Report - sexyhotsingleminorsonroblox.shit.vc

Report Overview

Visited public
2024-08-25 08:29:09
Tags
URL
sexyhotsingleminorsonroblox.shit.vc
Finishing URL
sexyhotsingleminorsonroblox.shit.vc/
IP / ASN
169.47.130.83
#36351 SOFTLAYER
Title
I love minors

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-08-24 18:12:06	981 B	2.7 kB	23.36.76.226
sexyhotsingleminorsonroblox.shit.vc	unknown	unknown	No data	No data	787 B	2.4 kB	169.47.130.83
robloxminors.github.io	unknown	unknown	No data	No data	528 B	989 B	185.199.111.153
files.catbox.moe	174913	2015-04-06	2015-06-30 01:27:11	2024-08-20 14:52:25	494 B	197 kB	108.181.20.37
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-08-24 18:12:09	981 B	2.7 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-08-25 08:28:45	medium	Client IP	169.47.130.83	ET INFO DYNAMIC_DNS HTTP Request to a *.shit .vc Domain
2024-08-25 08:28:45	medium	Client IP	169.47.130.83	ET INFO DYNAMIC_DNS HTTP Request to a *.shit .vc Domain
2024-08-25 08:28:46	medium	Client IP	108.181.20.37	ET INFO Observed File Sharing Service Download Domain (files .catbox .moe in TLS SNI)
2024-08-25 08:28:46	medium	Client IP	108.181.20.37	ETPRO INFO .moe Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (10)

URL IP Response Size

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a081f9755218e081db962afea1117844
fab4e95becdbacea971038e8f0ea80b4e1064e4b
db03b08d76424bb0dd34b51c11cf222b9126bd1f6017afd35cb1c2d0c3d1f86e

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DB03B08D76424BB0DD34B51C11CF222B9126BD1F6017AFD35CB1C2D0C3D1F86E"
Last-Modified: Fri, 23 Aug 2024 14:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4534
Expires: Sun, 25 Aug 2024 09:44:18 GMT
Date: Sun, 25 Aug 2024 08:28:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
34b72ef98ffb750d7e3020d58da271c5
a0b34c22554f5cadf812b8d1f818be5dc840f211
a0d352f8b8c2248c32607b1d77c3ff6ff7382a5df118182f69aae7d7145ee100

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A0D352F8B8C2248C32607B1D77C3FF6FF7382A5DF118182F69AAE7D7145EE100"
Last-Modified: Fri, 23 Aug 2024 14:35:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7754
Expires: Sun, 25 Aug 2024 10:37:58 GMT
Date: Sun, 25 Aug 2024 08:28:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
515f455d93caad6521481d99fc23e623
cb770c44b3e280f2151b3f5e887d61fbe0ef66fb
cf43d0127c72bf58a1799b4e7ce0e5c9e18ec12e978df6dac9c17920a20173d5

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CF43D0127C72BF58A1799B4E7CE0E5C9E18EC12E978DF6DAC9C17920A20173D5"
Last-Modified: Fri, 23 Aug 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4491
Expires: Sun, 25 Aug 2024 09:43:35 GMT
Date: Sun, 25 Aug 2024 08:28:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f04a331cae60388b5b3c547bcdd5a8e8
a74ba9ea1965e39a78db26c6568b3524156f0b5c
133a1fe03de9efd148f43efda3cd37d24e4f5cc936d1008a8ce7aacc6653afa3

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "133A1FE03DE9EFD148F43EFDA3CD37D24E4F5CC936D1008A8CE7AACC6653AFA3"
Last-Modified: Fri, 23 Aug 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5682
Expires: Sun, 25 Aug 2024 10:03:26 GMT
Date: Sun, 25 Aug 2024 08:28:44 GMT
Connection: keep-alive

sexyhotsingleminorsonroblox.shit.vc/

169.47.130.83

200 OK

885 B

URL User Request GET HTTP/1.1
sexyhotsingleminorsonroblox.shit.vc/
IP
169.47.130.83:80
ASN
#36351 SOFTLAYER

File type
HTML document, ASCII text
Size
885 B (885 bytes)
Hash
9f1e0068cb1f2988a6a118715d473ca6
15df25fa548ca5cb4a754b409df3880ac11af285
c72f20ca91f2f0f2fd4b747eb2e7979b19f50026da0dc477a672bf10fae2b383

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.shit .vc Domain

HTTP Headers

GET / HTTP/1.1
Host: sexyhotsingleminorsonroblox.shit.vc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sun, 25 Aug 2024 08:28:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 885
Connection: keep-alive
Cache-Control: public, max-age=15
X-Abuse: URL redirection provided by freedns.afraid.org - please report any misuse of this service

robloxminors.github.io/

185.199.111.153

200 OK

240 B

URL GET HTTP/2
robloxminors.github.io/
IP
185.199.111.153:443
ASN
#54113 FASTLY

Requested by
http://sexyhotsingleminorsonroblox.shit.vc/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
240 B (240 bytes)
Hash
6b2cadbcd7464e0b40a6ab8690e9268f
714c1bb1a870cf5bd13f2f21286bfbe5407d0be9
ab6a8c449f54285e0531f2d5cbb042b4e53dc9ea1c866c441abe4323062c1d23

HTTP Headers

GET / HTTP/1.1
Host: robloxminors.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://sexyhotsingleminorsonroblox.shit.vc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Sun, 18 Aug 2024 06:53:35 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"66c19a6f-16f"
expires: Sun, 25 Aug 2024 08:10:47 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9672:272A4E:440E03:466D86:66CAE4AF
accept-ranges: bytes
age: 0
date: Sun, 25 Aug 2024 08:28:45 GMT
via: 1.1 varnish
x-served-by: cache-hel1410031-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1724574526.606280,VS0,VE114
vary: Accept-Encoding
x-fastly-request-id: e3e32411798a01e6d7386981c991be1ade1041ee
content-length: 240
X-Firefox-Spdy: h2

sexyhotsingleminorsonroblox.shit.vc/favicon.ico

169.47.130.83

200 OK

921 B

URL GET HTTP/1.1
sexyhotsingleminorsonroblox.shit.vc/favicon.ico
IP
169.47.130.83:80
ASN
#36351 SOFTLAYER

Requested by
http://sexyhotsingleminorsonroblox.shit.vc/

File type
HTML document, ASCII text
Size
921 B (921 bytes)
Hash
2587308c0499b3ca0cf3c54c6ef06181
46c492726666be05de1eb003d89d0229025b7626
df0c6ad30ad75ae23e1bbc609582f2b9d943ca990cbc6cca859a647665b889de

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.shit .vc Domain

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sexyhotsingleminorsonroblox.shit.vc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sexyhotsingleminorsonroblox.shit.vc/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sun, 25 Aug 2024 08:28:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 921
Connection: keep-alive
Cache-Control: public, max-age=15
X-Abuse: URL redirection provided by freedns.afraid.org - please report any misuse of this service

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f3a7d4b907a16e7e82883be9ff3cc7a4
cb041fb7a99151a86d3449564d72737a53edefba
b9187d8fcc431cee0496985416a1d32f8b4f32f7f454230e012a80db9bd4de1e

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B9187D8FCC431CEE0496985416A1D32F8B4F32F7F454230E012A80DB9BD4DE1E"
Last-Modified: Fri, 23 Aug 2024 14:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8076
Expires: Sun, 25 Aug 2024 10:43:22 GMT
Date: Sun, 25 Aug 2024 08:28:46 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f3a7d4b907a16e7e82883be9ff3cc7a4
cb041fb7a99151a86d3449564d72737a53edefba
b9187d8fcc431cee0496985416a1d32f8b4f32f7f454230e012a80db9bd4de1e

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B9187D8FCC431CEE0496985416A1D32F8B4F32F7F454230E012A80DB9BD4DE1E"
Last-Modified: Fri, 23 Aug 2024 14:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8076
Expires: Sun, 25 Aug 2024 10:43:22 GMT
Date: Sun, 25 Aug 2024 08:28:46 GMT
Connection: keep-alive

files.catbox.moe/s82jsq.mp4

108.181.20.37

206 Partial Content

197 kB

URL GET HTTP/2
files.catbox.moe/s82jsq.mp4
IP
108.181.20.37:443
ASN
#40676 AS40676

Requested by
https://robloxminors.github.io/
Certificate
IssuerLet's Encrypt
Subject*.catbox.moe
FingerprintCA:B4:7A:2F:13:6A:22:A1:4C:C5:1D:26:14:E2:A5:88:B3:3A:C1:C2
ValidityWed, 29 May 2024 13:08:05 GMT - Tue, 27 Aug 2024 13:08:04 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
197 kB (196572 bytes)
Hash
d9633d07a88d056fd0d808de582aa941
279a7854aa1a4ca22ab7eadac1b250b04252516e
0269b0166ac0b1356a629a87e22a8945218505d546ee18ec5c92d1c58270b45c

HTTP Headers

GET /s82jsq.mp4 HTTP/1.1
Host: files.catbox.moe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://robloxminors.github.io/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Sun, 25 Aug 2024 08:28:46 GMT
content-type: video/mp4
content-length: 30421473
last-modified: Sun, 18 Aug 2024 06:27:58 GMT
etag: "66c1946e-1d031e1"
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-range: bytes 0-30421472/30421473
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (10)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size