| byruthub.org/templates/byrut/images/logo.png | 188.114.96.1 | 200 OK | 5.1 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/logo.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 274 x 60, 8-bit colormap, non-interlaced Hash393140752ab9c52a7d15da4e830c8a52 fc14d5c4b79abc39a9f871d05ebbefe51c7c0685 eccbcfd79314410c101e40bdc6b7a0f40e428dc4dc241cbf09d004f5fcf74ce8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/logo.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/png
content-length: 5050
last-modified: Sun, 05 Nov 2023 07:08:48 GMT
etag: "65473f80-13ba"
expires: Wed, 05 Jun 2024 13:49:40 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460263
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tgE7bV3POeaAB2x7sSLykZgIQ5yD0lbIzzyHpxbfZU36wUEZ85bOOmryt6aJWpSTi5%2FQWkixjv0AHN6u21O977SsSVCWuM%2FV8Igk%2BiVYeMaygvxKyQbPaKGSSz1hzQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16d8d8f8568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2022-10/no-time-to-relax.jpg | 188.114.96.1 | 200 OK | 39 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2022-10/no-time-to-relax.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash301aa52fd73c75cda19a4cda5bdb547f 46daae281c451a518e1f523ad1833438b95c7e8e 208944d17420ced3787f1c1b2ea8be3b6f330759834bbceb4d045dc8f19b7d2a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2022-10/no-time-to-relax.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 38746
last-modified: Sat, 18 Mar 2023 11:58:58 GMT
etag: "6415a782-975a"
expires: Thu, 06 Jun 2024 19:01:36 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 355147
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yAQ4eCBLoj7v7JXO%2FQPdWoPee%2FjD0TRFBiM%2ByNh7fN2EXNDq%2FwaW%2Fsti4NhWzEmJ9tlWS3WIxePSfIz21%2F2sYNXfts28W7DRFf6CtTpXhUktKOBgygEyJ%2BKbXNI9r%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16d8d8fa568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/icons/2n.png | 188.114.96.1 | 200 OK | 3.0 kB |
URL GET HTTP/3byruthub.org/uploads/icons/2n.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 108 x 125, 8-bit colormap, non-interlaced Hash24b27c99a21b3d421e54495a7489956d 8ee49936c3c139586a07956c6e2eca54613cd97d b555f55be196d21630f95bcdc5bcd525be82b9d2f75a06678457ffa23b92dd55
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/icons/2n.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/png
content-length: 2975
last-modified: Mon, 17 Oct 2022 17:38:34 GMT
etag: "634d931a-b9f"
expires: Wed, 05 Jun 2024 13:50:42 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460201
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KltsSsUIGXoQYeUsPZ62IOagMikglttUhdN%2FNEe0C7vYIKkndRJthexFfymu%2Brd3swXw1KoRoyIQPqAZn%2BRAOyXy9szd%2BOuBVx367k3RzLJz%2F9QQ1%2FcDEiHnzkCyqHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16d8e8fd568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n | 188.114.96.1 | 200 OK | 30 kB |
URL GET HTTP/3byruthub.org/engine/classes/min/index.php?g=general3&v=b4x9n IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash4f0fa0ea2ed2bd3abcba54438900f124 0ced4961d59a49eb41977ae8c759d59713223c19 5f55e209be722b88bb75df5b584e8e9030a85db8b96c806149ab1f5538aedcd0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /engine/classes/min/index.php?g=general3&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 30393
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 14 Jan 2024 16:06:55 GMT
etag: "pub1705248415;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 56699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLvDT5AZAAWkqCO4qaAoKAFUWLNHv%2FUUlJQdTo370GwE94RMiu9UncTTACuYsgYKT%2FW4x4TCTv9gee2m%2FhnyypNcHh7uEm4ycytbu7JLcr4SB1D4on7gZxYJzSGto5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16d8e901568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n | 188.114.96.1 | 200 OK | 46 kB |
URL GET HTTP/3byruthub.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64742) Hashdda805648c4c2019d9ad8eb458831e17 5e70a1ce929daf8e6c7a3805c4ecb27f3634d3f6 91f79ae04f21e997227b5335d340bd817dc2e14502dea7bff1695458acbebbd5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js,templates/byrut/xsort/assets/libs.js,templates/byrut/custom/assets/libs.js&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 46426
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 14 Jan 2024 16:06:56 GMT
etag: "pub1705248416;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 56699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KB1x9eyLO2QN5a7JWAwFmuU8RZBWizjfEI5LxJEbyFwcQPwdJEy0qxY6ZA9bv1zasVRBO7uoWpLYHyArNw5xDwnTEXKf7CjuFZEJEd95zI%2Ft61NCSUUpx%2B5f5d%2F3adY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16d8f914568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n | 188.114.96.1 | 200 OK | 100 kB |
URL GET HTTP/3byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typetroff or preprocessor input, ASCII text Size100 kB (100271 bytes) Hashe2af714cc5049514c469957a43c3b6c4 4265c52a3db5b50633fbf24acfacb9a0a71d3e7d a6e08a8370d9e48905c733d901d3fa6a1ec6f6e57038034b3f60fd8bae806a11
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: text/css; charset=utf-8
content-length: 100271
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 05 Nov 2023 07:09:49 GMT
etag: "pub1699168189;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 56699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNNiB3muwej6kpkeVx5BpruOe0gddRXrREMDH1QIYv0leQgvaINQqf1sgq6w9AtjqsDmAtafJpJcgTlzO6U6PrcQ3RwebiQOHOSzwIwbboizZDIbdYC6pVDgvbNN9JM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16d8f923568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n | 188.114.96.1 | 200 OK | 37 kB |
URL GET HTTP/3byruthub.org/engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31911) Hashc946c33cc6c45b1bdfa528482d898f24 2f790e85c4d153627bfffb5f8e5bdc1ec66ad73b 7395940bf2b6e2ea209207cd8be98f2107c5b5531585254082fcc1a35c0f7207
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /engine/classes/min/index.php?f=/templates/byrut/js/libs.js,/templates/byrut/js/fresco.min.js&v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: application/x-javascript; charset=utf-8
content-length: 37050
x-powered-by: PHP/8.1.19
expires: Sat, 10 May 2025 05:53:58 GMT
vary: Accept-Encoding
last-modified: Sun, 05 May 2024 12:28:24 GMT
etag: "pub1714912104;gz"
cache-control: max-age=31536000
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 56697
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mcb9Q3%2FcakRMeLoBull5DT%2BP6Hv6wWtAKgAPzWUsVc82smwyOOYL4wsyYXfostwyqaJmFq8tt6iC1VE8GHtyjlE1QhQqV7arGNsmAj8fZmUOkq9gbGcxlM%2F2u9uELLM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16d8f926568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha | 104.17.2.184 | 302 Found | 0 B |
URL GET HTTP/2challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha IP104.17.2.184:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?compat=recaptcha HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 21:40:43 GMT
content-length: 0
location: /turnstile/v0/g/1b3559406bc8/api.js
cache-control: max-age=300, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d16d99e12b4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1 | 142.250.74.168 | 200 OK | 96 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-QX7E7T8PJ1 IP142.250.74.168:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashd9fff3c8f8b5ba3253916284e040cefb 6ee6ef6a2ac167a3c4d98b07983b995578b4f80a 0d166c6b5a3c481ef4cd7c4938a7a91716c2ffd651502b36fbdbc853a2605058
GET /gtag/js?id=G-QX7E7T8PJ1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 21:40:43 GMT
expires: Fri, 10 May 2024 21:40:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96481
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js | 104.17.2.184 | 200 OK | 15 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js IP104.17.2.184:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42616) Hash86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4
GET /turnstile/v0/g/1b3559406bc8/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: max-age=604800, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d16da28aa569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/rating.png | 188.114.96.1 | 200 OK | 2.3 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/rating.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 88 x 263, 8-bit colormap, non-interlaced Hash22063375dd8258d84b95d1ee79e8ded4 d6e75431003741b5c847e8d76a4bbafc24bf3c13 9d0b588363b7ada4fe7d8c7b422fa4e953a49463d0aae20483bd2504b0a7eecf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/rating.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/png
content-length: 2293
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-8f5"
expires: Wed, 05 Jun 2024 13:50:28 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVLK7toFS4cRlQCh8CqJKCvWH1WxqQW7eHKf%2BFTVtVo1FQiJqOarYoT6SCUhDWEaoQHUrlD8hpJ29Cn1ih7r2oIp8OU9z1ffw2itpPSDdEu2G95Yh1PoUrSWAmU%2BHvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dc7c58568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/tags.png | 188.114.96.1 | 200 OK | 484 B |
URL GET HTTP/3byruthub.org/templates/byrut/images/tags.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashe25aa5414ea580ee9171f0495dd8614f 0f55896ee1d6c06440326f6d9160799517237763 59172f212518edd429b2e697c77a1e9a91f3769c57dda16798e90aec360b8d97
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/tags.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/png
content-length: 484
last-modified: Sun, 05 Nov 2023 07:08:48 GMT
etag: "65473f80-1e4"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2kPJJady4mHnpHKuXkgkRzh0DaKXDPOdNZQyfBeofa6hi2j4GV6wihnpujOxNQ%2FjqWoQd8KK0GOdSt0MVGckBHysR0%2B8TDq2caRL577DTApuXsGzV8BleLgnWY37n0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dc7c59568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/fixcom.png | 188.114.96.1 | 200 OK | 1.6 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/fixcom.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashbfe3d1ac9bc7454a75d41c34842f3cc6 012bcc884c14f1ff8c80e69db1df8a5fe46fb987 91dc915b8c3f0bb128584e574cec46350ea75e059c7a6453bd450e8a201e82fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/fixcom.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/png
content-length: 1557
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-615"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WeX69ybwBc7amaJFdBUJYuA2BpVb%2BZo62UjKe1McGrt%2FjxpDuusPqm3Oq%2BDfmFmw45ZvzDhWlPzol%2FT8%2Btj%2FWh%2F5XySzTql1UBuhUDb4krM%2FtBPY5%2Bsb6SN%2F%2BVwdAQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dc7c5b568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/js/sc.js?v=b4x9n | 188.114.96.1 | 200 OK | 3.1 kB |
URL GET HTTP/3byruthub.org/templates/byrut/js/sc.js?v=b4x9n IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typegzip compressed data, from Unix Hash30e5e3fd02d74278941239a1cabe7291 8253a588fcad1aaca96d536168b62cef3c0531b8 ec86838600356338a4c1f3190bad7cb91644cf64e350c0bef22f5204430ff789
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/js/sc.js?v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sun, 05 Nov 2023 07:08:56 GMT
etag: W/"65473f88-7d7"
expires: Mon, 10 Jun 2024 05:55:44 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 56699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D4hDkfomvGD%2FYV0YoB5FKQY6B%2F%2F30xSMdaW%2FwcJXfbDIL7Yhr9SloLAV0e8HM%2Fvj0kon6p%2BX2qixkKBgFpGFDi60%2Fw9%2BAv5AMmSGQcLt9UUDG4yWt%2FVwXxu%2B3a%2Frf1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16d8e900568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/upd-publ.png | 188.114.96.1 | 200 OK | 1.4 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/upd-publ.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hash554a3815f3c1821ac11ff40655ce775d 13d34bc29df63a642f0ea2b1fe867b5a233cbda4 e25dd5f2a89109b540d6c365d5fd87a611c819cbbbfdcf828c4f2e395832a686
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/upd-publ.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/png
content-length: 1414
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-586"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jj%2FJYEyQG0rtzVxaXLZUUqX%2FTQW2y%2BsDjUgekSk6TnE48mcHrjYGdWjQmS9%2BQyjWMEk10WtJZ1D5FXeew6U4bYt%2FvliKMJuBxRETIl8hOYJahuJGhuoSlOuWQCCfaSs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dc8c61568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/top22.png | 188.114.96.1 | 200 OK | 1.5 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/top22.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hash79b0227cbaa7268aa28730dacc5d6840 2fec7563de6010c50287768ec0ad4172a279ec1a c08507e4c48295cae51420335ea81f5890d8f3a569e44076767699a7e9ab7111
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/top22.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/png
content-length: 1458
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-5b2"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HghcAMRPrsZUsFXJF6uRw3OHG51X%2FjkgCAiPx1yxIxDiB7VVCoXO8FWLfYPOXe581jCt8FfDQ3j69VnGUrTRnMI0sbPGP4JIi38AXa8Gs54DFRaLEhAXitd0fqkmO3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dc8c63568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/css/styles.css?v=b4x9n | 188.114.96.1 | 200 OK | 53 kB |
URL GET HTTP/3byruthub.org/templates/byrut/css/styles.css?v=b4x9n IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typegzip compressed data, from Unix Hash1041bc45e244fc7b2ca5553de677e658 a6177161c169665b61e3d1673fa45924b5c89225 0e835587e6d0e103677bdf1af6e38ee0f02fe80bd6b0e5750d863548c4d5ef68
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/css/styles.css?v=b4x9n HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: text/css
last-modified: Tue, 23 Jan 2024 04:25:17 GMT
etag: W/"65af3fad-191d4"
expires: Mon, 10 Jun 2024 05:55:44 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 56699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WHzb7n1UTjXbAsWem03QtEBmBb00dwZOU8%2BqHFE6iinagowGANXiaYNG0NTLk4va0dY70%2F5ctzByprLwIVMqdySmU0A%2F8wQTYQSt%2F5LPWpnIBo7vbwYgVLYbvTP%2BqQU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16d8d8f2568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg | 188.114.96.1 | 200 OK | 30 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashcca866cd6fcafc39cac2cfcf63dfd9d6 d52ca8a0f42f96c3362771714b92d9929a404da3 2b7990bd541e744e5c22e393125f11d0ed72ed987a2144b92006b8c5c480d690
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-02/dream-engines-nomad-cities-9814.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 30012
last-modified: Sat, 02 Mar 2024 13:22:11 GMT
etag: "65e32803-753c"
expires: Thu, 06 Jun 2024 17:59:08 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 358895
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8t4CFVZNuM9ZpVsCE%2FmsMUfOY%2FewdgYA%2F7EKM%2BS2v3qR1T6DVmfLImg%2BRziFN1g3hipi5tOOHppG8xrkvfF74AV8Oeo0laGCUvdd4Ln4bScgVe3AlAOJ8aojH7cOLho%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dd7d32568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2022-05/v-rising-poster.png | 188.114.96.1 | 200 OK | 18 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2022-05/v-rising-poster.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hasha606394e97b9b9957056c116c3455c41 9fcc8caf352968c51c72c880727dcf6ae0c29a32 dd5ddd4c891fa45235a04982a1689e3051b8b4ad5098a1e9b4150129e8963038
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2022-05/v-rising-poster.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/png
content-length: 17696
last-modified: Sat, 18 Mar 2023 11:44:21 GMT
etag: "6415a415-4520"
expires: Wed, 05 Jun 2024 15:02:20 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 455903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=czGEVr8VBW79Nym7ewA20nK1GkIavXi8cCqDT3emmB4ccZGC7g4WkoN4YLSbapCxiZuM5xtM8dY%2Bmn1bNUNmABa4e0cUuTvCW%2FG%2Fi%2Ff8ROyt57YzD2zvYdcNiloMdMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dd7d33568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg | 188.114.96.1 | 200 OK | 31 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash35baa9a417e43fa13731932280526c26 00d6f5dddcbf4ccbecac9b21ddd7d5049ae872a5 d317eee4887dbda5aa499276aad9b7f67fa80465ed3b7dc8a12cd36ceff0b00f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-04/heading-out-a-narrative-road-movie-racing-game-7518.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 30626
last-modified: Fri, 03 May 2024 14:26:25 GMT
etag: "6634f411-77a2"
expires: Wed, 05 Jun 2024 14:41:52 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 457131
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2B3fgVJiLveBlfVndbP0SJwyZYugBRbxpk9E5OTdzZa85A8y06G4H3m8%2FwR6QWncez%2BFuLEmN2GuILsZ1JGgyF7czZNi19WaT%2FzeH0v7s8aRo3AZ3VOvWP08NXTt2DE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dd7d34568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-04/hades-ii.jpg | 188.114.96.1 | 200 OK | 40 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-04/hades-ii.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashf00a957c498ad034d5648a58854df911 37d1897a0aaf0f85e6f61b0eb1c01f1f8afee591 0e388e3d32b7eceefc166401b3ad5715d3c802cf13ede8eb5f1ef5fd72413a60
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-04/hades-ii.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 40284
last-modified: Fri, 03 May 2024 14:26:19 GMT
etag: "6634f40b-9d5c"
expires: Wed, 05 Jun 2024 16:23:10 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 451053
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=12%2FWscZtk35Hzdkw6ASuJUGs8DkNqQJxPcmMDmnWAHuKboIqky1d50tMRRxDt7eSyR3vy3rIccJx6KZk9miDhKuYQLR94jfR1G1IUgKMcUe2bq%2BCi35fS8PE45IaWoQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dd7d36568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-04/abiotic-factor.jpg | 188.114.96.1 | 200 OK | 37 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-04/abiotic-factor.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashd441e68c8e71dd837fd5c33d2cc75da7 3500f7a146e16bc996418a536454685a446fc235 3b222b85c2f933f4ba4a5fb586b6e593a2689cac85cf661761b4a28943df4e92
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-04/abiotic-factor.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 37104
last-modified: Fri, 03 May 2024 14:20:19 GMT
etag: "6634f2a3-90f0"
expires: Wed, 05 Jun 2024 13:50:21 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460222
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1jnuRlrh6DUDUDnl0BmizGxLCZS%2F909EJ9f4SYglpkfL7inMJh2VLGFUDHX4%2F9yIxC56r7RrJbkPdGYptW2Ns3n8O7gAZWiYqVJ%2FpeeWJh7W0KRfeyixJVmVWQnxe4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dd7d37568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-04/foundry-9384.jpg | 188.114.96.1 | 200 OK | 44 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-04/foundry-9384.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash57ef318c6bfed87726ac3ea8d8457996 3b9cc58c465ca31b685be5e6c3c7b597f9912446 498b90922071f6a93d18ab2c1f7c441f6d3a6087894351de2a5808c372e46df0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-04/foundry-9384.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 43931
last-modified: Fri, 03 May 2024 14:25:16 GMT
etag: "6634f3cc-ab9b"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GmkJsZt1t8kpHzmMPF3gb0bJ2BiAOl629Rikm4Zv0BVtUKoKA9RbhYZjGK1iGdAM4WewrWk9tZldQk0NDqbRmNwv9B45ABwHcRWt5mza4lPuHcDkvxaT%2B%2BH6JGp5mNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dd8d39568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-03/pools.jpg | 188.114.96.1 | 200 OK | 22 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-03/pools.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash0b760610ee6678c0d8c2219241295ffa 3046e23fd134fdc2c785e5e4f27f8badb41e2661 c6a7046604cc35898ba6112e3cca5d63a1ed1c8c8260589f9b5c584c2b1881ac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-03/pools.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 22143
last-modified: Fri, 05 Apr 2024 04:00:45 GMT
etag: "660f776d-567f"
expires: Wed, 05 Jun 2024 21:05:07 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 434136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2WYKFdzlyM2BY83KFFQu5yvYWi5YV9w%2FFNKsja7Nv4w3XMPA9iwXWSvSFIoUMahh%2Be4LxmBMJb%2BsI9PJDB7dOh%2Bbq8bngWU9jsbr0AoCRnok%2BScyVcIILlrvzz3%2FHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dd8d41568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap | 142.250.74.106 | 200 OK | 1.7 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap IP142.250.74.106:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashe85f57dc57656014aa999cbcd3b25b42 90c05ebbd243fefae3a214e715b9893f1c29f0c1 c2c877d879e3431ff36a41df812e4838ebe9962b80ba2522a617e2f5cb237052
GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 21:40:43 GMT
date: Fri, 10 May 2024 21:40:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| byruthub.org/uploads/posts/2024-05/bellwright-1248791847.jpg | 188.114.96.1 | 200 OK | 49 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-05/bellwright-1248791847.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x450, components 3 Hasha8a0514df479d1abb2b32950f98d90ec c4f82373e50b81a8e31fdb374f5166bf82b8807f a0a93d61d8144053c911ab7e6dc48cca1674c985d09e67a82ee28db206bf11ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-05/bellwright-1248791847.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 48840
last-modified: Sun, 05 May 2024 09:50:16 GMT
etag: "66375658-bec8"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F6cOQBvZ2dbOIvzEJSNSHMdZhfQTbrSfGrKvOpJXNMRJEDyYpLjUqPvDlNRFc1%2FP5TVzombCiHKPkElY44%2FUpSjnCZWS08B5vs3e4HrUO4DS8YOxZb7Z7jFfVal4Nvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddeda3568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-02/manor-lords-7834.jpg | 188.114.96.1 | 200 OK | 37 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-02/manor-lords-7834.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash09c819e68ad8d0c8776f0e1775a23561 9ee3acdaa78dfa7a05ed294ff77ff8a7b6269c5c c66f0535a8f9e8a5b01c913c7ad6bf3d5250e57e02a2737cf1c8cdbe1479f097
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-02/manor-lords-7834.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 36849
last-modified: Sat, 02 Mar 2024 13:27:03 GMT
etag: "65e32927-8ff1"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1DUC%2FaehMuu7mRoTrIR%2ByTxQBFhzqzYQ01H%2BFhMf7yCO1M8%2FCbUnLu6ZxL9S9Q8ovdDO7TlvdttSBSE04PC38HYSXHQRT2WFI%2FRBvaMwMwqnory4eH93rLOQqDt6XU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dded9e568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-02/sker-ritual-4369.jpg | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-02/sker-ritual-4369.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashc2531e578cee9721efe654321c707be4 6e1a0a6b0b4ae646a03e6dab23ddce1dc33dc840 c0bde3dbc37c711ce558e38ccf4d1a4224f4581ceffd253353d52b16377b06bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-02/sker-ritual-4369.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 20561
last-modified: Sat, 02 Mar 2024 13:32:20 GMT
etag: "65e32a64-5051"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jf11%2Fy1S9%2FR88fNF81dsg0AcSlTs1aeEYKni1tm8oOGzBEkEwA7AYl3fD7rKXaZ4j1ifJzQvVOI1bdsM%2FP8%2Fhh9IwbKfOtcr2FAN2wtG5FWu3lBrIxDFa7CfTSfKL%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddeda5568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg | 188.114.96.1 | 200 OK | 55 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash0eccb284fa373b0e38abb036a6ccf8fd accaa1bd7a2e396f512e551e89018f217245a678 caf1fe202893050379dd5f868d222ae31d06279e57f1f2da4d9163347a86f44d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2023-09/eiyuden-chronicle-hundred-heroes-6194.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 54843
last-modified: Mon, 02 Oct 2023 05:34:39 GMT
etag: "651a566f-d63b"
expires: Wed, 05 Jun 2024 15:38:40 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 453723
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EhQ9e9EQWD2NgaxnO9aqY4PyzujCItM4sisXL5aL7W9maY3YDyvyFfOPpn%2BYICw5sIBFa%2FS7Pn5nctiaaxfMQaqr%2BkDZkto2CaFa8kOabPC4S6SFw6PYI0JoMamzn%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddeda2568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2020-07/thumbs/1594168405_1scr-27080892.jpg | 188.114.96.1 | 200 OK | 38 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2020-07/thumbs/1594168405_1scr-27080892.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 490x276, components 3 Hashf11898899d8ce5983306cc22ad4747a8 767af67fa880673c31e9766095379afe14982913 1c941e3a427ae42b2e906d06d3170f93b093c9655710848a65b1fee56ea3048b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2020-07/thumbs/1594168405_1scr-27080892.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 38344
last-modified: Tue, 09 Mar 2021 23:19:07 GMT
etag: "6048026b-95c8"
expires: Sun, 09 Jun 2024 16:19:51 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 105652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FoMIt8cdXrzYHNUH0mSkHoA2hMjgE4Hm7nFM8j9QQ9xezzDFD5UiorZkcPf6nRGrhWasm5pCWoSEeoVWhxpME2bjx4d4IUD4McHnt8sIC5qmceXpfL1UmDfBD%2BSQHms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddeda6568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/close.svg | 188.114.96.1 | 200 OK | 706 B |
URL GET HTTP/3byruthub.org/templates/byrut/images/close.svg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typegzip compressed data, from Unix Hashbba2aa28a0424fedb60b70be5086ceef 0430f2cc3429c3efc4700f34d0a9f421a7728654 d1e1ac80ecb4b3058523ff9aa3e85d2540cfb8c0cc9a1b55d1a3b93b2ab8b4a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/close.svg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Nov 2023 07:08:47 GMT
etag: W/"65473f7f-15e"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 460260
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9WGCEQGlf5gSTK0u8uKqxjMbp%2BvUmggJyOOBsWIn2eDGnwa8TEu3hcsDq87hHtly5PasqCLRZDCqRWEDxj%2BveKebkdfY2aBpHH7qdQkUXyEgRQZQPCxBfHYlAdjmVeE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dc7c4e568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2023-03/another-crabs-treasure.jpg | 188.114.96.1 | 200 OK | 33 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2023-03/another-crabs-treasure.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hash0a03ad2317e77c98d4d8ccb206434f59 a2e5d7083b75d99404566f9709c104a675eab8d6 093cf2ca594819111a0a7ff8ab02ae2979024ac003b5df7ba1b4eab85c2c0a08
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2023-03/another-crabs-treasure.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 33313
last-modified: Sun, 02 Apr 2023 11:55:21 GMT
etag: "64296d29-8221"
expires: Wed, 05 Jun 2024 16:23:30 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 451033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RiHgPKfYO7ERC2vIbgNs6CZI8Dof2hmxW3DwZlLl3nC0chJCKk6yGq1poMXBjbzO0Zw65cwmsyjs3mty0CgApJsIrzoPnawJ4VyjuT4V%2FIu1rFdRkXJlvQKt4B3uJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddeda0568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-02/no-rest-for-the-wicked.jpg | 188.114.96.1 | 200 OK | 33 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-02/no-rest-for-the-wicked.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashd3e485dfc2f379ecdf79558a0a3c60f2 b29b76c6b349fe32cbdff1393c703b7eb7fe031e ee45689f3a370b1e784c352350b607cb129ff932ae99b67c889a9e774fc36147
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-02/no-rest-for-the-wicked.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 32790
last-modified: Sat, 02 Mar 2024 13:28:31 GMT
etag: "65e3297f-8016"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnvI%2BfImj%2BLBHnVBtHkV3xxsADdTHe8n2IT10ko9T3N6OzTfy3gwHznrBLeAyVippUKG3K8rnCGSz%2F%2BWBbBxeBbH1ZSRuc59CmlB01lz3BXmxd1ivEjNLlJNbiRqZms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddeda4568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2020-07/thumbs/1594168407_2scr-6121025393.jpg | 188.114.96.1 | 200 OK | 23 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2020-07/thumbs/1594168407_2scr-6121025393.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 490x276, components 3 Hashf78a4ac047f1c533db28ccc096871481 ec3d2cb623eb048a556d3842149da8dcc9bd916e 7e3c5bc24cc4afcca0b442a5a81a564207b1e870071576430956b3eac5b3bb3b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2020-07/thumbs/1594168407_2scr-6121025393.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 22608
last-modified: Tue, 09 Mar 2021 23:19:07 GMT
etag: "6048026b-5850"
expires: Sun, 09 Jun 2024 16:19:51 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 105652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSvVM5TDXj3OvHr%2BzxcZ8im3F%2FERyrPC3zmw%2FZyOPWFHqQ0Mq9ACYN9yH4k35zTM5KlTiufSEfBKypVyOG%2BAqAZpo7vlha%2B0B9x8qKnM2bdFwm%2B2OoEvh%2BAK8XxkrwM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddeda7568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2020-07/thumbs/1594168385_3scr-726542963.jpg | 188.114.96.1 | 200 OK | 24 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2020-07/thumbs/1594168385_3scr-726542963.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 490x276, components 3 Hashb4977895ae0bc3c0235f7c1695846ce5 05b4e6ea920368a9684c2aacd161c01dd261a434 f557a6beab1620389a6907079f757009a21493064ec61aee4ab46a0fea171053
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2020-07/thumbs/1594168385_3scr-726542963.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 23953
last-modified: Tue, 09 Mar 2021 23:19:07 GMT
etag: "6048026b-5d91"
expires: Sun, 09 Jun 2024 16:19:51 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 105652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2DjhzmJl7g95HIQesEX01%2FT%2FFiMBJUh8AtP0fTSDS49feAD7v08rCnARnUFS%2F%2B3t5t%2Bzir6ALMcR%2FYPqPruLKuaXzWWihF7wyCLr31bMvlmkeNZzO7OgXHKwVQuOgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddeda9568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2020-07/thumbs/1594168377_4scr-7586719212.jpg | 188.114.96.1 | 200 OK | 30 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2020-07/thumbs/1594168377_4scr-7586719212.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 490x276, components 3 Hash795fec61cfe48efa706a1c3724d2c6c8 e23683c39e9950aa3ce0f44fcd12b279d07f261a 4f1110278a2f9a5cf996adf8a2b6a4e22c5c501b4e8661730a29b0e858f2089a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2020-07/thumbs/1594168377_4scr-7586719212.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 29534
last-modified: Tue, 09 Mar 2021 23:19:06 GMT
etag: "6048026a-735e"
expires: Sun, 09 Jun 2024 16:19:51 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 105652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GRHlqN0xaiHBZLyqntAHtSLlLTOIEQNs5NURTKE6TxccJFJQOuZTjK6N7U14Uoe2ew7W35xMV%2FDo%2BrlbZuRFhk8DT9i%2FrbYQTjA2%2BH3AH%2FpnS8uc%2FFsSlcxZzJaVD48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddedab568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2020-07/thumbs/1594168464_5scr-4538754736.jpg | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2020-07/thumbs/1594168464_5scr-4538754736.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 490x276, components 3 Hashd623eb838702ae27a30b6faed62ab85c d0fc44e2a6c29f6a1c2ae51b56ac09e7ebb85430 685ef1c686303607065c036fd534a47bb14eecd8e380e548c4268a1a0dedd4ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2020-07/thumbs/1594168464_5scr-4538754736.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 28479
last-modified: Tue, 09 Mar 2021 23:19:07 GMT
etag: "6048026b-6f3f"
expires: Sun, 09 Jun 2024 16:19:51 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 105652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZeRL0rMmdzQqCw990uvvFnWXP7lBJWB8ozkOjo0iq91y7yEvy%2BNW5sxq3eSyUy%2FyIM044axHEDmMWdUrvJF7j8ly8uTwEeXHIz9SwLg0qwZD15abAPydF8TRVqLKmaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddedac568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2020-07/thumbs/1594168429_6scr-13301397.jpg | 188.114.96.1 | 200 OK | 24 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2020-07/thumbs/1594168429_6scr-13301397.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 490x276, components 3 Hashd4dd9d1d2b3fe490f8775f5b6b2bdc73 b6056131446132a0bbc937c80cdbcebe29c3b94c 9e395019864d07f9bfc4dd2975ea8303e37897243c166ab0b0b5370f0af84f4d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2020-07/thumbs/1594168429_6scr-13301397.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 24353
last-modified: Tue, 09 Mar 2021 23:19:07 GMT
etag: "6048026b-5f21"
expires: Fri, 07 Jun 2024 18:25:46 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 270897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhRik7TQsLvOkI33x3aY2Lgw9MwnuCVARPbWAXl63lkSyRYJALAaN%2FmIEOzfuodhnQ09QVzu%2BHm1NH5umq%2B9g3%2FI5oF%2FoJ%2Bgfamg3i1W0GhnIVATXMPXtwOQRQ1cDmA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddedad568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2022-12/thumbs/milfs-of-sunville.jpg | 188.114.96.1 | 200 OK | 5.0 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2022-12/thumbs/milfs-of-sunville.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x124, components 3 Hash1c3c4049013fb56a122a2c5821e8abc4 22c2505a61acac9e97c27913d598039ee36509e3 5edc0e086c0839f15d2b9e428842176e9916a7594619f84449b40ead0fbdd60a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2022-12/thumbs/milfs-of-sunville.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 5023
last-modified: Tue, 31 Jan 2023 15:32:43 GMT
etag: "63d9349b-139f"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 22047
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=giIgeKn9qa1A0HbyRajI4E0TNk%2FtAQ2OL1arRsinHBJFhhaXYoZTgE8d%2BqF3SDBkyYxhCN8Er9y3o3232sISerkhTsUVjuJBqsIy8at5fxpQBhPVBJ9sQtRyCg0af20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddedae568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-03/thumbs/breeze-of-passion.jpg | 188.114.96.1 | 200 OK | 5.1 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-03/thumbs/breeze-of-passion.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3 Hash3585f57e8c17e450a15ebad65b009f1c cc79f719950d1a556f8bf52d43362956fe153657 791d315eb5113fb46979cd970387855bf3f8df0e8176594525c0212270e8ba6f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-03/thumbs/breeze-of-passion.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 5128
last-modified: Fri, 05 Apr 2024 03:44:57 GMT
etag: "660f73b9-1408"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 22047
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwQ5vvfxdhKSyri79rEBTR10qZa%2F9d7%2B8watUshvBZGZdY63OPvIrBqeEczImnwHhDWgKeGX0kXSUuLXOGm5rZetEeYbADqdU6h1KFz%2Fweb4ApuOP8etdFNmAgVS7FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddedaf568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2022-05/thumbs/a-struggle-with-sin-poster.jpg | 188.114.96.1 | 200 OK | 6.3 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2022-05/thumbs/a-struggle-with-sin-poster.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3 Hash7253edeac528bfba0d5b7eeea6a16091 fd4b898e1f7d1fb634650dc35247c77bb9fa9a1e f07dab026f170cb054478490728a0aed587e01c8882b7c339cd494eda048217c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2022-05/thumbs/a-struggle-with-sin-poster.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 6273
last-modified: Mon, 22 Jan 2024 12:02:29 GMT
etag: "65ae5955-1881"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 22047
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMUIj42pPLDVJoe20Go%2BmtgM8zi3Y6nymMYn46bfle0yIEEGcrqc15knG8fWMqt7%2FekIbLXqGyo6HWfXjFQDRArHxOAoM5Z5L6kMjx1N8GSpPzWmvDZxF7hb87c5OXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddedb0568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2023-02/thumbs/summer-story.jpg | 188.114.96.1 | 200 OK | 5.0 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2023-02/thumbs/summer-story.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3 Hash710d4064f747d282cf60c2d27c4a9b5f d0d9e0595710b22cd72defddccd48fc89c107c3d b03a5e7b2ba8891ca0414d0c447a0595025389ffeb36c61dfcf8c4d4f686e17d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2023-02/thumbs/summer-story.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 4980
last-modified: Tue, 23 Jan 2024 02:13:23 GMT
etag: "65af20c3-1374"
expires: Mon, 10 Jun 2024 15:33:16 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 22047
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syqpwxB%2F2fqwMxlNYOx5KIi8SnZhmZpf3h1%2Bcm478GWgoFSChrtsAYrYN9U6PpGrQtiD31f%2FbGaTVk6kKXksOtl%2FDb1KCBlH0M9ff7H5LQSqYoa6UXNWyom39iZmd%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddedb1568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2023-02/thumbs/refuge-of-embers.jpg | 188.114.96.1 | 200 OK | 5.9 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2023-02/thumbs/refuge-of-embers.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 98x147, components 3 Hash2823e2e272b4643eb386a910729e9445 a9db785f6afe3ea6e913a165cfc290b692e21728 1741fb0c2434e62ca016c8d6d80a4feedf261222e9028cd101cb2b7c821ae363
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2023-02/thumbs/refuge-of-embers.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 5899
last-modified: Tue, 23 Jan 2024 02:12:20 GMT
etag: "65af2084-170b"
expires: Mon, 10 Jun 2024 14:33:12 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 25651
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b2HZLZ4xqzhEEd7lGXtizLVrvdKNdv6Dg3QV%2Bsud7k6PehTpOazHvmVImb2iuqNnBoQTuDsDiMS54F1PNa8RipY0X%2FPLIZW4nH1xs3XqtYGmDJibKBslbDWmI1c2FNc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16ddedb2568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:08:19 GMT
expires: Sat, 10 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
age: 55944
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.99:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:11 GMT
expires: Fri, 09 May 2025 01:49:11 GMT
cache-control: public, max-age=31536000
age: 157892
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| byruthub.org/templates/byrut/css/webfonts/fa-solid-900.woff2 | 188.114.96.1 | 200 OK | 328 kB |
URL GET HTTP/3byruthub.org/templates/byrut/css/webfonts/fa-solid-900.woff2 IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 328480, version 769.256 Size328 kB (328480 bytes) Hash988a9731afe6bb99003283038799f4d3 e62b834496e8808e09d69b157dd8d30767ab281d 86f3981f7218b89863ef8f6308268144f450b3b4ccc8da51139e01fc791bd685
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/css/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: application/octet-stream
content-length: 328480
last-modified: Sun, 05 Nov 2023 07:09:50 GMT
etag: "65473fbe-50320"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhqfE%2BFajN%2Bev6o8Y1cgw3l%2FDEkZ8E7KKWvOwBVnQ2qg8wo06Vrad3OKA1e4maUG%2FTyulm08bYrviDaxzQHVafydaAJUrkMNWTZY4ve%2BaddUybpzWYOlubxXI7uLrvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16de9e56568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 | 142.250.74.99 | 200 OK | 9.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 IP142.250.74.99:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9628, version 1.0 Hashd9ac47c7e500fb7083b8d595eaf6fe12 112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:08:19 GMT
expires: Sat, 10 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
age: 55944
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 | 142.250.74.99 | 200 OK | 9.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 IP142.250.74.99:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9644, version 1.0 Hash6f112ec2b932ee12379442c42853244e b2e73c8c70d6261e1d187f41693c43ac4fe0809d 6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:21 GMT
expires: Fri, 09 May 2025 01:49:21 GMT
cache-control: public, max-age=31536000
age: 157882
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 | 142.250.74.99 | 200 OK | 9.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 IP142.250.74.99:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9840, version 1.0 Hash7b08b9e11fc6b8a8a1398b357e874144 4b5fb5790fae1c96655aaa7a426b697f5ab986d0 3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:12 GMT
expires: Fri, 09 May 2025 01:49:12 GMT
cache-control: public, max-age=31536000
age: 157891
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| byruthub.org/templates/byrut/css/webfonts/fa-regular-400.woff2 | 188.114.96.1 | 200 OK | 389 kB |
URL GET HTTP/3byruthub.org/templates/byrut/css/webfonts/fa-regular-400.woff2 IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 388876, version 769.256 Size389 kB (388876 bytes) Hash7289c4ce3f03d1e25a23aec2f1ca1989 63bee62a49b1e129dd410a7804c36f600e45e9ef 13ddcd2880dbcccbf67a22e8f8dc4d48a0ec5891553bb99141eb4923528f3901
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/css/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: application/octet-stream
content-length: 388876
last-modified: Sun, 05 Nov 2023 07:09:40 GMT
etag: "65473fb4-5ef0c"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5sAq4yMdMuo%2B6jtrasroVZea%2FtRLKW%2FYat3GL30VhC9A4TYyEoxlux67BQSVQeGdasgZ58vp9MLHZKCZp1HBPVEDxM3z4FerrPVXwKj8nc8T5irJ8WlaVIlEMV1JZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16de9e57568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.99:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:46:32 GMT
expires: Wed, 07 May 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 298451
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| byruthub.org/templates/byrut/css/webfonts/fa-brands-400.woff2 | 188.114.96.1 | 200 OK | 106 kB |
URL GET HTTP/3byruthub.org/templates/byrut/css/webfonts/fa-brands-400.woff2 IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 105796, version 769.256 Size106 kB (105796 bytes) Hash4dea63c16bf81f5c579f8d4f8ba040b5 132096157a1bd06ee90d0e099b30858e55f44a2f 5d878915657ccc71bc447db9d8a48ef33ffaf36b0c5d94aaa784caa779e1c8e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/css/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: application/octet-stream
content-length: 105796
last-modified: Sun, 05 Nov 2023 07:09:53 GMT
etag: "65473fc1-19d44"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZo3VcaQk5I6c%2By9zITyt2b%2BQoT%2FOhY7jEROEbQpWh6bfI09BjF9VAtmcpTJsBsH58O91HF572irZMn%2FW0gABkzdKWyBmp2yRQ7TGZIcrglmUBglBNQ9ZX5OpTLA5T8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16deee99568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/css/webfonts/fa-light-300.woff2 | 188.114.96.1 | 200 OK | 424 kB |
URL GET HTTP/3byruthub.org/templates/byrut/css/webfonts/fa-light-300.woff2 IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 423780, version 769.256 Size424 kB (423780 bytes) Hash288cd41746be38a75c591812b9f623d5 43e3f3b70a4a803054641c8d946b46978dfcbc23 c3691090231fdc9199d216264abb4ad09aeebe9968fe942fa22fb6881248190c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/css/webfonts/fa-light-300.woff2 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/engine/classes/min/index.php?f=/templates/byrut/css/webfonts/all.css,/templates/byrut/css/engine.css,/templates/byrut/css/fresco.css&v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: application/octet-stream
content-length: 423780
last-modified: Sun, 05 Nov 2023 07:09:54 GMT
etag: "65473fc2-67764"
expires: Wed, 05 Jun 2024 13:50:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRq5xunxFucZQqNPocoKOa59PatCCjBKKCirE%2FxPV6CRitSDeMx54rKCF%2B7P3wQ6yUUs5qk53GugYwZBNtbHjRg4%2BuMiN4r6qyxofSKSAciaJqhjYSURWohI2%2FnDBas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16deee96568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js | 151.101.193.229 | 200 OK | 94 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js IP151.101.193.229:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (563) Hashe7f9fbd21ab7cc5c330233c9f5ff418e c482cc1072e7188fb2d3ba257854a618983dc453 de8e0ef9f88a849fa060e988763e2ef944edbe764e3898d03dec776b1dd9a9dd
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.325.0
x-jsd-version-type: version
etag: W/"37afa-xILMEHLnGI+y07oleFSmGJg9xFM"
content-encoding: br
accept-ranges: bytes
date: Fri, 10 May 2024 21:40:44 GMT
age: 7242
x-served-by: cache-fra-eddf8230100-FRA, cache-hel1410033-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 93487
X-Firefox-Spdy: h2
|
|
| cdn.akamai.steamstatic.com/steam/apps/256758892/microtrailer.webm | 95.101.11.40 | 206 Partial Content | 7.8 MB |
URL GET HTTP/1.1cdn.akamai.steamstatic.com/steam/apps/256758892/microtrailer.webm IP95.101.11.40:443 ASN#20940 Akamai International B.V.
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
Size7.8 MB (7752531 bytes) Hashdfd19bdab7a46e46d262eb8194ba9cf7 a1d8bfe798af236b3455e887315fbf6a5d80faaa 29ba6b51116a2f41cb07ce0d13b14ff3ba23dae18bfcf5e78c12a3f0be8996b3
GET /steam/apps/256758892/microtrailer.webm HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx
Content-Type: video/webm
Last-Modified: Mon, 12 Aug 2019 20:45:07 GMT
ETag: "5d51cfd3-764b53"
Accept-Ranges: bytes
Date: Fri, 10 May 2024 21:40:43 GMT
Content-Range: bytes 0-7752530/7752531
Content-Length: 7752531
Connection: keep-alive
|
|
| byruthub.org/favicon-120x120.png | 188.114.96.1 | 200 OK | 8.0 kB |
URL GET HTTP/3byruthub.org/favicon-120x120.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 120 x 120, 8-bit colormap, non-interlaced Hash58dab9c132a665c4f525eda08ac2b478 5cb0348bb7c1ab453de686e650116d103c2ded46 b8a881fcaf7e4f0855fd5ee5d398d431ff1fb3fcb2744f556493f29953ad8e5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon-120x120.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6; _ga_QX7E7T8PJ1=GS1.1.1715377244.1.0.1715377244.0.0.0; _ga=GA1.1.2022868474.1715377244
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:44 GMT
content-type: image/png
content-length: 7960
last-modified: Sun, 14 Jan 2024 16:18:21 GMT
etag: "65a4094d-1f18"
expires: Wed, 05 Jun 2024 13:49:49 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2l5RGJCmuuFnTpFiS%2Fw7H1PlXtFJs%2B0DF5U1qPcwiuBn%2FhZaSU4049Gj6fj7e4JC0twnVS6JuenLeD16JkJwAZVA9M2tb5ArU7NsYf1oDhDEHMlxljlX08RSEkhtj4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16e4ec63568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/favicon-120x120.png | 188.114.96.1 | 200 OK | 8.0 kB |
URL GET HTTP/3byruthub.org/favicon-120x120.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 120 x 120, 8-bit colormap, non-interlaced Hash58dab9c132a665c4f525eda08ac2b478 5cb0348bb7c1ab453de686e650116d103c2ded46 b8a881fcaf7e4f0855fd5ee5d398d431ff1fb3fcb2744f556493f29953ad8e5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon-120x120.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6; _ga_QX7E7T8PJ1=GS1.1.1715377244.1.0.1715377244.0.0.0; _ga=GA1.1.2022868474.1715377244
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:44 GMT
content-type: image/png
content-length: 7960
last-modified: Sun, 14 Jan 2024 16:18:21 GMT
etag: "65a4094d-1f18"
expires: Wed, 05 Jun 2024 13:49:49 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIwlJT8KkPrV0ASwo2WJbAw2YoHFAGy%2F5p4WPRyfo5ZIB5eEhtDjTKAGdPBr051KQJbREHSFN1E5lWnSJt8lltodTfOBD8JDmPL37xOqvTd3Mcxb3zZGE%2F5UyDF%2BZ1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16e4ec64568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:44 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 881d16e4eaae569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ufiler-pro2.ru/tools/js/appUbarButton.js.php | 188.42.196.22 | 200 OK | 15 kB |
URL GET HTTP/2ufiler-pro2.ru/tools/js/appUbarButton.js.php IP188.42.196.22:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subject*.ufiler-pro2.ru Fingerprint0D:9E:0D:BA:C1:69:8F:89:42:BA:D7:B5:C8:0E:40:8D:68:E9:43:97 ValidityWed, 21 Feb 2024 09:15:47 GMT - Tue, 21 May 2024 09:15:46 GMT
Hash7e51e72faa51a80e56851b0f87b63f81 bf117642527c7cc211d86cad966fb81c002b3676 bcd4a279a3e9533a0f6d8dffeaa9044a782134dc7b42073c7f7a05dfca2b055c
GET /tools/js/appUbarButton.js.php HTTP/1.1
Host: ufiler-pro2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 21:40:44 GMT
content-type: text/javascript;charset=UTF-8
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F8077-no-time-to-relax.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1391658519965%3Ahid%3A312273469%3Az%3A0%3Ai%3A20240510214044%3Aet%3A1715377245%3Ac%3A1%3Arn%3A977984855%3Arqn%3A1%3Au%3A171537724583009627%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1163%3Awv%3A2%3Ads%3A1%2C35%2C157%2C7%2C22%2C0%2C%2C1172%2C50%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Ans%3A1715377242405%3Agi%3AR0ExLjEuMjAyMjg2ODQ3NC4xNzE1Mzc3MjQ0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715377246%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20No%20Time%20to%20Relax%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1) | 87.250.250.119 | 302 Found | 465 B |
URL GET HTTP/2mc.webvisor.org/watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F8077-no-time-to-relax.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1391658519965%3Ahid%3A312273469%3Az%3A0%3Ai%3A20240510214044%3Aet%3A1715377245%3Ac%3A1%3Arn%3A977984855%3Arqn%3A1%3Au%3A171537724583009627%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1163%3Awv%3A2%3Ads%3A1%2C35%2C157%2C7%2C22%2C0%2C%2C1172%2C50%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Ans%3A1715377242405%3Agi%3AR0ExLjEuMjAyMjg2ODQ3NC4xNzE1Mzc3MjQ0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715377246%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20No%20Time%20to%20Relax%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1) IP87.250.250.119:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
Hash8886b00fb1fff1c7a8ef85b973e388ad 01c9d3b8e9429eb72d8e8b5f09fa1cf1a67bbc48 2eec8c6be6cc7aabd2032438cb70c5c6a64fc2715e833d92fd3ee565e9984284
GET /watch/97198497?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F8077-no-time-to-relax.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1391658519965%3Ahid%3A312273469%3Az%3A0%3Ai%3A20240510214044%3Aet%3A1715377245%3Ac%3A1%3Arn%3A977984855%3Arqn%3A1%3Au%3A171537724583009627%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1163%3Awv%3A2%3Ads%3A1%2C35%2C157%2C7%2C22%2C0%2C%2C1172%2C50%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Ans%3A1715377242405%3Agi%3AR0ExLjEuMjAyMjg2ODQ3NC4xNzE1Mzc3MjQ0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715377246%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20No%20Time%20to%20Relax%20(%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F)%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://byruthub.org/
Origin: https://byruthub.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: /watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F8077-no-time-to-relax.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1391658519965%3Ahid%3A312273469%3Az%3A0%3Ai%3A20240510214044%3Aet%3A1715377245%3Ac%3A1%3Arn%3A977984855%3Arqn%3A1%3Au%3A171537724583009627%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1163%3Awv%3A2%3Ads%3A1%2C35%2C157%2C7%2C22%2C0%2C%2C1172%2C50%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Ans%3A1715377242405%3Agi%3AR0ExLjEuMjAyMjg2ODQ3NC4xNzE1Mzc3MjQ0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715377246%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20No%20Time%20to%20Relax%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1
date: Fri, 10 May 2024 21:40:46 GMT
access-control-allow-origin: https://byruthub.org
set-cookie: yabs-sid=856752141715377246; Path=/; SameSite=None; Secure
i=XXODcM3vbyg/oypG67vRxJluWMESmKjDiyrRppdRr7WBMZFckixZXvMNgQtAoPFyMW7xuRtXhhGSMQ44XDM9Z8M8cOc=; Expires=Mon, 08-May-2034 21:40:21 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2603804881715377246; Expires=Mon, 08-May-2034 21:40:21 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=2603804881715377246; Expires=Sat, 10-May-2025 21:40:46 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1746913246.yrts.1715377246#1746913246.yrtsi.1715377246; Expires=Sat, 10-May-2025 21:40:46 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 21:40:46 GMT
last-modified: Fri, 10-May-2024 21:40:46 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881d16e16f56569b/1715377246472/VPso2E1_XNE5gsG | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881d16e16f56569b/1715377246472/VPso2E1_XNE5gsG IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 65 x 40, 8-bit/color RGB, non-interlaced Hashf26aa6499616eef9c1835437830ab1aa 15832d796f87a4029cd457b02bd3882e50bc4fcf 92f424f37b9a233bf39cf69b6bcfe46f027627ee9c579627d84193332d9e65f2
GET /cdn-cgi/challenge-platform/h/g/i/881d16e16f56569b/1715377246472/VPso2E1_XNE5gsG HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:47 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 881d16f27faf569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881d16e16f56569b/1715377246474/98bb6852c1ad187b4b7d31075c6d82b1251c27a70a1daedd4223d72ef3dc33ea/xQejLqU_vKx0uyl | 104.17.2.184 | 401 Unauthorized | 1 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/881d16e16f56569b/1715377246474/98bb6852c1ad187b4b7d31075c6d82b1251c27a70a1daedd4223d72ef3dc33ea/xQejLqU_vKx0uyl IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/881d16e16f56569b/1715377246474/98bb6852c1ad187b4b7d31075c6d82b1251c27a70a1daedd4223d72ef3dc33ea/xQejLqU_vKx0uyl HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Fri, 10 May 2024 21:40:47 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gmLtoUsGtGHtLfTEHXG2CsSUcJ6cKHa7dQiPXLvPcM-oAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIJi7aFLBrRh7S30xB1xtgrElHCenCh2u3UIj1y7z3DPqABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 881d16f7bb9a569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881d16e16f56569b | 104.17.2.184 | 200 OK | 441 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881d16e16f56569b IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size441 kB (440616 bytes) Hash5fb394a4936ea674af82f60fbdc3321c 75ef987d29bf6ce50832fcdf9402b68cb72bcaab f224160eae071edadfc2928ca75ac2951bf1c76c93444c885c26c6eea49d8318
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881d16e16f56569b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:44 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 881d16e4eab0569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/uploads/posts/2024-02/king-arthur-legion-ix.jpg | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/3byruthub.org/uploads/posts/2024-02/king-arthur-legion-ix.jpg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3 Hashbabd079ec05ba8a83a46827e25141caf 4fdf978cef2ff27eb80bcaa151a0925c365c4b7c eeda74a472a1d5919be5f1b5265f8b50dd597f3663d0c28e0deb7cbdcb3f11b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/posts/2024-02/king-arthur-legion-ix.jpg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/jpeg
content-length: 28337
last-modified: Sat, 02 Mar 2024 13:26:02 GMT
etag: "65e328ea-6eb1"
expires: Wed, 05 Jun 2024 14:41:52 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 457131
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Id9IxSR3QWeY4EyN7vJfKzE8zs13MD8Q5wIBOvBJianybgmljQuEb4TNENz0QdFk%2Fl32ziJEIAH3iceZuZnMghAeC06K%2FtY8IvaFfh3RKke4lZZfPFyZnoZPDR1Wv%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dd7d2c568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/updnews.png | 188.114.96.1 | 200 OK | 2.3 kB |
URL GET HTTP/3byruthub.org/templates/byrut/images/updnews.png IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typePNG image data, 64 x 69, 8-bit colormap, non-interlaced Hashc5328ae64b721c1e828ddb36a8810404 50ca3d753ce43d6859d90e6cbab2cd6f6e9507a1 a66e1a3d8b6ac9aa6c3cb0f12523e152ec26bdad81521d2d37e836532ae34ddf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/updnews.png HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/png
content-length: 2304
last-modified: Sun, 05 Nov 2023 07:08:50 GMT
etag: "65473f82-900"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZmkI4p%2BdJC1lgCkwAJFRy%2BTZ3jOUNCShm%2FhqR9zgChlLBDF4hE5pnAcgBfLHyfH5JnnE2HbpBCUM2%2Bp7UkAQysEDZe8qH%2Bb7ZUw86UaUTvMWzgz%2F9PcQAm%2BhgtmOok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dc8c5d568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/templates/byrut/images/night.svg | 188.114.96.1 | 200 OK | 955 B |
URL GET HTTP/3byruthub.org/templates/byrut/images/night.svg IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeSVG Scalable Vector Graphics image Hash11a004733cdc59ef8503bf800dcf29ff 241665f3defcad3a5aab12fdc76f5877da511907 c8b1f29433a168187adbf562e653519398d39f613e5aa2ab5e61bbc43a9e1add
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/byrut/images/night.svg HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/templates/byrut/css/styles.css?v=b4x9n
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:43 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Nov 2023 07:08:51 GMT
etag: W/"65473f83-3bb"
expires: Wed, 05 Jun 2024 13:49:43 GMT
cache-control: max-age=16070400
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
age: 460260
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8tMdx%2BExo%2BjBHgVm0O8S%2Bjh2885MUZgD%2F3maNmcIO9MunsY9ceVLTG7Kppg1SAEmzuU%2Bdfy8bqblCoMTd%2BooYGOGCCFbNh6QBAi%2BTIncYayz3b6j0DYGb%2F6xy2oghIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16dc7c57568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/8077-no-time-to-relax.html | 188.114.96.1 | 200 OK | 141 kB |
URL User Request GET HTTP/2byruthub.org/8077-no-time-to-relax.html IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
Size141 kB (140894 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /8077-no-time-to-relax.html HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 21:40:42 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.1.19
set-cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FP9QWldZQ6ETR%2FSjk9gCjSguoV%2BLTNKLRT6vCGwzlx4CKI6lgzHA6H9v4PCtteY1ZodwKJVNlyXFILIZb3Bw0ulGQb3KUw6dEL1xXj0kobtCN7VrkjFfPn%2BLViptH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d16d56dadb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F8077-no-time-to-relax.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1391658519965%3Ahid%3A312273469%3Az%3A0%3Ai%3A20240510214044%3Aet%3A1715377245%3Ac%3A1%3Arn%3A977984855%3Arqn%3A1%3Au%3A171537724583009627%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1163%3Awv%3A2%3Ads%3A1%2C35%2C157%2C7%2C22%2C0%2C%2C1172%2C50%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Ans%3A1715377242405%3Agi%3AR0ExLjEuMjAyMjg2ODQ3NC4xNzE1Mzc3MjQ0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715377246%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20No%20Time%20to%20Relax%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1 | 87.250.250.119 | 200 OK | 465 B |
URL GET HTTP/2mc.webvisor.org/watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F8077-no-time-to-relax.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1391658519965%3Ahid%3A312273469%3Az%3A0%3Ai%3A20240510214044%3Aet%3A1715377245%3Ac%3A1%3Arn%3A977984855%3Arqn%3A1%3Au%3A171537724583009627%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1163%3Awv%3A2%3Ads%3A1%2C35%2C157%2C7%2C22%2C0%2C%2C1172%2C50%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Ans%3A1715377242405%3Agi%3AR0ExLjEuMjAyMjg2ODQ3NC4xNzE1Mzc3MjQ0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715377246%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20No%20Time%20to%20Relax%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1 IP87.250.250.119:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (521), with no line terminators Hash6c50079f7658fd7d978175d2a2f47126 07e675b42e9b93f9b4fa79b98b1c22875d8d1d6a 455de985e91530d8dd0d0c243bdca650c8fdd94b8ba086cc32f8ef0fc6f08e64
GET /watch/97198497/1?wmode=7&page-url=https%3A%2F%2Fbyruthub.org%2F8077-no-time-to-relax.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rsio13bs7ybmeyix27%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1391658519965%3Ahid%3A312273469%3Az%3A0%3Ai%3A20240510214044%3Aet%3A1715377245%3Ac%3A1%3Arn%3A977984855%3Arqn%3A1%3Au%3A171537724583009627%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1163%3Awv%3A2%3Ads%3A1%2C35%2C157%2C7%2C22%2C0%2C%2C1172%2C50%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Ans%3A1715377242405%3Agi%3AR0ExLjEuMjAyMjg2ODQ3NC4xNzE1Mzc3MjQ0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715377246%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20No%20Time%20to%20Relax%20%28%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F%29%20%D0%BD%D0%B0%20%D0%9F%D0%9A%20%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29fip%281%29ti%281%29&redirnss=1 HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://byruthub.org
Referer: https://byruthub.org/
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=856752141715377246; i=XXODcM3vbyg/oypG67vRxJluWMESmKjDiyrRppdRr7WBMZFckixZXvMNgQtAoPFyMW7xuRtXhhGSMQ44XDM9Z8M8cOc=; yandexuid=2603804881715377246; yuidss=2603804881715377246; ymex=1746913246.yrts.1715377246#1746913246.yrtsi.1715377246
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 465
date: Fri, 10 May 2024 21:40:46 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://byruthub.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 10-May-2024 21:40:46 GMT
last-modified: Fri, 10-May-2024 21:40:46 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal | 104.17.2.184 | 200 OK | 79 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal IP104.17.2.184:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (42150) Hash91abf5df7a063e49236973bf9acff035 b4dadc24b43b4f1adcaf337073d70574be20f32a 0f9461e7981ef5beb4f3bef72484f6ebe4a96cba1355dde456e59d184a108a58
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:44 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
origin-agent-cluster: ?1
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
document-policy: js-profiling
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
server: cloudflare
cf-ray: 881d16e16f56569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/34004739:1715375556:il5vj4TGq5xowkRJA95D8viXt8ESSTk-tkPvyTv14Fw/881d16e16f56569b/f705e1e8dd1eff2 | 104.17.2.184 | 200 OK | 117 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/34004739:1715375556:il5vj4TGq5xowkRJA95D8viXt8ESSTk-tkPvyTv14Fw/881d16e16f56569b/f705e1e8dd1eff2 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size117 kB (117308 bytes) Hash799bb978c32b37e892625bd49ec3497c ee9b4b377256056a8957aadf325bed2979dc6725 435a8dfddbea702b1d71f82f99826c0d57ca932efa4dc86c314663c8f8311879
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/34004739:1715375556:il5vj4TGq5xowkRJA95D8viXt8ESSTk-tkPvyTv14Fw/881d16e16f56569b/f705e1e8dd1eff2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: f705e1e8dd1eff2
Content-Length: 2533
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:46 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 0/Es0KzLgsIieGq0rZZALNL1lbQxHZSquXeG1+EV5jI8NF3+bORCDjYmBjNki+AftpYLg902kBQ1CMj/nlubiaB/vouiWHC+21Xk2YMvhuBmWZCFVcoqPOtn0X8qB18ALT60Q6XzlPvgO0YTPFZ/gs9oU0TEXW1N8yQSXDlGtzgYYQRObVAGtKMOZzPmjmdHXOBFOH9PpaJVUvAL2CS3uwYLE/WJA+vQ3LVGl+X77KJ1y6SjovSdpncyB4BifczNirB9cURUkublm1+7J/HGlIzLtFEzB7v4EsYD/Nd7iB96o6o0OdnhRgCukzPOZEEqpAxR51olZBKL3nnW3nwZ2tBlgVtkD8b6uVzTRoP1CNUPJnYocU+WvmJ5FHs93nG7fsL/YwNhoJJ+3SkdA5fmLObbLdL6ua4CWzWMDnz3q2NeDIGdASsne+6vQ0VQRwEF7XmLKqlBE3dkIAP9cFvuRuwA0ZgU078xDR7wlJF52Xs=$Mxund9MLf+URn9jXcM0jGw==
server: cloudflare
cf-ray: 881d16ee5c11569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| byruthub.org/engine/ajax/controller.php?mod=adminfunction&id=8077&action=newsread&user_hash=65868c5854f682a3613f4ea5a9a095bd4dc4b5d4 | 188.114.96.1 | 200 OK | 5 B |
URL GET HTTP/3byruthub.org/engine/ajax/controller.php?mod=adminfunction&id=8077&action=newsread&user_hash=65868c5854f682a3613f4ea5a9a095bd4dc4b5d4 IP188.114.96.1:443
Requested byhttps://byruthub.org/8077-no-time-to-relax.html CertificateIssuerLet's Encrypt Subjectbyruthub.org Fingerprint17:94:F1:AA:67:00:6D:D6:5E:14:0A:63:8E:AF:5B:38:A2:2D:F1:E9 ValiditySat, 04 May 2024 11:11:46 GMT - Fri, 02 Aug 2024 11:11:45 GMT
File typeASCII text, with no line terminators Hashcb5e100e5a9a3e7f6d1fd97512215282 11f9578d05e6f7bb58a3cdd00107e9f4e3882671 ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /engine/ajax/controller.php?mod=adminfunction&id=8077&action=newsread&user_hash=65868c5854f682a3613f4ea5a9a095bd4dc4b5d4 HTTP/1.1
Host: byruthub.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://byruthub.org/8077-no-time-to-relax.html
Cookie: PHPSESSID=a68fe56d86866f2781cdb9eae7b8a1e6; _ga_QX7E7T8PJ1=GS1.1.1715377244.1.0.1715377244.0.0.0; _ga=GA1.1.2022868474.1715377244; _ym_uid=171537724583009627; _ym_d=1715377245; _ym_isad=1; _ym_hostIndex=0-1%2C1-0; _ym_visorc=b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:49 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.1.19
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06jtY84OWHL5cE%2Fry0rCoBFD89e0y1W9TvFdt%2B7rGmPBPV0%2FssvRpgkaU7vJeqW5jtVlW18wWfglA4aCvbhEg4muYfVbKLOW%2BbCwPMpkW9pxwCMf%2BAQJfGRB6%2BVmXw0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881d1701c811568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/34004739:1715375556:il5vj4TGq5xowkRJA95D8viXt8ESSTk-tkPvyTv14Fw/881d16e16f56569b/f705e1e8dd1eff2 | 104.17.2.184 | 200 OK | 22 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/34004739:1715375556:il5vj4TGq5xowkRJA95D8viXt8ESSTk-tkPvyTv14Fw/881d16e16f56569b/f705e1e8dd1eff2 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22364), with no line terminators Hasha4163f0f822f16bc36fcb620a124e0f7 ef3dfb4ef8bfb5f287bcc4ad03fa2d3860edab40 39083b9f9047bd10760ebe4a090b2e356c682befa14b802ba18ca7c08755b813
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/34004739:1715375556:il5vj4TGq5xowkRJA95D8viXt8ESSTk-tkPvyTv14Fw/881d16e16f56569b/f705e1e8dd1eff2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/djoma/0x4AAAAAAAIAdvL2AkEvutnv/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: f705e1e8dd1eff2
Content-Length: 27720
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:40:48 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: wOzXcVeWVfb5ygyuMDHl8GktS2ejdGsaIMhxFWZxJ0z5/g1HrvCt3mkDrC7Nue/4$EAMJpS10SuGD5VcNRlq+CQ==
server: cloudflare
cf-ray: 881d16fdc960569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|