Report - rutor.megapirate.net/

Report Overview

Visited public
2023-11-19 14:15:28
Tags
Submit Tags
URL
rutor.megapirate.net/
Finishing URL
rutor.megapirate.net/
IP / ASN
104.21.64.253
#13335 CLOUDFLARENET
Title
rutor.info :: Свободный торрент трекер

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2023-11-19 05:13:45	446 B	5.9 kB	162.19.58.157
s-rutor.megapirate.net	unknown	unknown	No data	No data	4.4 kB	82 kB	172.67.138.128
metrica-yandex.com	783336	2021-09-14	2021-09-19 06:17:37	2023-11-19 02:26:31	421 B	61 kB	188.114.96.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-19 07:31:29	458 B	2.9 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-19 08:29:40	527 B	17 kB	142.250.74.3
heartilyscales.com	unknown	2022-12-16	2022-12-16 09:32:11	2023-11-19 02:26:31	444 B	15 kB	173.233.137.44
rutor.megapirate.net	unknown	2021-10-01	2023-08-10 12:22:26	2023-11-19 13:43:42	4.4 kB	516 kB	172.67.138.128
cdnbunny.org	unknown	2022-04-20	2022-04-23 09:54:02	2023-11-18 20:23:42	432 B	2.3 kB	77.91.100.49
matomo.hellohi.me	545402	2019-07-03	2019-07-03 22:13:04	2023-11-19 02:26:32	410 B	67 kB	188.114.96.1
theusualsuspectz.biz	unknown	2023-01-27	2023-01-27 02:27:31	2023-11-19 02:26:31	415 B	49 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-19 14:15:12	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-11-19 14:15:12	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-19	medium	heartilyscales.com	Sinkholed
2023-11-19	medium	theusualsuspectz.biz	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	rutor.megapirate.net/	ScriptElement	26 B	2023-03-07	2025-07-13
Pretty URL rutor.megapirate.net/ IP 172.67.138.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:40 Last Seen2025-07-13 05:30 Times Seen932 Hash 5779365b0a28c08298ca5847c65b769d 3076ad9e094690cd6c4ee200ae254e6e7260fd30 57c620405714b8baa51067e0ca9bc9a9b252985292b857360aec8a9936688709 Loading...

	rutor.megapirate.net/	ScriptElement	551 B	2023-03-29	2025-07-09
Pretty URL rutor.megapirate.net/ IP 172.67.138.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 21:25 Last Seen2025-07-09 03:27 Times Seen43 Hash 5d2a89d2372fc8290577c134e99837cd 21db629801d4f80fd46cb960028195b4a032b536 2427b653359e625d96beafa83c56161f5e5689be413583cb49096aa79f598db6 Loading...

	rutor.megapirate.net/	ScriptElement	816 B	2024-08-20	2024-08-20
Pretty URL rutor.megapirate.net/ IP 172.67.138.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 18:47 Last Seen2024-08-20 18:47 Times Seen1 Hash 6e4632370e71f77f84aad271e1a375b3 b462a355ed52da3871f490668fd49a8b4e0b0977 a3a72ba8782d8dd068175ada7624240e21f4daf97a8aeaf0d5b82bea9c1aec9f Loading...

	rutor.megapirate.net/app/apx19.js	ScriptElement	9.2 kB	2023-03-07	2025-07-13
Pretty URL rutor.megapirate.net/app/apx19.js IP 172.67.138.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40 Last Seen2025-07-13 05:30 Times Seen980 Hash 2344c3f05f624d595f6fb920e4d74ded eb4d1404ac2d5eecd307f4588aeeab5c8ef463f1 3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a Loading...

	rutor.megapirate.net/app/apx14.js	ScriptElement	7.7 kB	2023-03-07	2025-07-13
Pretty URL rutor.megapirate.net/app/apx14.js IP 172.67.138.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40 Last Seen2025-07-13 05:30 Times Seen977 Hash dfb1f327618e201778f2de85cfbcd173 fceb89a2221463e5bc5a71feff1247683ab08cc5 dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33 Loading...

	unknown	Function	34 B	2023-04-11	2025-07-13
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-07-13 03:10 Times Seen67599 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	rutor.megapirate.net/	ScriptElement	464 B	2024-08-20	2024-08-20
Pretty URL rutor.megapirate.net/ IP 172.67.138.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 18:47 Last Seen2024-08-20 18:47 Times Seen1 Hash e2187302f9ba3dcaaaa773beedf7a875 e66e2cc3b3c86655b0751eb9567a326f4bf5f13a f5cba4a3771dfa3c46b3c3b6b044f3c1fe61aa61b67e1802740cd79cd220b5a1 Loading...

	rutor.megapirate.net/	ScriptElement	449 B	2023-03-07	2025-07-09
Pretty URL rutor.megapirate.net/ IP 172.67.138.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:40 Last Seen2025-07-09 17:01 Times Seen403 Hash 8ec4ea2cc07fb4298dd793cbc67d3755 04c34c92ef5baad58af7c56b728d4a84c55f7185 9a0e8ee9789c9f554b318f332bf0d2c61f85cdcf33afc1228b6f94181f841b1d Loading...

HTTP Transactions (27)

URL IP Response Size

GET i.ibb.co/pyC2VvJ/alert-xxl.png

162.19.58.157

200 OK

5.6 kB

URL GET HTTP/2
i.ibb.co/pyC2VvJ/alert-xxl.png
IP
162.19.58.157:443
ASN
#16276 OVH SAS

Requested by
https://rutor.megapirate.net/
Certificate
IssuerLet's Encrypt
Subjectibb.co
FingerprintCC:72:96:95:90:7F:15:8E:AC:C5:40:3A:D2:6F:83:A3:DF:5E:72:56
ValidityMon, 09 Oct 2023 14:39:49 GMT - Sun, 07 Jan 2024 14:39:48 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5554 bytes)
Hash
8d0eed07b450044fdca282d1daf8a58c
794e1284cdf81fd60154955c1805282ae21240cd
baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af

HTTP Headers

GET /pyC2VvJ/alert-xxl.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: image/png
content-length: 5554
last-modified: Mon, 07 Aug 2023 04:09:39 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

GET s-rutor.megapirate.net/i/d.gif?

172.67.138.128

200 OK

16 kB

URL GET HTTP/3
s-rutor.megapirate.net/i/d.gif?
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 13 x 13\012- data
Size
16 kB (16103 bytes)
Hash
78956f45d92da2b236ddf91e150b8c13
5c6b70a35678e327a26968020ba8c4872c4431c9
cda72038d87b85d534d4647a4f105c6f3d9fa7f51f4b8d82de2ec7962eb88c52

HTTP Headers

GET /i/d.gif? HTTP/1.1
Host: s-rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:11 GMT
content-type: image/gif
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:10 GMT; Max-Age=86400
PHPSESSID=ile959l4rd7bpf0li09kdm4rfv; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znb2dM7Kud7PfB5niVUu54L8LvoXz1e0ZdjGlYAN%2FlS7DN00qMbDTCXA34LLF5lxCfwS%2FvtLQ4uo6Waykxchu8pEm5Z26CkWINneg9wCcHWtf2MGWPO0lXil9YY5wu8GCeT2gp4UxYim"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910553ff456cb-OSL
alt-svc: h3=":443"; ma=86400

GET heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js

173.233.137.44

200 OK

14 kB

URL GET HTTP/1.1
heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://rutor.megapirate.net/
Certificate
IssuerLet's Encrypt
Subjectheartilyscales.com
FingerprintF0:0C:2F:00:27:D9:41:A2:9B:5F:2C:5F:B6:BE:55:43:BB:A5:CC:81
ValidityFri, 13 Oct 2023 06:44:51 GMT - Thu, 11 Jan 2024 06:44:50 GMT

File type
ASCII text, with very long lines (40573), with no line terminators
Size
14 kB (14302 bytes)
Hash
233a80c77bf42027e3eb7b2b3b290b7c
508e41652696de1c035b3ce9780b0d4f6d68f9b7
b0f40b201ff1295d95ff81790b0b4f80a479cfe790938c489c01e63c018069c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1
Host: heartilyscales.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 19 Nov 2023 14:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 709324dc7c5fbdb81ea76621997a383d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET s-rutor.megapirate.net/i/ic24.gif?

172.67.138.128

200 OK

4.4 kB

URL GET HTTP/3
s-rutor.megapirate.net/i/ic24.gif?
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 60 x 41\012- data
Size
4.4 kB (4360 bytes)
Hash
12cd7f00af35c574b61c81c736cb496d
a3509be9ee85a78b8f87b7cc212bd29ea0914f34
3a700fbe336f2734c5a899e0891ef73c55b96440c0350db9e57a0547eaecdf3e

HTTP Headers

GET /i/ic24.gif? HTTP/1.1
Host: s-rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: image/gif
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:10 GMT; Max-Age=86400
PHPSESSID=6cb83ha0c9cfeqnomni4nqheqh; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eBpK7K24NUvTDjnUl3yD7Soo10XfaRIPiCPJRAow9zvWEMNtzCFPgg8zHWeYEF75jZgZw5UJ3engMONcj8ykqO0gH3RyryCAre8teo7JrPKjK6RYnBmsZ%2Fl6ZLwnE7WTLblteZhry3K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910553ff256cb-OSL
alt-svc: h3=":443"; ma=86400

GET rutor.megapirate.net/js/rutor-favicon.ico

172.67.138.128

200 OK

894 B

URL GET HTTP/3
rutor.megapirate.net/js/rutor-favicon.ico
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Size
894 B (894 bytes)
Hash
ab55f59a775976829d8352a7a0584d3e
e4b29ec4ac46d97ea15c582d61d02c523dd0485b
e68d4b7f22b5027fef4672cc5ba884fb52ac248fd1ca4648c9ac89d95b0e58f4

HTTP Headers

GET /js/rutor-favicon.ico HTTP/1.1
Host: rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Cookie: view=1; PHPSESSID=f68lbvmq4v775sh6nao8fgidoi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:12 GMT
content-type: image/x-icon
last-modified: Thu, 21 Apr 2022 20:54:03 GMT
etag: W/"6261c46b-37e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxfMtoUWkm60O%2FK%2FGPz8MEqSi7EguYGxRFTwSpGPJVcow8NLeU0MBpWhYaLy1Bj2tA6LaRYSsQD64o9GCSUYbzQfDWpT94sq9NZy9%2BttOoDe4eIxp7d0jrF8OcyogGca08PQYrFxrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8289105d089a56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET rutor.megapirate.net/

172.67.138.128

200 OK

362 kB

URL User Request GET HTTP/2
rutor.megapirate.net/
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type

Size
362 kB (362473 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: text/html;charset=UTF-8
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:10 GMT; Max-Age=86400
PHPSESSID=f68lbvmq4v775sh6nao8fgidoi; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AOH%2FCK3psWJ5%2FpS4kJTb17GQihII0J6vfmn5N1Llj9ip6q2LSpMH%2FmGkoGhubYX1jV197XhFzZ7xgigje6MxRIzC6Nwpd%2BAZfW5%2BZcfPO4ndTnMQR44lGBqphlIcq1MLHNkCSDDbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828910508d561c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET metrica-yandex.com/metrika/tag.js?1001

188.114.96.1

200 OK

60 kB

URL GET HTTP/2
metrica-yandex.com/metrika/tag.js?1001
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetrica-yandex.com
Fingerprint83:D7:75:77:BB:41:A1:6C:E1:44:01:FF:10:9C:71:CE:32:44:D6:B7
ValidityWed, 15 Nov 2023 07:38:46 GMT - Tue, 13 Feb 2024 07:38:45 GMT

File type
ASCII text, with very long lines (60271), with no line terminators
Size
60 kB (60271 bytes)
Hash
ea67b2343fc359662afdae5d4c8c8e03
7f07219a8cd9d6d5c17e20bd7e80fac0281c2b18
5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11

HTTP Headers

GET /metrika/tag.js?1001 HTTP/1.1
Host: metrica-yandex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
etag: W/"61564186-eb6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1042023
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYhDH%2BQGhWbkfN0TKylknaLiTTLtnPzC%2FgAs2p0MONrSSrkGk3U9NxJTeH3J7R4z4svUXV4ElQVPQ3MdxfZbY2Bx80DTgOT3TPD1xylALbET1M57nPrQlNP6Xxx5BTLVBuf6vvQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82891054daab0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET s-rutor.megapirate.net/i/com.gif?

172.67.138.128

200 OK

295 B

URL GET HTTP/3
s-rutor.megapirate.net/i/com.gif?
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 11 x 9\012- data
Size
295 B (295 bytes)
Hash
e91f48c29a8f6285ade898585e58f8ad
c171b970bbdb33210c1e9714bc7fa96e42bdb0bf
30bacf9c5db02b0b5fdbe670c15301ec8231d2e526ab20ea5f8dfb8692e02f17

HTTP Headers

GET /i/com.gif? HTTP/1.1
Host: s-rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: image/gif
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:10 GMT; Max-Age=86400
PHPSESSID=0nlfrbq1upgrsdq9j4eoe29kqu; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYcnTyk97iHCM2AgHw8A5REPZsFJbjDg1u8sHjtnvzol4KTzU11bPEylNaUsemYreNWYcwMv8x%2BBv2Bl9PyKQdEe%2FpcdeV46K4DkBfdag0%2BIEquL4bjuRXPVnVHlNwxC2WLDbC1e4Kc1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910553fee56cb-OSL
alt-svc: h3=":443"; ma=86400

GET s-rutor.megapirate.net/t/top.gif?

172.67.138.128

200 OK

612 B

URL GET HTTP/3
s-rutor.megapirate.net/t/top.gif?
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 24 x 24\012- data
Size
612 B (612 bytes)
Hash
ab3755cddb40723270164fa84b8f0362
a7e6700d02578c03bd76b217b23c55b4fba997ea
79df9f5b18cac4dbaec0808448c15e094b5fe20d04aabfe7bed9e6ae07739dfd

HTTP Headers

GET /t/top.gif? HTTP/1.1
Host: s-rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: image/gif
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:10 GMT; Max-Age=86400
PHPSESSID=nfkfschtnmtjln2pdq70qa3jjh; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaO29XcO8g6EPqwu0kaYQT%2FrPml6GGGefPcTWipWhrQ5F%2ByEBdkyyJm2Tpk1gmX90UBrfKLqlt6hUCGCduwxKw379XqOoF%2B2jna97vbRP4KgOMYEkeX7EYQd61ZnqbIV%2F8mppXDiQWIF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910553ff756cb-OSL
alt-svc: h3=":443"; ma=86400

GET rutor.megapirate.net/app/apx14.js

172.67.138.128

200 OK

7.7 kB

URL GET HTTP/3
rutor.megapirate.net/app/apx14.js
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8720), with no line terminators
Size
7.7 kB (7663 bytes)
Hash
3db7729f5768690d08cfbb852bda88b3
29d50e49674a25263da47dec24318c1a68f003e0
997dcda1cc75d9821ee6a9b2dba6fff73b5f104ed1a49792f998d7fe70d24893

HTTP Headers

GET /app/apx14.js HTTP/1.1
Host: rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Cookie: view=1; PHPSESSID=f68lbvmq4v775sh6nao8fgidoi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Sep 2020 18:26:19 GMT
etag: W/"5f61074b-1def"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbEBzXQ1x5RWywifVVwVzR%2F8B9UDm6xgYOJx%2BjN8zvY9sC0Z0b8srTknsU3IBDfxJSiy0Jz7aRk7YvcZ8QYF0g5StPYIXKnrnhvvo4BAuv2P9ifJyqkqgg2rev7uCSbrKU0gVPvdWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910551fc756cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

142.250.74.106

200 OK

2.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://rutor.megapirate.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2319), with no line terminators
Size
2.3 kB (2256 bytes)
Hash
a923b98baca4b55a4d2a4f806222686b
767d3e48a33b662bdb12e0f498fd2510a59a7db4
e927b86850ae1f8b6c9ab3722b76d1f1f72f224d0a3523b04ca29df0e7aee222

HTTP Headers

GET /css2?family=Roboto:wght@400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 19 Nov 2023 14:15:10 GMT
date: Sun, 19 Nov 2023 14:15:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET s-rutor.megapirate.net/logo.jpg?

172.67.138.128

200 OK

45 kB

URL GET HTTP/3
s-rutor.megapirate.net/logo.jpg?
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=120, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=450], baseline, precision 8, 420x110, components 3\012- data
Size
45 kB (44893 bytes)
Hash
dc4a948f3ccf35b2c39269cde1aad6f3
1b952aa88121ee56b0648e0e2476a0dacc39da5e
eabb9097a448d6066ceac9b449f2a3759776e14aea3d574208495af12ed84f56

HTTP Headers

GET /logo.jpg? HTTP/1.1
Host: s-rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:11 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:10 GMT; Max-Age=86400
PHPSESSID=t8h30dmulb4v6u6r3il144ga8e; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5gv%2F%2BLuQsqlH2ThmjvNJHDXLSG8ymWoGYPZM3lpO3YwNDkS9VTKOTga1mn%2FF5sZ1a%2BzwX5c3OpkN8udPAPQQI1AIFhJ8smB6TemgPxob0OiQrxkcmEZkoOGUAmAjPoNbCu%2FDSdcr7%2Ft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910553ff156cb-OSL
alt-svc: h3=":443"; ma=86400

GET s-rutor.megapirate.net/t/arrowdown.gif?

172.67.138.128

200 OK

51 B

URL GET HTTP/3
s-rutor.megapirate.net/t/arrowdown.gif?
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 5 x 8\012- data
Size
51 B (51 bytes)
Hash
fe98a58fe6509fb7cb897d25228329d3
34d9e63fe61d4b543f84003c70d0473b6893926f
a045e7b1f5ceaefbab2ef782b86b12de0a41fc2ca34c43cbf6b8b8a107d339ff

HTTP Headers

GET /t/arrowdown.gif? HTTP/1.1
Host: s-rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: image/gif
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:10 GMT; Max-Age=86400
PHPSESSID=f45ssbaq916omchjq7pkqcpvkq; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brH9XpsN4XTtZ6PtwVk2EmMb11qtSrdzYpIPhi%2FhMZAQYEi8j7HDSSmOi8Q%2FMdzVPbHzS1QgpP1x6q1Ay57tv9ghxjVyLif3a1EBfKKnNF2DuH2rapOl33qZIeD9Vnyi5uZoIrc30roB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910553ff956cb-OSL
alt-svc: h3=":443"; ma=86400

GET rutor.megapirate.net/app/apx19.js

172.67.138.128

200 OK

9.2 kB

URL GET HTTP/3
rutor.megapirate.net/app/apx19.js
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (10516), with no line terminators
Size
9.2 kB (9183 bytes)
Hash
d26dea46bd49f9297502159ed377f84c
2da344f74215617efd03c4805e5e15d7d8039515
77d7964a36f5c3105bc99271b3ffe2d4ebc5541e4acd38def734b3eaea38fd38

HTTP Headers

GET /app/apx19.js HTTP/1.1
Host: rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Cookie: view=1; PHPSESSID=f68lbvmq4v775sh6nao8fgidoi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Sep 2020 18:46:59 GMT
etag: W/"5f610c23-23df"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjpV3AmmIk6cKiKpefqTaIOCcQv%2BbmlDluKRyVcmofUEgWqXBTIBGPFw1yQrkichi6QLKYnbOGTpzWmdvdOLOTmpgxu%2FL6aW9Tga7wi0gZ7AAOwNw5kyYeRaRBA6feixl1CxDApMCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82891054cf7756cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET rutor.megapirate.net/zpp/zpp4.js?q22q2q2

172.67.138.128

200 OK

39 kB

URL GET HTTP/3
rutor.megapirate.net/zpp/zpp4.js?q22q2q2
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (38995), with no line terminators
Size
39 kB (38995 bytes)
Hash
7dc63553536847077855df4f82f1ec18
146c3aac34cb4e7e1e9c692ccd0161b2e4f018de
3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960

HTTP Headers

GET /zpp/zpp4.js?q22q2q2 HTTP/1.1
Host: rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Cookie: view=1; PHPSESSID=f68lbvmq4v775sh6nao8fgidoi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 05:54:25 GMT
etag: W/"603dd311-9853"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vict98sxHcEc7fzq0GwtlB3pam2eKtaQbbkjlwH64ZzX%2B9Q38L0nqJMA1eS3m9XT8yPXXvFz%2BL%2FSkdHlahDPKF1QtiArqVkJnyMSgICWRKSc%2BrOBoDz6CbeFRSHJwEEon%2BCuaUcBZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910551fc656cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

POST rutor.megapirate.net/user.php

172.67.138.128

200 OK

0 B

URL POST HTTP/3
rutor.megapirate.net/user.php
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /user.php HTTP/1.1
Host: rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 39
Origin: https://rutor.megapirate.net
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Cookie: view=1; PHPSESSID=f68lbvmq4v775sh6nao8fgidoi
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:11 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ADq%2B2IuntELz2r94LJ6BTD%2FFE6FC1W4yjaT74mSetIVIFBk04WGZa0KXO8FQ1aYg7BPPiUtee%2BHTCWLRUd3O004g91A3cBYCEDC6T2zF33BZdGiOJzBExZm%2BuW63MfcpEk1h2YbWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828910579a8656cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET s-rutor.megapirate.net/i/lupa.gif?

172.67.138.128

200 OK

3.1 kB

URL GET HTTP/3
s-rutor.megapirate.net/i/lupa.gif?
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 55 x 56\012- data
Size
3.1 kB (3079 bytes)
Hash
e2c8f8537818f7880be3ae505852b9ff
2a1f5572e6f4c9efc1700f34d6c6969bedbd8535
6946c64a41b61a1e8708b7bcf8274274c71cdc23932aab32da5b868d19212b3a

HTTP Headers

GET /i/lupa.gif? HTTP/1.1
Host: s-rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: image/gif
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:10 GMT; Max-Age=86400
PHPSESSID=up1jmih4rp0nmn76htgfo79e4s; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbVJlpN9jpa%2BGUEwNvYKl%2FtWErIR2lSiBxkT7hhciaKHV5MAFKCKZQOA%2BAxkv6xZxiohUaoDPLOinp1jCxTFcXp99H5H2MLJ%2BFlRoN%2BADZcaEuvvH1Ja0KpUmlfbY9oaWaa0nBK8d3dB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910553fef56cb-OSL
alt-svc: h3=":443"; ma=86400

GET cdnbunny.org/i/poisk_bg.gif?

77.91.100.49

200 OK

2.0 kB

URL GET HTTP/1.1
cdnbunny.org/i/poisk_bg.gif?
IP
77.91.100.49:443
ASN
#42861 Foton Telecom CJSC

Requested by
https://rutor.megapirate.net/
Certificate
IssuerLet's Encrypt
Subjectcdnbunny.org
FingerprintB8:B4:C3:A5:E1:BC:9E:ED:C7:E3:2D:67:96:DC:82:10:2E:19:ED:4A
ValidityThu, 14 Sep 2023 21:47:03 GMT - Wed, 13 Dec 2023 21:47:02 GMT

File type
GIF image data, version 89a, 46 x 56\012- data
Size
2.0 kB (1998 bytes)
Hash
76118a48fd5ae4b926e34f4edb427386
4aa5f228e3f511bf626afa6703488d1d7c6df5e0
4912841156c4582948d016867a6c71845a0221f1dd6419ea911f6f83bbc431d7

HTTP Headers

GET /i/poisk_bg.gif? HTTP/1.1
Host: cdnbunny.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 19 Nov 2023 14:15:11 GMT
Content-Type: image/gif
Content-Length: 1998
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2011 15:28:37 GMT
ETag: "4ebe90a5-7ce"
Cache-Control: max-age=604800
Age: 283340
X-Debug: 604800.000 2865
Accept-Ranges: bytes

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.3

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://rutor.megapirate.net/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rutor.megapirate.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:57:34 GMT
expires: Fri, 15 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 292657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET matomo.hellohi.me/matomo.js

188.114.96.1

200 OK

66 kB

URL GET HTTP/2
matomo.hellohi.me/matomo.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:19:FF:F4:F0:F2:6F:BE:66:7F:4C:A0:E8:02:E6:F4:94:A8:6C:68
ValidityWed, 01 Mar 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1601)
Size
66 kB (65842 bytes)
Hash
a3a7245d6daf7d31d2069c0ba05879dd
ec1bf464889e71aec1ced6d8361a26c76e4a1460
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

HTTP Headers

GET /matomo.js HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 19 Nov 2023 14:15:11 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 19 Oct 2023 04:58:52 GMT
etag: W/"6530b78c-10132"
expires: Sun, 19 Nov 2023 14:43:22 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 1909
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvFfWod%2B6iDq2%2FZs%2B32mCwKBXnl5vSaLrxSWB%2FZsZ0ZoUrtIKEpUPGZazI584Uws1Ohf6k3VIcsLf%2Bi4Uade3QvxOC3ogqV%2BtvZuny6k0QpNo537YKv6MVDrDtXO4Mrsjxdosw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82891057c8c856b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET rutor.megapirate.net/hy.js?q22q2q2

172.67.138.128

200 OK

56 kB

URL GET HTTP/3
rutor.megapirate.net/hy.js?q22q2q2
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (56131), with no line terminators
Size
56 kB (56131 bytes)
Hash
667d77da844b6d5ad62b2f26e77b4b12
01ae61192a38af73a93c67468fb8271d7bbfa4f6
f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1

HTTP Headers

GET /hy.js?q22q2q2 HTTP/1.1
Host: rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Cookie: view=1; PHPSESSID=f68lbvmq4v775sh6nao8fgidoi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 05:54:23 GMT
etag: W/"603dd30f-db43"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtvUJ2jv%2BJstj4THR%2Bp81Cedy12KnAW6ZkmREbJ%2F5gJWpkEpra3dF94lXBqHMvD%2BHNsXuxY1e0c8ajRPi3Bz9u%2FBjlNlOSg7leKoMzd94np3dQh8axSF%2B3JzFEQaru5GslIgBsYa8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82891054ef9856cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET rutor.megapirate.net/app/x12.js

172.67.138.128

200 OK

11 kB

URL GET HTTP/3
rutor.megapirate.net/app/x12.js
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11180), with no line terminators
Size
11 kB (11180 bytes)
Hash
94efa3c05291ac5cccd32cc3a11c9724
3a033e4d6f5e5eaf76030a81c8a05c619de436c2
58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102

HTTP Headers

GET /app/x12.js HTTP/1.1
Host: rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Cookie: view=1; PHPSESSID=f68lbvmq4v775sh6nao8fgidoi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Sep 2020 18:26:18 GMT
etag: W/"5f61074a-2bac"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhvwWGUyXhpo4QoXi49iJN%2FWM6LvkKpV6hJBsDmwKHtkeB9V88mLBNoOpTr8MqH3vf%2FOdr%2F51YZCZwvRC0udUkyUyEozFCdO6BsX9vssWTjRzUrv6h4tZv0%2FmkA1uSxIz%2F%2Bcnw8Wvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910551fc956cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET s-rutor.megapirate.net/i/forum.gif?

172.67.138.128

200 OK

4.4 kB

URL GET HTTP/3
s-rutor.megapirate.net/i/forum.gif?
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 42\012- data
Size
4.4 kB (4367 bytes)
Hash
48ae00889ff3baa47dafe9d6d0977019
8c08f0f6ee7fd93f40679bea8d3ceb7be01b3e2c
790a5e6e4ff054d64eca66bd8cfe77b7f379695366e3e5f1f35d5b702e39506c

HTTP Headers

GET /i/forum.gif? HTTP/1.1
Host: s-rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: image/gif
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:10 GMT; Max-Age=86400
PHPSESSID=7g7eq15n49va41786fv2ua7a8r; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4r%2B2GwNsYqEHkPY%2BKlXlvjr6FE4oGadbE8ruCo8suaCUQBf4MbOnSu9C7RHxAN8ZBTn79xT5XgcPW%2F%2B4o4lcC5Mk13gC4G6LDI7zwIk%2B%2FLg0XomwillY93Y6Qq9m4xinokdBV63pM2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910553ff056cb-OSL
alt-svc: h3=":443"; ma=86400

GET rutor.megapirate.net/js/rutor-css.css

172.67.138.128

200 OK

23 kB

URL GET HTTP/3
rutor.megapirate.net/js/rutor-css.css
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3877)
Size
23 kB (23045 bytes)
Hash
0de953836b820f628a50a1e48e04d5fe
b5f7c2b57caa8723051c15c30585a65d03595a01
656e2438ea6a9eb85ca7ac478fdae0d4ef13c3cca617cca66410fc970c383064

HTTP Headers

GET /js/rutor-css.css HTTP/1.1
Host: rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Cookie: view=1; PHPSESSID=f68lbvmq4v775sh6nao8fgidoi
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: text/css
last-modified: Thu, 21 Apr 2022 20:54:03 GMT
etag: W/"6261c46b-5a05"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0u7WmcKF9CrIUTm85JzdJd%2BAXOVOoQA%2FbLO3Aj4og43tQrPpyYffeRhuUjfvmX7vgs71HRJ7PiXeNhKlPl9NUNAz4j3uU7Ci83IjtMi0mLAWVz9TR3Ny%2F7W1N3cqTcNgIZl%2BypszDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82891054af5c56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET s-rutor.megapirate.net/t/arrowup.gif?

172.67.138.128

200 OK

52 B

URL GET HTTP/3
s-rutor.megapirate.net/t/arrowup.gif?
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 5 x 8\012- data
Size
52 B (52 bytes)
Hash
7cbfc089fd0b0d261187a0c1ef0826af
1583fd0ccdd6a7dcb24ef670761ab01387cf87cf
b88cfd011c972f65586f207621005b8b3336773a252e2a309ddbd9b7dda7b8b9

HTTP Headers

GET /t/arrowup.gif? HTTP/1.1
Host: s-rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:11 GMT
content-type: image/gif
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:11 GMT; Max-Age=86400
PHPSESSID=l0qobgma55pg6990g6m3rnhpcv; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IXpxEn6jjXQatAHnlvho87hGaSv0hoH7jJ3t7RMDmOtlb5PFBx4mjUwqo%2FKizV3%2FWtDvNa0Vmo1%2F6XV6yFfiul551WuJwBhTq1eR0HUSanaWUf%2B7p5vm%2Fz4qGZ6%2BfyqAY7ruqajBU%2BY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910553ff856cb-OSL
alt-svc: h3=":443"; ma=86400

GET s-rutor.megapirate.net/i/m.png?

172.67.138.128

200 OK

656 B

URL GET HTTP/3
s-rutor.megapirate.net/i/m.png?
IP
172.67.138.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA2:26:12:78:67:60:54:25:BD:6D:0F:CC:94:52:93:0F:AB:23:54:F0
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
656 B (656 bytes)
Hash
1c923e4247dd2fbbc7e407beecf6028c
37a7cd424c135206071cad59df92511df4fb6e5e
efb2d84b9882f1e58d07b358cb77ad0b67fcce154bc7dc70086532abe8f57fff

HTTP Headers

GET /i/m.png? HTTP/1.1
Host: s-rutor.megapirate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: image/png
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 20-Nov-2023 14:15:10 GMT; Max-Age=86400
PHPSESSID=0q8qde4n96evfr5fm7jb1kvd0o; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoO0ZYDo%2BpG%2BDp19UUJPFP6LiWUrVCWJJ8EmIp9pjcKo7F1x6i4vlWGHIazXeqyKIUJTAo1oc7Evr4ISGJ0w2gfg14XlSE4CFtTcLo4mzU7gIcxpEUAMR0TXdmOaQs0BZWHcdO9GShlE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910553ff656cb-OSL
alt-svc: h3=":443"; ma=86400

GET theusualsuspectz.biz/j/m/qqqq.js

188.114.97.1

200 OK

48 kB

URL GET HTTP/2
theusualsuspectz.biz/j/m/qqqq.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rutor.megapirate.net/
Certificate
IssuerGoogle Trust Services LLC
Subjecttheusualsuspectz.biz
Fingerprint48:50:76:74:0D:A9:38:77:17:65:ED:84:6A:17:AD:92:3A:EC:87:5A
ValiditySat, 18 Nov 2023 01:58:45 GMT - Fri, 16 Feb 2024 01:58:44 GMT

File type
ASCII text, with very long lines (48351), with no line terminators
Size
48 kB (48351 bytes)
Hash
febd5bfc829d7c8aa363e93e2e61f414
10d66213a9249bea47b15acf295323f01d217ef0
ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /j/m/qqqq.js HTTP/1.1
Host: theusualsuspectz.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rutor.megapirate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 19 Nov 2023 14:15:10 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
etag: W/"603dadf6-bcdf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1041776
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sj3Rswue0fB9gxMlHkLILK5RotlHsjrDJNvA46P4zUNWDEri85%2BMedheI3KLByOyTKJ21ikRhjcsSoO6R0YHW8DtcD6DbLnqxwBBwvFbdzGoLY6rpAK%2FrOLN3ptKzwfGvk6HOeaJoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828910558f06b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (27)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by