532ae34ddf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/updnews.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: image/png
content-length: 2304
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-900"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 448823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T473xup1gVbvwtQ6bX7m8ADzGxZ2CXewPKUYMgnfusV6hIh6U0QqbYVYtY1jdy9nBhgwwW4ydXc9FV5nd3Do7Nf2z2U%2Bgs17uH46ym8vV%2F%2BKqDd8F57h1iPhQNiZZDE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa56ec55687-OSL
alt-svc: h3=":443"; ma=86400

ufiler-pro2.ru/tools/js/appUbarButton.js.php

188.42.196.4

200 OK

11 kB

URL GET HTTP/2
ufiler-pro2.ru/tools/js/appUbarButton.js.php
IP
188.42.196.4:443
ASN
#7979 SERVERS-COM

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subject*.ufiler-pro2.ru
Fingerprint0D:9E:0D:BA:C1:69:8F:89:42:BA:D7:B5:C8:0E:40:8D:68:E9:43:97
ValidityWed, 21 Feb 2024 09:15:47 GMT - Tue, 21 May 2024 09:15:46 GMT

File type

Size
11 kB (11015 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tools/js/appUbarButton.js.php HTTP/1.1
Host: ufiler-pro2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:30:08 GMT
content-type: text/javascript;charset=UTF-8
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

byruthub.org/templates/byrut/js/sc.js?v=b4x9n

188.114.97.1

200 OK

2.0 kB

URL GET HTTP/3
byruthub.org/templates/byrut/js/sc.js?v=b4x9n
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
ASCII text, with very long lines (2116), with no line terminators
Size
2.0 kB (2007 bytes)
Hash
8379ac005e1fa3f9e59c79a911e32441
aa78f4c0fd8f5b697efe0befe31a0751724fbcd2
baccb7e2bd3a211e63dd09e7b1d2c4997cb699c634e29384bc1c6793fd321dc8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/js/sc.js?v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:06 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sun, 05 Nov 2023 07:08:56 GMT
etag: W/"65473f88-7d7"
expires: Mon, 10 Jun 2024 05:55:44 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 45262
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPtuUeBmQIKbLhU673RJ%2FLOxuaDZYbdriRrJavCfg3TYA99At3qS0XdppAvf3Gq%2BCN5KygaIl5F%2BgaKAxoeeR2%2Bpo9VcvV8eaAz3cKj2bsdaYHA%2BQxuIlDidzeh2M%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffa1b9315687-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/engine/ajax/controller.php?mod=adminfunction&id=23887&action=newsread&user_hash=e8a5142cca9fd127c565601a4aaba4cab966538a

188.114.97.1

200 OK

5 B

URL GET HTTP/3
byruthub.org/engine/ajax/controller.php?mod=adminfunction&id=23887&action=newsread&user_hash=e8a5142cca9fd127c565601a4aaba4cab966538a
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
cb5e100e5a9a3e7f6d1fd97512215282
11f9578d05e6f7bb58a3cdd00107e9f4e3882671
ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /engine/ajax/controller.php?mod=adminfunction&id=23887&action=newsread&user_hash=e8a5142cca9fd127c565601a4aaba4cab966538a HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/23887-starfield.html
Cookie: PHPSESSID=b97808b6c991c446d33a41d850492bf5; _ym_uid=1715365808248929091; _ym_d=1715365808; _ga_QX7E7T8PJ1=GS1.1.1715365808.1.0.1715365808.0.0.0; _ga=GA1.1.500578044.1715365808; _ym_isad=1; _ym_hostIndex=0-1%2C1-0; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:30:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.1.19
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6RyLxKSDhPpx0eHQs5%2FJcPrgAYAr9kiTHkZIZHv6peOmAfHlTwYqUWdiKjGeXCYYAZTYMz4DGn7q8lFfCAf4SMpuLwY7MJTkTj2DAJt9jdGVsMnyvwQ%2FL%2B946rAiGQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881bffcdfe7e5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mc.webvisor.org/webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=889060157&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1)

87.250.251.119

200 OK

43 B

URL POST HTTP/2
mc.webvisor.org/webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=889060157&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1)
IP
87.250.251.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/23887-starfield.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/97198497?wv-part=2&wv-type=7&wmode=0&wv-hit=537140994&page-url=https%3A%2F%2Fbyruthub.org%2F23887-starfield.html&rn=889060157&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715365817%3Aw%3A1280x1024%3Av%3A1331%3Az%3A0%3Ai%3A20240510183016%3Au%3A1715365808248929091%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Ast%3A1715365817&t=gdpr(14)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Content-Type: text/plain
Content-Length: 44
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1667040461715365808; i=opnQw6ry6yzLy3JwLMcT59b4qvB5y3S9KJs54jEwqx9k52ySEPQ16XrZI2aQSce9fuUyXvmxX32MQJOWbDY8SfTD/s4=; yandexuid=9015859681715365808; yuidss=9015859681715365808; ymex=1746901808.yrts.1715365808#1746901808.yrtsi.1715365808
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 43
date: Fri, 10 May 2024 18:30:16 GMT
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 18:30:16 GMT
last-modified: Fri, 10-May-2024 18:30:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (59)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML