Report - darkbrotherhood.my1.ru/photo/

Report Overview

Submitted URL
darkbrotherhood.my1.ru/photo/
IP
193.109.246.7
ASN
#204343 Compubyte Limited
Submitted
2023-05-24 20:52:25
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s10.ucoz.net	unknown	2005-08-27	2014-02-18	2023-05-23	1.8 kB	8.4 kB	193.109.246.7
iritual.ru	unknown	2011-10-11	2016-03-04	2023-05-03	387 B	25 kB	104.26.7.115
themes.googleusercontent.com	9661	2008-11-17	2012-05-24	2023-05-24	541 B	61 kB	142.250.74.97
zcode12.me	unknown	2022-11-14	2022-11-14	2023-05-23	422 B	24 kB	185.177.93.30
s42.radikal.ru	unknown	2002-09-01	2012-05-30	2021-12-07	408 B	0 B	0.0.0.0
www.google.com	7	1997-09-15	2015-05-10	2023-05-23	454 B	1.1 kB	142.250.74.4
darksanctuary.ucoz.ru	unknown	2005-08-20	2013-01-30	2015-04-15	395 B	5.1 kB	213.174.157.151
tes5.ucoz.net	unknown	2005-08-27	2012-10-08	2016-03-21	386 B	8.7 kB	213.174.157.152
img12.imageshost.ru	unknown	2007-04-06	2012-10-19	2022-08-11	434 B	623 B	172.67.145.16
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-24	496 B	172 kB	142.250.74.35
rot.spotsniper.ru	unknown	2013-04-03	2017-01-30	2023-05-23	412 B	360 B	31.172.81.159
darkbrotherhood.my1.ru	unknown	2006-03-08	2013-01-29	2023-05-02	28 kB	434 kB	193.109.246.7

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-24	medium	darkbrotherhood.my1.ru/photo/
2023-05-24	medium	darkbrotherhood.my1.ru/.s/src/uwnd.min.js
2023-05-24	medium	darkbrotherhood.my1.ru/.s/src/ulightbox/ulightbox.min.js
2023-05-24	medium	darkbrotherhood.my1.ru/.s/src/photopage.min.js
2023-05-24	medium	darkbrotherhood.my1.ru/.s/src/jquery-1.12.4.min.js
2023-05-24	medium	darkbrotherhood.my1.ru/_ph/2/1/95734783.jpg?1684961527
2023-05-24	medium	darkbrotherhood.my1.ru/mchat/
2023-05-24	medium	darkbrotherhood.my1.ru/.s/img/icon/social/vk.svg
2023-05-24	medium	darkbrotherhood.my1.ru/.s/img/icon/social/u.svg
2023-05-24	medium	darkbrotherhood.my1.ru/.s/img/icon/social/fb.svg
2023-05-24	medium	darkbrotherhood.my1.ru/.s/img/icon/social/ya.svg
2023-05-24	medium	darkbrotherhood.my1.ru/.s/img/icon/social/gp.svg
2023-05-24	medium	darkbrotherhood.my1.ru/.s/img/icon/social/ok.svg
2023-05-24	medium	darkbrotherhood.my1.ru/stat/895633265?11
2023-05-24	medium	darkbrotherhood.my1.ru/.s/src/jquery-1.12.4.min.js

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	darkbrotherhood.my1.ru/mchat/	0 B	2023-03-07	2024-04-25
Pretty URL darkbrotherhood.my1.ru/mchat/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 18:27:51 Times Seen37069449 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ru.js	453 kB	2023-05-19	2023-05-26
Pretty URL www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ru.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-19 12:22:29 Last Seen2023-05-26 01:33:48 Times Seen588 Hash 5ee55e4774f7047ff36c50d754de7a45 5706760775775aca8883b7e4fef43105b58a1b34 50be60d04fa931d5b28c8e0866e64c44a7ffe724c8874fe70236528be43ca213 Loading...

	darkbrotherhood.my1.ru/photo/	209 B	2023-03-07	2024-04-25
Pretty URL darkbrotherhood.my1.ru/photo/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:06:21 Last Seen2024-04-25 16:06:39 Times Seen935 Hash ebe6bc0803293713c0cd5ccbb6858263 f7e12e4099d0b1539e6424fb35bed336f953239d de6c089a2079a7e9d7740a581839e60f99fc2b345f909a63fb8edce6e90dca4a Loading...

	darkbrotherhood.my1.ru/photo/	217 B	2023-03-07	2024-04-25
Pretty URL darkbrotherhood.my1.ru/photo/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:06:21 Last Seen2024-04-25 16:06:39 Times Seen931 Hash 643968481bd70d1b90acb3623acc1cbf a48c24f35825a4f9a22bb98e54b972ab914d0da6 1cc7811671da38d961a9ab7caf93a642e6b64d30f56cfe7e94370f25f190df2c Loading...

	darkbrotherhood.my1.ru/photo/	486 B	2023-04-25	2024-02-06
Pretty URL darkbrotherhood.my1.ru/photo/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-25 14:03:35 Last Seen2024-02-06 13:06:42 Times Seen12 Hash 9e9fb8670d97da87a278dfe67de2b049 5b53130373b1ed7e48cd02c2d6f0624d96946896 5e4944412820e4e0aeae39530c19746db9e833f36a6cf7814b8dd212382f52b0 Loading...

	darkbrotherhood.my1.ru/photo/	2.4 kB	2023-05-24	2023-05-24
Pretty URL darkbrotherhood.my1.ru/photo/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 22:52:28 Last Seen2023-05-24 22:52:28 Times Seen1 Hash c90aea0dbdb8466cc1f16178ce165e35 4d095e48c6327f81b375e6b2968d97e9a80a12e9 0e9fc70d6f461e70cb8bf2ff8f2aefba69dab9408d0238d0c27c86f6955401da Loading...

	www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru	905 B	2023-05-19	2023-05-26
Pretty URL www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru IP 142.250.74.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-19 19:43:06 Last Seen2023-05-26 00:30:46 Times Seen115 Hash f3651a48f92f2ce6ffd95d0ae3268a9f 1cb70789a541931c3127a5f0c12e001da6a543ce c81584853fdd4a67b3676d9b9970f46a25c307600d97cf6d2e666a84bede5581 Loading...

	darkbrotherhood.my1.ru/.s/src/uwnd.min.js	210 kB	2023-03-07	2023-11-09
Pretty URL darkbrotherhood.my1.ru/.s/src/uwnd.min.js IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:47 Last Seen2023-11-09 11:57:45 Times Seen1943 Hash 0e2dd07983ad50fa9205b6a9d24bc79f 8eafe02a75c83f60d40d1cee73e2770805e54a9e 8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad Loading...

	darkbrotherhood.my1.ru/.s/src/photopage.min.js	12 kB	2023-03-08	2023-09-17
Pretty URL darkbrotherhood.my1.ru/.s/src/photopage.min.js IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:57:43 Last Seen2023-09-17 15:05:56 Times Seen53 Hash a19ad1c384ddd99b70181b1af46cce31 f97e320e2eb8134c4696db7aec8e11394243183c b96f5cf371dd699ffc3882437dca3ba537e49348238af1a54c0d723d3e56a1e7 Loading...

	unknown	87 B	2023-05-24	2023-05-24
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-24 22:52:28 Last Seen2023-05-24 22:52:28 Times Seen1 Hash 0cf77371412e4f3e53f673b9dcef2fe4 10f1e70afbfd1fe6ae5c4eee224d8df34a137a8a 1c959b6fccf0c117f4d98bb91fa3257ede4b337ed6f900355e5955c54dfca8aa Loading...

	darkbrotherhood.my1.ru/.s/src/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-04-25
Pretty URL darkbrotherhood.my1.ru/.s/src/jquery-1.12.4.min.js IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 16:19:34 Times Seen118709 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	darkbrotherhood.my1.ru/.s/src/ulightbox/ulightbox.min.js	22 kB	2023-03-13	2023-08-29
Pretty URL darkbrotherhood.my1.ru/.s/src/ulightbox/ulightbox.min.js IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:50:49 Last Seen2023-08-29 00:13:38 Times Seen1347 Hash 862f093f507f858ee329c39576f1c041 f3da76f6d4071020bf9c82ddbcbb1ad95d74108f a0c876daa26fa9e875abc22a4e88e310a20ea1fdb45451e4af22b907dbf22da8 Loading...

	rot.spotsniper.ru/?src=ujs6	1 B	2023-03-07	2024-04-25
Pretty URL rot.spotsniper.ru/?src=ujs6 IP 31.172.81.159 ASN #44066 diva-e Datacenters GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-04-25 16:36:16 Times Seen21494 Hash 7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Loading...

	darkbrotherhood.my1.ru/?6RPfta%5EYrfUpIgZq72n%3B2sFasDc7llTbAJM9KJhdNjj5FTRHJBLd3RiSBLL2OHCFGsPQOCP%21k2XJCOYDhEePea3dWkjaZueaHyQqSU6H0KhgS12OtudA%21nZYd2dHMtUAbItnhss1p6aMiwAezLnC7RUSfNmpLGnYNzMGHSC8y8cZ3eCRfS5OucEQ0%3BF3ruUAnUlDu0jdQ%21lzc3It%3BjxFVfXFAR89POJq5%3Boo	1.2 kB	2023-05-24	2023-05-24
Pretty URL darkbrotherhood.my1.ru/?6RPfta%5EYrfUpIgZq72n%3B2sFasDc7llTbAJM9KJhdNjj5FTRHJBLd3RiSBLL2OHCFGsPQOCP%21k2XJCOYDhEePea3dWkjaZueaHyQqSU6H0KhgS12OtudA%21nZYd2dHMtUAbItnhss1p6aMiwAezLnC7RUSfNmpLGnYNzMGHSC8y8cZ3eCRfS5OucEQ0%3BF3ruUAnUlDu0jdQ%21lzc3It%3BjxFVfXFAR89POJq5%3Boo IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 22:52:28 Last Seen2023-05-24 22:52:28 Times Seen2 Hash b5ba78a454018686d8fad9136b494326 9d1caa77fb9f25299213242739299a9bfee5db3f 60b6161aaa88dbbd6e0c35df03d6e793cf4ddfbefee0e129076c475ae4967b1f Loading...

	s10.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.454374697038059	0 B	2023-03-07	2024-04-25
Pretty URL s10.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.454374697038059 IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 18:27:51 Times Seen37069449 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	darkbrotherhood.my1.ru/photo/	1.0 kB	2023-05-24	2023-05-24
Pretty URL darkbrotherhood.my1.ru/photo/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 22:52:28 Last Seen2023-05-24 22:52:28 Times Seen1 Hash 729367941b3cae3d33761aee96b31a4f 4be9b94e7e734f149be87b75098f1a6eb892df45 cf050cc92c5d72f084c8e54a946b7b7939683789ea0b02407a7d9e2851bba372 Loading...

	darkbrotherhood.my1.ru/photo/	101 B	2023-03-07	2024-04-25
Pretty URL darkbrotherhood.my1.ru/photo/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01:41 Last Seen2024-04-25 16:06:39 Times Seen526 Hash 64cd091120d9728b26700590b601af43 b4df948a81718f30fb8ea03304bea81d2c4fe31a 5457f6f8b0c00af488e2747e8a14a9f5fa51f4b9c5579eda986e5c3e21d1a15a Loading...

	darkbrotherhood.my1.ru/photo/	1.2 kB	2023-05-24	2023-05-24
Pretty URL darkbrotherhood.my1.ru/photo/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 22:52:28 Last Seen2023-05-24 22:52:28 Times Seen1 Hash ac10a7c673e6fd95eb75ffd3e98d13a3 484e38aae919c81bfe94b025db955a5af37dbccc 3605a62be2dee689e5e437aa6d7644b108a35412ab44c966a80d44e141fa046e Loading...

	darkbrotherhood.my1.ru/photo/	14 B	2023-03-07	2024-04-14
Pretty URL darkbrotherhood.my1.ru/photo/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08:59 Last Seen2024-04-14 22:39:54 Times Seen335 Hash d758e957ca65a07184e568a83a351faf 0322a9c4e29aaaaa681908c9f3d99de1f93b9ddf 7fb68d55dfcf5ba40586422d6af2c611b6c9666a4d4d8471383d81b6d595a12a Loading...

	darkbrotherhood.my1.ru/photo/	210 B	2023-05-24	2023-05-24
Pretty URL darkbrotherhood.my1.ru/photo/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 22:52:28 Last Seen2023-05-24 22:52:28 Times Seen1 Hash 0923abb59669b2b2799cc81880d66c23 1bda1f5a4bff5443825f4181e5974325c0bb03ea 43a1fb31cb9072a4c215f8b38857944152f7373480407ca8c8d20f432c1bd5aa Loading...

	zcode12.me/?ze=grstanjtgu5ha3ddf4ztgobr	10 B	2023-03-07	2024-04-25
Pretty URL zcode12.me/?ze=grstanjtgu5ha3ddf4ztgobr IP 185.177.93.30 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2024-04-25 16:06:41 Times Seen4495 Hash f495e69f2e9edc75eeae7dd3ea78a747 a89e38bbe70fa2de5db9d578975abd4e9dcda52e 8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c Loading...

	darkbrotherhood.my1.ru/?CY5JZJj%21jhbRLkwLecPNCVLt1pqgu%5EFVjZTqYrE0hQi3thRnijUtw%21jClU3YIekCP2gkMfjQsqHhKXjI6kT1NxiQc1rWUgZDuxcBACKJqt1H2gR%3BgRa7fH2X2vJQJFFftfeyf%21lq0If9GWdqiHZ73QueKvBV6etzPigLjCc6RnPR3YSBYdP3K%5EOPZz%5EEAF65zaD%5EqOWxDWuy6CevrQZZ%5EzpgTdftM%3Bt0bwoo	834 B	2023-03-29	2023-06-20
Pretty URL darkbrotherhood.my1.ru/?CY5JZJj%21jhbRLkwLecPNCVLt1pqgu%5EFVjZTqYrE0hQi3thRnijUtw%21jClU3YIekCP2gkMfjQsqHhKXjI6kT1NxiQc1rWUgZDuxcBACKJqt1H2gR%3BgRa7fH2X2vJQJFFftfeyf%21lq0If9GWdqiHZ73QueKvBV6etzPigLjCc6RnPR3YSBYdP3K%5EOPZz%5EEAF65zaD%5EqOWxDWuy6CevrQZZ%5EzpgTdftM%3Bt0bwoo IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:37:07 Last Seen2023-06-20 20:59:43 Times Seen418 Hash 51e142a0b55c4d1f5056ff08fc046c09 24fab84fa4215afdb8ee7555ec3d3b52e323f998 b36d8b4a6ae0a89de7676de2f7870c67cec1f19e98962b29344aa9291b9131cb Loading...

	darkbrotherhood.my1.ru/photo/	264 B	2023-05-24	2023-05-24
Pretty URL darkbrotherhood.my1.ru/photo/ IP 193.109.246.7 ASN #204343 Compubyte Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 22:52:28 Last Seen2023-05-24 22:52:28 Times Seen1 Hash e18ebb3b00f1935765ea19853f569c52 a411d9fc9120c787ee23facda35a61f84405f105 2e380a5a97b7b6603767f1d0f260a364f49eae776554bc4fb46f8c110f339702 Loading...

		Size	First Seen	Last Seen
	#1 Write - 8b0fe86547ea1099fa2f32bd4c526c44	152 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:33:44 Last Seen2024-04-25 16:06:40 Times Seen1064 Hash 8b0fe86547ea1099fa2f32bd4c526c44 c180eadc55e8f386b0df85d043c4e682fb52ffb8 6887ab5beb82890d571c8f7c9d474bde94d3912e2b59247bab0fe77d408a026a Loading...

HTTP Transactions (67)

URL IP Response Size

darkbrotherhood.my1.ru/photo/

193.109.246.7

8.8 kB

URL
darkbrotherhood.my1.ru/photo/
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1610)
Size
8.8 kB (8780 bytes)
Hash
3149c1f37ba0d5df8867983cb258dbe7
9106b536786c6f96a3607524bb8f362937afd6c9
d812786021a6dcd5f55e5cc4c3a4e44dbbdaa0b618e137736b07a18a4e7dd662

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /photo/ HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 5darkbrotherhooduCoz=; path=/; expires=Mon, 24-May-2021 20:52:07 GMT; Secure; HttpOnly; domain=.darkbrotherhood.my1.ru
5darkbrotherhooduzll=1684961527; path=/; expires=Thu, 23-May-2024 20:52:07 GMT; Secure; domain=.darkbrotherhood.my1.ru
5darkbrotherhoodpushi=1; path=/; expires=Thu, 25-May-2023 19:52:07 GMT; Secure
Pragma: no-cache
Vary: host
Last-Modified: Wed, 24 May 2023 20:02:11 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip

darkbrotherhood.my1.ru/?6RPfta%5EYrfUpIgZq72n%3B2sFasDc7llTbAJM9KJhdNjj5FTRHJBLd3RiSBLL2OHCFGsPQOCP%21k2XJCOYDhEePea3dWkjaZueaHyQqSU6H0KhgS12OtudA%21nZYd2dHMtUAbItnhss1p6aMiwAezLnC7RUSfNmpLGnYNzMGHSC8y8cZ3eCRfS5OucEQ0%3BF3ruUAnUlDu0jdQ%21lzc3It%3BjxFVfXFAR89POJq5%3Boo

193.109.246.7

1.2 kB

URL
darkbrotherhood.my1.ru/?6RPfta%5EYrfUpIgZq72n%3B2sFasDc7llTbAJM9KJhdNjj5FTRHJBLd3RiSBLL2OHCFGsPQOCP%21k2XJCOYDhEePea3dWkjaZueaHyQqSU6H0KhgS12OtudA%21nZYd2dHMtUAbItnhss1p6aMiwAezLnC7RUSfNmpLGnYNzMGHSC8y8cZ3eCRfS5OucEQ0%3BF3ruUAnUlDu0jdQ%21lzc3It%3BjxFVfXFAR89POJq5%3Boo
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text
Size
1.2 kB (1170 bytes)
Hash
b5ba78a454018686d8fad9136b494326
9d1caa77fb9f25299213242739299a9bfee5db3f
60b6161aaa88dbbd6e0c35df03d6e793cf4ddfbefee0e129076c475ae4967b1f

HTTP Headers

GET /?6RPfta%5EYrfUpIgZq72n%3B2sFasDc7llTbAJM9KJhdNjj5FTRHJBLd3RiSBLL2OHCFGsPQOCP%21k2XJCOYDhEePea3dWkjaZueaHyQqSU6H0KhgS12OtudA%21nZYd2dHMtUAbItnhss1p6aMiwAezLnC7RUSfNmpLGnYNzMGHSC8y8cZ3eCRfS5OucEQ0%3BF3ruUAnUlDu0jdQ%21lzc3It%3BjxFVfXFAR89POJq5%3Boo HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache

www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru

142.250.74.4

579 B

URL
www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
IP
142.250.74.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (905), with no line terminators
Size
579 B (579 bytes)
Hash
f3651a48f92f2ce6ffd95d0ae3268a9f
1cb70789a541931c3127a5f0c12e001da6a543ce
c81584853fdd4a67b3676d9b9970f46a25c307600d97cf6d2e666a84bede5581

HTTP Headers

GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Wed, 24 May 2023 20:52:07 GMT
date: Wed, 24 May 2023 20:52:07 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

darkbrotherhood.my1.ru/.s/src/base.min.css

193.109.246.7

6.2 kB

URL
darkbrotherhood.my1.ru/.s/src/base.min.css
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text, with very long lines (24519), with no line terminators
Size
6.2 kB (6184 bytes)
Hash
cfa5d689b5b2f45ea3e3cf33415da504
dd71774375b3808c4483688e68833113c6e2c236
55998c0419cad6f5f33925fa11a2a38fd7586d3a5c9315f279d2b42a310460d2

HTTP Headers

GET /.s/src/base.min.css HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/css
Last-Modified: Tue, 02 May 2023 08:55:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6450cfef-5fc7"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

s10.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.454374697038059

193.109.246.7

0 B

URL
s10.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.454374697038059
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.454374697038059 HTTP/1.1
Host: s10.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15

darkbrotherhood.my1.ru/?CY5JZJj%21jhbRLkwLecPNCVLt1pqgu%5EFVjZTqYrE0hQi3thRnijUtw%21jClU3YIekCP2gkMfjQsqHhKXjI6kT1NxiQc1rWUgZDuxcBACKJqt1H2gR%3BgRa7fH2X2vJQJFFftfeyf%21lq0If9GWdqiHZ73QueKvBV6etzPigLjCc6RnPR3YSBYdP3K%5EOPZz%5EEAF65zaD%5EqOWxDWuy6CevrQZZ%5EzpgTdftM%3Bt0bwoo

193.109.246.7

834 B

URL
darkbrotherhood.my1.ru/?CY5JZJj%21jhbRLkwLecPNCVLt1pqgu%5EFVjZTqYrE0hQi3thRnijUtw%21jClU3YIekCP2gkMfjQsqHhKXjI6kT1NxiQc1rWUgZDuxcBACKJqt1H2gR%3BgRa7fH2X2vJQJFFftfeyf%21lq0If9GWdqiHZ73QueKvBV6etzPigLjCc6RnPR3YSBYdP3K%5EOPZz%5EEAF65zaD%5EqOWxDWuy6CevrQZZ%5EzpgTdftM%3Bt0bwoo
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text
Size
834 B (834 bytes)
Hash
51e142a0b55c4d1f5056ff08fc046c09
24fab84fa4215afdb8ee7555ec3d3b52e323f998
b36d8b4a6ae0a89de7676de2f7870c67cec1f19e98962b29344aa9291b9131cb

HTTP Headers

GET /?CY5JZJj%21jhbRLkwLecPNCVLt1pqgu%5EFVjZTqYrE0hQi3thRnijUtw%21jClU3YIekCP2gkMfjQsqHhKXjI6kT1NxiQc1rWUgZDuxcBACKJqt1H2gR%3BgRa7fH2X2vJQJFFftfeyf%21lq0If9GWdqiHZ73QueKvBV6etzPigLjCc6RnPR3YSBYdP3K%5EOPZz%5EEAF65zaD%5EqOWxDWuy6CevrQZZ%5EzpgTdftM%3Bt0bwoo HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache

darkbrotherhood.my1.ru/.s/src/layer3.min.css

193.109.246.7

5.2 kB

URL
darkbrotherhood.my1.ru/.s/src/layer3.min.css
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text, with very long lines (21524), with no line terminators
Size
5.2 kB (5181 bytes)
Hash
e25448a995701987d068058afd75842f
44b755c3099a85a30dc7814da75fd2f539cb93df
b67da74bdfb8409d1d116e7903609ecab9314d560d6238100ff91a4c41c2251d

HTTP Headers

GET /.s/src/layer3.min.css HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/css
Last-Modified: Thu, 27 Apr 2023 12:44:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"644a6e47-5414"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/_st/my.css

193.109.246.7

3.7 kB

URL
darkbrotherhood.my1.ru/_st/my.css
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text
Size
3.7 kB (3689 bytes)
Hash
e781f104972eecb7821c75697509ff4e
da42f0ddc4c0eba902cd9d94588da90f2df0a38e
a35520891fc6142a08a84bc6090bc2973b00b7188675bd49c55879094b420971

HTTP Headers

GET /_st/my.css HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/css
Last-Modified: Mon, 16 Nov 2015 21:42:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"564a4db0-433c"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/src/uwnd.min.js

193.109.246.7

200 OK

57 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/src/uwnd.min.js
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
57 kB (56796 bytes)
Hash
0e2dd07983ad50fa9205b6a9d24bc79f
8eafe02a75c83f60d40d1cee73e2770805e54a9e
8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/src/uwnd.min.js HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/src/ulightbox/ulightbox.min.css

193.109.246.7

200 OK

1.4 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/src/ulightbox/ulightbox.min.css
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
ASCII text, with very long lines (4552), with no line terminators
Size
1.4 kB (1359 bytes)
Hash
a05316c4712b56d4de87d83d57fc9a74
22db34df3400db68355d8b3e06c01c4f964ad484
5ddb669cd05d5c481a798631d2bd02b041950600ebaa4d419833fe0f01a04955

HTTP Headers

GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-11c8"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/src/entriesList.css

193.109.246.7

200 OK

246 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/src/entriesList.css
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
ASCII text
Size
246 B (246 bytes)
Hash
a0265c179f2f625c10a29f25b65b8d0b
649abba29e3c11c260d533a4b4c667c982c32787
b69e0c0266103e12d42cb13355819d334f13c64debed8f1f747fc17dc1b9bdbe

HTTP Headers

GET /.s/src/entriesList.css HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/css
Last-Modified: Wed, 05 Apr 2023 11:24:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5a5c-295"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/src/photo.css

193.109.246.7

200 OK

1.1 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/src/photo.css
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
ASCII text
Size
1.1 kB (1061 bytes)
Hash
46296af8f56bfd2f4a234235ed5f6e78
991cd21c86b99c4b1b5f1e3f9b8fdaa692e83f6d
9fcc157cf1366a277903ec97c125c9f729c9955271b6625d2b816b837ea2f6c2

HTTP Headers

GET /.s/src/photo.css HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/css
Last-Modified: Wed, 05 Apr 2023 11:24:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5a5d-ec8"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/src/photopage.min.css

193.109.246.7

1.6 kB

URL
darkbrotherhood.my1.ru/.s/src/photopage.min.css
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text, with very long lines (5303), with no line terminators
Size
1.6 kB (1624 bytes)
Hash
c26b0190e4d30041c881a9f487511c4f
3d3e8cc57a1746d96f6d4720e96d67a992db9929
2c36c8fddf0e4a91cc3cb52e2b714996c0e4019183fc727a61ea284702c29d7e

HTTP Headers

GET /.s/src/photopage.min.css HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/css
Last-Modified: Wed, 05 Apr 2023 11:24:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5a5d-14b7"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/src/social.css

193.109.246.7

610 B

URL
darkbrotherhood.my1.ru/.s/src/social.css
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text, with very long lines (442)
Size
610 B (610 bytes)
Hash
917872d4bcfea5e238f1f02cef7a9596
84c5e7eb25c8d7b11639ea428a9fac50bab26f84
12c919cc8994233c2f67bdcf1185997781ccfe1ce3405308e31bfd33d260bd74

HTTP Headers

GET /.s/src/social.css HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/css
Last-Modified: Wed, 01 Dec 2021 11:13:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"61a758f3-9b8"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/src/ulightbox/ulightbox.min.js

193.109.246.7

7.7 kB

URL
darkbrotherhood.my1.ru/.s/src/ulightbox/ulightbox.min.js
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text, with very long lines (22313), with no line terminators
Size
7.7 kB (7650 bytes)
Hash
862f093f507f858ee329c39576f1c041
f3da76f6d4071020bf9c82ddbcbb1ad95d74108f
a0c876daa26fa9e875abc22a4e88e310a20ea1fdb45451e4af22b907dbf22da8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/javascript
Last-Modified: Wed, 05 Apr 2023 11:24:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5a80-5729"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/src/photopage.min.js

193.109.246.7

200 OK

3.6 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/src/photopage.min.js
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
ASCII text, with very long lines (12130), with no line terminators
Size
3.6 kB (3603 bytes)
Hash
a19ad1c384ddd99b70181b1af46cce31
f97e320e2eb8134c4696db7aec8e11394243183c
b96f5cf371dd699ffc3882437dca3ba537e49348238af1a54c0d723d3e56a1e7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/src/photopage.min.js HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/javascript
Last-Modified: Tue, 29 Mar 2022 07:58:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6242bc1e-2f62"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/src/jquery-1.12.4.min.js

193.109.246.7

200 OK

34 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/src/jquery-1.12.4.min.js
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
ASCII text, with very long lines (32077)
Size
34 kB (33793 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/src/jquery-1.12.4.min.js HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: text/javascript
Last-Modified: Wed, 05 Apr 2023 11:24:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5a5c-17b8b"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/_ph/2/1/541231988.jpg?1684961527

193.109.246.7

2.4 kB

URL
darkbrotherhood.my1.ru/_ph/2/1/541231988.jpg?1684961527
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 130x102, components 3\012- data
Size
2.4 kB (2437 bytes)
Hash
e4eb17c19efc83cce35d5db203a228e1
415303fc7b671d09f6e06cda08dab58861a57cb9
28a7fdf788bda50888855342caa95e0715e092ede823b8acf4bc970068272b73

HTTP Headers

GET /_ph/2/1/541231988.jpg?1684961527 HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: image/jpeg
Content-Length: 2437
Last-Modified: Wed, 04 Jul 2012 18:48:31 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4ff48fff-985"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/_ph/2/1/189664739.jpg

193.109.246.7

200 OK

2.1 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/_ph/2/1/189664739.jpg
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 130x96, components 3\012- data
Size
2.1 kB (2146 bytes)
Hash
4feef92a42677d0cbdc2635ce6bd44bb
a748c566103a041ec9f7707695e765f93d7c80d2
5adb1db90d13c9e7d2f70d0713e7217c5862a433acd5057bb64bc3049b1d909e

HTTP Headers

GET /_ph/2/1/189664739.jpg HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: image/jpeg
Content-Length: 2146
Last-Modified: Sun, 23 Jan 2011 16:50:43 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d3c5c63-862"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/_ph/2/1/343922617.jpg?1684961527

193.109.246.7

4.3 kB

URL
darkbrotherhood.my1.ru/_ph/2/1/343922617.jpg?1684961527
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 97x130, components 3\012- data
Size
4.3 kB (4307 bytes)
Hash
6a05ddcce5a3512c74d78571a02de15b
ba54e3fcfcac8b3219c17aff26d83de29d1551bb
5b111e642e494428d1a52f0eeba70e5ee6c5e600e06b6a611bd47c81f04f27b1

HTTP Headers

GET /_ph/2/1/343922617.jpg?1684961527 HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/jpeg
Content-Length: 4307
Last-Modified: Tue, 01 Jan 2013 13:36:58 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "50e2e67a-10d3"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/_ph/2/1/276153568.jpg?1684961527

193.109.246.7

200 OK

1.6 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/_ph/2/1/276153568.jpg?1684961527
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 97x130, components 3\012- data
Size
1.6 kB (1642 bytes)
Hash
6bab0fe6975e2ee597203be1b2fed5f1
b9910e715432cabff82e49b45572d040386a21b6
fe0736f3b5c58699ad0dfd9f962646159c72290e835cccba6785b4a4611458f9

HTTP Headers

GET /_ph/2/1/276153568.jpg?1684961527 HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: image/jpeg
Content-Length: 1642
Last-Modified: Wed, 04 Jul 2012 18:46:34 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4ff48f8a-66a"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/_ph/2/1/411905120.jpg?1684961527

193.109.246.7

2.5 kB

URL
darkbrotherhood.my1.ru/_ph/2/1/411905120.jpg?1684961527
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 91x130, components 3\012- data
Size
2.5 kB (2490 bytes)
Hash
9bcbc0cbc8afd905c8367d1445d7ec05
7cee9f16271558e1d73bdb193e45cf55e3710f54
c7203caa70ff940399187ffcee592bfcf11296983b256a9a35f6d2a2f316bfb7

HTTP Headers

GET /_ph/2/1/411905120.jpg?1684961527 HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: image/jpeg
Content-Length: 2490
Last-Modified: Sat, 01 Sep 2012 08:27:17 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5041c6e5-9ba"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/_ph/2/1/95734783.jpg?1684961527

193.109.246.7

200 OK

2.8 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/_ph/2/1/95734783.jpg?1684961527
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 91x130, components 3\012- data
Size
2.8 kB (2751 bytes)
Hash
82dbe05ba616896e473af370e41b2ca9
ce15e1a65a59a5c7c43a5beb011561529867fa1b
7773ccf27ca6b0ec9bc26d366a4ea6897eb96934fe0d11f54e0a4223b57443f1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /_ph/2/1/95734783.jpg?1684961527 HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: image/jpeg
Content-Length: 2751
Last-Modified: Tue, 01 Jan 2013 13:39:27 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "50e2e70f-abf"
Expires: Tue, 13 Jun 2023 20:52:07 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/_ph/2/1/956574326.jpg?1684961527

193.109.246.7

200 OK

3.0 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/_ph/2/1/956574326.jpg?1684961527
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 130x101, components 3\012- data
Size
3.0 kB (2982 bytes)
Hash
f56c8b9a4131a9843baef3fcce081e02
0d549b961d3b230bbd582e4c425cd44a264526b5
b5329b7b051c3026a9124ba71c5990b19d80954a75725be2544a443dabc3c357

HTTP Headers

GET /_ph/2/1/956574326.jpg?1684961527 HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/jpeg
Content-Length: 2982
Last-Modified: Tue, 01 Jan 2013 13:41:14 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "50e2e77a-ba6"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

iritual.ru/

104.26.7.115

200 OK

24 kB

URL GET HTTP/2
iritual.ru/
IP
104.26.7.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGoogle Trust Services LLC
Subjectiritual.ru
Fingerprint84:65:A8:8E:60:CE:6B:00:4B:D3:D4:49:FA:E4:DF:7D:4E:54:B0:FD
ValidityFri, 19 May 2023 03:26:31 GMT - Thu, 17 Aug 2023 03:26:30 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (693)
Size
24 kB (24139 bytes)
Hash
275b47ec21629aaf4aa591f5baf948e1
4df0b67eabeb6ecd49b220f878511f909687eabc
0f29d5e4e0d119fc2ecc7ef5ed0b2b03f55524b2f0d0b22f16bdf6f395188b33

HTTP Headers

GET / HTTP/1.1
Host: iritual.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 May 2023 20:52:07 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://iritual.ru/xmlrpc.php
link: <https://iritual.ru/>; rel=shortlink
cache-control: s-maxage=31536000, max-age=600
x-wp-cf-super-cache: cache
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=600
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 17 May 2023 12:16:05 GMT
cf-cache-status: HIT
age: 635385
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCieaD0Dadk9Y%2Bw7MjGXfIMIh7OMbYa8a56Z1AtEJPJKidRdZ%2BY3Yuv2SZSUF3cmgobuRam4bdaizu%2BoIsJlJ%2FWPTsNLUwSGZhZFP4x1Eu3BANffrBAb3zt8Hg0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7cc86ba95ac2069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

darkbrotherhood.my1.ru/stat/1684961527259?01

193.109.246.7

302 Found

228 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/stat/1684961527259?01
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
228 B (228 bytes)
Hash
bc678d2ed46c7cb6f324ce95230c397c
5e6c360c6b1f8608bb3215677fd51d5a0b5fc997
927a55f55600866c0eaf7cfc5d8ce22b287afe5e782164a28e42a6d1ab5263d2

HTTP Headers

GET /stat/1684961527259?01 HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 5darkbrotherhooducnid=wcJmJ3ATcZ; domain=darkbrotherhood.my1.ru; path=/stat/895633265; expires=Wed, 24-May-2023 20:52:18 GMT
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://darkbrotherhood.my1.ru/stat/895633265?11

darkbrotherhood.my1.ru/.s/img/photopage/opacity085.png

193.109.246.7

200 OK

992 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/img/photopage/opacity085.png
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
992 B (992 bytes)
Hash
4d8812876669fe440da1b63b42af2ad4
0ba020001dc0f78f39dad8e731d61878eef3f630
484a63bbf3de5c3cc61ac43d75f94ad77fcf43a61a6c2fd7ea612298a9b1048d

HTTP Headers

GET /.s/img/photopage/opacity085.png HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/photopage.min.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/png
Content-Length: 992
Last-Modified: Wed, 05 Apr 2023 11:24:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5a50-3e0"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/img/photopage/opacity02.png

193.109.246.7

200 OK

992 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/img/photopage/opacity02.png
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
992 B (992 bytes)
Hash
f252d57e868a6d92295c422df56d8bce
f72ee51689c9d9ba3fd6793dfabd5e0c29679986
6271671654cdbe235c8f71c831c5a8ddf403b699bdda417d3e367036d54bb4e0

HTTP Headers

GET /.s/img/photopage/opacity02.png HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/photopage.min.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/png
Content-Length: 992
Last-Modified: Wed, 05 Apr 2023 11:24:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5a50-3e0"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/img/photopage/uico-user.png

193.109.246.7

1.2 kB

URL
darkbrotherhood.my1.ru/.s/img/photopage/uico-user.png
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1152 bytes)
Hash
a2bb8067d5cc7f5d99c25c129b648ec9
5b63493f494a60276907e507bc316896afe96fef
150e683b38964caaee9d7f448bcc17e602411d7100fbee6ac6feb36d21fdad9d

HTTP Headers

GET /.s/img/photopage/uico-user.png HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/photopage.min.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/png
Content-Length: 1152
Last-Modified: Wed, 05 Apr 2023 11:24:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5a50-480"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/mchat/

193.109.246.7

200 OK

5.0 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/mchat/
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (516)
Size
5.0 kB (5038 bytes)
Hash
30966a596e813f316a0194ac4d46ea5b
761062149e10e3a102fa67e716a5f7e03b73c92c
9d479ac35499eeababba29c995f135b019db1af4950174d33d895e9423792bdb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /mchat/ HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 5darkbrotherhooduCoz=; path=/; expires=Mon, 24-May-2021 20:52:08 GMT; Secure; HttpOnly; domain=.darkbrotherhood.my1.ru
Pragma: no-cache
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/img/photopage/uico-view.png

193.109.246.7

200 OK

1.2 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/img/photopage/uico-view.png
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
PNG image data, 16 x 10, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1153 bytes)
Hash
b434c30114acf85d9dece4246788cd1d
38bf468836c0d6bdfa0472b110734d7a63e5583d
23977892f420e43b5330920ff38306f8e39b111e5dcd32090982fc51b6c31d64

HTTP Headers

GET /.s/img/photopage/uico-view.png HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/photopage.min.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/png
Content-Length: 1153
Last-Modified: Wed, 05 Apr 2023 11:24:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5a50-481"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/img/photopage/ph-shadow.png

193.109.246.7

200 OK

1.2 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/img/photopage/ph-shadow.png
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
PNG image data, 214 x 7, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1207 bytes)
Hash
b799b88f5e8c995b581d31567e596d9e
75dd244e2537a0751a9b7ca4d3e79d13914f6329
0c9416ee30c778f008069e7262e9fe0296b515b6b5756d2de2d218dbb6f5692a

HTTP Headers

GET /.s/img/photopage/ph-shadow.png HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/photopage.min.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/png
Content-Length: 1207
Last-Modified: Wed, 05 Apr 2023 11:24:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5a50-4b7"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/img/icon/social/vk.svg

193.109.246.7

200 OK

772 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/img/icon/social/vk.svg
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
772 B (772 bytes)
Hash
7c4eb8cae0b565c023c4406add5f8041
079ce5d3277df672b57a73476a28d0bf0b1c1fe2
05a3f8587400860aa87bb18c9a9cd5b22a45ca4fc4a37a7922d29e48549b2fc9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/img/icon/social/vk.svg HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/social.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/svg+xml
Content-Length: 772
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-304"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/t/903/5.gif

193.109.246.7

200 OK

8.8 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/t/903/5.gif
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
GIF image data, version 89a, 200 x 150\012- data
Size
8.8 kB (8786 bytes)
Hash
5393adab721281f009d4d3b75ca4a644
3beea544b7125f306dfb43b249a6b0ce6ed015c4
e71a8840f3fa709be58099f8ce834e309e6dc6d1b9e57dbd6a21de37c2fa42c3

HTTP Headers

GET /.s/t/903/5.gif HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/_st/my.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/gif
Content-Length: 8786
Last-Modified: Tue, 23 Feb 2016 13:18:59 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56cc5c43-2252"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/img/icon/social/u.svg

193.109.246.7

612 B

URL
darkbrotherhood.my1.ru/.s/img/icon/social/u.svg
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
612 B (612 bytes)
Hash
1e726893f02be39b70d24d502a3a9998
98c6fcf43a67426ed7e9c7a839e8115494ca8072
d0608cf0c4aff79f20a198427f7df73300d643face9bea72b8d406b432b84df9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/img/icon/social/u.svg HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/social.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/svg+xml
Content-Length: 612
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-264"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/t/903/6.gif

193.109.246.7

200 OK

104 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/t/903/6.gif
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
GIF image data, version 89a, 200 x 5\012- data
Size
104 B (104 bytes)
Hash
92fa7cb76f71b560e404d56be1d7245c
4bd42c1c066587d10146f0a7f48e996f8d163e49
b1b27b7903f79c8c5a4669b9ee12744642eca0fa7a3a9d836b2b7149067b13e8

HTTP Headers

GET /.s/t/903/6.gif HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/_st/my.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/gif
Content-Length: 104
Last-Modified: Tue, 23 Feb 2016 13:18:59 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56cc5c43-68"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/img/icon/social/fb.svg

193.109.246.7

200 OK

611 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/img/icon/social/fb.svg
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
611 B (611 bytes)
Hash
d178cc46dcbcf2b6f19445674fe3fe58
26f9747489d9e796926f7bbe11817c420afda3af
a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/img/icon/social/fb.svg HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/social.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/svg+xml
Content-Length: 611
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-263"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darksanctuary.ucoz.ru/banner1.gif

213.174.157.151

200 OK

4.8 kB

URL GET HTTP/1.1
darksanctuary.ucoz.ru/banner1.gif
IP
213.174.157.151:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.ucoz.ru
FingerprintB3:C4:38:E8:92:9F:57:D8:06:46:D8:C2:E1:0D:07:26:FE:0C:C4:49
ValiditySat, 18 Jun 2022 07:06:07 GMT - Thu, 20 Jul 2023 07:06:06 GMT

File type
GIF image data, version 89a, 87 x 50\012- data
Size
4.8 kB (4764 bytes)
Hash
f44b9bf593852d2446e234da7168a461
07604d289f06ec1c1addc9110c9215882f735c23
d8af8ec806e0f460bebf658f7b2b1faac08495585665cc94d437ad41b640be0e

HTTP Headers

GET /banner1.gif HTTP/1.1
Host: darksanctuary.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:10 GMT
Content-Type: image/gif
Content-Length: 4764
Last-Modified: Fri, 24 Dec 2010 16:15:06 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d14c70a-129c"
Expires: Tue, 13 Jun 2023 20:52:10 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/img/icon/social/ya.svg

193.109.246.7

660 B

URL
darkbrotherhood.my1.ru/.s/img/icon/social/ya.svg
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
660 B (660 bytes)
Hash
7676c3eee5bd955efe08fd05367a443b
595e4e8dbf5ff472606434d0f45806d088de4c0c
b72d3f61ac56b4aa27bad5769589705004aff1f0ad341785ca72dc46ba16de5b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/img/icon/social/ya.svg HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/social.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/svg+xml
Content-Length: 660
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-294"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/img/icon/social/gp.svg

193.109.246.7

200 OK

550 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/img/icon/social/gp.svg
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (534), with no line terminators
Size
550 B (550 bytes)
Hash
10d296226de121de55180e5b1b7d9d49
5980293f4f290734d09459d068a8c3996e43fe40
a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/img/icon/social/gp.svg HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/social.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/svg+xml
Content-Length: 550
Last-Modified: Fri, 01 Feb 2019 12:57:26 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c544236-226"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/img/icon/social/ok.svg

193.109.246.7

1.9 kB

URL
darkbrotherhood.my1.ru/.s/img/icon/social/ok.svg
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
1.9 kB (1858 bytes)
Hash
08bbc2fa9b08463b0d061041d62b408e
370c53ccc3edd296cd35fb9e3de20dabfdae78d9
e1369586f1d82834ecc0ccab2f5f1a6f7565f2c715243d956bd7eb1404c8fba9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/img/icon/social/ok.svg HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/.s/src/social.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/svg+xml
Content-Length: 1858
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-742"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/t/903/8.gif

193.109.246.7

72 B

URL
darkbrotherhood.my1.ru/.s/t/903/8.gif
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
GIF image data, version 89a, 10 x 10\012- data
Size
72 B (72 bytes)
Hash
f9d4d09e822eafeb8fe7310a7826eea2
abc73eb82dcee44b8003f1c69494c0bddf742746
9a7eac9c050276a3de116ee8fe986f50d23ffbb4b258de431efcee541ebe6266

HTTP Headers

GET /.s/t/903/8.gif HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/_st/my.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/gif
Content-Length: 72
Last-Modified: Tue, 23 Feb 2016 13:18:59 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56cc5c43-48"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/_st/my.css

193.109.246.7

3.7 kB

URL
darkbrotherhood.my1.ru/_st/my.css
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text
Size
3.7 kB (3689 bytes)
Hash
e781f104972eecb7821c75697509ff4e
da42f0ddc4c0eba902cd9d94588da90f2df0a38e
a35520891fc6142a08a84bc6090bc2973b00b7188675bd49c55879094b420971

HTTP Headers

GET /_st/my.css HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/mchat/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: text/css
Last-Modified: Mon, 16 Nov 2015 21:42:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"564a4db0-433c"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/stat/895633265?11

193.109.246.7

393 B

URL
darkbrotherhood.my1.ru/stat/895633265?11
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
GIF image data, version 87a, 88 x 31\012- data
Size
393 B (393 bytes)
Hash
2106761974e3f694ca1328bbc7939ff9
ce8191189b8edebc52b0ebf90b654267a2f8c669
0fb4ad386e5c82fc6569107314feb7323fe2b8e42f84fb6906556effe0d7ad67

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stat/895633265?11 HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://darkbrotherhood.my1.ru/photo/
DNT: 1
Connection: keep-alive
Cookie: 5darkbrotherhooducnid=wcJmJ3ATcZ; 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: ucvid=Tyiep2CoTQ; domain=my1.ru; path=/; expires=Thu, 23-May-2024 20:52:08 GMT

tes5.ucoz.net/Banner.gif

213.174.157.152

200 OK

8.3 kB

URL GET HTTP/1.1
tes5.ucoz.net/Banner.gif
IP
213.174.157.152:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGoGetSSL
Subject*.ucoz.net
Fingerprint9C:9F:0E:28:57:CD:A6:DE:BC:89:EA:60:7A:68:97:BB:58:9F:C1:4A
ValidityWed, 15 Mar 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 88 x 31\012- data
Size
8.3 kB (8316 bytes)
Hash
f423715543291fbfcad7fcf2afd26e09
c68b76b9a53b3a458b1b554a116a6fc065279f46
06cdaeab6aaf76494c852719b9c6d727edf7aeaf17580417a145e5253af4a241

HTTP Headers

GET /Banner.gif HTTP/1.1
Host: tes5.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:06 GMT
Content-Type: image/gif
Content-Length: 8316
Last-Modified: Sun, 11 Dec 2011 10:53:54 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4ee48bc2-207c"
Expires: Tue, 13 Jun 2023 20:52:06 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/?%5Eh0iI0q2d2gw2n4Mu9Fdd%5EL1Ibe%5Es91kaeLK4pfE%5EY1YpNsRLtZHAA62cO5VFG3P8WWE%3B%3Bnc%21AWDT9CZIYz7pPOwBYLdWOT%3B

193.109.246.7

800 B

URL
darkbrotherhood.my1.ru/?%5Eh0iI0q2d2gw2n4Mu9Fdd%5EL1Ibe%5Es91kaeLK4pfE%5EY1YpNsRLtZHAA62cO5VFG3P8WWE%3B%3Bnc%21AWDT9CZIYz7pPOwBYLdWOT%3B
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
800 B (800 bytes)
Hash
4196dce5736e3377828acc4068c75fa0
16d47208a69bc1a28fbd55c0c32adcfc17ef3a7a
46bcece4dde48818949178f86b82c34f3c04b4080eed6a18736d54f7ea78f8c9

HTTP Headers

GET /?%5Eh0iI0q2d2gw2n4Mu9Fdd%5EL1Ibe%5Es91kaeLK4pfE%5EY1YpNsRLtZHAA62cO5VFG3P8WWE%3B%3Bnc%21AWDT9CZIYz7pPOwBYLdWOT%3B HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip

darkbrotherhood.my1.ru/2db.jpg

193.109.246.7

8.7 kB

URL
darkbrotherhood.my1.ru/2db.jpg
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2011:10:01 07:33:20], progressive, precision 8, 2000x55, components 3\012- data
Size
8.7 kB (8696 bytes)
Hash
c9d00e650d1065b2f645ebb48da95217
67daa75acedd623be3775dd9eb48a0e9d5feb2ee
afdf53a3a5515ed8ff411804b999fbdcab2d2de6f53d96cd4612ce097c07b42f

HTTP Headers

GET /2db.jpg HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/jpeg
Content-Length: 8696
Last-Modified: Sat, 01 Oct 2011 09:26:41 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e86dcd1-21f8"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/src/jquery-1.12.4.min.js

193.109.246.7

200 OK

34 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/src/jquery-1.12.4.min.js
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
ASCII text, with very long lines (32077)
Size
34 kB (33793 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/src/jquery-1.12.4.min.js HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/mchat/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: text/javascript
Last-Modified: Wed, 05 Apr 2023 11:24:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5a5c-17b8b"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

darkbrotherhood.my1.ru/3db1.jpg

193.109.246.7

200 OK

34 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/3db1.jpg
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2011:10:01 09:26:14], progressive, precision 8, 1200x380, components 3\012- data
Size
34 kB (33476 bytes)
Hash
a2f85d2debc77daa8a119a6dddff89d0
1f11097b9a5c4784d752a42d45132cb69d57f15a
60efe21232a8c1f980eba1a7a073fc1434d99e4b7c56300eca3498e00fb5d91a

HTTP Headers

GET /3db1.jpg HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/jpeg
Content-Length: 33476
Last-Modified: Sat, 01 Oct 2011 09:21:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e86dbaf-82c4"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

s10.ucoz.net/adv/dummy/000/css/style.css

193.109.246.7

1.6 kB

URL
s10.ucoz.net/adv/dummy/000/css/style.css
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text
Size
1.6 kB (1564 bytes)
Hash
66bafd673de0c9223fcb6de5548e0e6f
cff0e25c3783772bfb13ad21ad8b328ccca63cb9
25ed1276f20986488e24b40548f023af771181ac7862900bde43cbdaffe0d0b9

HTTP Headers

GET /adv/dummy/000/css/style.css HTTP/1.1
Host: s10.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Mar 2019 14:28:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5c9a36fb-19eb"
Content-Encoding: gzip

darkbrotherhood.my1.ru/.s/src/uwnd.min.js?2

193.109.246.7

57 kB

URL
darkbrotherhood.my1.ru/.s/src/uwnd.min.js?2
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
ASCII text, with very long lines (65536), with no line terminators
Size
57 kB (56796 bytes)
Hash
0e2dd07983ad50fa9205b6a9d24bc79f
8eafe02a75c83f60d40d1cee73e2770805e54a9e
8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad

HTTP Headers

GET /.s/src/uwnd.min.js?2 HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/mchat/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

s10.ucoz.net/adv/dummy/000/img/ucoz-logo.png

193.109.246.7

4.6 kB

URL
s10.ucoz.net/adv/dummy/000/img/ucoz-logo.png
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4585 bytes)
Hash
14d37a3409afc2c450c62b97bc8019da
43fc12bf16a292d6d10b17ab7d1e37785288858c
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2

HTTP Headers

GET /adv/dummy/000/img/ucoz-logo.png HTTP/1.1
Host: s10.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/png
Content-Length: 4585
Last-Modified: Tue, 26 Mar 2019 14:28:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fb-11e9"
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/img/icon/profile.png

193.109.246.7

676 B

URL
darkbrotherhood.my1.ru/.s/img/icon/profile.png
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
676 B (676 bytes)
Hash
f063cf2f9ab83f2ca68327c0927a7b7a
e84b2105d2b47127d5cf8366a5606639f27684cd
f5d62b58ed22f77bea1a87ce4e204e2b213459746f74ee5e0be91f22851420cf

HTTP Headers

GET /.s/img/icon/profile.png HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/mchat/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/png
Content-Length: 676
Last-Modified: Wed, 05 Apr 2023 11:23:58 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5a4e-2a4"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/4db.jpg

193.109.246.7

200 OK

94 kB

URL GET HTTP/1.1
darkbrotherhood.my1.ru/4db.jpg
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2011:10:01 05:57:40], progressive, precision 8, 740x302, components 3\012- data
Size
94 kB (94522 bytes)
Hash
d320c9371f7b97a7ad126b3130f78cea
d3829a3d0256ccead67489cfe89ecddae109945f
d29ccfdff5fa37728083702d73b18496330de99e7b392990f78a53276f78796b

HTTP Headers

GET /4db.jpg HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/jpeg
Content-Length: 94522
Last-Modified: Sat, 01 Oct 2011 09:19:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e86db33-1713a"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff

142.250.74.97

60 kB

URL
themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
Web Open Font Format, TrueType, length 60332, version 1.1\012- data
Size
60 kB (60332 bytes)
Hash
0d6d6ae28614efe13ec053eaeef473c1
20cd1c419ba0763bb4bbb1435bc0aed00452af2e
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1

HTTP Headers

GET /static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://darkbrotherhood.my1.ru
DNT: 1
Connection: keep-alive
Referer: https://s10.ucoz.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
timing-allow-origin: *
content-length: 60332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 21:21:24 GMT
expires: Sun, 19 May 2024 21:21:24 GMT
cache-control: public, max-age=31536000
age: 343843
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: font/woff
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zcode12.me/?ze=grstanjtgu5ha3ddf4ztgobr

185.177.93.30

200 OK

24 kB

URL GET HTTP/2
zcode12.me/?ze=grstanjtgu5ha3ddf4ztgobr
IP
185.177.93.30:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerLet's Encrypt
Subjectzpgetcode12.com
Fingerprint5F:99:7D:06:EF:A3:4B:DF:58:6F:FA:B2:67:8F:88:83:2B:3A:45:F9
ValidityWed, 17 May 2023 02:42:23 GMT - Tue, 15 Aug 2023 02:42:22 GMT

File type
data
Size
24 kB (23654 bytes)
Hash
6b452e48fcf2ce4a62a1d2d6da6a15fa
df619194bda2dd285a217cd81a2509a65d727060
fe8c99cd5634309576395c0592cb21816f0df86d42e4972fabebb22dee5973cb

HTTP Headers

GET /?ze=grstanjtgu5ha3ddf4ztgobr HTTP/1.1
Host: zcode12.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 May 2023 20:52:07 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=3ecf68be-42b5-42de-a3cc-d9fc9e8ea791; expires=Fri, 23-Jun-2023 20:52:07 GMT; Max-Age=2592000; path=/; SameSite=None; domain=zcode12.me; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

img12.imageshost.ru/img/2011/01/06/image_4d252461f0b67.gif

172.67.145.16

301 Moved Permanently

1 B

URL GET HTTP/3
img12.imageshost.ru/img/2011/01/06/image_4d252461f0b67.gif
IP
172.67.145.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGoogle Trust Services LLC
Subjectimageshost.ru
Fingerprint5F:C6:8E:80:BF:83:80:3B:53:01:F0:E7:35:05:B7:7C:F5:26:CC:5F
ValidityThu, 20 Apr 2023 01:36:57 GMT - Wed, 19 Jul 2023 01:36:56 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

HTTP Headers

GET /img/2011/01/06/image_4d252461f0b67.gif HTTP/1.1
Host: img12.imageshost.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Wed, 24 May 2023 20:52:07 GMT
location: https://iritual.ru
cache-control: max-age=3600
expires: Wed, 24 May 2023 21:52:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g52eGwz%2FXXGwvcwn9dc7OWOV15QptL%2BUzrNsFG1QBfCvtU3a8IFl1s5sxaA7EtG%2BDiuw894rg47W20HuYzpl4SjjeBuKtSz4ATeL09TG1%2Bj96BIdKLqbhwVICpPQIYUKW2KZWlUH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc86babae02b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

darkbrotherhood.my1.ru/sml/old.gif

193.109.246.7

2.5 kB

URL
darkbrotherhood.my1.ru/sml/old.gif
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
GIF image data, version 89a, 32 x 28\012- data
Size
2.5 kB (2498 bytes)
Hash
5f91d680f7c4690f6b43cb99f3d9faf6
f2d01db23ff5a1b8476767f656fdbb757d64cbd1
4978edc0044ffab937e6eec9100df838a8617ec8dace60eaf3bd0b8a80f3865a

HTTP Headers

GET /sml/old.gif HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1; ucvid=Tyiep2CoTQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/gif
Content-Length: 2498
Last-Modified: Sat, 01 Oct 2011 16:05:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e873a5f-9c2"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ru.js

142.250.74.35

171 kB

URL
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ru.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (771)
Size
171 kB (170778 bytes)
Hash
5ee55e4774f7047ff36c50d754de7a45
5706760775775aca8883b7e4fef43105b58a1b34
50be60d04fa931d5b28c8e0866e64c44a7ffe724c8874fe70236528be43ca213

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://darkbrotherhood.my1.ru
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 170778
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 10:03:57 GMT
expires: Thu, 23 May 2024 10:03:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 38891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

darkbrotherhood.my1.ru/sml/lol.gif

193.109.246.7

200 OK

570 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/sml/lol.gif
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/mchat/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
GIF image data, version 89a, 15 x 15\012- data
Size
570 B (570 bytes)
Hash
92947664b0163775a11c16b137caf0a1
ce5c4232b30a167e3fbec2124fc167a01d689d33
566a1f068283fe3e271e507b8c50a95453b2b02d18925b7562f8ebae1ce0f3d5

HTTP Headers

GET /sml/lol.gif HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1; ucvid=Tyiep2CoTQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/gif
Content-Length: 570
Last-Modified: Sat, 01 Oct 2011 16:07:57 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e873add-23a"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/.s/t/903/1.gif

193.109.246.7

200 OK

496 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/.s/t/903/1.gif
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
GIF image data, version 89a, 1200 x 15\012- data
Size
496 B (496 bytes)
Hash
9f71242c2225f0018f1458b1e6e6f9b5
6514d55446a61fd8ba9964392e1b4a9ebdc2f8c8
236700fb13b4bb77ab345909452d51b747631e61756ad06287d83100f419e977

HTTP Headers

GET /.s/t/903/1.gif HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/_st/my.css
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1; ucvid=Tyiep2CoTQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/gif
Content-Length: 496
Last-Modified: Tue, 23 Feb 2016 13:18:59 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56cc5c43-1f0"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/sml/hehe.gif

193.109.246.7

200 OK

419 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/sml/hehe.gif
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/mchat/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
GIF image data, version 89a, 15 x 15\012- data
Size
419 B (419 bytes)
Hash
115a934f6c0e26aa9a2af7287f28e386
1741d8a359ea4ead4663b196bcd4626ab1ac5d38
36a54211d1bb841eb4d35ef67c9441cd7098e2390d911efd2637137355feecdb

HTTP Headers

GET /sml/hehe.gif HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/mchat/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/gif
Content-Length: 419
Last-Modified: Sat, 01 Oct 2011 16:07:57 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e873add-1a3"
Expires: Tue, 13 Jun 2023 20:52:08 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

darkbrotherhood.my1.ru/favicon.ico

193.109.246.7

200 OK

894 B

URL GET HTTP/1.1
darkbrotherhood.my1.ru/favicon.ico
IP
193.109.246.7:443
ASN
#204343 Compubyte Limited

Requested by
https://darkbrotherhood.my1.ru/photo/
Certificate
IssuerGlobalSign nv-sa
Subject*.my1.ru
FingerprintA8:A5:0B:20:FD:8E:C5:F0:73:D7:16:6C:30:0B:9B:D2:92:E8:94:24
ValidityFri, 15 Jul 2022 11:22:33 GMT - Wed, 16 Aug 2023 11:22:32 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Size
894 B (894 bytes)
Hash
da85db84fabae8138dd0a56e179909fe
503f87f2b0fd54a7be5c67a87fbc670c7994df1b
70543d079d45f80c46cd40ebc7c4c0d2e8717675eda7e62da68592acba9e14dc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/photo/
Cookie: 5darkbrotherhooduzll=1684961527; 5darkbrotherhoodpushi=1; ucvid=Tyiep2CoTQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/x-icon
Content-Length: 894
Last-Modified: Thu, 05 Jun 2008 10:59:59 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4847c72f-37e"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

s10.ucoz.net/adv/dummy/000/img/bg.gif

193.109.246.7

1.3 kB

URL
s10.ucoz.net/adv/dummy/000/img/bg.gif
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
GIF image data, version 89a, 485 x 3\012- data
Size
1.3 kB (1268 bytes)
Hash
b19967d808ed7c42b41316d6c8474f55
18d80748bd4041b13a3373a429281ec65347a0e2
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50

HTTP Headers

GET /adv/dummy/000/img/bg.gif HTTP/1.1
Host: s10.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s10.ucoz.net/adv/dummy/000/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:08 GMT
Content-Type: image/gif
Content-Length: 1268
Last-Modified: Tue, 26 Mar 2019 14:28:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fb-4f4"
Accept-Ranges: bytes

darkbrotherhood.my1.ru/?%5Eh0iI0q2d2gw2n4Mu9Fdd%5EL1Ibe%5Es91kaeLK4pfE%5EY1YpNsRLtZHAA62cO5VFG3P8WWE%3B%3Bnc%21AWDT9CZIYz7pPOwBYLdWOT%3B

193.109.246.7

800 B

URL
darkbrotherhood.my1.ru/?%5Eh0iI0q2d2gw2n4Mu9Fdd%5EL1Ibe%5Es91kaeLK4pfE%5EY1YpNsRLtZHAA62cO5VFG3P8WWE%3B%3Bnc%21AWDT9CZIYz7pPOwBYLdWOT%3B
IP
193.109.246.7:0
ASN
#204343 Compubyte Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
800 B (800 bytes)
Hash
4196dce5736e3377828acc4068c75fa0
16d47208a69bc1a28fbd55c0c32adcfc17ef3a7a
46bcece4dde48818949178f86b82c34f3c04b4080eed6a18736d54f7ea78f8c9

HTTP Headers

GET /?%5Eh0iI0q2d2gw2n4Mu9Fdd%5EL1Ibe%5Es91kaeLK4pfE%5EY1YpNsRLtZHAA62cO5VFG3P8WWE%3B%3Bnc%21AWDT9CZIYz7pPOwBYLdWOT%3B HTTP/1.1
Host: darkbrotherhood.my1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip

rot.spotsniper.ru/?src=ujs6

31.172.81.159

200 OK

1 B

URL GET HTTP/1.1
rot.spotsniper.ru/?src=ujs6
IP
31.172.81.159:443
ASN
#44066 diva-e Datacenters GmbH

Requested by
https://darkbrotherhood.my1.ru/?%5Eh0iI0q2d2gw2n4Mu9Fdd%5EL1Ibe%5Es91kaeLK4pfE%5EY1YpNsRLtZHAA62cO5VFG3P8WWE%3B%3Bnc%21AWDT9CZIYz7pPOwBYLdWOT%3B
Certificate
IssuerLet's Encrypt
Subjectrot.spotsniper.ru
Fingerprint13:D8:07:73:18:96:DD:24:23:40:59:1D:77:25:1E:F0:00:59:B3:07
ValidityTue, 11 Apr 2023 04:45:34 GMT - Mon, 10 Jul 2023 04:45:33 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

HTTP Headers

GET /?src=ujs6 HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkbrotherhood.my1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 20:52:07 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

s42.radikal.ru/i095/1008/98/5ce360e56b91.gif

0.0.0.0

0 B

URL GET
s42.radikal.ru/i095/1008/98/5ce360e56b91.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://darkbrotherhood.my1.ru/photo/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i095/1008/98/5ce360e56b91.gif HTTP/1.1
Host: s42.radikal.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML