| | 172.67.136.31 | 301 Moved Permanently | 167 B |
URL User Request GET HTTP/2IP172.67.136.31:443
CertificateIssuerLet's Encrypt Subjectcyberbtk.xyz Fingerprint0F:0C:4C:44:77:FC:CC:B7:78:03:15:FB:FC:0B:6D:A2:0C:F4:12:41 ValidityFri, 29 Mar 2024 07:09:47 GMT - Thu, 27 Jun 2024 07:09:46 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET / HTTP/1.1
Host: cyberbtk.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 18 Apr 2024 22:15:03 GMT
content-type: text/html
content-length: 167
location: https://192.53.117.194/
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 23:15:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACgdL%2FUpY4x0gNNxVBzbnikyW%2BSnAbSZ57GlUupNoWQU38NjVB%2Byq2BLQsal%2Bmt81iOqdDqYuw9wIKLXTZzbiEp4%2FOwz%2F1L7EqVtXff63MxrNSMD8nX%2FGB6TocJmOvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876802e6884a7129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zerossl.ocsp.sectigo.com/ | 104.18.38.233 | | 727 B |
URL zerossl.ocsp.sectigo.com/ IP104.18.38.233:0
Hashadc5a3163d0b553ecef707bc40eed4bc 1c1233c0d19aa616b3123b8d94b8063a72ebb2d2 fbe62206d2c509e11dbd877678b9303a782b9e7cf8ce9d015da190590d0ab323
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 22:15:04 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 02:11:40 GMT
Expires: Tue, 23 Apr 2024 02:11:39 GMT
Etag: "1c1233c0d19aa616b3123b8d94b8063a72ebb2d2"
Cache-Control: max-age=359194,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 876802eb0ac90b3d-OSL
|
|
| | 192.53.117.194 | 302 Moved Temporarily | 154 B |
URL User Request GET HTTP/1.1IP192.53.117.194:443 ASN#63949 Akamai Connected Cloud
CertificateIssuerZeroSSL Subject192.53.117.194 Fingerprint85:28:66:F9:B5:DC:30:D6:A4:6F:D1:18:0E:2E:DB:3B:51:84:F7:1A ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashc34a889404161b1abde82974413740d6 fc62410b186e210cb3e56b68dc79dbede8541aca 70c5f715dfb4f07671c29b36e542db2d27e9b17c24520eb00bcef73d2343370b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 192.53.117.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 18 Apr 2024 22:15:04 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://roarbtk1.click/
|
|
| roarbtk1.click/cdn-cgi/images/browser-bar.png?1376755637 | 104.21.39.177 | 200 OK | 715 B |
URL GET HTTP/3roarbtk1.click/cdn-cgi/images/browser-bar.png?1376755637 IP104.21.39.177:443
CertificateIssuerGoogle Trust Services LLC Subjectroarbtk1.click FingerprintFA:DB:9F:63:F3:40:6F:69:5A:49:A9:7B:0D:01:AD:7C:C2:7A:FF:0A ValidityWed, 17 Apr 2024 17:58:57 GMT - Tue, 16 Jul 2024 17:58:56 GMT
File typePNG image data, 960 x 53, 8-bit colormap, non-interlaced Hash226dcb8f6144bdaafdfbd8f2f354be64 3785cc5b3bf52f8e398177b0ff1020b24aa86b8c 8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: roarbtk1.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roarbtk1.click/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 22:15:04 GMT
content-type: image/png
content-length: 715
last-modified: Tue, 16 Apr 2024 15:45:04 GMT
etag: "661e9d00-2cb"
server: cloudflare
cf-ray: 876802efde08b515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 19 Apr 2024 00:15:04 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
|
|
| roarbtk1.click/cdn-cgi/styles/cf.errors.css | 104.21.39.177 | 200 OK | 7.7 kB |
URL GET HTTP/3roarbtk1.click/cdn-cgi/styles/cf.errors.css IP104.21.39.177:443
CertificateIssuerGoogle Trust Services LLC Subjectroarbtk1.click FingerprintFA:DB:9F:63:F3:40:6F:69:5A:49:A9:7B:0D:01:AD:7C:C2:7A:FF:0A ValidityWed, 17 Apr 2024 17:58:57 GMT - Tue, 16 Jul 2024 17:58:56 GMT
File typegzip compressed data, from Unix Hash80000355ef4900f25141ea92a02cbd43 7f297631ad2097b03d0a69d74beba006eee6dcca 5e759f93b779e46ac4ae17a848a24860f68f798692c22cba902aa103f4a0889c
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: roarbtk1.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roarbtk1.click/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 22:15:04 GMT
content-type: text/css
last-modified: Tue, 16 Apr 2024 15:45:04 GMT
etag: W/"661e9d00-5df3"
server: cloudflare
cf-ray: 876802efbdedb515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 19 Apr 2024 00:15:04 GMT
cache-control: max-age=7200, public
content-encoding: gzip
|
|
| roarbtk1.click/cdn-cgi/images/cf-no-screenshot-error.png | 104.21.39.177 | 200 OK | 3.2 kB |
URL GET HTTP/3roarbtk1.click/cdn-cgi/images/cf-no-screenshot-error.png IP104.21.39.177:443
CertificateIssuerGoogle Trust Services LLC Subjectroarbtk1.click FingerprintFA:DB:9F:63:F3:40:6F:69:5A:49:A9:7B:0D:01:AD:7C:C2:7A:FF:0A ValidityWed, 17 Apr 2024 17:58:57 GMT - Tue, 16 Jul 2024 17:58:56 GMT
File typePNG image data, 178 x 175, 8-bit colormap, non-interlaced Hash0d768cbc261841d3affc933b9ac3130e aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7 1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: roarbtk1.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roarbtk1.click/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 22:15:04 GMT
content-type: image/png
content-length: 3213
last-modified: Tue, 16 Apr 2024 15:45:04 GMT
etag: "661e9d00-c8d"
server: cloudflare
cf-ray: 876802efde09b515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 19 Apr 2024 00:15:04 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
|
|
| roarbtk1.click/favicon.ico | 104.21.39.177 | 403 Forbidden | 4.5 kB |
URL GET HTTP/3roarbtk1.click/favicon.ico IP104.21.39.177:443
CertificateIssuerGoogle Trust Services LLC Subjectroarbtk1.click FingerprintFA:DB:9F:63:F3:40:6F:69:5A:49:A9:7B:0D:01:AD:7C:C2:7A:FF:0A ValidityWed, 17 Apr 2024 17:58:57 GMT - Tue, 16 Jul 2024 17:58:56 GMT
File typeHTML document, ASCII text, with very long lines (4751), with no line terminators Hash7c2478b333dafc1360d64402b25c97fc bf0b1365317d63ac2b6a9909fd933889a59f9ecb e056a9544b181f17efb529c938358aa4fd1a574951358a0263b5aaaa056f6b62
GET /favicon.ico HTTP/1.1
Host: roarbtk1.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roarbtk1.click/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Thu, 18 Apr 2024 22:15:04 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Thu, 18 Apr 2024 22:15:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPyErEPHH39HkD81xSU8SWIEJ0HKsASfarQPcOoGrBqGYi7JI%2BjlMBvCTRmp1gGMzxPPw9OOBILFmDSHtCjXdkK40hwsfXiDoxMw%2FP3p4yB9YikkAvYQNmhBMOxAl26HgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876802f00e14b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.39.177 | 403 Forbidden | 4.5 kB |
URL User Request GET HTTP/2IP104.21.39.177:443
CertificateIssuerGoogle Trust Services LLC Subjectroarbtk1.click FingerprintFA:DB:9F:63:F3:40:6F:69:5A:49:A9:7B:0D:01:AD:7C:C2:7A:FF:0A ValidityWed, 17 Apr 2024 17:58:57 GMT - Tue, 16 Jul 2024 17:58:56 GMT
File typeHTML document, ASCII text, with very long lines (4751), with no line terminators Hash1bd374dedfebcc8ccf835baf20e9401a 4357dc85b6042757042c79dd3c796ff4df875002 3730827eaa91e3d378768ca1ef62429e22c3454b8c8e65e9bf02e8eaacbffac8
GET / HTTP/1.1
Host: roarbtk1.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 22:15:04 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Thu, 18 Apr 2024 22:15:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMHleRbOYJOBPKivWk6GvTCpn8NFeERNDiq0VIPCct5Dy9LQ9sBkddSI34Gfa7KrgeTjb3LbP2uUnJz%2FHCVxwKC79BRjoqC7%2FLJqndGLiJbH%2F9sjmcAUMm%2FO1kkuKFd2uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876802edef4556c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 104.21.39.177 | 403 Forbidden | 4.5 kB |
URL User Request GET HTTP/3IP104.21.39.177:443
CertificateIssuerGoogle Trust Services LLC Subjectroarbtk1.click FingerprintFA:DB:9F:63:F3:40:6F:69:5A:49:A9:7B:0D:01:AD:7C:C2:7A:FF:0A ValidityWed, 17 Apr 2024 17:58:57 GMT - Tue, 16 Jul 2024 17:58:56 GMT
File typeHTML document, ASCII text, with very long lines (4751), with no line terminators Hash49451133e7e36d46c75e6ba1a35e3a48 86f0a6a26bb40ffa1323b7bf9d3460fbc3b63085 5ab2be84cbfec45937c5be9cec709e829b6efdb739e189de9a5cc9fe2b4c6d69
GET / HTTP/1.1
Host: roarbtk1.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Thu, 18 Apr 2024 22:15:04 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Thu, 18 Apr 2024 22:15:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rNdZ0DWnDeaZBgxm0B%2FziF3poFqCksFT%2B2oDyVQpADwppa%2Fqujh478S0gQ4FJsnHc02D%2BJ4AJLc%2BSoDJn7L76J%2BrxbX8hDZ9y5Hc2fSSCyUKdUcmZCQUK2p%2F6CwFtf3yVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876802eefd9bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|