{"report_id":"60090937-fd97-4da4-86a9-236c48d69e09","version":6,"status":"done","tags":[],"date":"2026-01-10T20:38:05Z","url":{"schema":"http","addr":"xrutor.org","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":0,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"final":{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"title":"rutor.org :: Свободный торрент трекер :: rutor.org закрыли, rutor org заблокирован, rutor org не работает, rutor org переехал, рутор орг зеркало","dom":{"size":1975,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (396)","md5":"4efa3f63ce910124840707ea7de624b1","sha1":"38b7f8c25a3bdb16258a330e5d6cfdf8efb87824","sha256":"ed08bddcb66ef680bc31844164a49aad334fbc6b512d0a3059b78aa0d1dee2c4","sha512":"c338824f6187b24da4cb431d36ed692ea51185a2a1edbbce82096822b337ab51da69244ef55ca6e532d7990e25ad5abed8dec6beef9234bb1171de97befc5dea","ssdeep":"","tlshash":"4c4196376f11f058d62398e5d1e5378ce557000bd6a0c932e6fe9aa6efd03c08e2269d","dom_hash":"domhasheb791831ee5e6c2d3bce10e39cb46e3e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"xrutor.org","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":0,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-14T20:38:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"xrutor.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"myroledance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kllastroad.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kllastroad.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kllastroad.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":8,"received_data":71316,"sent_data":3714,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"dsp10.24smi.net","ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2011-12-12","domain_rank":1660280,"first_seen":"2025-06-20T08:18:51.202612Z","last_seen":"2026-01-01T13:40:38.530793Z","alert_count":0,"request_count":2,"received_data":974,"sent_data":1480,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"xrutor.org","ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"domain_registered":"2014-08-06","domain_rank":201990,"first_seen":"2015-03-01T17:02:49Z","last_seen":"2025-08-05T06:39:01.789686Z","alert_count":7,"request_count":7,"received_data":204823,"sent_data":4857,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.12.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"psyduck-beak.yotor.ru","ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"domain_registered":"2023-10-28","domain_rank":0,"first_seen":"2025-07-07T22:56:18.281573Z","last_seen":"2026-01-06T22:11:51.030254Z","alert_count":0,"request_count":2,"received_data":67105,"sent_data":1021,"comment":"","tags":null,"fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"jsn.24smi.net","ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2011-12-12","domain_rank":453069,"first_seen":"2017-01-29T15:57:51Z","last_seen":"2026-01-09T07:41:50.611872Z","alert_count":0,"request_count":4,"received_data":343686,"sent_data":1716,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"yandex.ru","ip":{"addr":"77.88.44.55","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"domain_registered":"1997-09-23","domain_rank":248,"first_seen":"2012-05-21T21:15:36Z","last_seen":"2026-01-05T11:28:17.684661Z","alert_count":0,"request_count":2,"received_data":596272,"sent_data":857,"comment":"","tags":null,"fingerprints":null},{"fqdn":"kllastroad.com","ip":{"addr":"193.200.65.68","port":443,"asn":6681,"as":"Giveme Cloud Sp Z O O","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-10-03","domain_rank":221362,"first_seen":"2024-10-08T03:17:02Z","last_seen":"2026-01-02T07:12:45.835955Z","alert_count":3,"request_count":1,"received_data":37161,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ads.digitalcaramel.com","ip":{"addr":"65.109.72.77","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2017-09-17","domain_rank":589179,"first_seen":"2019-02-17T17:30:06Z","last_seen":"2026-01-06T09:59:48.615738Z","alert_count":0,"request_count":1,"received_data":480,"sent_data":465,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"libbb.yotor.ru","ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"domain_registered":"2023-10-28","domain_rank":0,"first_seen":"2024-12-02T23:31:00.787899Z","last_seen":"2026-01-06T22:11:51.272147Z","alert_count":0,"request_count":30,"received_data":629838,"sent_data":13338,"comment":"","tags":null,"fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"yastatic.net","ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"domain_registered":"2013-11-28","domain_rank":3963,"first_seen":"2014-03-11T07:15:28Z","last_seen":"2026-01-05T05:13:03.501445Z","alert_count":0,"request_count":8,"received_data":1011787,"sent_data":3990,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"data.24smi.net","ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2011-12-12","domain_rank":384276,"first_seen":"2017-01-29T20:20:42Z","last_seen":"2026-01-09T07:41:50.612054Z","alert_count":0,"request_count":2,"received_data":3058,"sent_data":965,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"myroledance.com","ip":{"addr":"193.200.64.24","port":443,"asn":6681,"as":"Giveme Cloud Sp Z O O","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-10-03","domain_rank":109832,"first_seen":"2024-10-07T17:52:04Z","last_seen":"2026-01-05T00:40:25.598464Z","alert_count":1,"request_count":1,"received_data":1763,"sent_data":418,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"dsp10.24smi.net/informer?psw=1280\u0026psh=1024\u0026pow=1280\u0026poh=1024\u0026pdpr=1\u0026pdt=1768077462\u0026ptz=0\u0026pl=en-US\u0026object=24415\u0026template_id=14536\u0026num=3\u0026ref=https%3A%2F%2Fxrutor.org\u0026output=json\u0026chash=GxQtvtW4Fc\u0026extids=\u0026page=https%3A%2F%2Fxrutor.org%2F\u0026yhb_price=0\u0026formats=1\u0026show_id=90fcbec3-901f-40af-9f25-df08dd5302ec\u0026callback=__smiCb1768077462382","fqdn":"dsp10.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"0810e089bca530c5c5152744569f52f7","sha1":"1ee0d05993ffedd839be2676d3cb7c63d6c9070b","sha256":"893431a6f3ea404c8db353d3d8aba948b4617495dc8d484a1665b45025a08d46","sha512":"9b13465495f2e3e314dc50dfacc662d00d6ffbf2525a64d05112b6d55dfc5e16c6ba30d6077b99624c7d25558c50e4266a5805b84b04bf40285d569bbd89c228","ssdeep":"","tlshash":"8cb0244044115cfd135cc03103015f054fc4c5371110dc4d55f045dc43770430c5344f","size":87,"data":"","first_seen":"2026-01-10T20:38:16.587885Z","last_seen":"2026-01-10T20:38:16.587885Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"data.24smi.net/cfg?object=24832\u0026ver=87\u0026pio=true\u0026pps=true\u0026callback=__smiCb1768077462685","fqdn":"data.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"dcace767d03663cb733c8c3af93b24b9","sha1":"4663e6bd16bb1dcd2d08963408aae727a30e182a","sha256":"0f7242c8a987367b9a23ce6b1705c5615bb8a243938311050a1ab2b9cfb1f200","sha512":"3062973cd07786ae91df4a29a2a635beea2e2ceec611d4e88b8cafa9edc8d3e3b0405380741e2d5f6921402142671fc3f6a69e68fc72a385e36c7a16d559afc1","ssdeep":"","tlshash":"ea21047e6700f8fcd1077f4bd0437aa94cadf529470b994493cca60de87885e382a90b","size":1201,"data":"","first_seen":"2026-01-10T20:38:16.57733Z","last_seen":"2026-01-10T20:38:16.57733Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"01aeda25cc612ac6fd77f18bba5041e0","sha1":"27eaf3c12999caa5c29a7591377756d6d7d35459","sha256":"8f6e59b4280f7b6855ac1a246568b4f412db956026ccf366ad7f4c698d9b8f6b","sha512":"a4335cefb02c3bdc8f6ec07084b23f0b61f502005365b2b522a6c100fbc768e9db4e6f40841ab5d7a92a8692ec8a35c05e8b4104bdc71646292f9a182cd54f15","ssdeep":"","tlshash":"f1e026b01c4348ac98430c73b9a085a529f4a5713b217322208e323928d0f70366aa74","size":305,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.411925Z","times_seen":120,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"2744a37ceaa29e760f738c3a74a83a7d","sha1":"06f0589bb234822a0471beefce05c5dbf58b6966","sha256":"d94db2a1c37a7ee75c603192f99b27222bc0f84dd082197fc5e634fdf3545286","sha512":"eaf4daf3482621744942cb0fbd68cef2a711399a9f2c49e43a94ac21dae08d58fcb730cfdf03c82fe8a368cf3f6f4cff02be47ea7d5489e1f6503c93428c0eda","ssdeep":"","tlshash":"67f0dcaa3cc88139433612227233f29872693a28284dac24c55d88a228a6cec087f50c","size":468,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.418388Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsn.24smi.net/smi.js","fqdn":"jsn.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e85e16d9a735974c68717e44822bbc3","sha1":"c040ecc2c017d2c0072e45d368cc38cd9b74122a","sha256":"875b79edca56d94c9aee2fd59c890257e93008b5809c012bfb865c689948d93c","sha512":"5c2aee6eaa8867457462c6fb8f25880944ae7fa81c42b0cf3233804c67d12be1d84b34d7abb74a378ede4b19429b6e1efd5f214bcfd344d9da8d1c48e87fc47d","ssdeep":"1536:phPC23Abb5suzi6mkO5tgiQoTSVrRXpGfY00sH6KwowbrCdWPI/NIs:phBXNe00sH6VrC4PyF","tlshash":"e3b3e88c7d85f42a83d361f1807f054bb2372e1d688d6550e2aad8e53eb844d612bfbd","size":110507,"data":"","first_seen":"2025-11-08T12:42:14.736644Z","last_seen":"2026-02-09T05:07:59.056816Z","times_seen":191,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/safeframe-bundles/0.83/host.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"2435549eac66915d7464ee7b9efce038","sha1":"e390598fb192583622a8ea079d5c96dffdb34fb5","sha256":"34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55","sha512":"42a25f058316e5e947ba3149b56c81fd0e82f21d4b8109ef4fc529509d54235a0c0d7dd6212e381129b46ca72d81c4ae9e58cfae87557587727bf290fa1f3f09","ssdeep":"768:uKbdR7ii7FI+06HhV69ztBLEankCqH1UKW35V8tFOzbZ51QtD8JFtEDv/eKzS6Ei:TR3gKCzF5UEad","tlshash":"cee2a78e3295b43703c760f4903f210d65771d28a45a8894fa6bd4e23e7a84f527bf6d","size":33703,"data":"","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-04-04T06:18:14.078108Z","times_seen":22870,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"eval","is_inline":false,"md5":"a80993aa5d2a78b2fa357debb5fbd71f","sha1":"58b4b6b78b6d1d0fcf2adec42dd7463e5f8ab589","sha256":"73b0d396a956b8c61654e71c60a68c6825c062ec8314e645acdc32f48c856b2a","sha512":"5d1dfc69eeff97b42750f37820abfffd07632d7d238746452923cc8b6633e9cbef7248f89d26529172d9eed980bb5126a568d265348158cdde211a39b016624f","ssdeep":"","tlshash":"d0d0c9e00129754298fa5aa4d346a646288680723a0621620804d22022fe6d3d8f5cf8","size":207,"data":"","first_seen":"2026-01-10T20:38:16.639468Z","last_seen":"2026-01-10T20:38:16.639468Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"ace9db13a7dd020090d7137c2003ea20","sha1":"4eb635fc5ec72ed6ab636fe35265f195b80bf281","sha256":"c3f7251bae9ebb1a7cfdc617b3f683e59ae1c3db71651e3aa0cbeca72c24e13b","sha512":"1368d72925705d8d71b89c855a51924e5f4f2bccef41aff76ec2ccdc35c691483877b101af03ea2ee471db5a8eea175bc8ef328081f8498509587e62811383a2","ssdeep":"","tlshash":"d39002576259954827d4e64168811d23a4f48a64500e5206d154185405520066f148ab","size":54,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.419486Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"psyduck-beak.yotor.ru/inc/sisjoy/gen.php","fqdn":"psyduck-beak.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ea3422cf15e911843a6aca4efd61496b","sha1":"a6b2a4aae248f1bbf075e0780f98298409a89385","sha256":"da161eb9d3244315008244b2e1a2c4e0393887dcdfce21e16423e2277c2a3720","sha512":"26d71df83013894e21023a821670121a71bddfe07e3754cbaa6210ae7b28969ec9c6373c9179039022c94a861bebcd92cb2db84600090fa5bcc775a58624cb34","ssdeep":"","tlshash":"31d023165ffd5130c17616cd30f5435c6562145834d6d137a7cdc9346460fd15e5f845","size":211,"data":"","first_seen":"2025-07-09T19:13:06.350919Z","last_seen":"2026-03-29T07:13:34.420498Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsn.24smi.net/smi.js","fqdn":"jsn.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e85e16d9a735974c68717e44822bbc3","sha1":"c040ecc2c017d2c0072e45d368cc38cd9b74122a","sha256":"875b79edca56d94c9aee2fd59c890257e93008b5809c012bfb865c689948d93c","sha512":"5c2aee6eaa8867457462c6fb8f25880944ae7fa81c42b0cf3233804c67d12be1d84b34d7abb74a378ede4b19429b6e1efd5f214bcfd344d9da8d1c48e87fc47d","ssdeep":"1536:phPC23Abb5suzi6mkO5tgiQoTSVrRXpGfY00sH6KwowbrCdWPI/NIs:phBXNe00sH6VrC4PyF","tlshash":"e3b3e88c7d85f42a83d361f1807f054bb2372e1d688d6550e2aad8e53eb844d612bfbd","size":110507,"data":"","first_seen":"2025-11-08T12:42:14.736644Z","last_seen":"2026-02-09T05:07:59.056816Z","times_seen":191,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/5d3c57b057de9ebd35f2.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"c8654107beec99515b613a42f461c717","sha1":"23d169b0f85b2c6fdb2fe47f8eeae89580bd8c50","sha256":"eaebc7bf8267e67deed6894616689593d8bc6020a7793fd7f48d3de08039b279","sha512":"4266ef891deb6ddda4af6b2790a9fedb98f95d62576ff533ec8c21c1be8c68c70c8dfa95f7cbda3a1552f5ec07f156e5c3c0091456fd55f241abe0286529ff00","ssdeep":"96:AT6C4xYrWcDSfjmPOxw4BoL8hzZQCE+HASp6MH:ATHSOOxq8hzE5MH","tlshash":"f0e1ba5a788134b31b2360fd566fdacc24f76651ace6b7902a94cff2dc7b60e4142b18","size":7161,"data":"","first_seen":"2025-12-23T19:02:56.269431Z","last_seen":"2026-01-12T09:43:22.313331Z","times_seen":1052,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/46e3e65819e00d6390e3.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"eaa435c39768b3c612f91287fcc76651","sha1":"a7565a5c29ecbf8f922911b012c4cc723746fa9c","sha256":"9b5f9b201c159bdd87bddab787d284b5f3bc20962ba4bd97906fc9d9a8d425c4","sha512":"3a31f6adf9ae6ce3acb36a6afc0c34fbed847a8e085ec1cb99f8b1ddd04bd6c567e44f51e4c6339b561029f7d70bb6924f9b5b358b67250930393b5cb88f5fc9","ssdeep":"768:5WxBshVVNu+NSW/lUSuZqy8EDVP2BDj3yjD+vs0Bpnr2nAY17h8q:ExBqK7ZqBpBD7rBF6AYxWq","tlshash":"8273ead97595b9ba02c3d8f1043f220ee37b9611711a6580b323dac1ec25adf5223e7e","size":75285,"data":"","first_seen":"2025-12-23T19:02:56.255486Z","last_seen":"2026-01-12T09:43:22.309334Z","times_seen":1019,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/js/check.js?100500","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d61a419574aecbe3b0ff9e130958ac8","sha1":"9217d73e87f12fc0c1de4d2b1aca89bb757852d9","sha256":"0d6fd0e4a74606c8c0f1385b2761f0390869b07159e5bff4bf7814ecc6a90c7b","sha512":"da8a8069eba6e5556a6117f27f8f63aa3191e28d6f15925ed4f4ab01369da246a3e46a8a6080021d9bb020e7a4d4cf1b7c23bbb187ab0e665834fbe5a50b74e4","ssdeep":"","tlshash":"bff02729254d21ec63e24317427a5b01d8bc8d37d75374aa58ca3516b044d068512cee","size":481,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.426054Z","times_seen":62,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"348cec49376fb3c15569c9d6df404eaf","sha1":"97d9ebac60a6a5140647c81db6f2f1e7bce94ff5","sha256":"15bc72c526f5d3d5d1fbdbfd0218a135070925b7b414eae39ca38a8e5cd3165f","sha512":"f09ef08e0d607a59c3f06f286d5d857ca7b705b923ac84767a3692592ed634e7232915e30816a4b1328595b2dec4fc47e8cfe397a1394d2de3ed3858b937fdaf","ssdeep":"","tlshash":"7b019e26d1ecc62723d6aaa1f94b3d5cd8873216d15a4a01f0fa22d8f007f8c8ac3810","size":683,"data":"","first_seen":"2024-12-11T10:01:53.153509Z","last_seen":"2026-03-29T07:13:34.421442Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"6ed5f24030527b233bfe4972d891c85a","sha1":"6463b94ece30792f6fbefead1a85ab64eaafff2f","sha256":"bbe07d3d476e13f3a3208edf38fab3d0fb0a80a98e2f4b6eee6e77e5e15912ee","sha512":"0f11e45baa8401b0e0f444c54e7653386e8ce08ce9ae902d3aa4b679b044d4944c8f12b94ba526f7210d7681d26520216766415c35a226446bd317fdbc79799f","ssdeep":"","tlshash":"5cd097287b5ce38d0421300028fac8ea301699b24f1687402b4cb022f84032b7d4cebd","size":247,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.425064Z","times_seen":62,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/css/pluso-like-small.js?10","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dae4b00893641d10303a88837aa5c45f","sha1":"a7514fb190fa8ba489b2dde5dbee92dd0fe7ecb7","sha256":"e786f1e87ef6054b4aab3d26780d3525a14975b8d4de5bae54f095fa07ed5b08","sha512":"f42bd1cf7edca40d2d1bcdbd35c6f36bee9c62172dea1afcc9b0db07139a94cb9d4ead6f3401f7d0ba34d66ab08a5a2be88786def635d2809ef1110d646669f3","ssdeep":"","tlshash":"67411d78bf29722e4172106ff50f744ac0b4842ac4596c8f5f75a1be2da1b6b736c638","size":2266,"data":"","first_seen":"2023-07-07T18:06:31Z","last_seen":"2026-03-29T07:13:34.407757Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"psyduck-beak.yotor.ru/inc/sisjoy/gen.php","fqdn":"psyduck-beak.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0bef5d85ac5e1807113bdd4bc12a0b3f","sha1":"1f6977f25a4ae34145ba1cff0ded6a56e752c51a","sha256":"b6a0b8a1a3a65994a30934c12ef315a9ef7ba9c616a6fc26549519bf7a3fed7e","sha512":"92ad12d27cfd9aa9677b0cd081f302c0ebbec6701855cc6aace6e96ebff99b53eafce32bdb4171cbc7c3106504dade12f78f8dad3665ce7119a24fdaa8e78efb","ssdeep":"","tlshash":"ab9000a8320000c0a220a0222b0eb288b2320032a0f082200e00200ce0e00038b200f8","size":46,"data":"","first_seen":"2023-03-08T08:12:15Z","last_seen":"2026-04-02T23:26:45.601064Z","times_seen":953,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/7e9e61a0cfb4e6395777.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c3555a60ad180a2879e6d390cab3af","sha1":"ec113bae8e8c7e09fe3963da023a30c1bfbc3d4d","sha256":"07b9df2c6472408293a3b3e1189ad78a7e033ee971074d1ab4c508973f8d5a53","sha512":"a65c93ad74048ed9027e36d5de48fb5ed8cd1c4a8b6826e471d72929f17719fa1ce864527b1e6ace2a08fb4ec06e80ddea905bcefa951898d754dee7557d5013","ssdeep":"192:hwpK7SO2dyacdFxzyZnBzJV0gANkw0iMHkNVXNVVpoFQniu3ajLLFTSueJlbhpPS:hwpKOOkyQZvVISisFyhqiQ","tlshash":"7d7208fd3520b0605bdf3076627f191ff378292e644c84a06706edfa29b491e9193fa8","size":16372,"data":"","first_seen":"2025-12-23T19:02:56.202503Z","last_seen":"2026-01-12T09:43:22.311576Z","times_seen":1022,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/jquery.cookie-min.js","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce56bb0d2daafc993b2866ccc1af86fc","sha1":"fe46733587f81da245f6b3e16d6bbbd8a1cb2fea","sha256":"874d19eae19d9f20a884d976ccca6092c91da6ee8c71d8be1c5c893acbad9159","sha512":"b3191b1e1e2626f0b30c71e074024d90dc89e9dde13d563cdf92520c4cc37c3d65dbcaa5c2ad8f160e18878b1442cfab5a9939d4ccfc3887f2916dfc1fa03d3a","ssdeep":"","tlshash":"3f01152cb1a9195845fe0221377daa86b411eb214999b07cd787e87423b84410db3d71","size":732,"data":"","first_seen":"2023-03-07T12:22:05Z","last_seen":"2026-04-04T04:33:47.250765Z","times_seen":1753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/zax/jquery.min.js","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"10092eee563dec2dca82b77d2cf5a1ae","sha1":"65cbff4e9d95d47a6f31d96ab4ea361c1f538a7b","sha256":"e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59","sha512":"cc92cf5a9b3a62a18af432fdffb81b76da84e2f43ce3c7800a919c10809118d0611e29a47f103ff3df18a54d5331bc5f06ef4771dc406cc763b30ff2a66a3e81","ssdeep":"1536:Du98G2ltZMNWnDr7doqPp07HVDTLGbY9TGA7zEcbnkb17jQq3nPRefqvpsz:DuJItn6qepq15nUfqvpsz","tlshash":"5063e9c9b2c67273c3e730b824af510af136a8aaa44c4854f06ce8e5bd74a55447bf7d","size":72174,"data":"","first_seen":"2023-03-07T01:07:10Z","last_seen":"2026-04-04T04:36:56.950149Z","times_seen":7575,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"038b07bc5bf7a09e3785702b4dba46b4","sha1":"dba46d242a5c86e92f7d4bb50df67dfdd07c2304","sha256":"ba24a03d5a21d556fb00101f33c7652e83bb7b85fe5070ad18bf74af199d57a0","sha512":"5d502b52e6a40be14d7a1b9be4b984d4ff0ab9069056aa546994928212f5a22c0bfe71d7b06ef5c5976d4972524d4c8bf1352c9902d81088dac7a0185bb3ce74","ssdeep":"","tlshash":"81b012c75002616a1a630019059b32503bfb89ab00085004c54450903269f4fd217d8c","size":93,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-04-01T09:23:20.283723Z","times_seen":253,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"c202292fe573271b1244fafad2e73dbf","sha1":"1eff5d3199f6058d1b9afbd5020e3ba13c97e1fa","sha256":"309e3fb5a0c57cd08034721a10db4c3a41ee43661b7e459275a446975df8eedf","sha512":"97088564ff6c8dea897ac0ec54f133b7444ef8e07f89a3b313697014ff669a65c86a6fbf2d297066fad51a63decd8266ff185745c387abff05117d6b6e3aefdb","ssdeep":"","tlshash":"53800082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":35,"data":"","first_seen":"2023-05-21T11:00:04Z","last_seen":"2026-03-29T07:13:34.448263Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsn.24smi.net/6/5/24832/15500.js?t=1701324258","fqdn":"jsn.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"b333fb37ab7853633b4d49ae200f0ddc","sha1":"b5685803ebd54bf43b9f87a8863324e0590e5afe","sha256":"bd4343661544c27548817e0450edce453088c5dfec9f5f5b2d3d590a5ca387ae","sha512":"9e1bbdb625a30a072b668f90ba4bc1e4d5d8497557fc362e001d14deb748390fa47bd47f7bc09750be98052f9e43cf2156c417ba59856ecf50c5bd3feb30791b","ssdeep":"1536:o2ixk34H8puTMUsvErZQtMUsvErZQLUsvErZQW:o2ixkoH8uMU2yKtMU2yKLU2yKW","tlshash":"3063b5334a5e71b72a38783782d9bc4ca10de3824dd29755e6ab5cd4c41b2672a073fe","size":69758,"data":"","first_seen":"2023-12-04T19:34:56Z","last_seen":"2026-01-10T20:38:16.578672Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"9746fee96e71372dfcf2469706766e64","sha1":"3d343f2bec9a87bb7e06ff4602403ed7d8159745","sha256":"96a5061bcb6b961514705a44d52a6c60334de407eea279a2c237441d501c813f","sha512":"cf54d5bde6bd157d9a5f939aa64e328e347e76bcf5949151992eff388aa2275beea0d5f556bfeee93e07293f6f45668557185bc52ead6d124222e10ee66772e0","ssdeep":"","tlshash":"3ff0274290048d0272fe7aacd5966b0460f611ab2633804429064cb82b66bfdcbadea4","size":444,"data":"","first_seen":"2023-05-21T11:00:04Z","last_seen":"2026-03-29T07:13:34.429346Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"f8c722c29c106deffac333373bee3f1a","sha1":"3b22e04a56c59a1944aa4eefad04c21dffc7cf54","sha256":"eda58a9eed09189c9201bf769b9611f226c20ee9035f92944cc1b8a063bc18dc","sha512":"00e27cb36c92c04cd7674b2d0f1b29ac726a7daad89d831021deee82ff070c83517b33f8d8bc9b1c3170ff553d3f8ff2b53d19210fb0ea0173a3d217de3961fa","ssdeep":"","tlshash":"bc8000a080beb008880200a22000a2b0e00a20cae08200000200083b88002f0b0882cc","size":26,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.438096Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/kimjongun/under_desc/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"c46293aa285ba7aa107978a1d1819a9a","sha1":"4fa0b1817ba39ca83e458b9781e011132977ae94","sha256":"868306ed744f3c485e29048571a5bdeb209404643df14f02797004c990dc567e","sha512":"0bf342f2a84f3639e6d54a5b6b366079a08fe34415e5ddbbabf69108f309e727f5e20ca0347c6a7dd968e57c3bf1d0690fb164e92a343e38ca10b392d9f65cbd","ssdeep":"","tlshash":"a69002116025001a803050441326320a79430a1600d2341006450420703104b9a9a084","size":43,"data":"","first_seen":"2023-03-07T01:39:52Z","last_seen":"2026-04-03T06:02:43.655782Z","times_seen":590,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsn.24smi.net/6/4/24415/14536.js?t=1763640309","fqdn":"jsn.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"968d32ab3b2cc726196a33899f625a93","sha1":"30d15f8627ef08a0ab4044b0b6b099328b38ac28","sha256":"1a34ddd3ae8234fec42f5aadba7de0ebedb1912778ece1b19c11f6aa6604625e","sha512":"b4fcfc412afe84a9df0fe3917d3fe406f8df40cc1b71955c9cecd306c2b252301e75128a7d9fc69fe191488fa13dc6bfdc6f98a3a27a57fcb17e1d86466ee8a9","ssdeep":"768:Xnm2ixk3NQSyoSxs+YFr6AHovKQaYFr6AHovKQtYFr6AHovKQmS:W2ixk3zSgFwyQbFwyQGFwyQz","tlshash":"86331b32544e72b927351923a1faee0df11e9247c9a187b5d9efcd54e00a2b921133fe","size":51387,"data":"","first_seen":"2026-01-06T22:11:58.26615Z","last_seen":"2026-03-29T07:13:34.392727Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kllastroad.com/language/enough.js?24469\u0026v=3\u0026u=null\u0026a=0.18232109117692552","fqdn":"kllastroad.com","domain":"kllastroad.com","tld":"com"},"ip":{"addr":"193.200.65.68","port":443,"asn":6681,"as":"Giveme Cloud Sp Z O O","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"55cd0eca7bb8fb3ed21a105c848d07ab","sha1":"8bd22caf1f60678e340c09d254998b4b3915a942","sha256":"8c1aef209ac33a1e7cebda8798b5ab7f7d85089d1b93317e85bd5cb86639caf3","sha512":"f0026d437c63cf7b263a7a7b164adc1e537ae069647c380e650b98418ac6d106955d7f81be29a2ea613b3e22c02f2241ac92ad374b108f79ecc423bb7b7b889b","ssdeep":"768:xwC/7dMVZb+mtjfpt5yIL9HRlyQQwMs3NEaWlwj3T:xwC/7dMVZb+mtjxt5yw9HRlyQQwMCNEU","tlshash":"7ff2834e66f710320197a43f6fdf81487671c1873248e91cbd9c46486f58e29cafabda","size":36809,"data":"","first_seen":"2026-01-10T20:38:16.586755Z","last_seen":"2026-01-10T20:38:16.586755Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dsp10.24smi.net/informer?psw=1280\u0026psh=1024\u0026pow=1280\u0026poh=1024\u0026pdpr=1\u0026pdt=1768077463\u0026ptz=0\u0026pl=en-US\u0026object=24832\u0026template_id=15500\u0026num=4\u0026ref=https%3A%2F%2Fxrutor.org\u0026output=json\u0026chash=GxQtvtW4Fc\u0026extids=\u0026page=https%3A%2F%2Fxrutor.org%2F\u0026yhb_price=0\u0026formats=1\u0026show_id=e0f2f7ea-8976-4d56-9cea-e72cca529eda\u0026callback=__smiCb1768077462686","fqdn":"dsp10.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"a82c4a300b2d35ef2356237f77487830","sha1":"9341caf45013514d1327b43b15e51f0325db4736","sha256":"3962270d49c17c6a30741765a015deb6ca03f41b611baef837aff65599adb995","sha512":"84720361c35637f23b6565c8bf176cd07fdeefb84305d382c70237aad1bff52cfba6ba1a91a9f3c89f688c59f1584282d8c47edbb50a2c38175678d4a374d39d","ssdeep":"","tlshash":"57b0244005111df4117cc01103015f054fc441371110d44c75f0455c537704304d344f","size":87,"data":"","first_seen":"2026-01-10T20:38:16.536234Z","last_seen":"2026-01-10T20:38:16.536234Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"7bcc22eb9e39f8eef0551feb2176946a","sha1":"3a151edb74b4e5b0e579e69441c80d9e1755f9c7","sha256":"78e6529d5be0f0011e66c9e0c266f462f8b43229d6fcb0caa29f28f4621099cf","sha512":"e53cb552fa5524abd9d5cd5667aedbcb797e47e657673aaf89249408f87aa949594ef21a4037b1be95aa5a1a848d8dad2c52bb990742cf5a2cce4fbfa9778940","ssdeep":"","tlshash":"248000823c02c80a023a2b802222a30c2b288022a288b0c022a2080023a228bb8000c0","size":29,"data":"","first_seen":"2026-01-10T20:38:16.674238Z","last_seen":"2026-01-10T20:38:16.674238Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"myroledance.com/services/?id=146839","fqdn":"myroledance.com","domain":"myroledance.com","tld":"com"},"ip":{"addr":"193.200.64.24","port":443,"asn":6681,"as":"Giveme Cloud Sp Z O O","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"84aa24d8f07f628f09b3ec33d62e301f","sha1":"51bc9014fbd6f2dde339e35cb1db6480e9103cf8","sha256":"356c916e4b9ba38c9ec0e61ffd0dafd863273c1a23124b61d78ec2a89ee6a459","sha512":"893496e9949549c21a9009dddf240e23ceb962114fdb1452db21cb410dde16e1d46bd123d5d198f579fdba579e2cb0b2d74883288710781c88596d9e4055c1fa","ssdeep":"","tlshash":"a331467d730d21ee7b52d381c09f4cebe83eb248daa2bb664cc256f154dd5022b85874","size":1600,"data":"","first_seen":"2026-01-10T20:38:16.585172Z","last_seen":"2026-01-10T20:38:16.585172Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/chimichanga/galets.js","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"37607a50e5c3055c37745b8a8523f5fe","sha1":"b65d14449e609c6ecffbc73e17aa2f05b0acf210","sha256":"7462330295488346f30edebf0a6d2e847eb2cc135e7d735310504e128217db6a","sha512":"0a652beb49d0e1bf408a0f7428ecc0bc793ed261a18acc641b7deda39226133cb67fa2978b9fc5329d5bd2f8f85a9eb07c66608a1e1e639c170c2ea04a0ae0f8","ssdeep":"","tlshash":"31318e98359e701d918423467a7510deac3ce7b102db91bce5deb472609081b8e3d9f6","size":1537,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.367557Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/pokemoky.js?48d","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5eefc1f7d0796d34520a56f42baf2c1a","sha1":"10f69fb4a0e2f51a757c3e425777a2c75cd09cb9","sha256":"bcd273007ad9efb689cf0cd2beaf6b211569720a7971425f2db177506d87af14","sha512":"f82cd40427772f582366dd84d0a1579f1ecb8c4e828d2b9c60de05356e3baf0f9602176fa51ea9ccabe79bb667f304b6edc156f73a32ce7812ae945694ee9fa2","ssdeep":"768:N/EgW8iCORMC7g2ZIbCCLG/qPdVBMcv/k7N5R:hEg1CCLIpcv/k73R","tlshash":"9383c5a9dfad0259d1e3004baea15aca647d83777214dc12bc1c1a5873c1dde8b7a3bc","size":86848,"data":"","first_seen":"2025-07-18T09:21:09.181733Z","last_seen":"2026-03-29T07:13:34.375973Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yandex.ru/ads/system/context.js","fqdn":"yandex.ru","domain":"yandex.ru","tld":"ru"},"ip":{"addr":"77.88.44.55","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"366970859e7daee6dbd9bef8d02a3e66","sha1":"c5c320cf2df647904b7e7cc14ca554e3119cb73a","sha256":"c2dbd34850b025b5459fc4f6515098dc73dd8dc4298d40457155993c73e9fdf9","sha512":"a91b3e1fc8168ea813056392f2326813c47611eee2166179082c7cc9f3e8ed3bde9afa4a3ce0e6db60c556bfe1ba43c3c1e6abc8fbd4e226796bd6b04fff20dc","ssdeep":"6144:TE41Eh19j797AUl4PLXdCn7oTCtKzYi2GhFk:561RBl4PLXdCn7oCfJ","tlshash":"5d9408e975a1b4f203e391e5843f160fe33b5a29741d94a1b722d8d1ac29d4f5223f3a","size":448055,"data":"","first_seen":"2026-01-10T20:38:16.580533Z","last_seen":"2026-01-10T20:38:16.580533Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/1d330c819c4d494002a8.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"96b291fd5bba4c4f7cdcd292f9732377","sha1":"af2b66c38179bfb179a1a34bcb6abe1cb8fa9ae2","sha256":"3d4f4131b6c06bb11c555a8984da9843c3f4a8734865473746b44e9dbc7449af","sha512":"6e78eee5894547a60d48bceccc1c4964c8c0322bdcfbd4052d7212993b009087c92ced260fac3e414e70b82b849fb0cbed0359a9c79e9bc1fb01e88413ce7fbd","ssdeep":"12288:bnzBmEntq5hA9Ym9IKqJZsih1gwYMpH38bOL5ZnhBfkh5p4:Rn45hA9Ym9IKqJZs8gwYMpH38bOL5d6c","tlshash":"61e4f8d9fa5170b542e794e8c03f160ea23f7519700980f4b766ede26878a8e6123f7d","size":706161,"data":"","first_seen":"2025-12-23T19:02:56.280003Z","last_seen":"2026-01-12T09:43:22.310042Z","times_seen":1018,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/67a2d6e0ce0dec94ebee.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"496eb33d700692e5347d9e1f42b2461c","sha1":"3912e565bd535b934d60ea514e8c4eab238f863b","sha256":"316e5493708be9bb985b92d2cd6bd6e1a291c74f61d5f7cf0b225da4e04ee5b8","sha512":"d4ba1e315b9d366d6b2223b13f75b5cdbbdf34138ee5d7a80636ce7af57244ad215b47bf62dfa214c6aa29224613a38a4e957f2bcd021bb7baf78935f69aa286","ssdeep":"192:5wsIpGh02spjlpI7Y70lQsmq24OHKTXV3UGpOLe7trHAgNY9u4FdHN3v0fyebK1C:5wz92+lpIM7Zq2dHKTtO6NY9POfyT4R","tlshash":"2d62e7a974d5b4a513db20bb413f150ff3b96879684d80a0f222d8e97ef885c8167f6c","size":14938,"data":"","first_seen":"2025-12-23T19:02:56.253144Z","last_seen":"2026-01-12T09:43:22.326516Z","times_seen":1011,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"c9feab8347346cd568a157489324aeb1","sha1":"45c07e53bdc1a5c961480251438ff9106ee5063b","sha256":"b6bf34b0c0063143cfdc7977334b53e6aaad68a29aa25162defa0be10afc3cce","sha512":"3f94f77ccb583d2a4691c96723e4977822bc1964de8fa45bf7c59c6ea0fa1fb1d5bcab63e47a9077b94dd7322baf75e945634c7b28c1da71812de3ba2429e0b4","ssdeep":"","tlshash":"01b02238f828a88882bb00a3202b8b000c0ab203a082e008038828a0cab80280c00f2e","size":121,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-04-01T09:23:20.274924Z","times_seen":254,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/chimichanga/galets.js","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"37607a50e5c3055c37745b8a8523f5fe","sha1":"b65d14449e609c6ecffbc73e17aa2f05b0acf210","sha256":"7462330295488346f30edebf0a6d2e847eb2cc135e7d735310504e128217db6a","sha512":"0a652beb49d0e1bf408a0f7428ecc0bc793ed261a18acc641b7deda39226133cb67fa2978b9fc5329d5bd2f8f85a9eb07c66608a1e1e639c170c2ea04a0ae0f8","ssdeep":"","tlshash":"31318e98359e701d918423467a7510deac3ce7b102db91bce5deb472609081b8e3d9f6","size":1537,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.367557Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/kimjongun/under_desc/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"4e24d409c999f0223dcd6203452fedb1","sha1":"d70fc4f6de4ebf16782bd9add3f59345ecc6e08a","sha256":"92560cf9d262c2cba4a5f61e4147d760abaf7640d5b1b3f8f0dd3e67014f7323","sha512":"986906e59ab5d56a69ae0bf2c0842feb10d89dbcaa1d43780b20e5f504ace22b9e95e692159a57c5794bca464a4d846808b9c544982b2fbdbe5cedadb4175e4e","ssdeep":"","tlshash":"1a31e4af20a2183949ef667f657d538d3937401bbb8364023c7c1b698f54d51887aa50","size":1829,"data":"","first_seen":"2025-03-09T19:46:16.108142Z","last_seen":"2026-03-29T07:13:34.443136Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yandex.ru/ads/system/header-bidding.js","fqdn":"yandex.ru","domain":"yandex.ru","tld":"ru"},"ip":{"addr":"77.88.44.55","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"3fc1b4e416f129c5aaaad406505560de","sha1":"8c381dc1ba848dee591e5c69e31a01f82f08c429","sha256":"984ffa936c0bebae38f9018eca167cca6444248ff33f9e344422c37bc994506e","sha512":"6bfb1ee9253282dca591444e486caa38429ff18771ae9a3babe4ea0805a83593a4da98f8ecf1bf819a872db9761bd4fc1d1dbfe5d8092222784661fce987bfed","ssdeep":"3072:z43GPXnmRfmYv3DnyrmpuTAa9nd24r+m/5+sr/JblN/UM+KDkabDT8LLWQUFOUQB:z4dnHp+p5+IlrTKD9","tlshash":"10e32a9d76a1b4b643d390e5443f260ff33f5929a41d84a0ba26d8e26c7585f8223f3d","size":144888,"data":"","first_seen":"2026-01-10T20:38:16.625405Z","last_seen":"2026-01-10T20:38:16.625405Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/southcentral/js.js?08","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"48f15eb2a5b8ee7b68b032c16d4f9ee8","sha1":"8797e04b9c5a05dc71c8aac4cc8b145ae6bde3e2","sha256":"6ede838c510b030a60f27b0e3466376607a480c6d0cab4e0d2f2f19d92d16af9","sha512":"2832b9fe25e789c3552227ac05c1c4672c27833784f468920a5f3520d6802bfb3302661cea000ec709e13dcf32ce0f52cd16e12109ddd3a9a41776047c1b82e3","ssdeep":"","tlshash":"2c510d4cf75de11c94d603857ead02ee387ca5233242852dfd5d6e606278c3a8a3cdb5","size":2898,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.373332Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"75d02574b4d2b91d421c6202503d703f","sha1":"047f71a00802fd9ed91878bbaeebda68521e77fc","sha256":"840ad758733c0966b5e57b85fa86884e75ed85947b265648edec34b2a75236e1","sha512":"da644d793c77dec134483bb8f9abf181b79d0e7aeb77bf4bf77c8fe2496aba03c5379a330150ac6f5e7205fe09c73b5f0ca43b0ef8b4b26c4c46ee2c1a5e53c1","ssdeep":"","tlshash":"1fa0013a8423193c09800ac9212ef2c2be37f06138aaa6029108021811d9a9e8842c08","size":75,"data":"","first_seen":"2024-01-30T23:48:35Z","last_seen":"2026-03-29T07:13:34.444125Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/css/jquery.tablesorter.new-rutor.min.js?1","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6de84298187380f0dd15bfa17ace1a7d","sha1":"8dadf1532d9651d168bfbd73ff139e8494198e4e","sha256":"fb736e8586695a5db7c37884ebfd5860cb016a3a587b00b17fcc3053b5681048","sha512":"2e7edeeba1afebe8b9fe0703c59ff8f108d48ee9782a924a3c65bcf9c6f9a09371f0aecbe9333c880dc00ef7202a4bd0c0f21438a345ada598d672254ad9b5bc","ssdeep":"384:RGyqkRzzWBYEfmHtYyR0GPr4h6I/uaa6TYWAZVszlEAWhS5b:Rg+zWBVfmHtYt6+UuQh4","tlshash":"4282c69573ad346390dab4b0886e0859bd315fa39908c435ad35e4872df4e8cc6bbf78","size":18623,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.374043Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/t/functions.js","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e1807e6a8009ef9a06b54a0586ee8884","sha1":"2691a68a2209485cbe526d8914c54113daf773df","sha256":"d47ad6a2c2fa3bbd326ea77e4a328ea45e13f67593684237859ef21ed594222d","sha512":"99bde3ae5264e92d6288bf01bda8cf48eac02d7e2c9d51ddaeceaeaaec439f61bec916355253a29eb18c614bfc66080dae36f19910cca9027825600c4e87280b","ssdeep":"","tlshash":"82613219b9c1502a872710353def364a34b90573d085da62b86cb9606f64e34577eef8","size":3392,"data":"","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.406875Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/3eaa85e17d47b367eee4.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"636a2c194f5f8e49cebcd32129eebfa1","sha1":"f61b141aaecb7ffbe65b191f5d4195909ac3d50f","sha256":"b871ea55b4e82689abd53e2a0f3a83abe6fb1e409d8d12e1fc2cd9cb42aa8c04","sha512":"f8594e5fe8700121c9285750d15e7e8483fd2ff4aa6decf7a65c748800f5f0a30c8e2bdd06895f191cc7467b2fbce0114d8de473bb687ab8314ba61710f62dda","ssdeep":"1536:ifQ93OFD/VTE1T151HFYw2kBUoJeM6yQNL49UPUaE6tgC:iY8FZTE1Tv1B2kBRJL6ylU/","tlshash":"cdc31988f55274b502eb80f8913f6a0ab33b5419b02545f4b76dedf29e7090e5126fbc","size":124986,"data":"","first_seen":"2025-12-23T19:02:56.19625Z","last_seen":"2026-01-12T09:43:22.310981Z","times_seen":1010,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"f13f5dc047435a2ea7bde51fd8352b66","sha1":"5d99e88f7367c4224db4560c8a406e729ed1b0ad","sha256":"0f037315de45ddc3ac1055d5fc35f60ca7bdd357c91bc777c795444936cba1d0","sha512":"9f2ae5bb8be4ca4471a863107abc55c45c0fbfe7659965fb4708fce7e01749636645eae51837614ba6656000cea88ba9e9ea9bb30c008b8a489b84630338811b","ssdeep":"","tlshash":"ddb012c464ed417063cf1c536c0e934a10301fb3d3d0d1ad79276d30888591acc144fc","size":112,"data":"","first_seen":"2023-06-17T11:09:51Z","last_seen":"2026-03-29T07:13:34.445017Z","times_seen":62,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"81774d54aa944d3bd0afc3f98e052623","sha1":"ad2c136b4ebf24853a38ea9e120d169b71407ea5","sha256":"17dd49f17d360b866fff190bba425a204b9e3cc880798cfacb693f4b77bb88b7","sha512":"5f4568b27c30cff8ec069a1994bd407434374e4afb939ddabd86ba0f63fd435f1c7ef57b6a76a00aef040d27a36f3088226511823a55fbafbbad9c91a0e8a5eb","ssdeep":"","tlshash":"9a619cc7ff0ed1e64ef904086599919f783c62735a5358aa7c8c28b521804ebc8fd978","size":3456,"data":"","first_seen":"2025-06-23T14:43:08.47892Z","last_seen":"2026-03-29T07:13:34.44582Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"data.24smi.net/cfg?object=24415\u0026ver=87\u0026pio=true\u0026pps=true\u0026callback=__smiCb1768077462381","fqdn":"data.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"abe528a88b666333fd9b9d55b825c37f","sha1":"f4fdc7c1e22a3554c1e72aa1ca62f5243df637cc","sha256":"6666bc4cfeaea604a1462cd4bf64156d7a473d2de932e6ec8c00e851a3b9ba9d","sha512":"7a608718c0b6430841b33cdf75a5c0fe520fc53556bfcf1d42ad8b079975c9f7b24859077539d97e0ddd3732602eb4d1e9087b52c16be062408bb9f816cca7ff","ssdeep":"","tlshash":"e121073e6704f8fdd1077f5bd0437aa94c6df52a074a9944a3cce61ce87985e387a80a","size":1201,"data":"","first_seen":"2026-01-10T20:38:16.556774Z","last_seen":"2026-01-10T20:38:16.556774Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"40c285ecafbab3c198fe55d004ed193c","sha1":"0b8c649c60572d1c55a562a10f6ef29ff34c2d4b","sha256":"c254f709ce4002f8f1e356caf60ef4fd7abff2c25960af5c65b315fe6d52fbde","sha512":"7bfd11e98fcf16e611abd27513a568475b68911a9fc5de1d8b99def6f05d27e3d3b63c570ba0a8401e7a7cd3b9b82df7417a67ce99eaeaae9e7258486b8a7bf4","ssdeep":"","tlshash":"e1e0d867008100d267f38753663a9f55a4b61e27ab63754164db3822f551c06d503cee","size":373,"data":"","first_seen":"2023-06-17T11:09:51Z","last_seen":"2026-03-29T07:13:34.448995Z","times_seen":62,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"introduction_type":"domTimer","is_inline":false,"md5":"6d970bb02878fd800df1aaaacdff67b9","sha1":"fd2192b7d3d11acc086f3836f27595c164440f5a","sha256":"7527043fab664182397ec9a78f2723b68407f1b522efa558797567b98b28160a","sha512":"67afbde3c4d9891316cd0db5008a03d59086eb6100957bb3c71d2926c7bee918a1e611a024e11afe1a0c375bd3268e86f010d0a153be358ccafff63623a592d8","ssdeep":"","tlshash":"dee00082c02020c023e3823282020c0080a80c03cb23000300c23802a000c00000288a","size":311,"data":"","first_seen":"2026-01-10T20:38:16.657767Z","last_seen":"2026-03-29T07:13:34.412815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Rubik:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/kimjongun/under_desc/","date":"2026-01-10T20:37:43.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Rubik:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 10 Jan 2026 20:37:43 GMT\r\ndate: Sat, 10 Jan 2026 20:37:43 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7878,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (649)","md5":"d7c384409c3650437f5e94e972d916ed","sha1":"d176f1a5c847829fd049c95b85218fc3a65bfe16","sha256":"f861cc360951df6f24d9e9eb70b4ab700e98db8e00bc10557830b9ebeccd2321","sha512":"7c7fac0f17ca8f0acea0d0e87f3ddc2588bcda9c75f2d6c0927847864dbb05b6ce1d52837d38b3cd7e1305acd60240dc2d2b22077866c6f3fedbfad9be5cc903","ssdeep":"192:BhCl8s0KtAuMhClDsb5uAtWhClls9nkALp:SlHRlg3leD","tlshash":"bff1bbe0481e5040bf472cc263ce6d27ed0e62553490c5299afd1b9aacbbc22336578e","first_seen":"2025-09-12T20:23:23.163861Z","last_seen":"2026-04-03T06:02:43.485269Z","times_seen":631,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dsp10.24smi.net/informer?psw=1280\u0026psh=1024\u0026pow=1280\u0026poh=1024\u0026pdpr=1\u0026pdt=1768077463\u0026ptz=0\u0026pl=en-US\u0026object=24832\u0026template_id=15500\u0026num=4\u0026ref=https%3A%2F%2Fxrutor.org\u0026output=json\u0026chash=GxQtvtW4Fc\u0026extids=\u0026page=https%3A%2F%2Fxrutor.org%2F\u0026yhb_price=0\u0026formats=1\u0026show_id=e0f2f7ea-8976-4d56-9cea-e72cca529eda\u0026callback=__smiCb1768077462686","fqdn":"dsp10.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/kimjongun/under_desc/","date":"2026-01-10T20:37:43.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"24smi.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:04:54 GMT","end":"Tue, 10 Mar 2026 06:04:53 GMT"},"fingerprint":{"sha1":"08:95:48:AD:DB:F1:5D:B1:93:C2:0F:6B:EA:5E:6E:FA:17:B2:46:1F","sha256":"48:A6:A8:DF:80:A2:91:E3:0A:F7:37:DB:05:45:2F:E8:80:3A:94:78:6E:43:18:7A:3B:F5:1D:9E:34:11:31:BE"}}},"request":{"raw":"GET /informer?psw=1280\u0026psh=1024\u0026pow=1280\u0026poh=1024\u0026pdpr=1\u0026pdt=1768077463\u0026ptz=0\u0026pl=en-US\u0026object=24832\u0026template_id=15500\u0026num=4\u0026ref=https%3A%2F%2Fxrutor.org\u0026output=json\u0026chash=GxQtvtW4Fc\u0026extids=\u0026page=https%3A%2F%2Fxrutor.org%2F\u0026yhb_price=0\u0026formats=1\u0026show_id=e0f2f7ea-8976-4d56-9cea-e72cca529eda\u0026callback=__smiCb1768077462686 HTTP/1.1\r\nHost: dsp10.24smi.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nCookie: smi_uid=yDOjKPmTI\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Sat, 10 Jan 2026 20:37:43 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: no-store\r\nset-cookie: smi_uid=yDOjKPmTI; max-age=31536000; domain=.24smi.net; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=0\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a82c4a300b2d35ef2356237f77487830","sha1":"9341caf45013514d1327b43b15e51f0325db4736","sha256":"3962270d49c17c6a30741765a015deb6ca03f41b611baef837aff65599adb995","sha512":"84720361c35637f23b6565c8bf176cd07fdeefb84305d382c70237aad1bff52cfba6ba1a91a9f3c89f688c59f1584282d8c47edbb50a2c38175678d4a374d39d","ssdeep":"","tlshash":"57b0244005111df4117cc01103015f054fc441371110d44c75f0455c537704304d344f","first_seen":"2026-01-10T20:38:16.536234Z","last_seen":"2026-01-10T20:38:16.536234Z","times_seen":1,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/css/pluso-like-small.js?10","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /css/pluso-like-small.js?10 HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Sat, 24 Jun 2023 16:08:50 GMT\r\nETag: \"8da-5fee25541e880-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 972\r\nKeep-Alive: timeout=1, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2266,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"dae4b00893641d10303a88837aa5c45f","sha1":"a7514fb190fa8ba489b2dde5dbee92dd0fe7ecb7","sha256":"e786f1e87ef6054b4aab3d26780d3525a14975b8d4de5bae54f095fa07ed5b08","sha512":"f42bd1cf7edca40d2d1bcdbd35c6f36bee9c62172dea1afcc9b0db07139a94cb9d4ead6f3401f7d0ba34d66ab08a5a2be88786def635d2809ef1110d646669f3","ssdeep":"","tlshash":"67411d78bf29722e4172106ff50f744ac0b4842ac4596c8f5f75a1be2da1b6b736c638","first_seen":"2023-07-07T18:06:31Z","last_seen":"2026-03-29T07:13:34.407757Z","times_seen":73,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":111,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/rutor-logo.jpg","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /rutor-logo.jpg HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Sun, 06 Oct 2013 21:18:39 GMT\r\nETag: \"a01b-4e819144909c0\"\r\nAccept-Ranges: bytes\r\nContent-Length: 40987\r\nKeep-Alive: timeout=1, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":40987,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 420x110, components 3","md5":"dfc84b0055c981234dd3f48bb8ea7ec2","sha1":"43124eced811630622b81e968590e11071c31040","sha256":"c22baf90cbd403ab7d173f6fa65999a6246d71612d6859181ea7642e98a75279","sha512":"4aa9f868d4cfa7f798429b206763ef9e5680e0f6ee46f790f5002fd2219242802445bb54de02a691b62ca5b7521aa3326e471a38b4952d67485a85aaed389fde","ssdeep":"768:Gsy1cuV6mpkH1V6YDDI15+sV1gemJvCk8dpKZvijAsNwlFwKftTR:Gs3joi6YA1J1gemJvVsGv2KzwK3","tlshash":"8103f278f171948595a49894c7e2e78fc2414c4bc8f9b3a2a3d24f919052072edfcbdd","first_seen":"2023-05-21T11:00:04Z","last_seen":"2026-03-29T07:13:34.402288Z","times_seen":66,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":412,"dns":0,"connect":0,"send":0,"wait":29,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:42.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yastatic-net.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 05 Nov 2025 12:46:11 GMT","end":"Tue, 05 May 2026 20:59:59 GMT"},"fingerprint":{"sha1":"BA:B8:C9:5D:AD:9E:A2:E4:3B:39:29:BA:EB:5B:C7:E5:05:B5:AF:82","sha256":"49:88:7B:7E:11:ED:24:22:87:2A:1A:23:E1:D6:37:AC:5C:14:DC:32:A8:13:3F:ED:35:6B:B8:E4:BB:8D:36:E4"}}},"request":{"raw":"GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1\r\nHost: yastatic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://psyduck-beak.yotor.ru/\r\nOrigin: https://psyduck-beak.yotor.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 26004\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=43200000; includeSubDomains;\r\ncache-control: public, max-age=31556952\r\naccess-control-allow-origin: *\r\nx-nginx-request-id: 91ee96c5eec10d0b\r\nreport-to: { \"group\": \"network-errors\", \"max_age\": 7200, \"endpoints\": [ { \"url\": \"https://dr.yandex.net/nel\"}]}\r\nnel: {\"report_to\": \"network-errors\", \"max_age\": 7200, \"success_fraction\": 0.001, \"failure_fraction\": 0.01}\r\nlast-modified: Mon, 25 Apr 2022 14:02:39 GMT\r\nx-amz-meta-owner: {\"role\":\"admin\",\"login\":\"4eb0da\"}\r\netag: \"7f0cdaf91230f9789ca4162aedff612e\"\r\nexpires: Mon, 11 Jan 2027 02:23:31 GMT\r\nvary: Accept-Encoding\r\nx-strm-log-split: 3\r\nx-request-id: 229e272306d85908\r\ncache-host: cloudcdn-rad-09.cdn.yandex.net\r\ncache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26004,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 26004, version 1.0","md5":"7f0cdaf91230f9789ca4162aedff612e","sha1":"965de571aa794dab64076c3cc64dc8894b843f23","sha256":"033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9","sha512":"444460846fa2bfddd7990c792c6fd8389c564b5c967b5cc10fb3717117c5424fa33f23f8c4cffefad176016a79be5557920908cc82f7942700a0fac71eefde36","ssdeep":"768:cBrkn2SWY48o/bS/qDzWhKnxy03RQD1K4Gzs:cBrKS8o2kKKxyKQD1K4Gzs","tlshash":"37c2d0a5e7112b92c93556a4f6cb4849bc25b0532c56f3825fa9af80344be8357efc3c","first_seen":"2023-04-05T11:29:19Z","last_seen":"2026-04-04T05:42:18.10721Z","times_seen":21596,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":58,"dns":1,"connect":14,"send":0,"wait":14,"receive":4,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/kimjongun/under_desc/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:42.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"xrutor.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 19:04:28 GMT","end":"Fri, 27 Mar 2026 19:04:27 GMT"},"fingerprint":{"sha1":"A1:72:77:D2:DE:B1:96:AE:B3:AC:B7:AC:DF:04:A4:42:D8:72:9D:EE","sha256":"40:93:22:B1:E6:F4:BF:7C:F7:BC:7A:30:F7:1A:78:DC:B2:A3:E3:7C:18:74:5F:61:8C:D5:F6:86:81:79:E3:FB"}}},"request":{"raw":"GET /kimjongun/under_desc/ HTTP/1.1\r\nHost: xrutor.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nCookie: korjik_test=1; crackers_days=1; crackers_visited=1; crackers_time_visited=1768077461; crackers_views=1; t_e4719dd21a=1; rocketteam_counter=1; pokemoky_counter=1; jassyandjames_rand=3; poke_counter_up=Sun%2C%2011%20Jan%202026%2008%3A37%3A42%20GMT; poke_counter=1\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.12.1\r\nDate: Sat, 10 Jan 2026 20:36:49 GMT\r\nContent-Type: text/html\r\nContent-Length: 3569\r\nLast-Modified: Thu, 01 Jun 2023 11:52:16 GMT\r\nConnection: keep-alive\r\nETag: \"64788670-df1\"\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.12.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3569,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"a208a127a479351a0c768d2e076d5539","sha1":"4f76ca9b31c7cd14308633d2aaf589977b1f88a5","sha256":"ca727f73a0dd622c6c3ad24d02d76883807e5e57dffd7b986177a9763d2cfe2a","sha512":"3db07b0fcb8b69eebe479d89b76196faef8d4e1b3ccf53b722a7e1897b26735bfca7028a50b5c365cb8f8aef5e2fdf9f8d0d99b877278fd4a7694c100d778c39","ssdeep":"","tlshash":"4171ef2f6081183485bba66aa939634dfe27811beb43144139fc0f2a8fb5d108867e94","first_seen":"2023-06-17T11:09:52Z","last_seen":"2026-03-29T07:13:34.395284Z","times_seen":25,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"xrutor.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/parse/s.rutor.org/favicon.ico","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:42.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"xrutor.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 19:04:28 GMT","end":"Fri, 27 Mar 2026 19:04:27 GMT"},"fingerprint":{"sha1":"A1:72:77:D2:DE:B1:96:AE:B3:AC:B7:AC:DF:04:A4:42:D8:72:9D:EE","sha256":"40:93:22:B1:E6:F4:BF:7C:F7:BC:7A:30:F7:1A:78:DC:B2:A3:E3:7C:18:74:5F:61:8C:D5:F6:86:81:79:E3:FB"}}},"request":{"raw":"GET /parse/s.rutor.org/favicon.ico HTTP/1.1\r\nHost: xrutor.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nCookie: korjik_test=1; crackers_days=1; crackers_visited=1; crackers_time_visited=1768077461; crackers_views=1; t_e4719dd21a=1; rocketteam_counter=1; pokemoky_counter=1; jassyandjames_rand=3; poke_counter_up=Sun%2C%2011%20Jan%202026%2008%3A37%3A42%20GMT; poke_counter=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.12.1\r\nDate: Sat, 10 Jan 2026 20:36:49 GMT\r\nContent-Type: image/vnd.microsoft.icon\r\nContent-Length: 894\r\nConnection: keep-alive\r\nLast-Modified: Fri, 30 May 2014 11:59:48 GMT\r\nETag: \"37e-4fa9cc83b1500\"\r\nAccept-Ranges: bytes\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.12.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":894,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel","md5":"ab55f59a775976829d8352a7a0584d3e","sha1":"e4b29ec4ac46d97ea15c582d61d02c523dd0485b","sha256":"e68d4b7f22b5027fef4672cc5ba884fb52ac248fd1ca4648c9ac89d95b0e58f4","sha512":"1dae2e3cdf25e072174d2289ce96c423095e4fa8095a7ac33b319f389d1add9ba2f7f7280f4c8cc70351342a324a6bbeaa526381dd4125a3d3594557535b09ab","ssdeep":"","tlshash":"fa118ac555d10e0cfc4595fcb363462511e6cceb2e8092574d53491f3cb128669a4a45","first_seen":"2023-05-06T09:54:57Z","last_seen":"2026-04-01T09:23:20.228046Z","times_seen":536,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":1,"connect":29,"send":0,"wait":72,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"xrutor.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"data.24smi.net/cfg?object=24415\u0026ver=87\u0026pio=true\u0026pps=true\u0026callback=__smiCb1768077462381","fqdn":"data.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/#0","date":"2026-01-10T20:37:42.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"24smi.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:04:54 GMT","end":"Tue, 10 Mar 2026 06:04:53 GMT"},"fingerprint":{"sha1":"08:95:48:AD:DB:F1:5D:B1:93:C2:0F:6B:EA:5E:6E:FA:17:B2:46:1F","sha256":"48:A6:A8:DF:80:A2:91:E3:0A:F7:37:DB:05:45:2F:E8:80:3A:94:78:6E:43:18:7A:3B:F5:1D:9E:34:11:31:BE"}}},"request":{"raw":"GET /cfg?object=24415\u0026ver=87\u0026pio=true\u0026pps=true\u0026callback=__smiCb1768077462381 HTTP/1.1\r\nHost: data.24smi.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: no-store\r\nset-cookie: smi_uid=yDOjKPmTI; max-age=31536000; domain=.24smi.net; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=0\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1201,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1201), with no line terminators","md5":"abe528a88b666333fd9b9d55b825c37f","sha1":"f4fdc7c1e22a3554c1e72aa1ca62f5243df637cc","sha256":"6666bc4cfeaea604a1462cd4bf64156d7a473d2de932e6ec8c00e851a3b9ba9d","sha512":"7a608718c0b6430841b33cdf75a5c0fe520fc53556bfcf1d42ad8b079975c9f7b24859077539d97e0ddd3732602eb4d1e9087b52c16be062408bb9f816cca7ff","ssdeep":"","tlshash":"e121073e6704f8fdd1077f5bd0437aa94c6df52a074a9944a3cce61ce87985e387a80a","first_seen":"2026-01-10T20:38:16.556774Z","last_seen":"2026-01-10T20:38:16.556774Z","times_seen":1,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"psyduck-beak.yotor.ru/yo/img/blacknote_top_rd.jpg?5","fqdn":"psyduck-beak.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:42.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"psyduck-beak.yotor.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 08:36:53 GMT","end":"Mon, 16 Mar 2026 08:36:52 GMT"},"fingerprint":{"sha1":"80:3B:26:91:FC:29:4F:2E:3A:0C:3B:AB:38:6F:05:DC:F9:06:23:05","sha256":"AA:47:CE:EA:CD:10:81:AD:E1:4F:9E:60:DE:F0:5F:A3:20:24:29:3B:7C:6C:0D:D0:E5:4D:DF:58:54:CD:9F:6F"}}},"request":{"raw":"GET /yo/img/blacknote_top_rd.jpg?5 HTTP/1.1\r\nHost: psyduck-beak.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:42 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 19 Dec 2025 15:56:33 GMT\r\nETag: \"ffd2-646501f1c07e6\"\r\nAccept-Ranges: bytes\r\nContent-Length: 65490\r\nKeep-Alive: timeout=1, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":65490,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 743x223, components 3","md5":"28af2ce38da610aa48748f58ea352ded","sha1":"c808871b6b1f46c954bcad6ffe7df044e4e08428","sha256":"a45da0f3363616abe5ed7c3953495791109b6b5da71c739a0bad6fb67cbe8f53","sha512":"46b9cd324401d9a08b7f9426a63db22f210969b1bf6b2e2343ed6074b54d418657b76af47371756188ac567074e256fd30df5eca7eab67a7153f5d40c3e945cb","ssdeep":"768:xrw1lZm0gJEYpmfdHvUlTQXnOEDhWWMy2dvRYuwbY5qGZv9+b2b5aGgQIWnj6aQw:0OOemlWTE/2d2bi+Kb5aGPIWjxfY0TVT","tlshash":"8d530208f19a5da0e1c14c382ec708a0aaf73c536ca5a59f44ddfa43c676f987929ce5","first_seen":"2026-01-06T22:11:58.309288Z","last_seen":"2026-03-29T07:13:34.389147Z","times_seen":5,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/css/css.css?27047","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /css/css.css?27047 HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 19 Dec 2025 16:01:58 GMT\r\nETag: \"22a5-64650327ee007-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2750\r\nKeep-Alive: timeout=1, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8869,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e2f6cf75833418cbf00239b0219de44b","sha1":"bda324d3bcb078588613b102c8735dd6b7681b69","sha256":"4908799e4da2c9057949971fcf2050d5e73dfe5b111569282d2c6fed8adedac8","sha512":"5117c5f622fe554b187f0f6234fbba08d0f06ccbaa56d519508a34ecc43c7c02f8a6f929d7d2311a459f24ded262f964825e0b803bff316237f99a0bacd25a2d","ssdeep":"96:8sOdlxjgpdtUj2BBNhwOAptCe1oBojIo7ml7HAId1K1+FWo9Rd4JbOZCry:8pj2hra8e1oijIo7ml7HAIft/lSy","tlshash":"bc028611b2843449701fc1babc76a339673f4016a6456f7da6b97978c78d0a780b33ad","first_seen":"2026-01-06T22:11:58.272662Z","last_seen":"2026-03-29T07:13:34.369581Z","times_seen":5,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":80,"dns":32,"connect":24,"send":0,"wait":24,"receive":1,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/jquery.cookie-min.js","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/jquery.cookie-min.js HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"2dc-4f8f8b3aed540-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 421\r\nKeep-Alive: timeout=1, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":732,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (732), with no line terminators","md5":"ce56bb0d2daafc993b2866ccc1af86fc","sha1":"fe46733587f81da245f6b3e16d6bbbd8a1cb2fea","sha256":"874d19eae19d9f20a884d976ccca6092c91da6ee8c71d8be1c5c893acbad9159","sha512":"b3191b1e1e2626f0b30c71e074024d90dc89e9dde13d563cdf92520c4cc37c3d65dbcaa5c2ad8f160e18878b1442cfab5a9939d4ccfc3887f2916dfc1fa03d3a","ssdeep":"","tlshash":"3f01152cb1a9195845fe0221377daa86b411eb214999b07cd787e87423b84410db3d71","first_seen":"2023-03-07T12:22:05Z","last_seen":"2026-04-04T04:33:47.250765Z","times_seen":1753,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":93,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/kimjongun/under_desc/","date":"2026-01-10T20:37:43.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Roboto:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 10 Jan 2026 20:37:43 GMT\r\ndate: Sat, 10 Jan 2026 20:37:43 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"29f45de742f030761fe05d6c7ae7e993","sha1":"895c7dfcc456ee596b5d231edf89672f0dc87631","sha256":"debc0e6a77968e929d8f44cf60feb4856f66ccdc05677a54f3dcd14cc8a1d0bd","sha512":"d78e7b55c690fd186433829030e71a42e15d55dda2677bd29ad874f5bebaeedfe18d2f0bdfb8e828c1da502f43cbc117db7e1ef488814e3c3a88376756def47e","ssdeep":"384:8KfMK1KWK6KyhK/qY4XKNKtKiKfDKOKdKBKyaK/qY4QKGKmK4KfdKkKDK3KyQK/9:8TcfFBhiEymDcTYeBai75tdmtC0BQiVb","tlshash":"7f7210a1041750009b834ce223cebf35fe1f52117142d0b5abfdab6b9dcbc66526935d","first_seen":"2025-11-19T00:03:18.438435Z","last_seen":"2026-02-19T19:35:42.295945Z","times_seen":2829,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/t/functions.js","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/t/functions.js HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"d40-4f8f8b3aed540-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1327\r\nKeep-Alive: timeout=1, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":3392,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text","md5":"e1807e6a8009ef9a06b54a0586ee8884","sha1":"2691a68a2209485cbe526d8914c54113daf773df","sha256":"d47ad6a2c2fa3bbd326ea77e4a328ea45e13f67593684237859ef21ed594222d","sha512":"99bde3ae5264e92d6288bf01bda8cf48eac02d7e2c9d51ddaeceaeaaec439f61bec916355253a29eb18c614bfc66080dae36f19910cca9027825600c4e87280b","ssdeep":"","tlshash":"82613219b9c1502a872710353def364a34b90573d085da62b86cb9606f64e34577eef8","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.406875Z","times_seen":73,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":105,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/i/lupa.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/i/lupa.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"c07-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3079\r\nKeep-Alive: timeout=1, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3079,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 55 x 56","md5":"e2c8f8537818f7880be3ae505852b9ff","sha1":"2a1f5572e6f4c9efc1700f34d6c6969bedbd8535","sha256":"6946c64a41b61a1e8708b7bcf8274274c71cdc23932aab32da5b868d19212b3a","sha512":"02e22d3a890ca47d0235655094ed35b13dc32a0add2454ce4ae9630b7bd4f9e37f966827143e59f5312cbad5c383892069a741d45824457613aab2c0dc301cbc","ssdeep":"","tlshash":"e151299ab8ec472acaab7834f5879fc81da5661c844366ca490b4d27153c8d94c3ba51","first_seen":"2023-05-10T15:46:50Z","last_seen":"2026-04-01T09:23:20.25054Z","times_seen":356,"resource_available":false,"data":null}},"time_used":429,"timings":{"blocked":395,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/i/backgr.png","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/i/backgr.png HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://libbb.yotor.ru/parse/s.rutor.org/css.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"b35-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2869\r\nKeep-Alive: timeout=1, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 40, 8-bit/color RGB, non-interlaced","md5":"c3ce2bb8d4c132e9de2119357cc9996a","sha1":"a9852953a234009e3f2269bd8b2cc4f2f2c432c9","sha256":"169a94c46ca015567d2a42296bc93f41bbf6251b46ddbe476d6843da2a1360d6","sha512":"108eb584f9d6f13f4e76778a80dc4d241caa91390dd62105e938a9f7efcb40c2ef0fdee4b7e6af4233fa838f02214da94c6421b270af03c08f546c3a9ff749c3","ssdeep":"","tlshash":"60516bafc9b0a48f6ced75810dcd0202e768327c9a67363894c265de1055e077f25075","first_seen":"2023-05-21T11:00:05Z","last_seen":"2026-03-29T07:13:34.388289Z","times_seen":102,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/#0","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:42.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"xrutor.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 19:04:28 GMT","end":"Fri, 27 Mar 2026 19:04:27 GMT"},"fingerprint":{"sha1":"A1:72:77:D2:DE:B1:96:AE:B3:AC:B7:AC:DF:04:A4:42:D8:72:9D:EE","sha256":"40:93:22:B1:E6:F4:BF:7C:F7:BC:7A:30:F7:1A:78:DC:B2:A3:E3:7C:18:74:5F:61:8C:D5:F6:86:81:79:E3:FB"}}},"request":{"raw":"GET /kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/ HTTP/1.1\r\nHost: xrutor.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nCookie: korjik_test=1; crackers_days=1; crackers_visited=1; crackers_time_visited=1768077461; crackers_views=1; t_e4719dd21a=1; rocketteam_counter=1; pokemoky_counter=1; jassyandjames_rand=3; poke_counter_up=Sun%2C%2011%20Jan%202026%2008%3A37%3A42%20GMT; poke_counter=1\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.12.1\r\nDate: Sat, 10 Jan 2026 20:36:49 GMT\r\nContent-Type: text/html\r\nContent-Length: 1675\r\nLast-Modified: Thu, 01 Jun 2023 11:17:29 GMT\r\nConnection: keep-alive\r\nETag: \"64787e49-68b\"\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.12.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1675,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"d1009ca07c7e56763ee96a14b58fa7ed","sha1":"72121214f5c447a4e2b814be1eac041341d091e5","sha256":"f13a837ddefe6aa3bba0ba7c25d14f9b2186808d9911c6394c14518e5e64b341","sha512":"054f1a7994fa782674c0d1b9503a390fc73e5abe33e14e5ddf7847bcd6880720cefe3cc66c8639773aae918c4bebeb25ba650ad05cf6f78b38df27dae3cf5627","ssdeep":"","tlshash":"8131126a1c20506682b221475f37f309fe2623eb6182d4413b9c93aa7f7495acd13fdc","first_seen":"2023-06-17T11:09:52Z","last_seen":"2026-03-29T07:13:34.364106Z","times_seen":23,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"xrutor.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jsn.24smi.net/smi.js","fqdn":"jsn.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/#0","date":"2026-01-10T20:37:42.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"24smi.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:04:54 GMT","end":"Tue, 10 Mar 2026 06:04:53 GMT"},"fingerprint":{"sha1":"08:95:48:AD:DB:F1:5D:B1:93:C2:0F:6B:EA:5E:6E:FA:17:B2:46:1F","sha256":"48:A6:A8:DF:80:A2:91:E3:0A:F7:37:DB:05:45:2F:E8:80:3A:94:78:6E:43:18:7A:3B:F5:1D:9E:34:11:31:BE"}}},"request":{"raw":"GET /smi.js HTTP/1.1\r\nHost: jsn.24smi.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Nov 2025 14:45:00 GMT\r\netag: W/\"690e05ec-1afab\"\r\nexpires: Sat, 10 Jan 2026 20:47:42 GMT\r\ncache-control: max-age=600\r\nstrict-transport-security: max-age=0\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":110507,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6e85e16d9a735974c68717e44822bbc3","sha1":"c040ecc2c017d2c0072e45d368cc38cd9b74122a","sha256":"875b79edca56d94c9aee2fd59c890257e93008b5809c012bfb865c689948d93c","sha512":"5c2aee6eaa8867457462c6fb8f25880944ae7fa81c42b0cf3233804c67d12be1d84b34d7abb74a378ede4b19429b6e1efd5f214bcfd344d9da8d1c48e87fc47d","ssdeep":"1536:phPC23Abb5suzi6mkO5tgiQoTSVrRXpGfY00sH6KwowbrCdWPI/NIs:phBXNe00sH6VrC4PyF","tlshash":"e3b3e88c7d85f42a83d361f1807f054bb2372e1d688d6550e2aad8e53eb844d612bfbd","first_seen":"2025-11-08T12:42:14.736644Z","last_seen":"2026-02-09T05:07:59.056816Z","times_seen":191,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":81,"dns":21,"connect":20,"send":0,"wait":20,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/7e9e61a0cfb4e6395777.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:42.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yastatic-net.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 05 Nov 2025 12:46:11 GMT","end":"Tue, 05 May 2026 20:59:59 GMT"},"fingerprint":{"sha1":"BA:B8:C9:5D:AD:9E:A2:E4:3B:39:29:BA:EB:5B:C7:E5:05:B5:AF:82","sha256":"49:88:7B:7E:11:ED:24:22:87:2A:1A:23:E1:D6:37:AC:5C:14:DC:32:A8:13:3F:ED:35:6B:B8:E4:BB:8D:36:E4"}}},"request":{"raw":"GET /partner-code-bundles/1303504/7e9e61a0cfb4e6395777.js HTTP/1.1\r\nHost: yastatic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://psyduck-beak.yotor.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 5750\r\nnel: {\"report_to\": \"network-errors\", \"max_age\": 7200, \"success_fraction\": 0.001, \"failure_fraction\": 0.01}\r\nvary: Accept-Encoding\r\ntiming-allow-origin: *\r\nexpires: Tue, 11 Jan 2056 03:11:43 GMT\r\ncontent-encoding: br\r\netag: \"7fe732d5ee9c6ad6cc7a8f9996d88db7\"\r\nreport-to: { \"group\": \"network-errors\", \"max_age\": 7200, \"endpoints\": [ { \"url\": \"https://dr.yandex.net/nel\"}]}\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=43200000; includeSubDomains;\r\nx-robots-tag: noindex, noarchive, nofollow\r\nlast-modified: Tue, 23 Dec 2025 16:08:53 GMT\r\ncache-control: public, max-age=946708560\r\nx-strm-log-split: 8\r\nx-request-id: a67cb7e4aae0424d\r\ncache-host: cloudcdn-rad-09.cdn.yandex.net\r\ncache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16372,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (16338)","md5":"81c3555a60ad180a2879e6d390cab3af","sha1":"ec113bae8e8c7e09fe3963da023a30c1bfbc3d4d","sha256":"07b9df2c6472408293a3b3e1189ad78a7e033ee971074d1ab4c508973f8d5a53","sha512":"a65c93ad74048ed9027e36d5de48fb5ed8cd1c4a8b6826e471d72929f17719fa1ce864527b1e6ace2a08fb4ec06e80ddea905bcefa951898d754dee7557d5013","ssdeep":"192:hwpK7SO2dyacdFxzyZnBzJV0gANkw0iMHkNVXNVVpoFQniu3ajLLFTSueJlbhpPS:hwpKOOkyQZvVISisFyhqiQ","tlshash":"7d7208fd3520b0605bdf3076627f191ff378292e644c84a06706edfa29b491e9193fa8","first_seen":"2025-12-23T19:02:56.202503Z","last_seen":"2026-01-12T09:43:22.311576Z","times_seen":1022,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":45,"dns":1,"connect":16,"send":0,"wait":17,"receive":4,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/5d3c57b057de9ebd35f2.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:42.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yastatic-net.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 05 Nov 2025 12:46:11 GMT","end":"Tue, 05 May 2026 20:59:59 GMT"},"fingerprint":{"sha1":"BA:B8:C9:5D:AD:9E:A2:E4:3B:39:29:BA:EB:5B:C7:E5:05:B5:AF:82","sha256":"49:88:7B:7E:11:ED:24:22:87:2A:1A:23:E1:D6:37:AC:5C:14:DC:32:A8:13:3F:ED:35:6B:B8:E4:BB:8D:36:E4"}}},"request":{"raw":"GET /partner-code-bundles/1303504/5d3c57b057de9ebd35f2.js HTTP/1.1\r\nHost: yastatic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://psyduck-beak.yotor.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 1417\r\ncontent-encoding: br\r\nx-robots-tag: noindex, noarchive, nofollow\r\nnel: {\"report_to\": \"network-errors\", \"max_age\": 7200, \"success_fraction\": 0.001, \"failure_fraction\": 0.01}\r\ncache-control: public, max-age=946708560\r\nexpires: Tue, 11 Jan 2056 03:12:18 GMT\r\nstrict-transport-security: max-age=43200000; includeSubDomains;\r\netag: \"eeec7cc47a5cb650594d832f68cb7759\"\r\nlast-modified: Tue, 23 Dec 2025 16:08:53 GMT\r\nreport-to: { \"group\": \"network-errors\", \"max_age\": 7200, \"endpoints\": [ { \"url\": \"https://dr.yandex.net/nel\"}]}\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-strm-log-split: 4\r\nx-request-id: 29139a78fe52aa4f\r\ncache-host: cloudcdn-rad-09.cdn.yandex.net\r\ncache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7161,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (7118)","md5":"c8654107beec99515b613a42f461c717","sha1":"23d169b0f85b2c6fdb2fe47f8eeae89580bd8c50","sha256":"eaebc7bf8267e67deed6894616689593d8bc6020a7793fd7f48d3de08039b279","sha512":"4266ef891deb6ddda4af6b2790a9fedb98f95d62576ff533ec8c21c1be8c68c70c8dfa95f7cbda3a1552f5ec07f156e5c3c0091456fd55f241abe0286529ff00","ssdeep":"96:AT6C4xYrWcDSfjmPOxw4BoL8hzZQCE+HASp6MH:ATHSOOxq8hzE5MH","tlshash":"f0e1ba5a788134b31b2360fd566fdacc24f76651ace6b7902a94cff2dc7b60e4142b18","first_seen":"2025-12-23T19:02:56.269431Z","last_seen":"2026-01-12T09:43:22.313331Z","times_seen":1052,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":72,"dns":1,"connect":33,"send":0,"wait":32,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/css/pluso.css?12s5","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /css/pluso.css?12s5 HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Wed, 27 Mar 2019 07:21:56 GMT\r\nETag: \"137a8-5850e4ae34d00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 6982\r\nKeep-Alive: timeout=1, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":79784,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c2908a25b09fc6863f9549e24f6c846d","sha1":"7f82c7cb6c53b8a9d935755a79a74dc3e8509506","sha256":"9bdc9500d9c5b13f9e5581d12caa13fd71feb0f5c2e61d4de26944b159bad332","sha512":"8c795581dfb50841b49aacf844a1433d7ab29e587ec18d77ead9b3d8fb0c45776639dbc16e24750c6f61607bd0e0f2b44377b59c5083b4ed8e64d39039db741e","ssdeep":"768:AcCh0C1CyacaNG+ReOw2ivyqwueX6K1u6Pe+XSWdy2nUW5QWgiwFKkiUOFEiSwq/:AcnmP","tlshash":"9073e5c299fe322cbd07dd23b650b980da3d3111d5253ebd819d3db9a28a4d8f01766e","first_seen":"2023-05-21T11:00:04Z","last_seen":"2026-03-29T07:13:34.391263Z","times_seen":69,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":86,"dns":33,"connect":28,"send":0,"wait":25,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/t/news_line.jpg","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/t/news_line.jpg HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://libbb.yotor.ru/parse/s.rutor.org/css.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"32f-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 815\r\nKeep-Alive: timeout=1, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":815,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 400x1, components 3","md5":"0ae0cab0ed0d41e3dd26ccbb8c17b4d9","sha1":"c539f0433f976b2509490fc5b5fa9f358b10fa2b","sha256":"8b9592e1f87ca0409266d4b98fd553dec8c9905ec2782f1c0526db1178e48757","sha512":"940d5ba88d0229daac27d0d5289507dea8e8e7d6ecb262b1f52194bdb045ad01d5101f8d603d13d91d93b142d2a07e14693f686443d91738954c58c62f3f1f1e","ssdeep":"","tlshash":"1a01feda570f72d09f33b4b61d15e1a79289798e3dd477301aa142a5cde0ff48048a4c","first_seen":"2023-05-12T09:34:13Z","last_seen":"2026-03-29T07:13:34.376996Z","times_seen":83,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/i/zaiti.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:42.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/i/zaiti.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:42 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"bfe-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3070\r\nKeep-Alive: timeout=1, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":3070,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 99 x 30","md5":"9815ec4cdd376b7d71df61b74a7ce6c6","sha1":"962c557ce627cc0332bc6ee175914946ff4bd2a1","sha256":"a1d3e2383ecd387242844341a7200834f5cf3517ab846f17d276a2adc0286421","sha512":"ec65c616a7adeb7b7c48d0c2ddcf2facde5c6ad0f67541a46c31a2ffbec424df42b468d9d7095959529eb9ce4694b89625f94e3cd78cdeb77413bc4c2fd0c036","ssdeep":"","tlshash":"d5515ec8a47b26dff21c467c5e95cbb51fe514c016b9ccb0a0d5371748560ec1129715","first_seen":"2023-05-10T15:46:50Z","last_seen":"2026-04-01T09:23:20.232838Z","times_seen":306,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/css/web-mirror.css?2","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /css/web-mirror.css?2 HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 83\r\nKeep-Alive: timeout=1, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css;charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":63,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"d408fe886be98e8f774d6f47a3157a8b","sha1":"2a25fd6f2822a6b158cfec4116284996e2d55078","sha256":"b8388dd9cf762de7fb6dbcc5191fb91666cb5f477fee21779bf576ac9180a026","sha512":"5b4d1c5148c3fb306a4c96ccdd678e7c3c83cadd10dc909178becb981e939c1bfe629bd153adcac4459ada81af88431ee8a1e36de872a21a043a9561a400bc91","ssdeep":"","tlshash":"c4a0020374d703616227c5150d8b737aa87eb14253048e8dcd4052363eef2d30dc2e91","first_seen":"2023-05-21T11:00:04Z","last_seen":"2026-03-29T07:13:34.399846Z","times_seen":35,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":93,"dns":31,"connect":24,"send":0,"wait":34,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/zax/jquery.min.js","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /zax/jquery.min.js HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Mon, 25 Apr 2016 17:14:40 GMT\r\nETag: \"119ee-531524fd52000-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 24606\r\nKeep-Alive: timeout=1, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":72174,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (820)","md5":"10092eee563dec2dca82b77d2cf5a1ae","sha1":"65cbff4e9d95d47a6f31d96ab4ea361c1f538a7b","sha256":"e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59","sha512":"cc92cf5a9b3a62a18af432fdffb81b76da84e2f43ce3c7800a919c10809118d0611e29a47f103ff3df18a54d5331bc5f06ef4771dc406cc763b30ff2a66a3e81","ssdeep":"1536:Du98G2ltZMNWnDr7doqPp07HVDTLGbY9TGA7zEcbnkb17jQq3nPRefqvpsz:DuJItn6qepq15nUfqvpsz","tlshash":"5063e9c9b2c67273c3e730b824af510af136a8aaa44c4854f06ce8e5bd74a55447bf7d","first_seen":"2023-03-07T01:07:10Z","last_seen":"2026-04-04T04:36:56.950149Z","times_seen":7575,"resource_available":true,"data":null}},"time_used":265,"timings":{"blocked":88,"dns":30,"connect":28,"send":0,"wait":34,"receive":26,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/i/forum.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/i/forum.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"17a1-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 6049\r\nKeep-Alive: timeout=1, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":6049,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 250 x 42","md5":"6ed3646afac817366089cc05d97bc358","sha1":"0c27adfd80ae76f705fe1c6093ea92c720124e15","sha256":"d9fd75312b80aa988432407952a1fa963f6a6ca7496d5a7533242475b20c600e","sha512":"eabd29f64c64eee9287f0efdc06b2037889cd075f99df1dae05f053917f38ad45799c9e498ee1fdc8e099625031a78869163982bdd792ebfed63333ba297f9f0","ssdeep":"96:f19JPLJ0kz1EUFu8anogZUmhPHnxTR2ci21YSCOBy0DosckEup9uCAnTMzbWySOd:99NLJ5flaoaUgPHnx92ciIYSCOMKosNF","tlshash":"d8c17d45ec39f7a7fc136878553f362ede15ea2db0471a6691063ec90306e6049718b5","first_seen":"2023-05-21T11:00:04Z","last_seen":"2026-03-29T07:13:34.387322Z","times_seen":62,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":395,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"psyduck-beak.yotor.ru/inc/sisjoy/gen.php","fqdn":"psyduck-beak.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:42.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"psyduck-beak.yotor.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 08:36:53 GMT","end":"Mon, 16 Mar 2026 08:36:52 GMT"},"fingerprint":{"sha1":"80:3B:26:91:FC:29:4F:2E:3A:0C:3B:AB:38:6F:05:DC:F9:06:23:05","sha256":"AA:47:CE:EA:CD:10:81:AD:E1:4F:9E:60:DE:F0:5F:A3:20:24:29:3B:7C:6C:0D:D0:E5:4D:DF:58:54:CD:9F:6F"}}},"request":{"raw":"GET /inc/sisjoy/gen.php HTTP/1.1\r\nHost: psyduck-beak.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:42 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 547\r\nKeep-Alive: timeout=1, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1075,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"d13c39a9b131206ca70945f82df3e434","sha1":"b13f05d22b32cddb6f639095d00e28dbe74f6d7c","sha256":"d2ef6453546c27a194056ec2d9c3abe90c0485ff83b052b04f2b2a15d70bb6d5","sha512":"9daf5a8c774862cff7f08e1af5185b1149b99727204bb88c6d43ec251839092c3655865e433ad2c4870a6db27c05e8fc993a42088b8c0502ec7d3d07a321d840","ssdeep":"","tlshash":"e411123aaf51bc2cd232e0b0e57563cca1770442db928637d5f828b7a8c16d08e736d8","first_seen":"2026-01-10T20:38:16.575779Z","last_seen":"2026-01-10T20:38:16.575779Z","times_seen":1,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":118,"dns":33,"connect":24,"send":0,"wait":34,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"data.24smi.net/cfg?object=24832\u0026ver=87\u0026pio=true\u0026pps=true\u0026callback=__smiCb1768077462685","fqdn":"data.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/kimjongun/under_desc/","date":"2026-01-10T20:37:42.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"24smi.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:04:54 GMT","end":"Tue, 10 Mar 2026 06:04:53 GMT"},"fingerprint":{"sha1":"08:95:48:AD:DB:F1:5D:B1:93:C2:0F:6B:EA:5E:6E:FA:17:B2:46:1F","sha256":"48:A6:A8:DF:80:A2:91:E3:0A:F7:37:DB:05:45:2F:E8:80:3A:94:78:6E:43:18:7A:3B:F5:1D:9E:34:11:31:BE"}}},"request":{"raw":"GET /cfg?object=24832\u0026ver=87\u0026pio=true\u0026pps=true\u0026callback=__smiCb1768077462685 HTTP/1.1\r\nHost: data.24smi.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nCookie: smi_uid=yDOjKPmTI\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: no-store\r\nset-cookie: smi_uid=yDOjKPmTI; max-age=31536000; domain=.24smi.net; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=0\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1201,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1201), with no line terminators","md5":"dcace767d03663cb733c8c3af93b24b9","sha1":"4663e6bd16bb1dcd2d08963408aae727a30e182a","sha256":"0f7242c8a987367b9a23ce6b1705c5615bb8a243938311050a1ab2b9cfb1f200","sha512":"3062973cd07786ae91df4a29a2a635beea2e2ceec611d4e88b8cafa9edc8d3e3b0405380741e2d5f6921402142671fc3f6a69e68fc72a385e36c7a16d559afc1","ssdeep":"","tlshash":"ea21047e6700f8fcd1077f4bd0437aa94cadf529470b994493cca60de87885e382a90b","first_seen":"2026-01-10T20:38:16.57733Z","last_seen":"2026-01-10T20:38:16.57733Z","times_seen":1,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsn.24smi.net/6/5/24832/15500.js?t=1701324258","fqdn":"jsn.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/kimjongun/under_desc/","date":"2026-01-10T20:37:42.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"24smi.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:04:54 GMT","end":"Tue, 10 Mar 2026 06:04:53 GMT"},"fingerprint":{"sha1":"08:95:48:AD:DB:F1:5D:B1:93:C2:0F:6B:EA:5E:6E:FA:17:B2:46:1F","sha256":"48:A6:A8:DF:80:A2:91:E3:0A:F7:37:DB:05:45:2F:E8:80:3A:94:78:6E:43:18:7A:3B:F5:1D:9E:34:11:31:BE"}}},"request":{"raw":"GET /6/5/24832/15500.js?t=1701324258 HTTP/1.1\r\nHost: jsn.24smi.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nCookie: smi_uid=yDOjKPmTI\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 23 Jan 2025 14:56:34 GMT\r\netag: W/\"679258a2-1107e\"\r\nexpires: Sat, 10 Jan 2026 20:47:42 GMT\r\ncache-control: max-age=600\r\nstrict-transport-security: max-age=0\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69758,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65485), with no line terminators","md5":"b333fb37ab7853633b4d49ae200f0ddc","sha1":"b5685803ebd54bf43b9f87a8863324e0590e5afe","sha256":"bd4343661544c27548817e0450edce453088c5dfec9f5f5b2d3d590a5ca387ae","sha512":"9e1bbdb625a30a072b668f90ba4bc1e4d5d8497557fc362e001d14deb748390fa47bd47f7bc09750be98052f9e43cf2156c417ba59856ecf50c5bd3feb30791b","ssdeep":"1536:o2ixk34H8puTMUsvErZQtMUsvErZQLUsvErZQW:o2ixkoH8uMU2yKtMU2yKLU2yKW","tlshash":"3063b5334a5e71b72a38783782d9bc4ca10de3824dd29755e6ab5cd4c41b2672a073fe","first_seen":"2023-12-04T19:34:56Z","last_seen":"2026-01-10T20:38:16.578672Z","times_seen":48,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/kimjongun/under_desc/","date":"2026-01-10T20:37:43.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Ubuntu:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 10 Jan 2026 20:37:43 GMT\r\ndate: Sat, 10 Jan 2026 20:37:43 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5997,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ac5969a7054a37de523091bf03e2d63a","sha1":"4012ea54536e8be9a816f6f70a7d59fd3324e033","sha256":"be3de94b9cb159cda140c24a59183a92eae6996646197a5946e40584d352afa6","sha512":"add800a96580bccfeb8b14d8b747d97b916ce5450cabdfeda31dc94175fbf437e53152e657a13712579122d7322ffc5fb989fdee1084d7a55ee3e2ce8e117c63","ssdeep":"96:rOEagbOEakFZUOEaeOEaxVOEafJc+uoOEaxN4OXaVbOXafFZUOXaHOXaNbVOXaCl:Mg8i5xq7eMVDUn5ZKdgWlR66HZ7H","tlshash":"42c1cfa3145b9404ea434cc223cfbf369d8f61956445c5ba6ffe18c8ace6c3a4326b4d","first_seen":"2025-09-06T19:19:18.488671Z","last_seen":"2026-04-03T22:17:05.951495Z","times_seen":420,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/grannypatries/s.css?9912s37","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /grannypatries/s.css?9912s37 HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 13 Jun 2025 17:53:56 GMT\r\nETag: \"22e9-63777baddd500-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2742\r\nKeep-Alive: timeout=1, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":8937,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (493)","md5":"be5ffe5dcc2204b0de7154d859cd0349","sha1":"bfba1e2846755a90d2d313acbb7ea0d2d6c0738f","sha256":"648f3c45e59890c6a50825f8b4ea58e48abc5e7fa711850b1c9700545f69817a","sha512":"c65549f360307e5106e2c52df64ba674709fff6a11df9ffd1757b161eb9a23fe960abd4000854c241909de92c7d83d8e7dfb40ada5fb670a35ff5dcb0f775ce7","ssdeep":"192:Um1mWiWrzRXf64h4XPsWbPK49cFYhLoiWNWN5NPM9EQcbaa:Um1mNcz5f684UAPNaFYhUiaWN5NPMeQW","tlshash":"c0025542a7502189b11b81aabeee73f9363f40039f075dbb8a543678a74e39281751df","first_seen":"2025-06-23T14:43:08.389299Z","last_seen":"2026-03-29T07:13:34.375274Z","times_seen":19,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":90,"dns":33,"connect":28,"send":0,"wait":25,"receive":1,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yandex.ru/ads/system/context.js","fqdn":"yandex.ru","domain":"yandex.ru","tld":"ru"},"ip":{"addr":"77.88.44.55","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:42.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yandex.tr","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign ECC OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 26 Aug 2025 08:03:35 GMT","end":"Mon, 23 Feb 2026 20:59:59 GMT"},"fingerprint":{"sha1":"7B:FF:02:81:48:EF:11:E9:F6:FD:BE:76:15:A5:57:2F:B5:AB:4D:B8","sha256":"CB:F2:F4:82:42:0E:5A:DA:F9:FA:58:F7:47:D8:16:57:DF:1D:5D:62:E0:76:47:38:38:20:65:93:68:B1:24:F8"}}},"request":{"raw":"GET /ads/system/context.js HTTP/1.1\r\nHost: yandex.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: private, max-age=3600\r\nreport-to: { \"group\": \"network-errors\", \"max_age\": 100, \"endpoints\": [{\"url\": \"https://dr.yandex.net/nel\", \"priority\": 1}, {\"url\": \"https://dr2.yandex.net/nel\", \"priority\": 2}]}\r\nexpires: Sat, 10 Jan 2026 21:37:42 GMT\r\naccept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height\r\nx-yandex-req-id: 1768077462517286-7725901540212944829-balancer-l7leveler-kubr-yp-klg-94-BAL\r\ncontent-encoding: br\r\nnel: {\"report_to\": \"network-errors\", \"max_age\": 100, \"success_fraction\": 0.001, \"failure_fraction\": 0.1}\r\ncontent-type: text/javascript; charset=utf-8\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, noarchive, nofollow\r\nset-cookie: i=lyOJMqqWo/bmIk+AAPNLVU1VAjr+scj94lyuyg/P9ya2GobEMC93XSW5E7PQd6Et7WTGjUq21bEjaPTRdcPGLvHOPEY=; Expires=Mon, 10-Jan-2028 20:37:42 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None\nyandexuid=7129448291768077462; Expires=Mon, 10-Jan-2028 20:37:42 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None\nyashr=69269771768077462; Path=/; Domain=.yandex.ru; Expires=Sun, 10 Jan 2027 20:37:42 GMT; SameSite=None; Secure; HttpOnly; Partitioned\nbh=YJbxissGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.ru; Expires=Sun, 14 Feb 2027 20:37:42 GMT; SameSite=None; Secure\r\ntiming-allow-origin: *\r\netag: \"0f4d0a6a92dbca5f90956b7db76d8ea9-1303504\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":448055,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65491)","md5":"366970859e7daee6dbd9bef8d02a3e66","sha1":"c5c320cf2df647904b7e7cc14ca554e3119cb73a","sha256":"c2dbd34850b025b5459fc4f6515098dc73dd8dc4298d40457155993c73e9fdf9","sha512":"a91b3e1fc8168ea813056392f2326813c47611eee2166179082c7cc9f3e8ed3bde9afa4a3ce0e6db60c556bfe1ba43c3c1e6abc8fbd4e226796bd6b04fff20dc","ssdeep":"6144:TE41Eh19j797AUl4PLXdCn7oTCtKzYi2GhFk:561RBl4PLXdCn7oCfJ","tlshash":"5d9408e975a1b4f203e391e5843f160fe33b5a29741d94a1b722d8d1ac29d4f5223f3a","first_seen":"2026-01-10T20:38:16.580533Z","last_seen":"2026-01-10T20:38:16.580533Z","times_seen":1,"resource_available":true,"data":null}},"time_used":306,"timings":{"blocked":120,"dns":1,"connect":40,"send":0,"wait":58,"receive":0,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsn.24smi.net/6/4/24415/14536.js?t=1763640309","fqdn":"jsn.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/#0","date":"2026-01-10T20:37:42.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"24smi.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:04:54 GMT","end":"Tue, 10 Mar 2026 06:04:53 GMT"},"fingerprint":{"sha1":"08:95:48:AD:DB:F1:5D:B1:93:C2:0F:6B:EA:5E:6E:FA:17:B2:46:1F","sha256":"48:A6:A8:DF:80:A2:91:E3:0A:F7:37:DB:05:45:2F:E8:80:3A:94:78:6E:43:18:7A:3B:F5:1D:9E:34:11:31:BE"}}},"request":{"raw":"GET /6/4/24415/14536.js?t=1763640309 HTTP/1.1\r\nHost: jsn.24smi.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nCookie: smi_uid=yDOjKPmTI\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 21 Nov 2025 12:05:04 GMT\r\netag: W/\"69205570-c8bb\"\r\nexpires: Sat, 10 Jan 2026 20:47:42 GMT\r\ncache-control: max-age=600\r\nstrict-transport-security: max-age=0\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51387,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (51311), with no line terminators","md5":"968d32ab3b2cc726196a33899f625a93","sha1":"30d15f8627ef08a0ab4044b0b6b099328b38ac28","sha256":"1a34ddd3ae8234fec42f5aadba7de0ebedb1912778ece1b19c11f6aa6604625e","sha512":"b4fcfc412afe84a9df0fe3917d3fe406f8df40cc1b71955c9cecd306c2b252301e75128a7d9fc69fe191488fa13dc6bfdc6f98a3a27a57fcb17e1d86466ee8a9","ssdeep":"768:Xnm2ixk3NQSyoSxs+YFr6AHovKQaYFr6AHovKQtYFr6AHovKQmS:W2ixk3zSgFwyQbFwyQGFwyQz","tlshash":"86331b32544e72b927351923a1faee0df11e9247c9a187b5d9efcd54e00a2b921133fe","first_seen":"2026-01-06T22:11:58.26615Z","last_seen":"2026-03-29T07:13:34.392727Z","times_seen":3,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/#0","date":"2026-01-10T20:37:42.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Ubuntu:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 10 Jan 2026 20:37:42 GMT\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5997,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ac5969a7054a37de523091bf03e2d63a","sha1":"4012ea54536e8be9a816f6f70a7d59fd3324e033","sha256":"be3de94b9cb159cda140c24a59183a92eae6996646197a5946e40584d352afa6","sha512":"add800a96580bccfeb8b14d8b747d97b916ce5450cabdfeda31dc94175fbf437e53152e657a13712579122d7322ffc5fb989fdee1084d7a55ee3e2ce8e117c63","ssdeep":"96:rOEagbOEakFZUOEaeOEaxVOEafJc+uoOEaxN4OXaVbOXafFZUOXaHOXaNbVOXaCl:Mg8i5xq7eMVDUn5ZKdgWlR66HZ7H","tlshash":"42c1cfa3145b9404ea434cc223cfbf369d8f61956445c5ba6ffe18c8ace6c3a4326b4d","first_seen":"2025-09-06T19:19:18.488671Z","last_seen":"2026-04-03T22:17:05.951495Z","times_seen":420,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":184,"dns":0,"connect":22,"send":0,"wait":18,"receive":0,"ssl":163},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Fira%20Sans:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/kimjongun/under_desc/","date":"2026-01-10T20:37:43.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Fira%20Sans:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 10 Jan 2026 20:37:43 GMT\r\ndate: Sat, 10 Jan 2026 20:37:43 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7364,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"6064e905293d40a161a5ac30ce885705","sha1":"07e61b1f38970cae041749fb96e0a5aab2371ec9","sha256":"8de776a81f74471c8e41b558968c861179e20b2810b48423a8b6af1f9edf27fc","sha512":"20c04a6b19acdda9d886250a61ab0c490d3e9f3c431a8c41c0d12a4117c306e79d85c20137303cd7bf27668910f72d3bbb5fec58ec0a2fc5bec00b36dea3d1e4","ssdeep":"192:iMS3Sx3LYj07ABP6R3kH7b67vo9O3uew9F:xJYIdp2","tlshash":"88e1e190006aa548ea971cc173cf7e335d5ea1162061c5ba6ffe2c88eddac361374b5e","first_seen":"2025-09-22T15:48:41.850067Z","last_seen":"2026-03-30T20:51:04.232253Z","times_seen":97,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@500\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/kimjongun/under_desc/","date":"2026-01-10T20:37:43.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Inter:wght@500\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 10 Jan 2026 20:37:43 GMT\r\ndate: Sat, 10 Jan 2026 20:37:43 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2591,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"f1efa7cc654e80512798e22fb85383c5","sha1":"63027468dba71b0f55e8802bbaabb200fe636030","sha256":"9975b4b5919fa3baf5e26b85afca132f61ea29ae0ba397a5c4946fd39d63020e","sha512":"154081191e84956070424bebc1dea8a2c9ab30c778a47188177b0c924b1fcee0b5bb07db6c1959eea3f98b892de64eef9c485ffcdfe2c095bd66cf97d1298be4","ssdeep":"","tlshash":"2151afd1002f95009a475dc223cf3f39aede21492085c5ba5bfd1dc5acded26436979e","first_seen":"2025-09-11T15:35:52.891354Z","last_seen":"2026-04-03T21:32:18.474337Z","times_seen":276,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"myroledance.com/services/?id=146839","fqdn":"myroledance.com","domain":"myroledance.com","tld":"com"},"ip":{"addr":"193.200.64.24","port":443,"asn":6681,"as":"Giveme Cloud Sp Z O O","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"myroledance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 25 Nov 2025 11:16:19 GMT","end":"Mon, 23 Feb 2026 11:16:18 GMT"},"fingerprint":{"sha1":"5D:3C:C3:C7:BB:E3:FF:93:E8:85:88:8B:AA:76:5B:51:61:7B:0B:31","sha256":"4F:6D:67:C3:79:39:BD:11:27:1A:0B:3D:7A:A9:48:16:7A:27:67:6D:94:CA:64:51:45:54:EB:20:D6:68:7C:C5"}}},"request":{"raw":"GET /services/?id=146839 HTTP/1.1\r\nHost: myroledance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 1600\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1600,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1600), with no line terminators","md5":"84aa24d8f07f628f09b3ec33d62e301f","sha1":"51bc9014fbd6f2dde339e35cb1db6480e9103cf8","sha256":"356c916e4b9ba38c9ec0e61ffd0dafd863273c1a23124b61d78ec2a89ee6a459","sha512":"893496e9949549c21a9009dddf240e23ceb962114fdb1452db21cb410dde16e1d46bd123d5d198f579fdba579e2cb0b2d74883288710781c88596d9e4055c1fa","ssdeep":"","tlshash":"a331467d730d21ee7b52d381c09f4cebe83eb248daa2bb664cc256f154dd5022b85874","first_seen":"2026-01-10T20:38:16.585172Z","last_seen":"2026-01-10T20:38:16.585172Z","times_seen":1,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":13,"connect":17,"send":0,"wait":20,"receive":1,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"myroledance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/i/menu_b1.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/i/menu_b1.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://libbb.yotor.ru/parse/s.rutor.org/css.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"9b7-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2487\r\nKeep-Alive: timeout=1, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2487,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 81 x 30","md5":"e6e60f34a712eb50e8783b7d5798cd19","sha1":"edd102808f38d2c3e2d980bb903ee07f2d932150","sha256":"f04b184eb5417b9a81ab455fc07378efa326bbed2a5c74869b3d876b287307d8","sha512":"e6da396de37314a42dc4a9974998ec73059eace453e7414909083930279089ea67a57bc8cd7c3efe7bed73ee356b791fd7defd9834b64ebcf547ab3e03f869ae","ssdeep":"","tlshash":"3f512ba3bc1456e7f6571f38a561042c88d59f41af96e1b431402f24e0f221bbaaad55","first_seen":"2023-05-21T11:00:05Z","last_seen":"2026-03-29T07:13:34.36317Z","times_seen":58,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kllastroad.com/language/enough.js?24469\u0026v=3\u0026u=null\u0026a=0.18232109117692552","fqdn":"kllastroad.com","domain":"kllastroad.com","tld":"com"},"ip":{"addr":"193.200.65.68","port":443,"asn":6681,"as":"Giveme Cloud Sp Z O O","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:42.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kllastroad.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 25 Nov 2025 11:13:35 GMT","end":"Mon, 23 Feb 2026 11:13:34 GMT"},"fingerprint":{"sha1":"2D:16:4E:9D:02:59:22:04:2F:92:2F:A6:92:13:96:BA:23:6E:62:6A","sha256":"FA:9F:3C:18:47:91:C9:24:2B:F4:FE:08:1D:08:5B:61:C6:06:AC:E1:D5:13:C9:46:0A:8B:5C:8F:DC:DE:15:89"}}},"request":{"raw":"GET /language/enough.js?24469\u0026v=3\u0026u=null\u0026a=0.18232109117692552 HTTP/1.1\r\nHost: kllastroad.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 10 Jan 2026 20:37:42 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nP3P: CP=\"NON DSP COR CURa TIA\"\r\nSet-Cookie: uuid=17680774622361364176; expires=Mon, 10-Jan-2028 20:37:42 GMT; Max-Age=63072000; path=/; samesite=None; domain=.kllastroad.com; secure\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36809,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (358)","md5":"55cd0eca7bb8fb3ed21a105c848d07ab","sha1":"8bd22caf1f60678e340c09d254998b4b3915a942","sha256":"8c1aef209ac33a1e7cebda8798b5ab7f7d85089d1b93317e85bd5cb86639caf3","sha512":"f0026d437c63cf7b263a7a7b164adc1e537ae069647c380e650b98418ac6d106955d7f81be29a2ea613b3e22c02f2241ac92ad374b108f79ecc423bb7b7b889b","ssdeep":"768:xwC/7dMVZb+mtjfpt5yIL9HRlyQQwMs3NEaWlwj3T:xwC/7dMVZb+mtjxt5yw9HRlyQQwMCNEU","tlshash":"7ff2834e66f710320197a43f6fdf81487671c1873248e91cbd9c46486f58e29cafabda","first_seen":"2026-01-10T20:38:16.586755Z","last_seen":"2026-01-10T20:38:16.586755Z","times_seen":1,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":75,"dns":13,"connect":17,"send":0,"wait":39,"receive":2,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kllastroad.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kllastroad.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kllastroad.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dsp10.24smi.net/informer?psw=1280\u0026psh=1024\u0026pow=1280\u0026poh=1024\u0026pdpr=1\u0026pdt=1768077462\u0026ptz=0\u0026pl=en-US\u0026object=24415\u0026template_id=14536\u0026num=3\u0026ref=https%3A%2F%2Fxrutor.org\u0026output=json\u0026chash=GxQtvtW4Fc\u0026extids=\u0026page=https%3A%2F%2Fxrutor.org%2F\u0026yhb_price=0\u0026formats=1\u0026show_id=90fcbec3-901f-40af-9f25-df08dd5302ec\u0026callback=__smiCb1768077462382","fqdn":"dsp10.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/#0","date":"2026-01-10T20:37:42.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"24smi.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:04:54 GMT","end":"Tue, 10 Mar 2026 06:04:53 GMT"},"fingerprint":{"sha1":"08:95:48:AD:DB:F1:5D:B1:93:C2:0F:6B:EA:5E:6E:FA:17:B2:46:1F","sha256":"48:A6:A8:DF:80:A2:91:E3:0A:F7:37:DB:05:45:2F:E8:80:3A:94:78:6E:43:18:7A:3B:F5:1D:9E:34:11:31:BE"}}},"request":{"raw":"GET /informer?psw=1280\u0026psh=1024\u0026pow=1280\u0026poh=1024\u0026pdpr=1\u0026pdt=1768077462\u0026ptz=0\u0026pl=en-US\u0026object=24415\u0026template_id=14536\u0026num=3\u0026ref=https%3A%2F%2Fxrutor.org\u0026output=json\u0026chash=GxQtvtW4Fc\u0026extids=\u0026page=https%3A%2F%2Fxrutor.org%2F\u0026yhb_price=0\u0026formats=1\u0026show_id=90fcbec3-901f-40af-9f25-df08dd5302ec\u0026callback=__smiCb1768077462382 HTTP/1.1\r\nHost: dsp10.24smi.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nCookie: smi_uid=yDOjKPmTI\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: no-store\r\nset-cookie: smi_uid=yDOjKPmTI; max-age=31536000; domain=.24smi.net; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=0\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"0810e089bca530c5c5152744569f52f7","sha1":"1ee0d05993ffedd839be2676d3cb7c63d6c9070b","sha256":"893431a6f3ea404c8db353d3d8aba948b4617495dc8d484a1665b45025a08d46","sha512":"9b13465495f2e3e314dc50dfacc662d00d6ffbf2525a64d05112b6d55dfc5e16c6ba30d6077b99624c7d25558c50e4266a5805b84b04bf40285d569bbd89c228","ssdeep":"","tlshash":"8cb0244044115cfd135cc03103015f054fc4c5371110dc4d55f045dc43770430c5344f","first_seen":"2026-01-10T20:38:16.587885Z","last_seen":"2026-01-10T20:38:16.587885Z","times_seen":1,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/46e3e65819e00d6390e3.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:42.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yastatic-net.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 05 Nov 2025 12:46:11 GMT","end":"Tue, 05 May 2026 20:59:59 GMT"},"fingerprint":{"sha1":"BA:B8:C9:5D:AD:9E:A2:E4:3B:39:29:BA:EB:5B:C7:E5:05:B5:AF:82","sha256":"49:88:7B:7E:11:ED:24:22:87:2A:1A:23:E1:D6:37:AC:5C:14:DC:32:A8:13:3F:ED:35:6B:B8:E4:BB:8D:36:E4"}}},"request":{"raw":"GET /partner-code-bundles/1303504/46e3e65819e00d6390e3.js HTTP/1.1\r\nHost: yastatic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://psyduck-beak.yotor.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 17576\r\ncache-control: public, max-age=946708560\r\nnel: {\"report_to\": \"network-errors\", \"max_age\": 7200, \"success_fraction\": 0.001, \"failure_fraction\": 0.01}\r\nstrict-transport-security: max-age=43200000; includeSubDomains;\r\nreport-to: { \"group\": \"network-errors\", \"max_age\": 7200, \"endpoints\": [ { \"url\": \"https://dr.yandex.net/nel\"}]}\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 23 Dec 2025 16:08:52 GMT\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, noarchive, nofollow\r\ntiming-allow-origin: *\r\netag: \"b35095be13cbac38d4790c170e6d697b\"\r\nexpires: Tue, 11 Jan 2056 03:12:02 GMT\r\ncontent-encoding: br\r\nx-strm-log-split: 7\r\nx-request-id: 4e96fede90605e67\r\ncache-host: cloudcdn-rad-09.cdn.yandex.net\r\ncache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75285,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65495)","md5":"eaa435c39768b3c612f91287fcc76651","sha1":"a7565a5c29ecbf8f922911b012c4cc723746fa9c","sha256":"9b5f9b201c159bdd87bddab787d284b5f3bc20962ba4bd97906fc9d9a8d425c4","sha512":"3a31f6adf9ae6ce3acb36a6afc0c34fbed847a8e085ec1cb99f8b1ddd04bd6c567e44f51e4c6339b561029f7d70bb6924f9b5b358b67250930393b5cb88f5fc9","ssdeep":"768:5WxBshVVNu+NSW/lUSuZqy8EDVP2BDj3yjD+vs0Bpnr2nAY17h8q:ExBqK7ZqBpBD7rBF6AYxWq","tlshash":"8273ead97595b9ba02c3d8f1043f220ee37b9611711a6580b323dac1ec25adf5223e7e","first_seen":"2025-12-23T19:02:56.255486Z","last_seen":"2026-01-12T09:43:22.309334Z","times_seen":1019,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":56,"dns":1,"connect":13,"send":0,"wait":19,"receive":1,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/css/img/pluso/sprite.png?1","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /css/img/pluso/sprite.png?1 HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://libbb.yotor.ru/css/pluso.css?12s5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Tue, 14 Apr 2015 04:47:19 GMT\r\nETag: \"3f413-513a7eced63c0\"\r\nAccept-Ranges: bytes\r\nContent-Length: 259091\r\nKeep-Alive: timeout=1, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":259091,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1120 x 520, 8-bit/color RGBA, non-interlaced","md5":"b41edc2ebadcc210059384019530364b","sha1":"53bf7e638084d5d3edb78be83d3a8dd8b318562b","sha256":"59dd7e1dce6b861ded439efde90acabebbe955f48f96c990abdd471af1b5f026","sha512":"42c90b4aa24f7ec95780ffcff3c70143dd38f19bb983591149cf9e4f8e9e1d70dab090a5df37f2becc12cc6a8a2b9f6312712272e7e6de7c5dafbfb3b3b0c43f","ssdeep":"6144:xTbFOPiFwrmO8FTYw8sb/RIbDygZKd29m7/+je9G:xTb46Fwr+38s/RU+a","tlshash":"884422ce2c5c690c3fbc76051b9b5798a6d9981bb02089b2e4beb1b3d122f5d3d131d5","first_seen":"2023-06-17T11:09:52Z","last_seen":"2026-03-29T07:13:34.346326Z","times_seen":48,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/i/bbackgr.png","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/i/bbackgr.png HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://libbb.yotor.ru/parse/s.rutor.org/css.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"b2b-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2859\r\nKeep-Alive: timeout=1, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2859,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 30, 8-bit/color RGB, non-interlaced","md5":"556ed9fbc3543fde2370f99c737be049","sha1":"420c334349f796ee85f261bed6753719221a2fe9","sha256":"a682fdf55d12206673fd39d71e37893badd8286e7c511dfa95e05c0b509b9618","sha512":"c2d94bfae7bc0ab871aeec53c18df1920d14985c28fb85a7ba3871c727ff5660cb5be4a5624168ee16998a7213c9bcd6a907c1fee32bdacacaa3161621c2afb1","ssdeep":"","tlshash":"a7518caf8970b08f78dd79520dcd4202e36c227c8a67373890c269cf4492e47af2a0b5","first_seen":"2023-05-21T11:00:05Z","last_seen":"2026-03-29T07:13:34.378846Z","times_seen":113,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-10T20:37:40.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"xrutor.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 19:04:28 GMT","end":"Fri, 27 Mar 2026 19:04:27 GMT"},"fingerprint":{"sha1":"A1:72:77:D2:DE:B1:96:AE:B3:AC:B7:AC:DF:04:A4:42:D8:72:9D:EE","sha256":"40:93:22:B1:E6:F4:BF:7C:F7:BC:7A:30:F7:1A:78:DC:B2:A3:E3:7C:18:74:5F:61:8C:D5:F6:86:81:79:E3:FB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xrutor.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.12.1\r\nDate: Sat, 10 Jan 2026 20:36:48 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 30180\r\nConnection: keep-alive\r\nSet-Cookie: korjik_test=1; path=/; domain=xrutor.org\ncrackers_days=1; expires=Tue, 05 Jan 2027 20:37:41 GMT; Max-Age=31104000; path=/\ncrackers_visited=1; expires=Sun, 11 Jan 2026 20:37:41 GMT; Max-Age=86400; path=/\ncrackers_time_visited=1768077461; expires=Sun, 11 Jan 2026 16:37:41 GMT; Max-Age=72000; path=/\ncrackers_views=1; expires=Sun, 11 Jan 2026 16:37:41 GMT; Max-Age=72000; path=/\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.12.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":190918,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (55250), with CRLF, CR, LF line terminators","md5":"a8f24f1af6811ebdc69b034b48b222b1","sha1":"06f2b3e89a5fc2b5e2f1979f031dcfdbfc48a617","sha256":"2fd3f6fff9d8c6b797c30e9cb7770d5554882f8a7d5277c19b7f980556a8f2c4","sha512":"4237f4d21e50d4c95c8c723d9d05947dbaa214ef4a7117b509c3deb75b99f7bcc62ef21be23e3a180062d69badf9172688a097228e23eca7a5fe42211fcb2bb5","ssdeep":"3072:2NBhqr/q/Ttb9IEsrL46eKipDRG5KcS8pvvGIH+P44/s2hpxw3ogJHpJLPOgU9pv:2NBhQ/MTt9IEsw6eKipDRG5KcJpvvGI2","tlshash":"1914235980c346b723d161c0ed063ea6ecd314afd1b10906e9ff26eaf985aecef52115","first_seen":"2026-01-10T20:38:16.600539Z","last_seen":"2026-01-10T20:38:16.600539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":103,"dns":0,"connect":29,"send":0,"wait":135,"receive":3,"ssl":70},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"xrutor.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/css/jquery.tablesorter.new-rutor.min.js?1","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /css/jquery.tablesorter.new-rutor.min.js?1 HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Sat, 14 Jun 2014 10:27:07 GMT\r\nETag: \"48bf-4fbc93c6394c0-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 5693\r\nKeep-Alive: timeout=1, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":18623,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11120)","md5":"6de84298187380f0dd15bfa17ace1a7d","sha1":"8dadf1532d9651d168bfbd73ff139e8494198e4e","sha256":"fb736e8586695a5db7c37884ebfd5860cb016a3a587b00b17fcc3053b5681048","sha512":"2e7edeeba1afebe8b9fe0703c59ff8f108d48ee9782a924a3c65bcf9c6f9a09371f0aecbe9333c880dc00ef7202a4bd0c0f21438a345ada598d672254ad9b5bc","ssdeep":"384:RGyqkRzzWBYEfmHtYyR0GPr4h6I/uaa6TYWAZVszlEAWhS5b:Rg+zWBVfmHtYt6+UuQh4","tlshash":"4282c69573ad346390dab4b0886e0859bd315fa39908c435ad35e4872df4e8cc6bbf78","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.374043Z","times_seen":74,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":113,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/yo/css.blacknote.all.css","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /yo/css.blacknote.all.css HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 19 Dec 2025 17:19:11 GMT\r\nETag: \"147-64651469bb26e-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 203\r\nKeep-Alive: timeout=1, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":327,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"7aae70b5c4253da9675f36808d4707d1","sha1":"f4a9cc965359aa0b8b259db3d215b14eba12f4d0","sha256":"6fae05067ce01ddc9accf8f4e7fd502344c5710d1b5b7b0505f8dea5ee4a4f32","sha512":"1172147eb74a73c4577b6179e1604e2ba1f12f7f7194d9cf23b93ed7c309e4f5e7d78fc05695fb07c2a8fa6c01eb374e6a27e08ef5a357e16c437fd5023fafaa","ssdeep":"","tlshash":"0fe02603a4f02061dc2392214dd796bcbcbf60037b044c7a8a00723dab811b304b6880","first_seen":"2026-01-06T22:11:58.280026Z","last_seen":"2026-03-29T07:13:34.360336Z","times_seen":5,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":123,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/i/ic24.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/i/ic24.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"93a-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2362\r\nKeep-Alive: timeout=1, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":2362,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 60 x 41","md5":"976d75e1c6afb21afa4241fca3aa0aaf","sha1":"8da3af404aad55e592caecbb640936facba38856","sha256":"8cebaa55f91e1628a7b4729ef423d6947dd2efad0d0bf06bd0371912cdd21404","sha512":"1bc97907135353c0d6be9918eb816b953059f3ebe1b30f076c39a0348961e60c41286f15861b9766b6ceb2aa1d494edbe2c44dbecc0a7eea87ffa2f80ee55526","ssdeep":"","tlshash":"1e411ad9e9e2ef08d157933b495aa17aa12481248113088b67dee870a3d47cb4309112","first_seen":"2023-05-21T10:05:04Z","last_seen":"2026-04-01T09:23:20.243844Z","times_seen":75,"resource_available":false,"data":null}},"time_used":409,"timings":{"blocked":378,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/css.css","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/css.css HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 13 Mar 2015 12:51:21 GMT\r\nETag: \"1c0f-5112af50b2440-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2055\r\nKeep-Alive: timeout=1, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":7183,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"212a2bc682ef7adee0a380aefce98638","sha1":"82dd244f1a0decdf011b4775b94c4296ff67c460","sha256":"aa3d36b7b649920bc8419fee4edece4f5801a9fbd828dab2fdf4179935af1b2a","sha512":"420e7341fe5806b7eb909cd4759a092d93b7406f63fd1e52ea2fafc10fcef65d161e159795d821b9b07203cdb75b8b00db27bef5205487a27ef7d372d004744b","ssdeep":"192:n2/21hLTynEWAYJ6jjIuYV0rY1lHI1wiY+6U9ZgI8:ncShinEW96jMu3cHI19SU9mJ","tlshash":"0ce1412367862cc6b14b90adeeb4db10662f1442fe1f5fb9f67a766ce3500d1227624c","first_seen":"2023-05-21T11:00:04Z","last_seen":"2026-03-29T07:13:34.38354Z","times_seen":51,"resource_available":false,"data":null}},"time_used":504,"timings":{"blocked":80,"dns":31,"connect":20,"send":0,"wait":325,"receive":1,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/pokemoky.js?48d","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /pokemoky.js?48d HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 16392\r\nKeep-Alive: timeout=1, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript;charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":86848,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2045)","md5":"5eefc1f7d0796d34520a56f42baf2c1a","sha1":"10f69fb4a0e2f51a757c3e425777a2c75cd09cb9","sha256":"bcd273007ad9efb689cf0cd2beaf6b211569720a7971425f2db177506d87af14","sha512":"f82cd40427772f582366dd84d0a1579f1ecb8c4e828d2b9c60de05356e3baf0f9602176fa51ea9ccabe79bb667f304b6edc156f73a32ce7812ae945694ee9fa2","ssdeep":"768:N/EgW8iCORMC7g2ZIbCCLG/qPdVBMcv/k7N5R:hEg1CCLIpcv/k73R","tlshash":"9383c5a9dfad0259d1e3004baea15aca647d83777214dc12bc1c1a5873c1dde8b7a3bc","first_seen":"2025-07-18T09:21:09.181733Z","last_seen":"2026-03-29T07:13:34.375973Z","times_seen":13,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":107,"dns":0,"connect":0,"send":0,"wait":37,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/chimichanga/galets.js","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/kimjongun/under_desc/","date":"2026-01-10T20:37:42.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"xrutor.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 19:04:28 GMT","end":"Fri, 27 Mar 2026 19:04:27 GMT"},"fingerprint":{"sha1":"A1:72:77:D2:DE:B1:96:AE:B3:AC:B7:AC:DF:04:A4:42:D8:72:9D:EE","sha256":"40:93:22:B1:E6:F4:BF:7C:F7:BC:7A:30:F7:1A:78:DC:B2:A3:E3:7C:18:74:5F:61:8C:D5:F6:86:81:79:E3:FB"}}},"request":{"raw":"GET /chimichanga/galets.js HTTP/1.1\r\nHost: xrutor.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/kimjongun/under_desc/\r\nCookie: korjik_test=1; crackers_days=1; crackers_visited=1; crackers_time_visited=1768077461; crackers_views=1; t_e4719dd21a=1; rocketteam_counter=1; pokemoky_counter=1; jassyandjames_rand=3; poke_counter_up=Sun%2C%2011%20Jan%202026%2008%3A37%3A42%20GMT; poke_counter=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.12.1\r\nDate: Sat, 10 Jan 2026 20:36:49 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 604\r\nConnection: keep-alive\r\nLast-Modified: Tue, 13 Sep 2022 10:15:43 GMT\r\nETag: \"601-5e88c4b7b71c0-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.12.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1537,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"37607a50e5c3055c37745b8a8523f5fe","sha1":"b65d14449e609c6ecffbc73e17aa2f05b0acf210","sha256":"7462330295488346f30edebf0a6d2e847eb2cc135e7d735310504e128217db6a","sha512":"0a652beb49d0e1bf408a0f7428ecc0bc793ed261a18acc641b7deda39226133cb67fa2978b9fc5329d5bd2f8f85a9eb07c66608a1e1e639c170c2ea04a0ae0f8","ssdeep":"","tlshash":"31318e98359e701d918423467a7510deac3ce7b102db91bce5deb472609081b8e3d9f6","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.367557Z","times_seen":59,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"xrutor.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/67a2d6e0ce0dec94ebee.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:43.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yastatic-net.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 05 Nov 2025 12:46:11 GMT","end":"Tue, 05 May 2026 20:59:59 GMT"},"fingerprint":{"sha1":"BA:B8:C9:5D:AD:9E:A2:E4:3B:39:29:BA:EB:5B:C7:E5:05:B5:AF:82","sha256":"49:88:7B:7E:11:ED:24:22:87:2A:1A:23:E1:D6:37:AC:5C:14:DC:32:A8:13:3F:ED:35:6B:B8:E4:BB:8D:36:E4"}}},"request":{"raw":"GET /partner-code-bundles/1303504/67a2d6e0ce0dec94ebee.js HTTP/1.1\r\nHost: yastatic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://psyduck-beak.yotor.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 Jan 2026 20:37:43 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 5050\r\ncache-control: public, max-age=946708560\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 23 Dec 2025 16:08:53 GMT\r\nnel: {\"report_to\": \"network-errors\", \"max_age\": 7200, \"success_fraction\": 0.001, \"failure_fraction\": 0.01}\r\netag: \"fd77e616c9d2f56146fa1a58ec5ed9e2\"\r\nstrict-transport-security: max-age=43200000; includeSubDomains;\r\nx-robots-tag: noindex, noarchive, nofollow\r\ncontent-encoding: br\r\nexpires: Tue, 11 Jan 2056 03:13:24 GMT\r\naccess-control-allow-origin: *\r\nreport-to: { \"group\": \"network-errors\", \"max_age\": 7200, \"endpoints\": [ { \"url\": \"https://dr.yandex.net/nel\"}]}\r\ntiming-allow-origin: *\r\nx-strm-log-split: 3\r\nx-request-id: 0784d27e7ab002c8\r\ncache-host: cloudcdn-rad-09.cdn.yandex.net\r\ncache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14938,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (14904)","md5":"496eb33d700692e5347d9e1f42b2461c","sha1":"3912e565bd535b934d60ea514e8c4eab238f863b","sha256":"316e5493708be9bb985b92d2cd6bd6e1a291c74f61d5f7cf0b225da4e04ee5b8","sha512":"d4ba1e315b9d366d6b2223b13f75b5cdbbdf34138ee5d7a80636ce7af57244ad215b47bf62dfa214c6aa29224613a38a4e957f2bcd021bb7baf78935f69aa286","ssdeep":"192:5wsIpGh02spjlpI7Y70lQsmq24OHKTXV3UGpOLe7trHAgNY9u4FdHN3v0fyebK1C:5wz92+lpIM7Zq2dHKTtO6NY9POfyT4R","tlshash":"2d62e7a974d5b4a513db20bb413f150ff3b96879684d80a0f222d8e97ef885c8167f6c","first_seen":"2025-12-23T19:02:56.253144Z","last_seen":"2026-01-12T09:43:22.326516Z","times_seen":1011,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/i/com.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/i/com.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"127-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 295\r\nKeep-Alive: timeout=1, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":295,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 11 x 9","md5":"e91f48c29a8f6285ade898585e58f8ad","sha1":"c171b970bbdb33210c1e9714bc7fa96e42bdb0bf","sha256":"30bacf9c5db02b0b5fdbe670c15301ec8231d2e526ab20ea5f8dfb8692e02f17","sha512":"43844fd130cb484f8641493014e56fd8aa45077b53def7f2d516341e54633b590923f599e4d76e088be6f546dc8796b4f2afba7cbe4292915ec4ed60b9ef9aa7","ssdeep":"","tlshash":"7fe023018346904ed4c5c0fd0c6cf3182f823582927c55cbe608200c03020204040741","first_seen":"2023-05-13T07:55:03Z","last_seen":"2026-04-01T09:23:20.263351Z","times_seen":322,"resource_available":false,"data":null}},"time_used":399,"timings":{"blocked":369,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/parse/s.rutor.org/i/poisk_bg.gif","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"xrutor.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 19:04:28 GMT","end":"Fri, 27 Mar 2026 19:04:27 GMT"},"fingerprint":{"sha1":"A1:72:77:D2:DE:B1:96:AE:B3:AC:B7:AC:DF:04:A4:42:D8:72:9D:EE","sha256":"40:93:22:B1:E6:F4:BF:7C:F7:BC:7A:30:F7:1A:78:DC:B2:A3:E3:7C:18:74:5F:61:8C:D5:F6:86:81:79:E3:FB"}}},"request":{"raw":"GET /parse/s.rutor.org/i/poisk_bg.gif HTTP/1.1\r\nHost: xrutor.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nCookie: korjik_test=1; crackers_days=1; crackers_visited=1; crackers_time_visited=1768077461; crackers_views=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.12.1\r\nDate: Sat, 10 Jan 2026 20:36:49 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1998\r\nConnection: keep-alive\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"7ce-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.12.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1998,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 46 x 56","md5":"76118a48fd5ae4b926e34f4edb427386","sha1":"4aa5f228e3f511bf626afa6703488d1d7c6df5e0","sha256":"4912841156c4582948d016867a6c71845a0221f1dd6419ea911f6f83bbc431d7","sha512":"1f929eb2a0a9bee00d0a7efa41991625ef4d05c1db107af99b4ea76e5f40435c5b14b8df3d3d3545e899f60fde2ea34dab55a3b65692aa766766e417b513e3d1","ssdeep":"","tlshash":"a141079a5b90cb9cc2ec70f3120486c80232c0f804a0b7060173e4cdea983712b28381","first_seen":"2023-05-10T15:46:50Z","last_seen":"2026-04-01T09:23:20.271927Z","times_seen":353,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"xrutor.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jsn.24smi.net/smi.js","fqdn":"jsn.24smi.net","domain":"24smi.net","tld":"net"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/kimjongun/under_desc/","date":"2026-01-10T20:37:42.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"24smi.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:04:54 GMT","end":"Tue, 10 Mar 2026 06:04:53 GMT"},"fingerprint":{"sha1":"08:95:48:AD:DB:F1:5D:B1:93:C2:0F:6B:EA:5E:6E:FA:17:B2:46:1F","sha256":"48:A6:A8:DF:80:A2:91:E3:0A:F7:37:DB:05:45:2F:E8:80:3A:94:78:6E:43:18:7A:3B:F5:1D:9E:34:11:31:BE"}}},"request":{"raw":"GET /smi.js HTTP/1.1\r\nHost: jsn.24smi.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Nov 2025 14:45:00 GMT\r\netag: W/\"690e05ec-1afab\"\r\nexpires: Sat, 10 Jan 2026 20:47:42 GMT\r\ncache-control: max-age=600\r\nstrict-transport-security: max-age=0\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":110507,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6e85e16d9a735974c68717e44822bbc3","sha1":"c040ecc2c017d2c0072e45d368cc38cd9b74122a","sha256":"875b79edca56d94c9aee2fd59c890257e93008b5809c012bfb865c689948d93c","sha512":"5c2aee6eaa8867457462c6fb8f25880944ae7fa81c42b0cf3233804c67d12be1d84b34d7abb74a378ede4b19429b6e1efd5f214bcfd344d9da8d1c48e87fc47d","ssdeep":"1536:phPC23Abb5suzi6mkO5tgiQoTSVrRXpGfY00sH6KwowbrCdWPI/NIs:phBXNe00sH6VrC4PyF","tlshash":"e3b3e88c7d85f42a83d361f1807f054bb2372e1d688d6550e2aad8e53eb844d612bfbd","first_seen":"2025-11-08T12:42:14.736644Z","last_seen":"2026-02-09T05:07:59.056816Z","times_seen":191,"resource_available":true,"data":null}},"time_used":823,"timings":{"blocked":397,"dns":17,"connect":42,"send":0,"wait":21,"receive":0,"ssl":343},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/i/m.png","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/i/m.png HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"290-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 656\r\nKeep-Alive: timeout=1, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":656,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced","md5":"1c923e4247dd2fbbc7e407beecf6028c","sha1":"37a7cd424c135206071cad59df92511df4fb6e5e","sha256":"efb2d84b9882f1e58d07b358cb77ad0b67fcce154bc7dc70086532abe8f57fff","sha512":"6d9182c919c300bd2f27908ef356c5ae73e40dbc10052038cf275261c77a4333bde3c3467a992f0efea28ffbf3db3665e78fc1fcf907ea656e0c2a5bcfd15a52","ssdeep":"","tlshash":"55f0fea3eec70375eaa0098d8f6285645c47098524a601db61a24eec28fcb0096bae90","first_seen":"2023-05-13T07:55:03Z","last_seen":"2026-04-01T09:23:20.258474Z","times_seen":270,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":404,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/t/arrowup.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/t/arrowup.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"34-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 52\r\nKeep-Alive: timeout=1, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":52,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 5 x 8","md5":"7cbfc089fd0b0d261187a0c1ef0826af","sha1":"1583fd0ccdd6a7dcb24ef670761ab01387cf87cf","sha256":"b88cfd011c972f65586f207621005b8b3336773a252e2a309ddbd9b7dda7b8b9","sha512":"0cab267c42446b8d4fcf6d660e4e538c891a45c4e19592dd2048e803d1b5b22b07a644ec1d7828b6c05a0ce58e0dbf756c106fd63c9ccc737cee16131c063d7d","ssdeep":"","tlshash":"1d900400f5d4d001d0377075477f43703d07c307051503431035110c5f541753143571","first_seen":"2023-05-13T07:55:03Z","last_seen":"2026-04-01T09:23:20.273855Z","times_seen":340,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":372,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/t/arrowdown.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/t/arrowdown.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"33-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 51\r\nKeep-Alive: timeout=1, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":51,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 5 x 8","md5":"fe98a58fe6509fb7cb897d25228329d3","sha1":"34d9e63fe61d4b543f84003c70d0473b6893926f","sha256":"a045e7b1f5ceaefbab2ef782b86b12de0a41fc2ca34c43cbf6b8b8a107d339ff","sha512":"dc044c6b3160559db9d448285bc87db4fd0f75e0dd1844346fb72ebef81eeb83a9ef8fb7cc558902695cdce14dde14a0561ed638749594f1f4b61ee1024f0e15","ssdeep":"","tlshash":"e4900470ddccc401c131d4f4457d43d53754d14f05dd0707117510055c5c31743030d5","first_seen":"2023-05-13T07:55:03Z","last_seen":"2026-04-01T09:23:20.26914Z","times_seen":338,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":371,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrutor.org/chimichanga/galets.js","fqdn":"xrutor.org","domain":"xrutor.org","tld":"org"},"ip":{"addr":"179.43.157.101","port":443,"asn":51852,"as":"Private Layer INC","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/#0","date":"2026-01-10T20:37:42.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"xrutor.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 19:04:28 GMT","end":"Fri, 27 Mar 2026 19:04:27 GMT"},"fingerprint":{"sha1":"A1:72:77:D2:DE:B1:96:AE:B3:AC:B7:AC:DF:04:A4:42:D8:72:9D:EE","sha256":"40:93:22:B1:E6:F4:BF:7C:F7:BC:7A:30:F7:1A:78:DC:B2:A3:E3:7C:18:74:5F:61:8C:D5:F6:86:81:79:E3:FB"}}},"request":{"raw":"GET /chimichanga/galets.js HTTP/1.1\r\nHost: xrutor.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/\r\nCookie: korjik_test=1; crackers_days=1; crackers_visited=1; crackers_time_visited=1768077461; crackers_views=1; t_e4719dd21a=1; rocketteam_counter=1; pokemoky_counter=1; jassyandjames_rand=3; poke_counter_up=Sun%2C%2011%20Jan%202026%2008%3A37%3A42%20GMT; poke_counter=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.12.1\r\nDate: Sat, 10 Jan 2026 20:36:49 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 604\r\nConnection: keep-alive\r\nLast-Modified: Tue, 13 Sep 2022 10:15:43 GMT\r\nETag: \"601-5e88c4b7b71c0-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.12.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1537,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"37607a50e5c3055c37745b8a8523f5fe","sha1":"b65d14449e609c6ecffbc73e17aa2f05b0acf210","sha256":"7462330295488346f30edebf0a6d2e847eb2cc135e7d735310504e128217db6a","sha512":"0a652beb49d0e1bf408a0f7428ecc0bc793ed261a18acc641b7deda39226133cb67fa2978b9fc5329d5bd2f8f85a9eb07c66608a1e1e639c170c2ea04a0ae0f8","ssdeep":"","tlshash":"31318e98359e701d918423467a7510deac3ce7b102db91bce5deb472609081b8e3d9f6","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.367557Z","times_seen":59,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"xrutor.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"yandex.ru/ads/system/header-bidding.js","fqdn":"yandex.ru","domain":"yandex.ru","tld":"ru"},"ip":{"addr":"77.88.44.55","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:42.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yandex.tr","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign ECC OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 26 Aug 2025 08:03:35 GMT","end":"Mon, 23 Feb 2026 20:59:59 GMT"},"fingerprint":{"sha1":"7B:FF:02:81:48:EF:11:E9:F6:FD:BE:76:15:A5:57:2F:B5:AB:4D:B8","sha256":"CB:F2:F4:82:42:0E:5A:DA:F9:FA:58:F7:47:D8:16:57:DF:1D:5D:62:E0:76:47:38:38:20:65:93:68:B1:24:F8"}}},"request":{"raw":"GET /ads/system/header-bidding.js HTTP/1.1\r\nHost: yandex.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"d70b1f5be9b6d981615e61700f986507-1303504\"\r\ntiming-allow-origin: *\r\ncache-control: private, max-age=3600\r\nnel: {\"report_to\": \"network-errors\", \"max_age\": 100, \"success_fraction\": 0.001, \"failure_fraction\": 0.1}\r\ncontent-encoding: br\r\nx-yandex-req-id: 1768077462544505-17532519228829872630-balancer-l7leveler-kubr-yp-klg-94-BAL\r\nx-robots-tag: noindex, noarchive, nofollow\r\naccess-control-allow-origin: *\r\ncontent-type: text/javascript; charset=utf-8\r\nreport-to: { \"group\": \"network-errors\", \"max_age\": 100, \"endpoints\": [{\"url\": \"https://dr.yandex.net/nel\", \"priority\": 1}, {\"url\": \"https://dr2.yandex.net/nel\", \"priority\": 2}]}\r\naccept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height\r\nexpires: Sat, 10 Jan 2026 21:37:42 GMT\r\nx-content-type-options: nosniff\r\nset-cookie: i=Efji7NLnV4FokWeRy9WC0BO4zMV3SR/kSaTjqF1vW9pWuKLd62EIH/qSuTA7jbrGkw2fgqI5GDoBTPEMTfZUGXAk758=; Expires=Mon, 10-Jan-2028 20:37:42 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None\nyandexuid=9298726301768077462; Expires=Mon, 10-Jan-2028 20:37:42 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None\nyashr=9096655021768077462; Path=/; Domain=.yandex.ru; Expires=Sun, 10 Jan 2027 20:37:42 GMT; SameSite=None; Secure; HttpOnly; Partitioned\nbh=YJbxissGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.ru; Expires=Sun, 14 Feb 2027 20:37:42 GMT; SameSite=None; Secure\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":144888,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65478)","md5":"3fc1b4e416f129c5aaaad406505560de","sha1":"8c381dc1ba848dee591e5c69e31a01f82f08c429","sha256":"984ffa936c0bebae38f9018eca167cca6444248ff33f9e344422c37bc994506e","sha512":"6bfb1ee9253282dca591444e486caa38429ff18771ae9a3babe4ea0805a83593a4da98f8ecf1bf819a872db9761bd4fc1d1dbfe5d8092222784661fce987bfed","ssdeep":"3072:z43GPXnmRfmYv3DnyrmpuTAa9nd24r+m/5+sr/JblN/UM+KDkabDT8LLWQUFOUQB:z4dnHp+p5+IlrTKD9","tlshash":"10e32a9d76a1b4b643d390e5443f260ff33f5929a41d84a0ba26d8e26c7585f8223f3d","first_seen":"2026-01-10T20:38:16.625405Z","last_seen":"2026-01-10T20:38:16.625405Z","times_seen":1,"resource_available":true,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/#0","date":"2026-01-10T20:37:42.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Roboto:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 10 Jan 2026 20:37:42 GMT\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"29f45de742f030761fe05d6c7ae7e993","sha1":"895c7dfcc456ee596b5d231edf89672f0dc87631","sha256":"debc0e6a77968e929d8f44cf60feb4856f66ccdc05677a54f3dcd14cc8a1d0bd","sha512":"d78e7b55c690fd186433829030e71a42e15d55dda2677bd29ad874f5bebaeedfe18d2f0bdfb8e828c1da502f43cbc117db7e1ef488814e3c3a88376756def47e","ssdeep":"384:8KfMK1KWK6KyhK/qY4XKNKtKiKfDKOKdKBKyaK/qY4QKGKmK4KfdKkKDK3KyQK/9:8TcfFBhiEymDcTYeBai75tdmtC0BQiVb","tlshash":"7f7210a1041750009b834ce223cebf35fe1f52117142d0b5abfdab6b9dcbc66526935d","first_seen":"2025-11-19T00:03:18.438435Z","last_seen":"2026-02-19T19:35:42.295945Z","times_seen":2829,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":124,"dns":1,"connect":20,"send":0,"wait":19,"receive":0,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/1d330c819c4d494002a8.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:42.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yastatic-net.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 05 Nov 2025 12:46:11 GMT","end":"Tue, 05 May 2026 20:59:59 GMT"},"fingerprint":{"sha1":"BA:B8:C9:5D:AD:9E:A2:E4:3B:39:29:BA:EB:5B:C7:E5:05:B5:AF:82","sha256":"49:88:7B:7E:11:ED:24:22:87:2A:1A:23:E1:D6:37:AC:5C:14:DC:32:A8:13:3F:ED:35:6B:B8:E4:BB:8D:36:E4"}}},"request":{"raw":"GET /partner-code-bundles/1303504/1d330c819c4d494002a8.js HTTP/1.1\r\nHost: yastatic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://psyduck-beak.yotor.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 135420\r\nx-robots-tag: noindex, noarchive, nofollow\r\nstrict-transport-security: max-age=43200000; includeSubDomains;\r\nnel: {\"report_to\": \"network-errors\", \"max_age\": 7200, \"success_fraction\": 0.001, \"failure_fraction\": 0.01}\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 23 Dec 2025 16:08:52 GMT\r\netag: \"160ed31c098af534eb3591ed48c66b32\"\r\ntiming-allow-origin: *\r\nreport-to: { \"group\": \"network-errors\", \"max_age\": 7200, \"endpoints\": [ { \"url\": \"https://dr.yandex.net/nel\"}]}\r\nexpires: Tue, 11 Jan 2056 03:01:43 GMT\r\ncache-control: public, max-age=946708560\r\ncontent-encoding: br\r\nx-strm-log-split: 6\r\nx-request-id: de475536eee726fc\r\ncache-host: cloudcdn-rad-09.cdn.yandex.net\r\ncache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":706161,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65496)","md5":"96b291fd5bba4c4f7cdcd292f9732377","sha1":"af2b66c38179bfb179a1a34bcb6abe1cb8fa9ae2","sha256":"3d4f4131b6c06bb11c555a8984da9843c3f4a8734865473746b44e9dbc7449af","sha512":"6e78eee5894547a60d48bceccc1c4964c8c0322bdcfbd4052d7212993b009087c92ced260fac3e414e70b82b849fb0cbed0359a9c79e9bc1fb01e88413ce7fbd","ssdeep":"12288:bnzBmEntq5hA9Ym9IKqJZsih1gwYMpH38bOL5ZnhBfkh5p4:Rn45hA9Ym9IKqJZs8gwYMpH38bOL5d6c","tlshash":"61e4f8d9fa5170b542e794e8c03f160ea23f7519700980f4b766ede26878a8e6123f7d","first_seen":"2025-12-23T19:02:56.280003Z","last_seen":"2026-01-12T09:43:22.310042Z","times_seen":1018,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":70,"dns":1,"connect":30,"send":0,"wait":14,"receive":25,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/t/top.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/t/top.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"264-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 612\r\nKeep-Alive: timeout=1, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":612,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 24 x 24","md5":"ab3755cddb40723270164fa84b8f0362","sha1":"a7e6700d02578c03bd76b217b23c55b4fba997ea","sha256":"79df9f5b18cac4dbaec0808448c15e094b5fe20d04aabfe7bed9e6ae07739dfd","sha512":"5abc1bb158bf7cc0ac5c8812f5ac8c9b4545a2622393129ec54b377c05e21de0bcd1840642646ee7e051152af9d6f33d7fc371f0441fc844a8b084504c98d5c8","ssdeep":"","tlshash":"05f0541439558b21e5ff73b5fb6c5f37225ebe1412c8c52738330b134311455c160a6b","first_seen":"2023-05-10T15:46:50Z","last_seen":"2026-04-01T09:23:20.254421Z","times_seen":347,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":365,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/parse/s.rutor.org/i/d.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /parse/s.rutor.org/i/d.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Fri, 09 May 2014 14:49:17 GMT\r\nETag: \"167-4f8f8b3aed540\"\r\nAccept-Ranges: bytes\r\nContent-Length: 359\r\nKeep-Alive: timeout=1, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":359,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 13 x 13","md5":"3def66024a583b6ca763e249acb3c426","sha1":"82f2f897d3e2746181b889811ac675565dcaf0fa","sha256":"7d4fb7d5a9e681b2313ca88338e3255364aa452f243d6397aa905783e98bfca0","sha512":"ced956d62e7e8e57633cafed83041bca728181a026178bea0277e5b92ebdf5fcb17211709486c5e4be7c7ace81488fa02bd0cd1bfad64cedb6e0e1a824f525c7","ssdeep":"","tlshash":"7be07d55326aa9d1cd01d1f008a1a0a10055b9a4b85a025f3c34112d5e6846f4c80c1e","first_seen":"2023-04-27T14:24:27Z","last_seen":"2026-04-01T09:23:20.212417Z","times_seen":391,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":377,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/agrrr/img/movies_btn.gif","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /agrrr/img/movies_btn.gif HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://libbb.yotor.ru/css/css.css?27047\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nLast-Modified: Sun, 15 Mar 2015 23:32:06 GMT\r\nETag: \"bdc-5115c243a0980\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3036\r\nKeep-Alive: timeout=1, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/gif\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":3036,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 170 x 34","md5":"986dea298e550985fea4a222d746a9f0","sha1":"eaaa5ecb37610c35ca8516f909158d39d5059524","sha256":"00568b506987f6412fbceb9b5880521a0212706d7e392eb48c315dabc7a900e5","sha512":"8ef07daa68374e9f6439346ed16db1c5c62e50176f160db59744365860748d3458b9200374dcf4c33905d3ca1330633c0fc5e0e564e81dc18009c27af345e0e1","ssdeep":"","tlshash":"9d514d0ab855cea03c7807b3c570bb4aef53cb0c8bc4151a024f56a8639963e4136e27","first_seen":"2023-05-21T11:00:05Z","last_seen":"2026-03-29T07:13:34.358134Z","times_seen":64,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ads.digitalcaramel.com/js/pokeball.youtube-obhod.ru.js?ts=1768077462329","fqdn":"ads.digitalcaramel.com","domain":"digitalcaramel.com","tld":"com"},"ip":{"addr":"65.109.72.77","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:42.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ads.digitalcaramel.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 21:08:33 GMT","end":"Tue, 24 Feb 2026 21:08:32 GMT"},"fingerprint":{"sha1":"2D:F2:A2:EE:D4:6C:C3:75:F4:98:F3:1D:8D:27:85:47:B7:7E:F1:A5","sha256":"22:CA:00:88:C2:B3:06:CC:EE:13:39:AF:A2:90:52:5D:D0:CC:E1:FA:14:31:86:2A:21:89:46:0F:A6:22:C5:4A"}}},"request":{"raw":"GET /js/pokeball.youtube-obhod.ru.js?ts=1768077462329 HTTP/1.1\r\nHost: ads.digitalcaramel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: text/html\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';\r\npermissions-policy: interest-cohort=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":87,"dns":14,"connect":27,"send":0,"wait":27,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@500\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrutor.org/kimjongun/pikachu_bar_8/?jassyandjames_rand=3\u0026pokemoky=1\u0026v=3\u0026f=/#0","date":"2026-01-10T20:37:42.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Inter:wght@500\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 10 Jan 2026 20:37:42 GMT\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2591,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"f1efa7cc654e80512798e22fb85383c5","sha1":"63027468dba71b0f55e8802bbaabb200fe636030","sha256":"9975b4b5919fa3baf5e26b85afca132f61ea29ae0ba397a5c4946fd39d63020e","sha512":"154081191e84956070424bebc1dea8a2c9ab30c778a47188177b0c924b1fcee0b5bb07db6c1959eea3f98b892de64eef9c485ffcdfe2c095bd66cf97d1298be4","ssdeep":"","tlshash":"2151afd1002f95009a475dc223cf3f39aede21492085c5ba5bfd1dc5acded26436979e","first_seen":"2025-09-11T15:35:52.891354Z","last_seen":"2026-04-03T21:32:18.474337Z","times_seen":276,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":116,"dns":1,"connect":7,"send":0,"wait":21,"receive":0,"ssl":110},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/safeframe-bundles/0.83/host.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:42.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yastatic-net.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 05 Nov 2025 12:46:11 GMT","end":"Tue, 05 May 2026 20:59:59 GMT"},"fingerprint":{"sha1":"BA:B8:C9:5D:AD:9E:A2:E4:3B:39:29:BA:EB:5B:C7:E5:05:B5:AF:82","sha256":"49:88:7B:7E:11:ED:24:22:87:2A:1A:23:E1:D6:37:AC:5C:14:DC:32:A8:13:3F:ED:35:6B:B8:E4:BB:8D:36:E4"}}},"request":{"raw":"GET /safeframe-bundles/0.83/host.js HTTP/1.1\r\nHost: yastatic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://psyduck-beak.yotor.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 Jan 2026 20:37:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 8878\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncache-control: public, max-age=946708560\r\nstrict-transport-security: max-age=43200000; includeSubDomains;\r\nlast-modified: Wed, 03 Nov 2021 13:42:58 GMT\r\nreport-to: { \"group\": \"network-errors\", \"max_age\": 7200, \"endpoints\": [ { \"url\": \"https://dr.yandex.net/nel\"}]}\r\nx-robots-tag: noindex, noarchive, nofollow\r\nexpires: Tue, 11 Jan 2056 03:04:51 GMT\r\netag: \"f80882bf67cf261aa08d636da095149a\"\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nnel: {\"report_to\": \"network-errors\", \"max_age\": 7200, \"success_fraction\": 0.001, \"failure_fraction\": 0.01}\r\nx-strm-log-split: 7\r\nx-request-id: 4a49166aeba414d8\r\ncache-host: cloudcdn-rad-09.cdn.yandex.net\r\ncache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33703,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (33703), with no line terminators","md5":"2435549eac66915d7464ee7b9efce038","sha1":"e390598fb192583622a8ea079d5c96dffdb34fb5","sha256":"34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55","sha512":"42a25f058316e5e947ba3149b56c81fd0e82f21d4b8109ef4fc529509d54235a0c0d7dd6212e381129b46ca72d81c4ae9e58cfae87557587727bf290fa1f3f09","ssdeep":"768:uKbdR7ii7FI+06HhV69ztBLEankCqH1UKW35V8tFOzbZ51QtD8JFtEDv/eKzS6Ei:TR3gKCzF5UEad","tlshash":"cee2a78e3295b43703c760f4903f210d65771d28a45a8894fa6bd4e23e7a84f527bf6d","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-04-04T06:18:14.078108Z","times_seen":22870,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":78,"dns":1,"connect":37,"send":0,"wait":30,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libbb.yotor.ru/southcentral/js.js?08","fqdn":"libbb.yotor.ru","domain":"yotor.ru","tld":"ru"},"ip":{"addr":"91.132.161.97","port":443,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrutor.org/","date":"2026-01-10T20:37:41.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"libbb.yotor.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 07:50:16 GMT","end":"Mon, 16 Mar 2026 07:50:15 GMT"},"fingerprint":{"sha1":"CA:A6:3E:9D:10:26:1E:58:B2:4C:FD:20:7A:0F:A8:BC:79:13:C7:C2","sha256":"A5:3D:99:18:36:A4:B1:73:00:B4:62:03:8D:6B:17:1D:88:9D:16:90:FD:B6:B2:BA:10:19:93:82:56:06:0D:41"}}},"request":{"raw":"GET /southcentral/js.js?08 HTTP/1.1\r\nHost: libbb.yotor.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrutor.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 10 Jan 2026 20:37:41 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1131\r\nKeep-Alive: timeout=1, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript;charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Debian","description":"Debian is a Linux software which is a free open-source software.","website":"https://debian.org","common_platform_enumeration":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","icon":"Debian.png","categories":["Operating systems"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (869)","md5":"48f15eb2a5b8ee7b68b032c16d4f9ee8","sha1":"8797e04b9c5a05dc71c8aac4cc8b145ae6bde3e2","sha256":"6ede838c510b030a60f27b0e3466376607a480c6d0cab4e0d2f2f19d92d16af9","sha512":"2832b9fe25e789c3552227ac05c1c4672c27833784f468920a5f3520d6802bfb3302661cea000ec709e13dcf32ce0f52cd16e12109ddd3a9a41776047c1b82e3","ssdeep":"","tlshash":"2c510d4cf75de11c94d603857ead02ee387ca5233242852dfd5d6e606278c3a8a3cdb5","first_seen":"2023-03-08T19:46:28Z","last_seen":"2026-03-29T07:13:34.373332Z","times_seen":74,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":106,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yastatic.net/partner-code-bundles/1303504/3eaa85e17d47b367eee4.js","fqdn":"yastatic.net","domain":"yastatic.net","tld":"net"},"ip":{"addr":"37.9.64.225","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://psyduck-beak.yotor.ru/inc/sisjoy/gen.php","date":"2026-01-10T20:37:43.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yastatic-net.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 05 Nov 2025 12:46:11 GMT","end":"Tue, 05 May 2026 20:59:59 GMT"},"fingerprint":{"sha1":"BA:B8:C9:5D:AD:9E:A2:E4:3B:39:29:BA:EB:5B:C7:E5:05:B5:AF:82","sha256":"49:88:7B:7E:11:ED:24:22:87:2A:1A:23:E1:D6:37:AC:5C:14:DC:32:A8:13:3F:ED:35:6B:B8:E4:BB:8D:36:E4"}}},"request":{"raw":"GET /partner-code-bundles/1303504/3eaa85e17d47b367eee4.js HTTP/1.1\r\nHost: yastatic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://psyduck-beak.yotor.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://psyduck-beak.yotor.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 Jan 2026 20:37:43 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 24510\r\ncontent-encoding: br\r\nx-robots-tag: noindex, noarchive, nofollow\r\nreport-to: { \"group\": \"network-errors\", \"max_age\": 7200, \"endpoints\": [ { \"url\": \"https://dr.yandex.net/nel\"}]}\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\netag: \"b8e2780531b0313da8a0ecdb3bb1683f\"\r\ncache-control: public, max-age=946708560\r\nstrict-transport-security: max-age=43200000; includeSubDomains;\r\nlast-modified: Tue, 23 Dec 2025 16:08:52 GMT\r\nnel: {\"report_to\": \"network-errors\", \"max_age\": 7200, \"success_fraction\": 0.001, \"failure_fraction\": 0.01}\r\nvary: Accept-Encoding\r\nexpires: Tue, 11 Jan 2056 03:03:43 GMT\r\nx-strm-log-split: 1\r\nx-request-id: a45a895d8f34d6ef\r\ncache-host: cloudcdn-rad-09.cdn.yandex.net\r\ncache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":124986,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65505)","md5":"636a2c194f5f8e49cebcd32129eebfa1","sha1":"f61b141aaecb7ffbe65b191f5d4195909ac3d50f","sha256":"b871ea55b4e82689abd53e2a0f3a83abe6fb1e409d8d12e1fc2cd9cb42aa8c04","sha512":"f8594e5fe8700121c9285750d15e7e8483fd2ff4aa6decf7a65c748800f5f0a30c8e2bdd06895f191cc7467b2fbce0114d8de473bb687ab8314ba61710f62dda","ssdeep":"1536:ifQ93OFD/VTE1T151HFYw2kBUoJeM6yQNL49UPUaE6tgC:iY8FZTE1Tv1B2kBRJL6ylU/","tlshash":"cdc31988f55274b502eb80f8913f6a0ab33b5419b02545f4b76dedf29e7090e5126fbc","first_seen":"2025-12-23T19:02:56.19625Z","last_seen":"2026-01-12T09:43:22.310981Z","times_seen":1010,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}