Report - byruthub.org/3800-the-movies-stunts-amp-effects.html

Report Overview

Submitted URL
byruthub.org/3800-the-movies-stunts-amp-effects.html
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 14:26:50
Access
public
Website Title
Скачать The Movies: Stunts & Effects (последняя версия) на ПК торрент
Final URL
byruthub.org/3800-the-movies-stunts-amp-effects.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
88

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	419 B	97 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	3.1 kB	82 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	454 B	17 kB	142.250.74.74
mc.webvisor.org	17571	2009-08-25	2017-08-16	2024-05-09	3.7 kB	4.5 kB	87.250.250.119
byruthub.org	unknown	unknown	No data	No data	25 kB	2.3 MB	188.114.96.1
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-10	4.8 kB	596 kB	104.17.2.184
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-09	419 B	95 kB	104.18.186.31
ufiler-pro2.ru	unknown	2020-07-10	2020-07-10	2023-03-11	415 B	19 kB	188.42.196.22
i.ytimg.com	109	2007-12-11	2012-10-03	2024-05-10	432 B	25 kB	142.250.74.54

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed
2024-05-10	medium	byruthub.org	Sinkholed

ThreatFox

No alerts detected

JavaScript (58)

	URL	Size	First Seen	Last Seen
	byruthub.org/3800-the-movies-stunts-amp-effects.html	4.7 kB	2024-05-10	2024-05-10
Pretty URL byruthub.org/3800-the-movies-stunts-amp-effects.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 16:26:57 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 7a222bc851ab677297ad87918b4c38d9 c0470c6a8230cbe15b50a2a6314221f901d24a0a c3b74e36977ae0e05711fd6a7b5d9a10d19cba4adffdaffff7430e5409836547 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881a9aa07fa5b518	436 kB	2024-05-10	2024-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881a9aa07fa5b518 IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:27:00 Times Seen2 Hash 3e06297ce0310505584554b05d9bd4e9 13b46b277e3b3a710e2ae5a37cf2e71e9cc2f921 be7cd385248f6b812938c0e421d2d2908266f6adc8a01346939477e169f1ea6b Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha	43 kB	2024-05-08	2024-05-17
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:17:22 Last Seen2024-05-17 15:34:59 Times Seen1392 Hash 86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4 Loading...

	cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js	228 kB	2024-05-03	2024-05-17
Pretty URL cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js IP 104.18.186.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 03:32:46 Last Seen2024-05-17 04:48:51 Times Seen38 Hash 6e0389489fbf6661a294053d080b7f68 595ecd76a361a4d376a6e905cb23e54de4904f4e b422d3d8546ec006550b595c77b26b78e58c7c16cb71eac33a1b26e738444aa3 Loading...

	byruthub.org/3800-the-movies-stunts-amp-effects.html	504 B	2024-05-10	2024-05-17
Pretty URL byruthub.org/3800-the-movies-stunts-amp-effects.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-17 10:29:11 Times Seen5 Hash a891740448065e8995763b522a382b78 99741aa5549349ff3c58afd7ff0e5e807acc26c5 75a5ad93a2f788e8605f4fadd8f5b06545894d0afab6416d99230742934012a3 Loading...

	byruthub.org/3800-the-movies-stunts-amp-effects.html	201 B	2023-04-13	2024-05-17
Pretty URL byruthub.org/3800-the-movies-stunts-amp-effects.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-13 14:51:46 Last Seen2024-05-17 10:29:11 Times Seen76 Hash 07a8276b29e1b9299dd016fa8c32efde 25e2caa2fc8d05e32f4c67eb1d6fc889d8ec336a 70549591817f9f020404165fea5c95f31c8cc8d69c7e928dae1b0476485742c3 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal	3.6 kB	2024-05-10	2024-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 45c9e897b9d627122ba21d7c3f2402c0 31d9ce85f00d9f369eaf598d7f1f19af3edf036d eac875368dfb2e3584e71c3cad178a70e58fb44dfaabd5ee43f1b7dabf60c700 Loading...

	byruthub.org/3800-the-movies-stunts-amp-effects.html	506 B	2023-04-13	2024-05-17
Pretty URL byruthub.org/3800-the-movies-stunts-amp-effects.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-13 14:51:46 Last Seen2024-05-17 10:29:11 Times Seen76 Hash b8d4229ba85ef8f6021c001a40cc419f 6d0de20329edc6288594eb66d8decc766eeb7f8b e8f77cc5190581cc8ef3b4c7447738c7892ae5960fcae8e6da2d96377ad2c10e Loading...

	byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n	177 kB	2024-01-21	2024-05-17
Pretty URL byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-21 22:18:25 Last Seen2024-05-17 10:29:13 Times Seen18 Hash dda805648c4c2019d9ad8eb458831e17 5e70a1ce929daf8e6c7a3805c4ecb27f3634d3f6 91f79ae04f21e997227b5335d340bd817dc2e14502dea7bff1695458acbebbd5 Loading...

	ufiler-pro2.ru/tools/js/appUbarButton.js.php	11 kB	2023-04-07	2024-05-17
Pretty URL ufiler-pro2.ru/tools/js/appUbarButton.js.php IP 188.42.196.22 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 19:58:06 Last Seen2024-05-17 10:29:11 Times Seen82 Hash c17b8db269190ea11f1e99708e6470da e2fafa37a4d976d189421517854c03c5980731d2 b6592b53eea560cc2b8792837845abd02514f1da3c377d90db3e5d944de144e9 Loading...

	byruthub.org/templates/byrut/js/sc.js?v=b4x9n	2.0 kB	2023-12-12	2024-05-17
Pretty URL byruthub.org/templates/byrut/js/sc.js?v=b4x9n IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-12 13:04:44 Last Seen2024-05-17 10:29:11 Times Seen11 Hash 9ff2b283bb824f97d2e01f1db11f9bb9 091f88703e0af12dce2e4768851bb388d72ea796 02043d0f28a9f63557cd3638d6a3ea9e2c3c7fec45018d7580c67c41037363a9 Loading...

	byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n	88 kB	2023-06-29	2024-05-19
Pretty URL byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-29 16:14:30 Last Seen2024-05-19 14:10:59 Times Seen374 Hash 4f0fa0ea2ed2bd3abcba54438900f124 0ced4961d59a49eb41977ae8c759d59713223c19 5f55e209be722b88bb75df5b584e8e9030a85db8b96c806149ab1f5538aedcd0 Loading...

	byruthub.org/3800-the-movies-stunts-amp-effects.html	2.2 kB	2023-09-17	2024-05-17
Pretty URL byruthub.org/3800-the-movies-stunts-amp-effects.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-17 09:38:38 Last Seen2024-05-17 10:29:11 Times Seen24 Hash 4801978111ffd3cf30d6804ddfa0663d b18c198dab289c70b296a332a2cd255037248299 c42c13f37fbd5eaee1e355ef84ce888b7c399619a4fbcec36675a98f88de54f7 Loading...

	byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n	134 kB	2024-05-10	2024-05-17
Pretty URL byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-17 10:29:13 Times Seen10 Hash c946c33cc6c45b1bdfa528482d898f24 2f790e85c4d153627bfffb5f8e5bdc1ec66ad73b 7395940bf2b6e2ea209207cd8be98f2107c5b5531585254082fcc1a35c0f7207 Loading...

	www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1	282 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:59 Times Seen2 Hash 96211b7cb28356f69393e83d6fa324d4 d7c4868f8de71505025aac2d629eda6acd64f931 5d154ebdc1d8f2e44e9ecf4ee108b7dc4be5ed6c266e3977e693108a9c307888 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4f2c7c2c069656f1c8d2f3ba2d65782f	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 4f2c7c2c069656f1c8d2f3ba2d65782f 09b55959b568faf25d1fb8cf24c8d8fe25698283 e5f9f7106482d24d21dc252ef36cf8ff7eefb9e6a20a60221ed17c32b0f904af Loading...

	#2 Eval - dbba30ca53cbda5999ea69c74d7def9d	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash dbba30ca53cbda5999ea69c74d7def9d 61fb1dfb83f65a217d462f7d9ff6e50cfb87787a c1b94ee15944b72c877d7f35e6baab5f2778b3a499eeb638e0c4725c93e09312 Loading...

	#3 Eval - a4ea56a6a5d9eb6e37e90650c8acb467	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash a4ea56a6a5d9eb6e37e90650c8acb467 7a31f1ec7bee2c044bba5a7f2a3d52aea0e038c1 e5e37ca1e7f549c084060033ddc7d05d4f74573d979d688928ef76dd70c060e2 Loading...

	#4 Eval - 2104e51b45819fb48be29bd684a7a765	62 B	2024-05-08	2024-05-17
Pretty Observations First Seen2024-05-08 21:17:23 Last Seen2024-05-17 15:34:57 Times Seen967 Hash 2104e51b45819fb48be29bd684a7a765 4c63e1a706403ae3b72fd6bd15bb42ba662b456c 409852cd2d9ad570bc66e5cc8c403b729033ebacfadc90fd9548df7f494a5869 Loading...

	#5 Eval - 63c0ecdb6f72c4a2c1f8a77793eebd7f	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 63c0ecdb6f72c4a2c1f8a77793eebd7f af23987aafb1b450dc33147c8808ef0eca7cb4d6 f4c2d66eaeb8c9e494010d7afb84cb36e91453045ca65e9eff3dcd04429de933 Loading...

	#6 Eval - 98651bbf1c4c95ed411d04ddcd0624bc	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 98651bbf1c4c95ed411d04ddcd0624bc 2159ee70aae420c3eb954606d3a3c7ff42eab4e8 60b65d92da374fd30332dc8a9001851acf98ee25a6e7c78be86678f54a218e72 Loading...

	#7 Eval - c7272ed2e2645842a87edefa0fbcd08e	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash c7272ed2e2645842a87edefa0fbcd08e 2405ccb33e466f9e675d6bb9a60737eadfc16499 cac860cae17f72d3c7166bf8e129ee7bda222e183ee01997ac33d902edb13017 Loading...

	#8 Eval - 06452643c9e7211ec1ee73d7a99d8379	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 06452643c9e7211ec1ee73d7a99d8379 fb5ec4c4676c9021d58cc5dba3ae65c75ab4c6cf d438822d15321855b5eb098a793c70ed18bf9817be6290609875875693353ace Loading...

	#9 Eval - db93ff4cc0479eb4e36dacef9aea1aef	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash db93ff4cc0479eb4e36dacef9aea1aef f71c14735a7f6d8628bf05cf2d878b1fd7b0e2c4 f262c8e03fce470e8d85ab6abec2530e9ba3993cb3762a7308e5bf54919b9321 Loading...

	#10 Eval - 3ea0f3198c059b87313937da67ed9e29	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 3ea0f3198c059b87313937da67ed9e29 902c3998871b9e72f32f45f759137541994052aa 0dd35aa29dc04a044de78de1d550b5f48ccb08234f5ea472c964aa9d10f5356a Loading...

	#11 Eval - 111c0248a20643a1682a9a45f1eb3f3b	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 111c0248a20643a1682a9a45f1eb3f3b 1d0f135bc211f86e5c718e1a8684d79031d2893c 56cbb485eede6be03bcaf1c6036ea8d04de4a2445a3e04d3bdd80d285f754550 Loading...

	#12 Eval - 25dbc65c2a89737c56af32bcad201e29	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 25dbc65c2a89737c56af32bcad201e29 b01a50b886467db591b589198fd205b41c91c155 7e671505bc507c4a36a6373b6ef9a785553094b171effb875f13ed308c9619f0 Loading...

	#13 Eval - b556993fc7f96d8930ced73fecbaba2b	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash b556993fc7f96d8930ced73fecbaba2b 7b53d321a2f6681db57654628607817e71a7ec73 ae148a3dfd461e0d81d013587e62bc1748be0e1b1331dd9fa0118915d278381b Loading...

	#14 Eval - fa23ad6d48dfbc1219f241f98a1eacfd	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash fa23ad6d48dfbc1219f241f98a1eacfd 8f562acd5bf4b23d0bf47ed2e0dbfe3b3044e898 4c2952075d568cda04c1b33cb58efd1d8536b323ece284a98e0eaeda506f29f5 Loading...

	#15 Eval - e38fbf367b48fef1c9fb90db97f9a0dd	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash e38fbf367b48fef1c9fb90db97f9a0dd cdcd08109c2ff1901db974af86570f5d8a34ba1c ecb944fb4d613b6991e2504410c5ff7654ebf1e1796667a73f3dfe503d0397bb Loading...

	#16 Eval - daab9d34a26a19472ec49517b73e6cf9	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash daab9d34a26a19472ec49517b73e6cf9 13c727569825ab05fe983dc27a8a86b43e219059 5b5595f2e09b9ac4bbe8942bb0f4cd1c136551cf6ea53e1cf482bb10eb99f583 Loading...

	#17 Eval - dd110e1e736ef2be122fdacf91d9fd6b	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash dd110e1e736ef2be122fdacf91d9fd6b c1ef854f1d1ed9e78525d4d8170589fa5779676e 1ce76b0c1607a465337f9c4051f582b9b22bf0c3f8cb4c341e85f00669ee6ffe Loading...

	#18 Eval - 3f8a19357ab4cfb51e852a894ffc5082	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 3f8a19357ab4cfb51e852a894ffc5082 8b32604eb9e262f5f33ff655bc3e04773e193512 12e6a61b7888ded511e16202f336f0879fb85981a406c21c06c7a48a44ab30c5 Loading...

	#19 Eval - 41b5b1ab850e83993225df4d09247a51	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:58 Last Seen2024-05-10 16:26:58 Times Seen1 Hash 41b5b1ab850e83993225df4d09247a51 61e0f4a425ad79ccc56abab8573c4a3f571e23fb 5e9e174a59988a18ee6323618c724a08ee42c4b91195689553127b312b09720e Loading...

	#20 Eval - 453a0ce20b8e48b43d78f44cbc1a64b6	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 453a0ce20b8e48b43d78f44cbc1a64b6 8a7a5cf7ac477df8559e023a20c0f0a3869d0f1e 7609d652183d6bc06d5233f5f6028b0c1f46e404f7de8d30e347324c868748dd Loading...

	#21 Eval - a7f0e2d6015884cb1aef2c17eca39d37	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash a7f0e2d6015884cb1aef2c17eca39d37 1b6085cd6231b794b0226eab5ee435fd49cbd770 809e494f21b24850f7a58fbc3920ff51ff87c03dbef70e07505e1b60076faecf Loading...

	#22 Eval - f81f9fd1c6aff581e7c06a0dc21bc093	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash f81f9fd1c6aff581e7c06a0dc21bc093 4f787f1637bd3102b75ecf1c500b531c58291aac 6031a695c4ef6c7f8b08d595d2699e6e7e73cab4eecc4837e2784fae888fe72f Loading...

	#23 Eval - 7dd9a117c75803e61f3ea6426a5ccbaf	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 7dd9a117c75803e61f3ea6426a5ccbaf 44e4387903cd712dc76b06932034d5246b8fbbc5 94c9adf803297a2172777a7e560828683d6be23bd56e4e1841aef6ad19a3b4e9 Loading...

	#24 Eval - 86594d61813ef42bbcf47a87b36b3636	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 86594d61813ef42bbcf47a87b36b3636 0b367317323cfea3479928449e0c797a0ad1fe11 eda6ab85b50d6348507c977b3209d9dafacb759bc986169a86e6e0975e863178 Loading...

	#25 Eval - 57a1fd19c1add167ce90ee070abcfe3a	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 57a1fd19c1add167ce90ee070abcfe3a 880e74e62027424a3acf0beca098df28e839c061 22b0409eb9c9e3b2379687ecf6763bfe942dcd33b8e11df5def1515d5f595fc3 Loading...

	#26 Eval - 4ecc4b77a7762b5c7993c992fd260771	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 4ecc4b77a7762b5c7993c992fd260771 3e651b202c8a02e19ad6f5bf6040492b1152a24e a75f985a5c4e90289bba2efaa61cf7f00a70cda15993a84f33cfd3010be8cfde Loading...

	#27 Eval - f0b21dc9cbd0eeb0a1204322f49efce2	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash f0b21dc9cbd0eeb0a1204322f49efce2 5c268f5379a3a171bd728aee05a112815990ab61 c14baa3ec3b397f8685977b6ca08631428d8f4a7ca96d560fcae88fad55e3522 Loading...

	#28 Eval - de03380659678385eb821e2727bebb0d	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash de03380659678385eb821e2727bebb0d 507da57956f63c4246a1fafc4cb451df87239ef8 25e48c1abcdbb0116d1fd76e058d386147efb388222652f7e41180bc7f46a142 Loading...

	#29 Eval - 618a71db204f5bcdbe8a9ee4871de535	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 618a71db204f5bcdbe8a9ee4871de535 10b85d9602d7e76b52c3e5c7fafa5b1fa6d24294 33995f5f0d6aa460be6bb2af6d9c35884fde887361fa5c9a863430004e2cc4bd Loading...

	#30 Eval - f9034a1fcc4bad9c30422d0697d51871	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash f9034a1fcc4bad9c30422d0697d51871 3ba3dd4bcecebd6f2222a91cf15099d031dfde34 42152ebf24beba6005f177027b52ec0cabd4769eb9d4b88ef15a8ba7931c626d Loading...

	#31 Eval - bad5d54fd0ca0811959140ac365154f0	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash bad5d54fd0ca0811959140ac365154f0 0ca8323d4db89a179178551ccff90e05c0c5e50e 9bd05bcb14fae53d6542522629cb6d81cd822edf52ef88d4b685c6dffe3f32c3 Loading...

	#32 Eval - 095f6de8d0116c45c9c71ba7ee4a2a44	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 095f6de8d0116c45c9c71ba7ee4a2a44 a4c8943ab1b55c7c3fe3acf9453466e32f171642 e195653be5776db8f57399d365d09f16d7a94e3bf710e74d7729ae6a92689e88 Loading...

	#33 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-20 20:57:17 Times Seen354063 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#34 Eval - 223e88603372d230fac460e923b85709	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 223e88603372d230fac460e923b85709 376b8ff53da9a84354a3b0740ca68a5111ea3c7a 550bd0072fd2bb0b957e8c113102cc5f1d1f6647957f5db583ee6fe19b3fe63a Loading...

	#35 Eval - 3a36525696066d7c0b7afb2644a7e140	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 3a36525696066d7c0b7afb2644a7e140 c682bdd503f855d9afa6177a750a34f71806a6e3 8a4b3cf80afbbcd7e648168c6f1d9dacb8d76fa7e3482ee6b3bd258a4c95e52d Loading...

	#36 Eval - c5efc40daf5477bc19ea7ec39cc846aa	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash c5efc40daf5477bc19ea7ec39cc846aa acada1cd6898307cb43b98370bf1bd848bc3f289 657035c394405a36619aa168af6840b24e974697d1b8af268ba69b98e1bd05a9 Loading...

	#37 Eval - 598ef02e841e86d4dadfaf174ef734fd	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 598ef02e841e86d4dadfaf174ef734fd 140bef015104a89ef7dc62eb2a6ec77b93a1a515 1f6ceb570fab61689a823fbb748a5b8e8765bc8f0456d24f31c6c336ea1aef6e Loading...

	#38 Eval - f75105f0edbb776d310559edcca772f4	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash f75105f0edbb776d310559edcca772f4 a86fa51bf64cad30c1083a3f81a27dd22cd4aac4 63e174140ef4ca2066b5f7f4441ab1f1c8d3d0ae2be746e6e6a799c87c392606 Loading...

	#39 Eval - 15f5324088573f81245393e51b8d3df8	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 15f5324088573f81245393e51b8d3df8 fb121bc4e8d262560c9fcdc7362d3046c3443935 686c903e0e34adcf5e985ab73c7db16989e3227c444bd80f8692f64cd7e0a698 Loading...

	#40 Eval - 8710ff9012a51511e00915a866edaea9	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 8710ff9012a51511e00915a866edaea9 a718237173d0f44ffa306469e560fc0461a18466 a08b8d80ccf8ef487ea8cb4df446970e242a9044a5b5b9cdd918eb8f4050efcf Loading...

	#41 Eval - bf99e4c494333947ee2ba60be379ac3f	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash bf99e4c494333947ee2ba60be379ac3f 51756498d42e3f6098209ed1aca22d955089e0f0 6099b5ab8cafff0a475ba573a083e0e42bb1238e57280adefe8e5b080ea0d89e Loading...

	#42 Eval - 8b2999147ca892cb2f626adaa98cfd16	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 8b2999147ca892cb2f626adaa98cfd16 bc4b719c52a2a3ede604701385898319b363f58d 0b33edea59be15d05c582e7e9183c49908f23d8ff5c99f1e3e0c8f4b00aed216 Loading...

	#43 Eval - 39d80f74cf5e5e0208d1f1ce108c5f49	28 B	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:26:59 Last Seen2024-05-10 16:26:59 Times Seen1 Hash 39d80f74cf5e5e0208d1f1ce108c5f49 a27be99ade72af8b95676538e404a14c1ff152c0 34a390505a72e113e6a92468fbcdfaa1e07e9485ebd5564f6afb46f0a9e29b1c Loading...

HTTP Transactions (65)

URL IP Response Size

byruthub.org/templates/byrut/images/logo.png

188.114.96.1

200 OK

5.1 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/logo.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 274 x 60, 8-bit colormap, non-interlaced
Size
5.1 kB (5050 bytes)
Hash
393140752ab9c52a7d15da4e830c8a52
fc14d5c4b79abc39a9f871d05ebbefe51c7c0685
eccbcfd79314410c101e40bdc6b7a0f40e428dc4dc241cbf09d004f5fcf74ce8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/logo.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:21 GMT
content-type: image/png
content-length: 5050
last-modified: Sun, 05 Nov 2023 07:08:48 GMT
etag: "65473f80-13ba"
expires: Wed, 05 Jun 2024 13:49:40 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434201
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yw8zFjqlRvsh2RzIiCba7Groja%2Bh6z63Lf3HGVurg9VI3%2B8MDYcvz5nxkSNIrPsfttN4qw5%2Bgc%2BvvE3yOzzr2EeZiEAVBnfxmSSWm9dwT5bqg0QU4zKmgYLE2SlWRSE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a96795e5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2019-12/1577763641_1577763645.jpg

188.114.96.1

200 OK

22 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2019-12/1577763641_1577763645.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 336x473, components 3
Size
22 kB (22403 bytes)
Hash
9f05361be69c0823d7c72bc7c631a5b7
f01e2c944e8442fde15ed866e007e1e40ec8b55f
7b50e641a00daeac5b24ac236368462076cb930123ccf641afc16e16567f3cfc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2019-12/1577763641_1577763645.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:21 GMT
content-type: image/jpeg
content-length: 22403
last-modified: Thu, 25 Feb 2021 02:29:10 GMT
etag: "60370b76-5783"
expires: Thu, 06 Jun 2024 18:46:45 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 329976
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ES%2B9K0kNcApk7NeaB1yuNUET7CB%2FP0XvnEQ8EsdR5Cwol0Pn0Y9MVq2ALZOhUGtsRBoxprqFaGlwC8DTLySzXshBo0qOwuS8w%2FsRHsqFhwhZTb6fWcMp9TO7xK%2BHR48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9679605689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/icons/1n.png

188.114.96.1

200 OK

2.9 kB

URL GET HTTP/3
byruthub.org/uploads/icons/1n.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 108 x 124, 8-bit colormap, non-interlaced
Size
2.9 kB (2912 bytes)
Hash
d57a9e979bf823fd5de5d87b66b83a83
f360eec5268cc8a0c01c43e5b889ecb049854d4b
769a1f6ee232ef22d85d5b6631fe342b68ce9711bc92384ff388a7cb38371eed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/icons/1n.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:21 GMT
content-type: image/png
content-length: 2912
last-modified: Mon, 17 Oct 2022 17:38:33 GMT
etag: "634d9319-b60"
expires: Wed, 05 Jun 2024 14:17:53 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 432508
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L2a2GxP4ixi5GOgQ8W%2BwMkkIeQGhJTb7Df4ZCmJk6wFD2nmlDBTMQvJRkSCdj67ncrFmT8nG3mXtypAIARbqqnOoI0M0O%2BCsdNjUginqgyKji0e%2F74Djxgmtk%2BAKS9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9679635689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n

188.114.96.1

200 OK

30 kB

URL GET HTTP/3
byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
30 kB (30393 bytes)
Hash
4f0fa0ea2ed2bd3abcba54438900f124
0ced4961d59a49eb41977ae8c759d59713223c19
5f55e209be722b88bb75df5b584e8e9030a85db8b96c806149ab1f5538aedcd0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /engine/classes/min/index.php?g=general3&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:21 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 30393
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 14 Jan 2024 16:06:55 GMT
etag: "pub1705248415;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 30637
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XB88DITWUJUMFYzWQAj7gYy2G1Y2ntHcc5ZIxiSV7GCZDwwwI8vVIuhwgp96eHBYpsnpk6OQIxlAtclZ%2BeE%2BbjtRbBapWt1HsUFaHc6DLmIU9tM9j3WhG4e06w6Ltmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9679755689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n

188.114.96.1

200 OK

46 kB

URL GET HTTP/3
byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64742)
Size
46 kB (46426 bytes)
Hash
dda805648c4c2019d9ad8eb458831e17
5e70a1ce929daf8e6c7a3805c4ecb27f3634d3f6
91f79ae04f21e997227b5335d340bd817dc2e14502dea7bff1695458acbebbd5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:21 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 46426
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 14 Jan 2024 16:06:56 GMT
etag: "pub1705248416;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 30637
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cc6ewoKfqkDpKCrXEy0KEl8Ecd3qYbArTjtbqhSeLEiTzfoJroxKdZv2qEIvZK24ROZE19q7o8Z17GzHcPIcfnORHLI76rY0BAzkLth11sWfoiSanJGQJURSraCDRe0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a96797b5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n

188.114.96.1

200 OK

100 kB

URL GET HTTP/3
byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
troff or preprocessor input, ASCII text
Size
100 kB (100271 bytes)
Hash
e2af714cc5049514c469957a43c3b6c4
4265c52a3db5b50633fbf24acfacb9a0a71d3e7d
a6e08a8370d9e48905c733d901d3fa6a1ec6f6e57038034b3f60fd8bae806a11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:21 GMT
content-type: text/css; charset=utf-8
content-length: 100271
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 05 Nov 2023 07:09:49 GMT
etag: "pub1699168189;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 30637
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EiVurUr31A%2Bi0Z92GACvjMLou0yqNyiPbTMVXuWJ8J8xZ2Bh8XDw0WrHk%2FUdEZzWF2W49dDWNpbhfOAZIcuOeY%2BtMJBO4sm4OH7PktUBVVdQ23y%2BTAqlGziPqyswbgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9679805689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n

188.114.96.1

200 OK

37 kB

URL GET HTTP/3
byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (31911)
Size
37 kB (37050 bytes)
Hash
c946c33cc6c45b1bdfa528482d898f24
2f790e85c4d153627bfffb5f8e5bdc1ec66ad73b
7395940bf2b6e2ea209207cd8be98f2107c5b5531585254082fcc1a35c0f7207

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:21 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 37050
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 05 May 2024 12:28:24 GMT
etag: "pub1714912104;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 30635
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o8nwemKCtxd8qg2RnWfr5WTk7cgHS6oiRq%2FK7%2BBjdm3WQkobn9nOVXSd1MDpU4EGAlop7b9zt62pi%2FTYw44PqTBqJDbhnincpupEELP1dEWi2VCPxGGKo9xUUHpkqTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9679815689-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha

104.17.2.184

302 Found

0 B

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?compat=recaptcha HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 14:26:22 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/1b3559406bc8/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a9a9888ac56c9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1

142.250.74.168

200 OK

96 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
96 kB (96360 bytes)
Hash
96211b7cb28356f69393e83d6fa324d4
d7c4868f8de71505025aac2d629eda6acd64f931
5d154ebdc1d8f2e44e9ecf4ee108b7dc4be5ed6c266e3977e693108a9c307888

HTTP Headers

GET /gtag/js?id=G-QX7E7T8PJ1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 14:26:22 GMT
expires: Fri, 10 May 2024 14:26:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

byruthub.org/templates/byrut/images/rating.png

188.114.96.1

200 OK

2.3 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/rating.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 88 x 263, 8-bit colormap, non-interlaced
Size
2.3 kB (2293 bytes)
Hash
22063375dd8258d84b95d1ee79e8ded4
d6e75431003741b5c847e8d76a4bbafc24bf3c13
9d0b588363b7ada4fe7d8c7b422fa4e953a49463d0aae20483bd2504b0a7eecf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/rating.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/png
content-length: 2293
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-8f5"
expires: Wed, 05 Jun 2024 13:50:28 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434154
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1QA9MNgo0LSaLZgmqo8NxWXINAMP%2BEkYryJvXFY4UipowJCBwQBG0R1IEIyOj%2BWxKo7t9PyWWJhxQD6ApDPoZlrEiK8tfWYheJmDFb6ifOWEBaUxzUcLTbWH5asFXk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9aef445689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/d.gif

188.114.96.1

200 OK

359 B

URL GET HTTP/3
byruthub.org/templates/byrut/images/d.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
GIF image data, version 89a, 13 x 13
Size
359 B (359 bytes)
Hash
3def66024a583b6ca763e249acb3c426
82f2f897d3e2746181b889811ac675565dcaf0fa
7d4fb7d5a9e681b2313ca88338e3255364aa452f243d6397aa905783e98bfca0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/d.gif HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/gif
content-length: 359
last-modified: Sun, 05 Nov 2023 07:08:49 GMT
etag: "65473f81-167"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434139
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkbond5WWAZAcm9rbrgGwkfxtHe%2Fl2xT1yjub0EIhQN9D6QCb33MmdJGhmr%2BF1lQMXeq5uzoyIzzGFuSbCzfo7AzzgBFefU2E6Cbml%2BDfZ4baA2VD2LoPmRAO%2FRvIOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9aef465689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/tags.png

188.114.96.1

200 OK

484 B

URL GET HTTP/3
byruthub.org/templates/byrut/images/tags.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
484 B (484 bytes)
Hash
e25aa5414ea580ee9171f0495dd8614f
0f55896ee1d6c06440326f6d9160799517237763
59172f212518edd429b2e697c77a1e9a91f3769c57dda16798e90aec360b8d97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/tags.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/png
content-length: 484
last-modified: Sun, 05 Nov 2023 07:08:48 GMT
etag: "65473f80-1e4"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NGnue66tilxlktt%2B80N2rvIbBe%2FH2xxGVSKHYK71AQybsoNUvYZlgHgGE2Gt8CPcn7SGF5ysvycJ4U3CdBDE5uAxBcQ6OJfwbLNgCQJ%2F%2BhFN2Zr9F6LaOykXqXWCBfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9aef495689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/fixcom.png

188.114.96.1

200 OK

1.6 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/fixcom.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1557 bytes)
Hash
bfe3d1ac9bc7454a75d41c34842f3cc6
012bcc884c14f1ff8c80e69db1df8a5fe46fb987
91dc915b8c3f0bb128584e574cec46350ea75e059c7a6453bd450e8a201e82fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/fixcom.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/png
content-length: 1557
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-615"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434139
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2HFyVllX%2FhRY79imqLg6VtMnNeFWZze%2FQgT5AYGFavupbdskcUlnJvAUSUTFej9PEWlg6HUJnjeGOaiRNwnCF9XQiQXdLiUSToHc1wRgkvlqjoeJ4tqBhxVyjR%2F2cA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9aef4b5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/top22.png

188.114.96.1

200 OK

1.5 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/top22.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1458 bytes)
Hash
79b0227cbaa7268aa28730dacc5d6840
2fec7563de6010c50287768ec0ad4172a279ec1a
c08507e4c48295cae51420335ea81f5890d8f3a569e44076767699a7e9ab7111

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/top22.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/png
content-length: 1458
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-5b2"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKl4T7w0QGWTyG%2Fo9WeDetMvgksbBGRxZ7KLRD1bOtzBI%2BfHRgsKwPCZDkOCxEa5zrE%2FBOBHPijDRbVKJT%2BQotzkaQ1%2F0xhCTbi0YkbJV0jdutlHK9EQhBtgZCfg0Y8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9aef565689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/updnews.png

188.114.96.1

200 OK

2.3 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/updnews.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 64 x 69, 8-bit colormap, non-interlaced
Size
2.3 kB (2304 bytes)
Hash
c5328ae64b721c1e828ddb36a8810404
50ca3d753ce43d6859d90e6cbab2cd6f6e9507a1
a66e1a3d8b6ac9aa6c3cb0f12523e152ec26bdad81521d2d37e836532ae34ddf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/updnews.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/png
content-length: 2304
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-900"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uJ4nSvnxpi8E3IkZFd960gXNc82PfJXcVakr8yNY30L3ZAokQ%2FAVG6PnDbZ8Zc9LA4hMhd31tWl27cXmPARkxDy%2BqYvhOsPSd8cbj%2FBEaAFGSoajhSj%2F%2FG2s7V4LlvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9aef4f5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/upd-publ.png

188.114.96.1

200 OK

1.4 kB

URL GET HTTP/3
byruthub.org/templates/byrut/images/upd-publ.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1414 bytes)
Hash
554a3815f3c1821ac11ff40655ce775d
13d34bc29df63a642f0ea2b1fe867b5a233cbda4
e25dd5f2a89109b540d6c365d5fd87a611c819cbbbfdcf828c4f2e395832a686

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/upd-publ.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/png
content-length: 1414
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-586"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SwF5cveOhpXOfXSk4qic7MM%2F4k5GWG18FvW91YYDHZ4sNeOOirxEXcZG3JZuaOx8Dx%2BgtBxMFyInu2jmoWW9I9j2aO1MnIX5Eso2dQ%2FW5V%2B4pWTv1%2BNrhyBeamL5eQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9aef525689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/images/night.svg

188.114.96.1

200 OK

948 B

URL GET HTTP/3
byruthub.org/templates/byrut/images/night.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
gzip compressed data, from Unix
Size
948 B (948 bytes)
Hash
d28dc9a9cbfc0692b9dd4818e1f88fb5
1e1c4311e5df34f02295ce00bd6482cd6ca0786f
91851af60892ddf5549d55b02eddead14aa4de456caa0bdf10aa6b535ada59b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/night.svg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Nov 2023 07:08:51 GMT
etag: W/"65473f83-3bb"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 434199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iA5admupIFqdy%2FIH9QB4TlrK0tTQZx7NatA5ZA1oxoctme7BCOoGMzahm3LRzYhPjKnejZX0BXtHnV9Ls7CWQkdphQSD%2BKoWU0Kh86kKzu%2BdnQhvYhuGuwsbHn743u0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9adf405689-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 536265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9644, version 1.0
Size
9.6 kB (9644 bytes)
Hash
6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:53:48 GMT
expires: Fri, 09 May 2025 01:53:48 GMT
cache-control: public, max-age=31536000
age: 131554
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 358325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

142.250.74.74

200 OK

17 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
17 kB (16573 bytes)
Hash
b3384411c5635bf3d203c9b8e291b23b
683ac68e2136d5d73cbdbb55150571a09ed0c844
0173547d39c0abd5e09b7016f71fa81cd62ad44e5d402e6ba166bf274a5c3253

HTTP Headers

GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 14:26:22 GMT
date: Fri, 10 May 2024 14:26:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:03:54 GMT
expires: Fri, 09 May 2025 02:03:54 GMT
cache-control: public, max-age=31536000
age: 130948
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

216.58.207.227

200 OK

9.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9840, version 1.0
Size
9.8 kB (9840 bytes)
Hash
7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:09:53 GMT
expires: Sat, 10 May 2025 06:09:53 GMT
cache-control: public, max-age=31536000
age: 29789
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

byruthub.org/uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg

188.114.96.1

200 OK

30 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
30 kB (30012 bytes)
Hash
cca866cd6fcafc39cac2cfcf63dfd9d6
d52ca8a0f42f96c3362771714b92d9929a404da3
2b7990bd541e744e5c22e393125f11d0ed72ed987a2144b92006b8c5c480d690

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 30012
last-modified: Sat, 02 Mar 2024 13:22:11 GMT
etag: "65e32803-753c"
expires: Thu, 06 Jun 2024 17:59:08 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 332834
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTco4cpEaW32fceY2ZRswRF1PoTimWyXpkJ1G3m5X1rYyRYFXSqNmQca4YyP12ft3cpIjaCDXAyJSepypqmosUKtPXjj0k2aV19aR5EKinz2ujIf2R%2FoY8fTIuf9VHw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d0a945689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2022-05/v-rising-poster.png

188.114.96.1

200 OK

18 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2022-05/v-rising-poster.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
18 kB (17696 bytes)
Hash
a606394e97b9b9957056c116c3455c41
9fcc8caf352968c51c72c880727dcf6ae0c29a32
dd5ddd4c891fa45235a04982a1689e3051b8b4ad5098a1e9b4150129e8963038

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2022-05/v-rising-poster.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/png
content-length: 17696
last-modified: Sat, 18 Mar 2023 11:44:21 GMT
etag: "6415a415-4520"
expires: Wed, 05 Jun 2024 15:02:20 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 429842
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMUWek7KrD3U5aoT90gf%2F9XJiDw9K2YKCZ1zQgOtvNAu9%2B7NtyNrG1UFOgoKevYQW%2FIANWD6M%2BF0jda4kOrXViABmink5jr4Ryj8tQ%2BommKK74jEe2dbCodt1NNeIxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d1a995689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-04/hades-ii.jpg

188.114.96.1

200 OK

40 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-04/hades-ii.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
40 kB (40284 bytes)
Hash
f00a957c498ad034d5648a58854df911
37d1897a0aaf0f85e6f61b0eb1c01f1f8afee591
0e388e3d32b7eceefc166401b3ad5715d3c802cf13ede8eb5f1ef5fd72413a60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-04/hades-ii.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 40284
last-modified: Fri, 03 May 2024 14:26:19 GMT
etag: "6634f40b-9d5c"
expires: Wed, 05 Jun 2024 16:23:10 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 424992
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iv9pWUFRUgHqlXZfTBJ3zVfbcVONTn1a7ho3qirAoG7LEaDYu0MD%2FYnnRdKBlB0xWB5%2FcGWQs6rwdzAh9%2Fi2MCItH%2FH87b6zHegpiEhPF7deeo4EHCr%2FVbkTnV1TuqI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d1aa65689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg

188.114.96.1

200 OK

31 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
31 kB (30626 bytes)
Hash
35baa9a417e43fa13731932280526c26
00d6f5dddcbf4ccbecac9b21ddd7d5049ae872a5
d317eee4887dbda5aa499276aad9b7f67fa80465ed3b7dc8a12cd36ceff0b00f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 30626
last-modified: Fri, 03 May 2024 14:26:25 GMT
etag: "6634f411-77a2"
expires: Wed, 05 Jun 2024 14:41:52 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 431070
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJ%2FFNf1Vo5BKJJK4FVqHjrTEkI%2BEchayrJLq%2BzlYiL7Qp1d5fsao8ktknA6H0UIRVcQh9a5j1%2BRV%2FR9fjLo2Eqmzv4LFeouNJyXmL1VQdsvDZ8uomMgq%2BPvYuXgazVM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d1a9f5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-04/abiotic-factor.jpg

188.114.96.1

200 OK

37 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-04/abiotic-factor.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
37 kB (37104 bytes)
Hash
d441e68c8e71dd837fd5c33d2cc75da7
3500f7a146e16bc996418a536454685a446fc235
3b222b85c2f933f4ba4a5fb586b6e593a2689cac85cf661761b4a28943df4e92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-04/abiotic-factor.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 37104
last-modified: Fri, 03 May 2024 14:20:19 GMT
etag: "6634f2a3-90f0"
expires: Wed, 05 Jun 2024 13:50:21 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434161
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbFv8VwelZJhakSZe5E3DQu%2F31why1F0YpIGhgB13yQtII31LszDnJdQwMdiL6d9KIM2uZ%2Ftc0Axjf37sLUNufK2ftsO%2BmM0dsTdtEDEZHLXcpt%2Fmwa5S0tCxRhPp2o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d1aaa5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/css/styles.css?v=b4x9n

188.114.96.1

200 OK

69 kB

URL GET HTTP/3
byruthub.org/templates/byrut/css/styles.css?v=b4x9n
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
gzip compressed data, from Unix
Size
69 kB (68666 bytes)
Hash
66c69e18d8b31e3a754ec094f2cc8801
5b9fe25e31b45db8fe4766572f3b4d6f8b167161
325a50ab17f93c903d2b51c9300827c1d714e1717d7b62ba954c24e479b4aa84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/css/styles.css?v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:21 GMT
content-type: text/css
last-modified: Tue, 23 Jan 2024 04:25:17 GMT
etag: W/"65af3fad-191d4"
expires: Mon, 10 Jun 2024 05:55:44 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 30637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxnOsgJlCQjajPeUiFxfw53ZSDPXoSSDvkBNeiOD4hVlfPav2klgdxox%2Bls2vnytR1PEWDswWM379kynLM7e%2FZpdu%2FIHLi4rdcUvjo6mD0%2BDCeWXBw9V6nWjjCJdyck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9679595689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-03/pools.jpg

188.114.96.1

200 OK

22 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-03/pools.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
22 kB (22143 bytes)
Hash
0b760610ee6678c0d8c2219241295ffa
3046e23fd134fdc2c785e5e4f27f8badb41e2661
c6a7046604cc35898ba6112e3cca5d63a1ed1c8c8260589f9b5c584c2b1881ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-03/pools.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 22143
last-modified: Fri, 05 Apr 2024 04:00:45 GMT
etag: "660f776d-567f"
expires: Wed, 05 Jun 2024 21:05:07 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 408075
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JPcVIUepvEZed27IKavsqaVp2ZMls8zbv1jeYPNVjJGLL1O%2B0lBkVKYK9EiWXsFnpsaBmACwbKen9eeno9nRbeB20BBZuIih%2Fh3JsDP7hD2srE6lLCNUfsFgq0gFEGI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d1ab15689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/manor-lords-7834.jpg

188.114.96.1

200 OK

37 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/manor-lords-7834.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
37 kB (36849 bytes)
Hash
09c819e68ad8d0c8776f0e1775a23561
9ee3acdaa78dfa7a05ed294ff77ff8a7b6269c5c
c66f0535a8f9e8a5b01c913c7ad6bf3d5250e57e02a2737cf1c8cdbe1479f097

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/manor-lords-7834.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 36849
last-modified: Sat, 02 Mar 2024 13:27:03 GMT
etag: "65e32927-8ff1"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IWD0itR07KlWFyud7THlPRJAX2AX9%2FtH%2Bm%2FmNG76xDRRr8Xn8lSeEv%2FC61TGAkgyUh6HVPMFAXtbMFaQ7zMkcr%2BeJwdgYmZcC3gmPalXe7Lm9f6TgzpBHwL1B655lsk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d1ab55689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2023-03/another-crabs-treasure.jpg

188.114.96.1

200 OK

33 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2023-03/another-crabs-treasure.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
33 kB (33313 bytes)
Hash
0a03ad2317e77c98d4d8ccb206434f59
a2e5d7083b75d99404566f9709c104a675eab8d6
093cf2ca594819111a0a7ff8ab02ae2979024ac003b5df7ba1b4eab85c2c0a08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2023-03/another-crabs-treasure.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 33313
last-modified: Sun, 02 Apr 2023 11:55:21 GMT
etag: "64296d29-8221"
expires: Wed, 05 Jun 2024 16:23:30 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 424972
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pClejsSCiOFQO2CFdGvZTNVu1sTKAloWGq7dUxWNZlesiv86400FJ9BUlSpHk8zLJn6bspMZwwohlHavqMIiE3UgG65tDgRHbBmF4wgpy%2BuKfLhwYw%2FFAQFjy65Vq10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d1ab75689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/js/sc.js?v=b4x9n

188.114.96.1

200 OK

56 kB

URL GET HTTP/3
byruthub.org/templates/byrut/js/sc.js?v=b4x9n
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
gzip compressed data, from Unix
Size
56 kB (55596 bytes)
Hash
7fe6736203ff0048ccf5c39769af00f8
d5f2605834efea23dc4392953afe5b6680335a6c
d1361cb04ea6930305158321c51fafd3483858f495c1f72918cec6b98f6dd308

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/js/sc.js?v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:21 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sun, 05 Nov 2023 07:08:56 GMT
etag: W/"65473f88-7d7"
expires: Mon, 10 Jun 2024 05:55:44 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 30637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5quUdY%2FcHqfkr37rkUgtn9CC1wtpTGRfym8x0vdiEO%2F1%2FG887n9qYwU5o5x4bP%2BqURgJAmWK7AEIbrCODNP3G5WZnFBXMHEcjgBRleLq4EJ9OxgolAiZi5meGRaRdI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9679695689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-05/bellwright-1248791847.jpg

188.114.96.1

200 OK

49 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-05/bellwright-1248791847.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x450, components 3
Size
49 kB (48840 bytes)
Hash
a8a0514df479d1abb2b32950f98d90ec
c4f82373e50b81a8e31fdb374f5166bf82b8807f
a0a93d61d8144053c911ab7e6dc48cca1674c985d09e67a82ee28db206bf11ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-05/bellwright-1248791847.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 48840
last-modified: Sun, 05 May 2024 09:50:16 GMT
etag: "66375658-bec8"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Us1%2FTyZ%2F%2BQW%2F37mD9dts%2B6jcrwucTeGaFF%2F85gG4hiAOsFaAyV8VG9ByiF4IAzSYVgERYRgpwS6JJ55bhhOLMaOdAOE6LjJVrEbM2ojF%2FYC4ntg%2BYwyeknwoYDdWAZE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d4aec5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/no-rest-for-the-wicked.jpg

188.114.96.1

200 OK

33 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/no-rest-for-the-wicked.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
33 kB (32790 bytes)
Hash
d3e485dfc2f379ecdf79558a0a3c60f2
b29b76c6b349fe32cbdff1393c703b7eb7fe031e
ee45689f3a370b1e784c352350b607cb129ff932ae99b67c889a9e774fc36147

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/no-rest-for-the-wicked.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 32790
last-modified: Sat, 02 Mar 2024 13:28:31 GMT
etag: "65e3297f-8016"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lH2qgj4XvOD4UE%2BwJWxVSPvxFFBSpgiXNXP8N7LqqqJCrPeFVQFBS%2Bp88f7Y69QIW59cYH%2FJHvNgkKI8smrNzihj8ydHy7ytztLoHJVDGe81lIXv7Y4TBvMGL2S2Rws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d4aed5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/sker-ritual-4369.jpg

188.114.96.1

200 OK

21 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/sker-ritual-4369.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
21 kB (20561 bytes)
Hash
c2531e578cee9721efe654321c707be4
6e1a0a6b0b4ae646a03e6dab23ddce1dc33dc840
c0bde3dbc37c711ce558e38ccf4d1a4224f4581ceffd253353d52b16377b06bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/sker-ritual-4369.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 20561
last-modified: Sat, 02 Mar 2024 13:32:20 GMT
etag: "65e32a64-5051"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FAI44rsPisFEdqMX%2FKBy%2FI%2FYWMBXZyR7vP38Asauw3ukIH90ZOjzbYcfzelce7DtiYDqsfiNOSYr5kICZXvVi0n2cj9Z387L9yMYw0blEuDKrpReg9Y5pjhfg2501pU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d4aee5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2022-01/1643503294_infection-free-zone.jpg

188.114.96.1

200 OK

22 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2022-01/1643503294_infection-free-zone.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
22 kB (22224 bytes)
Hash
9bce32f6aba6c80d28c547d1fbe42e71
74bd5675f5938a0cfe0d01218046f65cac77e463
966ba58bdf801d4ae8d2755f6dbbee78b81cd389ba7ec6f50618e31f0e920121

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2022-01/1643503294_infection-free-zone.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 22224
last-modified: Sat, 18 Mar 2023 11:38:30 GMT
etag: "6415a2b6-56d0"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4gu2E%2BOKQAuS0QIrKVv%2BncDo2B3ElSi9v5bxDyCTt7pcpJwBV%2FIC4fItg90bL414nRXW57gb6JGxpCfurxTgFhQt%2F894Hd%2B5Y0Lf2yYS6XwbC1hiS4mPI66%2BwpJTmM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d4aef5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2021-01/thumbs/1610943303_progressbar95.jpg

188.114.96.1

200 OK

3.0 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2021-01/thumbs/1610943303_progressbar95.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x124, components 3
Size
3.0 kB (2979 bytes)
Hash
71567295c05a8439450a0ace01126be9
e3c95d23144d0e112421e5eff3905fd806078def
b0fd9906cb3eef3c17beeb4f5ae8c0b217fa7a888935d1c8de88de4c2af0f5ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2021-01/thumbs/1610943303_progressbar95.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 2979
last-modified: Mon, 22 Jan 2024 03:03:02 GMT
etag: "65addae6-ba3"
expires: Mon, 10 Jun 2024 13:33:31 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 3171
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BKgRug3RJaNgT4W3xBjOLHfxrVNnm4ssv0Zh%2BriWUEKQRbiJPECkIicsMC3hllP71zeDsgB7ukkrK2VRSrBUyUdJ1iwpm090%2FYPzEpZiO%2BzqZUcFsnh91LFRLM8zA3U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d4af05689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/thumbs/unturned-3413.jpg

188.114.96.1

200 OK

4.2 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/thumbs/unturned-3413.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3
Size
4.2 kB (4194 bytes)
Hash
2dd1bd54741dba6d956781f2e8d08a0c
f1efd8c64836af2597c52770c38845b10d17d1b6
5abd18cec50f52a4a7174835794a4c0d71fa747b66407247150bafdb14502702

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/thumbs/unturned-3413.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 4194
last-modified: Sat, 02 Mar 2024 12:51:37 GMT
etag: "65e320d9-1062"
expires: Mon, 10 Jun 2024 13:33:31 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 3171
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P4y779Jm73L8dc%2FtxabD3RU2bYx%2FlM8doSwhe3NjjAv%2FUB%2FQp6zWSJMr4%2BNxGuJ9PXndTLCP%2BZsT3jHKT9NI%2BdF69E8oJEhnlgVPr9NhZfoYRldW9AN6oyy8Yht6044%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d4af15689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/thumbs/the-slaverian-trucker-1042.jpg

188.114.96.1

200 OK

3.9 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/thumbs/the-slaverian-trucker-1042.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3
Size
3.9 kB (3892 bytes)
Hash
77a56d68ca1695ca7ac70e28a32d268a
e7a9f6cc203e74e77d33070619f88420d6fe2f83
7d38cdae89a50c9dbe0c32ffc1b8eda249b1ce2c725ffbe10bd031157c45507d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/thumbs/the-slaverian-trucker-1042.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 3892
last-modified: Sat, 02 Mar 2024 12:58:46 GMT
etag: "65e32286-f34"
expires: Mon, 10 Jun 2024 13:33:31 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 3171
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JWYWVXJmwUhiR7aczs08liZ5ZnNGu4ErxhLEZD8BWWZowkuq19Zev0VoGhuTJ%2BVy6bNpklypV1b5iIhao6CdLXkBc0Y75yXqaws2hN14HOAaA0PggNg%2FzYoVfNlMfo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d4af25689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2024-02/thumbs/dream-engines-nomad-cities-9814.jpg

188.114.96.1

200 OK

5.0 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-02/thumbs/dream-engines-nomad-cities-9814.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3
Size
5.0 kB (4999 bytes)
Hash
f03c382586da06b9c3b1a41e503a9d7a
db7765ba2ba2960831bccb169300a22220dff1b4
5bf5a9f9f8ba1dd844a16b07b99fb25a93d9409eb58119fe8b49e2d3d2dd91cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-02/thumbs/dream-engines-nomad-cities-9814.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 4999
last-modified: Sat, 02 Mar 2024 12:51:59 GMT
etag: "65e320ef-1387"
expires: Mon, 10 Jun 2024 11:45:38 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 9644
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIA16GRtupDJjA2ShfoKOuTdncPUp%2Fu9frb0CcibhcpJsJNHR7dLgL%2BrLapxPsHYDLRUalNmigebW079%2FZwf1TJ%2BuukCUP9l2IJnRxwW%2F4FfpLzjqWEZltEqHRdnK8A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d4af35689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2023-08/thumbs/despots-game-1186.jpg

188.114.96.1

200 OK

19 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2023-08/thumbs/despots-game-1186.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 98x147, components 3
Size
19 kB (18980 bytes)
Hash
577f418c55eec57f7c421d09e7845756
83d77b3ae621e5044861fdfdbff402f0989ded1c
544d95823fbdaeddcc3968e6a936779dda9cbcef13d2743853079eed42eb21f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2023-08/thumbs/despots-game-1186.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 18980
last-modified: Tue, 23 Jan 2024 06:08:08 GMT
etag: "65af57c8-4a24"
expires: Mon, 10 Jun 2024 13:33:31 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 3171
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PW%2FSfWEHMlE%2FygPbgAlxgt%2BB92tiLg5lfkVy5%2FYoMBPGnphOkdmvL9i5blTd3LcAK8yJQmgv1TwyfE2bSBMQfu3AeK7xbs%2F8qolmPv3x%2B1fNp9nIIBjCKKENxvk8yq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d4af45689-OSL
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

104.18.186.31

200 OK

94 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP
104.18.186.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (563)
Size
94 kB (93487 bytes)
Hash
e7f9fbd21ab7cc5c330233c9f5ff418e
c482cc1072e7188fb2d3ba257854a618983dc453
de8e0ef9f88a849fa060e988763e2ef944edbe764e3898d03dec776b1dd9a9dd

HTTP Headers

GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 14:26:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 93487
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.325.0
x-jsd-version-type: version
etag: W/"37afa-xILMEHLnGI+y07oleFSmGJg9xFM"
content-encoding: br
x-served-by: cache-fra-eddf8230100-FRA, cache-lga21963-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 4149
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSCEVuna6kBV7VvQJD9xTSXHHNYVHvysvBYuL2J1dBaxwYVqbXTbD%2Fs4ystP7v4iC8sNwH3BAu5QqeNevjSNLdM2U0FRYciuaeBZEGlAZJJiGvwwR16OFv6P370BAT5j0lk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a9a9e2f9256ca-OSL
X-Firefox-Spdy: h2

byruthub.org/templates/byrut/css/webfonts/fa-regular-400.woff2

188.114.96.1

200 OK

389 kB

URL GET HTTP/3
byruthub.org/templates/byrut/css/webfonts/fa-regular-400.woff2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 388876, version 769.256
Size
389 kB (388876 bytes)
Hash
7289c4ce3f03d1e25a23aec2f1ca1989
63bee62a49b1e129dd410a7804c36f600e45e9ef
13ddcd2880dbcccbf67a22e8f8dc4d48a0ec5891553bb99141eb4923528f3901

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/css/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:23 GMT
content-type: application/octet-stream
content-length: 388876
last-modified: Sun, 05 Nov 2023 07:09:40 GMT
etag: "65473fb4-5ef0c"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FtGrhiRFKyJGuhx2qi4oTbddGrJPY5mNYodxtyUTTdMftlVJ%2FttDQVcj%2Fzjq8gYSGJbALZkcUXIJxDq41MZRt0xg4nq7Hdnq63v%2BYs6ACElFX2K774y6XHM434MFtDM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9ebd225689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/css/webfonts/fa-solid-900.woff2

188.114.96.1

200 OK

328 kB

URL GET HTTP/3
byruthub.org/templates/byrut/css/webfonts/fa-solid-900.woff2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 328480, version 769.256
Size
328 kB (328480 bytes)
Hash
988a9731afe6bb99003283038799f4d3
e62b834496e8808e09d69b157dd8d30767ab281d
86f3981f7218b89863ef8f6308268144f450b3b4ccc8da51139e01fc791bd685

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/css/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:23 GMT
content-type: application/octet-stream
content-length: 328480
last-modified: Sun, 05 Nov 2023 07:09:50 GMT
etag: "65473fbe-50320"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBmX3M5lcLgW0BaIgIzj0fJ%2BKCwFgR8EJRPI4pJ8QzRFUNFTmcbq%2F2FaXNdwyhEkD8d7QXt57%2BCDlrPB0%2FYYdK05SqGHFzHXfG%2Bb1MVPEjcYX%2F5uOz%2FC6pW0ee7ytF4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9ebd215689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/css/webfonts/fa-light-300.woff2

188.114.96.1

200 OK

424 kB

URL GET HTTP/3
byruthub.org/templates/byrut/css/webfonts/fa-light-300.woff2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 423780, version 769.256
Size
424 kB (423780 bytes)
Hash
288cd41746be38a75c591812b9f623d5
43e3f3b70a4a803054641c8d946b46978dfcbc23
c3691090231fdc9199d216264abb4ad09aeebe9968fe942fa22fb6881248190c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/css/webfonts/fa-light-300.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:23 GMT
content-type: application/octet-stream
content-length: 423780
last-modified: Sun, 05 Nov 2023 07:09:54 GMT
etag: "65473fc2-67764"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cdebqFWykRh6j4Aa%2FyLmVNVvkk0p5k5LnGBZsboQ8M5vcy45U9JoKpYvWeYRY6xdCndjuYiECSlPJrnD5xycEwFnHZjBaJ69eMoJLPFxS7TnHyHkmRz2gsCoXJ28dsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9ecd285689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/templates/byrut/css/webfonts/fa-brands-400.woff2

188.114.96.1

200 OK

106 kB

URL GET HTTP/3
byruthub.org/templates/byrut/css/webfonts/fa-brands-400.woff2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 105796, version 769.256
Size
106 kB (105796 bytes)
Hash
4dea63c16bf81f5c579f8d4f8ba040b5
132096157a1bd06ee90d0e099b30858e55f44a2f
5d878915657ccc71bc447db9d8a48ef33ffaf36b0c5d94aaa784caa779e1c8e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/css/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:23 GMT
content-type: application/octet-stream
content-length: 105796
last-modified: Sun, 05 Nov 2023 07:09:53 GMT
etag: "65473fc1-19d44"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkYTx4JFpa11ik8tiIVltNjhqJyIzSBLz43vgwFvt%2FlBAhH0TSiF%2BG4vhcNEKu1GRnSuIA4IOqz7PkWYrI9%2BDEvpR0PQoYAJ%2BeEExUjkOBXKUrz2hxPbqRQsfFnmazA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9ecd295689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/favicon-120x120.png

188.114.96.1

200 OK

8.0 kB

URL GET HTTP/3
byruthub.org/favicon-120x120.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
8.0 kB (7960 bytes)
Hash
58dab9c132a665c4f525eda08ac2b478
5cb0348bb7c1ab453de686e650116d103c2ded46
b8a881fcaf7e4f0855fd5ee5d398d431ff1fb3fcb2744f556493f29953ad8e5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon-120x120.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:23 GMT
content-type: image/png
content-length: 7960
last-modified: Sun, 14 Jan 2024 16:18:21 GMT
etag: "65a4094d-1f18"
expires: Wed, 05 Jun 2024 13:49:49 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TwjQAtmuCiP46iYB1CuNW0KW06wkLnKlKzXQ4xIv1Q%2BBLnBOd%2FUMocM633aKQb0FW516zZ7RhScTDtx2Y4CHdC9Ed1D5adT%2FrgOHagL3nop91KNRIxX%2F%2FVer5Nb9oLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9aa118195689-OSL
alt-svc: h3=":443"; ma=86400

ufiler-pro2.ru/tools/js/appUbarButton.js.php

188.42.196.22

200 OK

19 kB

URL GET HTTP/2
ufiler-pro2.ru/tools/js/appUbarButton.js.php
IP
188.42.196.22:443
ASN
#7979 SERVERS-COM

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subject*.ufiler-pro2.ru
Fingerprint0D:9E:0D:BA:C1:69:8F:89:42:BA:D7:B5:C8:0E:40:8D:68:E9:43:97
ValidityWed, 21 Feb 2024 09:15:47 GMT - Tue, 21 May 2024 09:15:46 GMT

File type
data
Size
19 kB (18975 bytes)
Hash
4df9524947051d2ddf5ffa4d95b6bd3e
931c689901d7310e4897a3bcda9cd50aa289868c
e2aaace6d0f0428a6d16f420432dafb3af28737c58e7475c4225db018c4258a1

HTTP Headers

GET /tools/js/appUbarButton.js.php HTTP/1.1
Host: ufiler-pro2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:26:23 GMT
content-type: text/javascript;charset=UTF-8
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

i.ytimg.com/vi/B6GNTIWEsBY/hqdefault.jpg

142.250.74.54

200 OK

25 kB

URL GET HTTP/2
i.ytimg.com/vi/B6GNTIWEsBY/hqdefault.jpg
IP
142.250.74.54:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintD2:2C:3D:05:38:12:27:20:C9:64:22:58:3A:99:D5:43:6E:BD:3B:D2
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
25 kB (24569 bytes)
Hash
5e4ee56a778e88a765e5c9921bae863a
ad7c7273b073c09f21f2ee7c4902d95dc25664ff
a88ec01eaac6ca60bfa9fe8cfec7aab78003fb9da57bd743e71893640adf90ed

HTTP Headers

GET /vi/B6GNTIWEsBY/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 24569
date: Fri, 10 May 2024 14:26:23 GMT
expires: Fri, 10 May 2024 16:26:23 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:23 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 881a9aa18951b518-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/81680740:1715350281:yO0Qc47BXmVaxF4HQYXq0yXYPzjbEgv28yrXjMDWx5w/881a9aa07fa5b518/e0999d19c15f7e3

104.17.2.184

200 OK

86 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/81680740:1715350281:yO0Qc47BXmVaxF4HQYXq0yXYPzjbEgv28yrXjMDWx5w/881a9aa07fa5b518/e0999d19c15f7e3
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (86529 bytes)
Hash
b3d7cfa38bbf755921d1c1b4a0fb238d
4d89dc3ef17671072f1d004900e5f874f1ba3543
3d2600fe0c667f9cc70736920dbedc8c5b37099c87fbe5ee943316f45c782210

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/81680740:1715350281:yO0Qc47BXmVaxF4HQYXq0yXYPzjbEgv28yrXjMDWx5w/881a9aa07fa5b518/e0999d19c15f7e3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: e0999d19c15f7e3
Content-Length: 2515
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:24 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: OOKL8a1cpU64JkwiX5sQDWNob3RVxT2EBwWi7MU5QrnC9MW/9JLl1emaB0ifk4LG1eaqJb4Q2Hy3EcSWFDz7pYPEG91CJRrSRb14AEBYY75h0cUw0fJCNPnHns+cBz0E08xrp/VcZ4eyt9PAYTJfY3XpeMfydd+vz9Fv1z1fDva4rXVVqpHx9a8YTOHj/+iegBqeho4QyFZE2TE98AKhmolCTEvD3hE97Z5INsbPCc3yZ9bIzOcN56/gz7JzwZ/R4TaKD+hBXHUGG3ATh6P6VthGB9FK7HJiPoTERRyUAO4YdXUui+51Akfe/+HSn66mfL+Y2gCADZUEXmwqmkVzOa9ehX6MKAVQersWk/oGXYw8XH8iTg83FfWW8HdkrA10TrOa6HyyyYSQS8Pqw0j30YkeW1UoBnYUx0OMyhfsIyRF6Hy17wN7A56v+GsREnd0$Y8B2WencHXznNY8rDtPmQA==
server: cloudflare
cf-ray: 881a9aa40cb7b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881a9aa07fa5b518/1715351184022/bDG_r_nINfLMnbG

104.17.2.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881a9aa07fa5b518/1715351184022/bDG_r_nINfLMnbG
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 49 x 48, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
74c735a4d79283a9e1531f1ff4aa07ce
eed35db48d44056bc431a78ebecb8a189415742d
edbe495b2d50ecc4cb2c8d600e4520df9983e693b3547643be5c2b31a992d17c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/881a9aa07fa5b518/1715351184022/bDG_r_nINfLMnbG HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:25 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 881a9aacfa1db518-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881a9aa07fa5b518/1715351184029/261e78e93b33122a34091fa1d8300b5cd8585a8b967528b2cb1523b87cbfcc85/VjyD9bHP3PA8Dtq

104.17.2.184

401 Unauthorized

1 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881a9aa07fa5b518/1715351184029/261e78e93b33122a34091fa1d8300b5cd8585a8b967528b2cb1523b87cbfcc85/VjyD9bHP3PA8Dtq
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/881a9aa07fa5b518/1715351184029/261e78e93b33122a34091fa1d8300b5cd8585a8b967528b2cb1523b87cbfcc85/VjyD9bHP3PA8Dtq HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 10 May 2024 14:26:26 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gJh546TszEio0CR-h2DALXNhYWouWdSiyyxUjuHy_zIUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tICYeeOk7MxIqNAkfodgwC1zYWFqLlnUosssVI7h8v8yFABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 881a9ab1a8a4b518-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal

104.17.2.184

200 OK

26 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (42150)
Size
26 kB (25604 bytes)
Hash
667bbdfa90bfd5a90b9abf5fa0805a5b
80ad75f66afd8050f62fca20aa510360ad610497
61ab78523fe38838ccf120a5ade1fee241678a99f7f6c4beda0c2a11af0adc8a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:23 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
document-policy: js-profiling
referrer-policy: same-origin
origin-agent-cluster: ?1
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-opener-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server: cloudflare
cf-ray: 881a9aa07fa5b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881a9aa07fa5b518

104.17.2.184

200 OK

436 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881a9aa07fa5b518
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
436 kB (436530 bytes)
Hash
3e06297ce0310505584554b05d9bd4e9
13b46b277e3b3a710e2ae5a37cf2e71e9cc2f921
be7cd385248f6b812938c0e421d2d2908266f6adc8a01346939477e169f1ea6b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881a9aa07fa5b518 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9urgd/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:23 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 881a9aa18952b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js

104.17.2.184

200 OK

43 kB

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42616)
Size
43 kB (42617 bytes)
Hash
86183dd14ee10d1dee92b37b5069d716
9ec32d650ece484bbe624ca734a0a65e22d35dd6
ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4

HTTP Headers

GET /turnstile/v0/g/1b3559406bc8/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=604800, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a9a98d90456c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 131482
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mc.webvisor.org/watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F3800-the-movies-stunts-amp-effects.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A415361379412%3Ahid%3A544584394%3Az%3A0%3Ai%3A20240510142623%3Aet%3A1715351184%3Ac%3A1%3Arn%3A214594979%3Arqn%3A1%3Au%3A1715351184248248619%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1384%3Awv%3A2%3Ads%3A0%2C21%2C92%2C22%2C34%2C0%2C%2C1332%2C26%2C%2C%2C%2C2063%3Aco%3A0%3Acpf%3A1%3Ans%3A1715351181317%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715351184%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20The%20Movies%3A%20Stunts%20%26%20Effects%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1

87.250.250.119

200 OK

465 B

URL GET HTTP/2
mc.webvisor.org/watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F3800-the-movies-stunts-amp-effects.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A415361379412%3Ahid%3A544584394%3Az%3A0%3Ai%3A20240510142623%3Aet%3A1715351184%3Ac%3A1%3Arn%3A214594979%3Arqn%3A1%3Au%3A1715351184248248619%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1384%3Awv%3A2%3Ads%3A0%2C21%2C92%2C22%2C34%2C0%2C%2C1332%2C26%2C%2C%2C%2C2063%3Aco%3A0%3Acpf%3A1%3Ans%3A1715351181317%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715351184%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20The%20Movies%3A%20Stunts%20%26%20Effects%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1
IP
87.250.250.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (521), with no line terminators
Size
465 B (465 bytes)
Hash
fa7c82ff8255dd90e9a5b4a68719aea0
75cf76b89f22736490d298033b12eb2fd2b27a92
e6f2b95e371de29739f10a4e3b50601a47372c167bdee09f7b95be93e15b1f63

HTTP Headers

GET /watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F3800-the-movies-stunts-amp-effects.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A415361379412%3Ahid%3A544584394%3Az%3A0%3Ai%3A20240510142623%3Aet%3A1715351184%3Ac%3A1%3Arn%3A214594979%3Arqn%3A1%3Au%3A1715351184248248619%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1384%3Awv%3A2%3Ads%3A0%2C21%2C92%2C22%2C34%2C0%2C%2C1332%2C26%2C%2C%2C%2C2063%3Aco%3A0%3Acpf%3A1%3Ans%3A1715351181317%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715351184%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20The%20Movies%3A%20Stunts%20%26%20Effects%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1 HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://byruthub.org
Referer: https://byruthub.org/
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=991859261715351184; i=KQaoCBqUQ9wsN2czplQy+Xf94zP0hZHu212THEEunCbrnmSLcXZX8HSOu5J4LwvPt8S7YPOMJUEqJ6YcPMKtbO3KkUw=; yandexuid=9542654971715351184; yuidss=9542654971715351184; ymex=1746887184.yrts.1715351184#1746887184.yrtsi.1715351184
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 465
date: Fri, 10 May 2024 14:26:24 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 14:26:24 GMT
last-modified: Fri, 10-May-2024 14:26:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

byruthub.org/3800-the-movies-stunts-amp-effects.html

188.114.96.1

200 OK

150 kB

URL User Request GET HTTP/2
byruthub.org/3800-the-movies-stunts-amp-effects.html
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type

Size
150 kB (149920 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3800-the-movies-stunts-amp-effects.html HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 14:26:21 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.1.19
set-cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gFYQ%2FeZ%2Bbs6yOMdZL6eGIlWo5t0YSYIfEN%2F0clQkE1BI1M9A8DvXiXje1Dh3D6A9RuGf9wf1Xkt%2FlEFPTT8l5CUYVTmWNDeRcg707Np24%2BtZJHlxfEWcrAGywdvID6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a939fddb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

byruthub.org/templates/byrut/images/close.svg

188.114.96.1

200 OK

350 B

URL GET HTTP/3
byruthub.org/templates/byrut/images/close.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
SVG Scalable Vector Graphics image
Size
350 B (350 bytes)
Hash
e791ff05e7399e12a219c3cdb017e8c4
91c6e30bc6179479f3b189dc321c7ec59c74400c
9394ae78f6113b7787c578f96b1c9aec045bd4b471555ceb497f6bf62ff87b34

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/byrut/images/close.svg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Nov 2023 07:08:47 GMT
etag: W/"65473f7f-15e"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 434199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MsPeN16r8BrPOxqwBjCoTQl97rpKWtze2ijoekEgLjACrl4hYFLq0ClKrhKAH9NaTetoNg37x7qOc0J0ynCBp7iwDeaCQ%2FartXl2gbqySckOYvYhteA3t32QwGbezFA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9adf3f5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg

188.114.96.1

200 OK

55 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
55 kB (54843 bytes)
Hash
0eccb284fa373b0e38abb036a6ccf8fd
accaa1bd7a2e396f512e551e89018f217245a678
caf1fe202893050379dd5f868d222ae31d06279e57f1f2da4d9163347a86f44d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 54843
last-modified: Mon, 02 Oct 2023 05:34:39 GMT
etag: "651a566f-d63b"
expires: Wed, 05 Jun 2024 15:38:40 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 427662
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNFZXSuaxEKZHhEMwcfrgXQFANQXcxDrq0TE8uMxd8hzJAki9i2OAZt2DzUrmfKQR8uZYv5bYVKHJbE0mOfjuy7rFS3W0EWzaIVpx2PqN2nmKEASt8eETKJOUq1FqLc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d4aea5689-OSL
alt-svc: h3=":443"; ma=86400

mc.webvisor.org/watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F3800-the-movies-stunts-amp-effects.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A415361379412%3Ahid%3A544584394%3Az%3A0%3Ai%3A20240510142623%3Aet%3A1715351184%3Ac%3A1%3Arn%3A214594979%3Arqn%3A1%3Au%3A1715351184248248619%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1384%3Awv%3A2%3Ads%3A0%2C21%2C92%2C22%2C34%2C0%2C%2C1332%2C26%2C%2C%2C%2C2063%3Aco%3A0%3Acpf%3A1%3Ans%3A1715351181317%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715351184%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20The%20Movies%3A%20Stunts%20%26%20Effects%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1)

87.250.250.119

302 Found

465 B

URL GET HTTP/2
mc.webvisor.org/watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F3800-the-movies-stunts-amp-effects.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A415361379412%3Ahid%3A544584394%3Az%3A0%3Ai%3A20240510142623%3Aet%3A1715351184%3Ac%3A1%3Arn%3A214594979%3Arqn%3A1%3Au%3A1715351184248248619%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1384%3Awv%3A2%3Ads%3A0%2C21%2C92%2C22%2C34%2C0%2C%2C1332%2C26%2C%2C%2C%2C2063%3Aco%3A0%3Acpf%3A1%3Ans%3A1715351181317%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715351184%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20The%20Movies%3A%20Stunts%20%26%20Effects%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1)
IP
87.250.250.119:443
ASN
#13238 YANDEX LLC

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type

Size
465 B (465 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F3800-the-movies-stunts-amp-effects.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A415361379412%3Ahid%3A544584394%3Az%3A0%3Ai%3A20240510142623%3Aet%3A1715351184%3Ac%3A1%3Arn%3A214594979%3Arqn%3A1%3Au%3A1715351184248248619%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1384%3Awv%3A2%3Ads%3A0%2C21%2C92%2C22%2C34%2C0%2C%2C1332%2C26%2C%2C%2C%2C2063%3Aco%3A0%3Acpf%3A1%3Ans%3A1715351181317%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715351184%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20The%20Movies%3A%20Stunts%20%26%20Effects%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: /watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F3800-the-movies-stunts-amp-effects.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A415361379412%3Ahid%3A544584394%3Az%3A0%3Ai%3A20240510142623%3Aet%3A1715351184%3Ac%3A1%3Arn%3A214594979%3Arqn%3A1%3Au%3A1715351184248248619%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1384%3Awv%3A2%3Ads%3A0%2C21%2C92%2C22%2C34%2C0%2C%2C1332%2C26%2C%2C%2C%2C2063%3Aco%3A0%3Acpf%3A1%3Ans%3A1715351181317%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715351184%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20The%20Movies%3A%20Stunts%20%26%20Effects%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1
date: Fri, 10 May 2024 14:26:24 GMT
access-control-allow-origin: https://byruthub.org
set-cookie: yabs-sid=991859261715351184; Path=/; SameSite=None; Secure
i=KQaoCBqUQ9wsN2czplQy+Xf94zP0hZHu212THEEunCbrnmSLcXZX8HSOu5J4LwvPt8S7YPOMJUEqJ6YcPMKtbO3KkUw=; Expires=Mon, 08-May-2034 14:26:20 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=9542654971715351184; Expires=Mon, 08-May-2034 14:26:20 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=9542654971715351184; Expires=Sat, 10-May-2025 14:26:24 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1746887184.yrts.1715351184#1746887184.yrtsi.1715351184; Expires=Sat, 10-May-2025 14:26:24 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 14:26:24 GMT
last-modified: Fri, 10-May-2024 14:26:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

byruthub.org/uploads/posts/2024-04/foundry-9384.jpg

188.114.96.1

200 OK

44 kB

URL GET HTTP/3
byruthub.org/uploads/posts/2024-04/foundry-9384.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
44 kB (43931 bytes)
Hash
57ef318c6bfed87726ac3ea8d8457996
3b9cc58c465ca31b685be5e6c3c7b597f9912446
498b90922071f6a93d18ab2c1f7c441f6d3a6087894351de2a5808c372e46df0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/posts/2024-04/foundry-9384.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:22 GMT
content-type: image/jpeg
content-length: 43931
last-modified: Fri, 03 May 2024 14:25:16 GMT
etag: "6634f3cc-ab9b"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434199
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUX8nLhaz3xmdwaDtbk2P6eqxWtdy7RjN2P5Vafi3G5TdDgIgI%2Bz9cCIP0vv1QKcYvFnsWUB9tX1WDEbrn09H10m1PHXiZr4mSxjTfcZf0ERQalpaFZmXpsW0MVMYm8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9a9d1aaf5689-OSL
alt-svc: h3=":443"; ma=86400

byruthub.org/engine/ajax/controller.php?mod=adminfunction&id=3800&action=newsread&user_hash=e8a5142cca9fd127c565601a4aaba4cab966538a

188.114.96.1

200 OK

5 B

URL GET HTTP/3
byruthub.org/engine/ajax/controller.php?mod=adminfunction&id=3800&action=newsread&user_hash=e8a5142cca9fd127c565601a4aaba4cab966538a
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Certificate
IssuerLet's Encrypt
Subjectbyruthub.org
Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9
ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
cb5e100e5a9a3e7f6d1fd97512215282
11f9578d05e6f7bb58a3cdd00107e9f4e3882671
ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /engine/ajax/controller.php?mod=adminfunction&id=3800&action=newsread&user_hash=e8a5142cca9fd127c565601a4aaba4cab966538a HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/3800-the-movies-stunts-amp-effects.html
Cookie: PHPSESSID=e3f52b4011ba6338e7760fdb55c017b3; _ym_uid=1715351184248248619; _ym_d=1715351184; _ga_QX7E7T8PJ1=GS1.1.1715351183.1.0.1715351183.0.0.0; _ga=GA1.1.1206668607.1715351184; _ym_isad=1; _ym_hostIndex=0-1%2C1-0; _ym_visorc=b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 14:26:28 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.1.19
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ihEs4nc00GK7BaYhQIFfwcOsy69VqrxhUAYCR7BaYlyen5B0oVqVugOmgbj8782i5InyA50xxXOHv2meeElOQq4sBGB6R4MvhOReKbBrbYvv3jXh8C7qYu%2Bh%2BXuBb7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881a9ac26b2e5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (58)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML