rbx.samu3l.wtf Open in urlscan Pro
2606:4700:3030::6815:211e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rbx.samu3l.wtf/
Effective URL:
http://rbx.samu3l.wtf/auth/home
Submission Tags: phish.gg anti.fish automated Search All
Submission: On April 28 via api (April 28th 2023, 11:47:14 am UTC) from DE — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3030::6815:211e, located in United States and belongs to CLOUDFLARENET, US. The main domain is rbx.samu3l.wtf.

This is the only time rbx.samu3l.wtf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:303... 2606:4700:3030::6815:211e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	3

7 2606:4700:3030::6815:211e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rbx.samu3l.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	samu3l.wtf 1 redirects rbx.samu3l.wtf	1 MB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	49 KB
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
9	3

	Domain	Requested by
7	rbx.samu3l.wtf	1 redirects rbx.samu3l.wtf
2	cdn.jsdelivr.net	rbx.samu3l.wtf
0	static.cloudflareinsights.com Failed	rbx.samu3l.wtf
9	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://rbx.samu3l.wtf/auth/home
Frame ID: E05240846222195CFD9A1C714F923F7E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Relive 2016 with EconomySimulator

Page URL History Show full URLs

http://rbx.samu3l.wtf/ HTTP 302
http://rbx.samu3l.wtf/auth/home Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

9
Requests

22 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1232 kB
Transfer

1438 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rbx.samu3l.wtf/ HTTP 302
http://rbx.samu3l.wtf/auth/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request home Show response
rbx.samu3l.wtf/auth/
Redirect Chain

http://rbx.samu3l.wtf/
http://rbx.samu3l.wtf/auth/home

12 KB
6 KB

26ms
26ms

Document
text/html

2606:4700:3030::6815:211e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://rbx.samu3l.wtf/auth/home

Protocol

HTTP/1.1

Server

2606:4700:3030::6815:211e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691161bac7062c5603376bae2fe9d784ac6aae063a6439bf4d0fc085720377ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data: https://cdn.samu3l.wtf https://.roblox.com https://.rbxcdn.com https://.samu3l.wtf https://rbx.samu3l.wtf; child-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://cdn.samu3l.wtf https://.roblox.com https://.samu3l.wtf https://.rbxcdn.com https://cloudflare.com https://.cloudflare.com https://challenges.cloudflare.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://rbx.samu3l.wtf:5000 https://rbx.samu3l.wtf; frame-src 'self' https://cloudflare.com https://cdn.samu3l.wtf https://.samu3l.wtf https://.rbxcdn.com https://.roblox.com https://.cloudflare.com https://challenges.cloudflare.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com https://.rbxcdn.com https://.roblox.com https://cloudflare.com https://.samu3l.wtf https://.cloudflare.com https://challenges.cloudflare.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css; font-src 'self' fonts.gstatic.com; connect-src 'self' https://cdn.samu3l.wtf https://.rbxcdn.com https://.roblox.com https://.rbx.samu3l.wtf wss://.rbx.samu3l.wtf https://.samu3l.wtf https://cloudflare.com https://.cloudflare.com https://challenges.cloudflare.com https://.cdn.com https://rbx.samu3l.wtf; worker-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7bef119cfb7b3635-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'self'; img-src 'self' data: https://cdn.samu3l.wtf https://*.roblox.com https://*.rbxcdn.com https://*.samu3l.wtf https://rbx.samu3l.wtf; child-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://cdn.samu3l.wtf https://*.roblox.com https://*.samu3l.wtf https://*.rbxcdn.com https://cloudflare.com https://*.cloudflare.com https://challenges.cloudflare.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://rbx.samu3l.wtf:5000 https://rbx.samu3l.wtf; frame-src 'self' https://cloudflare.com https://cdn.samu3l.wtf https://*.samu3l.wtf https://*.rbxcdn.com https://*.roblox.com https://*.cloudflare.com https://challenges.cloudflare.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com https://*.rbxcdn.com https://*.roblox.com https://cloudflare.com https://*.samu3l.wtf https://*.cloudflare.com https://challenges.cloudflare.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css; font-src 'self' fonts.gstatic.com; connect-src 'self' https://cdn.samu3l.wtf https://*.rbxcdn.com https://*.roblox.com https://*.rbx.samu3l.wtf wss://*.rbx.samu3l.wtf https://*.samu3l.wtf https://cloudflare.com https://*.cloudflare.com https://challenges.cloudflare.com https://*.cdn.com https://rbx.samu3l.wtf; worker-src 'self';
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 28 Apr 2023 11:47:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrdTlU9RT07IJhXlbpFOJZccjVFgVBKxuZAAOaOPgLBv84FzhcLdbvN0nkCB3AEosTCXEyvL%2BugJxxog7mJ3Y67t5zVSV2271ONx%2B6fBM4VSfIg%2BSQDZ7cwHlf1l%2Bn4JnBClVtYBpkpDIFtOiw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-timing: AppGuard=0,a=0,ua=0,c=0

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7bef119cbb1f3635-FRA
Connection: keep-alive
Content-Security-Policy: default-src 'self'; img-src 'self' data: https://cdn.samu3l.wtf https://*.roblox.com https://*.rbxcdn.com https://*.samu3l.wtf https://rbx.samu3l.wtf; child-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://cdn.samu3l.wtf https://*.roblox.com https://*.samu3l.wtf https://*.rbxcdn.com https://cloudflare.com https://*.cloudflare.com https://challenges.cloudflare.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://rbx.samu3l.wtf:5000 https://rbx.samu3l.wtf; frame-src 'self' https://cloudflare.com https://cdn.samu3l.wtf https://*.samu3l.wtf https://*.rbxcdn.com https://*.roblox.com https://*.cloudflare.com https://challenges.cloudflare.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com https://*.rbxcdn.com https://*.roblox.com https://cloudflare.com https://*.samu3l.wtf https://*.cloudflare.com https://challenges.cloudflare.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css; font-src 'self' fonts.gstatic.com; connect-src 'self' https://cdn.samu3l.wtf https://*.rbxcdn.com https://*.roblox.com https://*.rbx.samu3l.wtf wss://*.rbx.samu3l.wtf https://*.samu3l.wtf https://cloudflare.com https://*.cloudflare.com https://challenges.cloudflare.com https://*.cdn.com https://rbx.samu3l.wtf; worker-src 'self';
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 28 Apr 2023 11:47:08 GMT
Location: /auth/home
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFnwmHQdPAepgRQfF2qOUC25yecFy3NMRFp90DGkINi4By3arsDu%2FzLLc8kUQof23X6CnR4LjLpU2nW43cvho3B3Vij2%2FSqIvixMG1iMh0B%2Ff%2FFD2IdNbihFL53vGkAIzxDf4QVdOoANUTvMPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
25 KB 44ms
24ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: rbx.samu3l.wtf
URL: http://rbx.samu3l.wtf/auth/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://rbx.samu3l.wtf/
Origin: http://rbx.samu3l.wtf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 11:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 79484
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230037-FRA, cache-jnb7025-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rk3ETtnZZ3jjbCLA3OSdPIEB13tljJyfe572CQo%2BQNw3MKyptiLFYr%2BamAqTDb3lA5VI2VjX0O0nFcCFYa7XAz8hG%2BkIbAb3UM0Hf2fJgpf1Ihqoqi%2F2A9krQd6673hffG4CT875f094Z9tuw40%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7bef119d4cdb3a5a-FRA

GET
H/1.1 200
OK ImageFive.webp
rbx.samu3l.wtf/UnsecuredContent/ 318 KB
319 KB 20ms
20ms Image
image/webp 2606:4700:3030::6815:211e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rbx.samu3l.wtf/UnsecuredContent/ImageFive.webp
Requested by: Host: rbx.samu3l.wtf
URL: http://rbx.samu3l.wtf/auth/home
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:211e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3986ac418049f1e4fa2d6f12c0ae91d71403090461d9b47ad8e0af1c02ad314

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rbx.samu3l.wtf/auth/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 11:47:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 138832
ETag: "1d9667a26fc8576"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIXuR6yqfEvVlv7LwUgjGTDUq77AJakqIGCU4MrqxhcP%2BHl9VOfsmbZWETt9YCBfGP064vREl6XXQlz1fS9cNhkEwaS4%2Bd34mnWCAuScMlwIoj7%2FbKNAxINVydBJc1gTFWO0%2FN1wN3WYd%2FRdRA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7bef119d2bcc3635-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 325622

GET
H/1.1 200
OK ImageOne.webp
rbx.samu3l.wtf/UnsecuredContent/ 204 KB
204 KB 33ms
24ms Image
image/webp 2606:4700:3030::6815:211e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rbx.samu3l.wtf/UnsecuredContent/ImageOne.webp
Requested by: Host: rbx.samu3l.wtf
URL: http://rbx.samu3l.wtf/auth/home
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:211e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1647e65fbf0e27fb8cb115f79a31151c7770eaf54b87fe4792c83b26a01cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rbx.samu3l.wtf/auth/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 11:47:09 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 198817
ETag: "1d9667a26fb5c80"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XupRGPqt2nG8XkHKBZ%2BosV8BSqiPMhTzEuVtBcem1vfox5B9oiwOtyvYBBBPz2MjCSuKQVXyjoPG9JbZ8%2BzrmE%2FrzNDNZ1zjo76yswWtp5RjilTLO76NUbjBEK33WIwtMSlABwTOV1HZZfOIHw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7bef119d49939bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 208384

GET
H/1.1 200
OK ImageSix.webp
rbx.samu3l.wtf/UnsecuredContent/ 644 KB
644 KB 34ms
24ms Image
image/webp 2606:4700:3030::6815:211e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rbx.samu3l.wtf/UnsecuredContent/ImageSix.webp
Requested by: Host: rbx.samu3l.wtf
URL: http://rbx.samu3l.wtf/auth/home
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:211e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90e1d0606fa3311c6c79f2e5afe9ec7063cf219e85714627a03c0f4f3e0da2a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rbx.samu3l.wtf/auth/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 11:47:09 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 128187
ETag: "1d9667a26f27c44"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nOdHxqgHq%2F15w0xxnl4sHu87wVxwbGbwc2hvd6zlE08UYIf5K2aKKS4y4hMedfUZhR2QpwtAaDZ6Au4cFwsggLZvleAS9zHmxDZAkNDjedosWok1Pz8KcuNvpp744weu31HKq3HAuZoAklw8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7bef119d4ba02c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 659140

GET
H/1.1 200
OK rocket-loader.min.js Show response
rbx.samu3l.wtf/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 24ms
15ms Script
application/javascript 2606:4700:3030::6815:211e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://rbx.samu3l.wtf/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: rbx.samu3l.wtf
URL: http://rbx.samu3l.wtf/auth/home

Protocol

HTTP/1.1

Server

2606:4700:3030::6815:211e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rbx.samu3l.wtf/auth/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 11:47:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 Apr 2023 11:29:10 GMT
Server: cloudflare
ETag: W/"6447b986-302c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPtxZ2V4uBFSA1G2zSeyrBBd%2Fsj0D9YHX3zTJgjFTFoD2qP8v316%2B5YGZf%2Be9x52tonG6nnmn5Bc%2BF9fgNMeqis6fG5q%2B89JtoWCy9IBtzwlJAYvFOYWatKb7bKkly4cWmVRARpfijitOy8iLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 7bef119d48cb9061-FRA
Expires: Sun, 30 Apr 2023 11:47:09 GMT

GET v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
DATA 200
OK truncated
/ 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK aspnetcore-browser-refresh.js Show response
rbx.samu3l.wtf/_framework/ 12 KB
5 KB 37ms
37ms Script
application/javascript 2606:4700:3030::6815:211e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rbx.samu3l.wtf/_framework/aspnetcore-browser-refresh.js
Requested by: Host: rbx.samu3l.wtf
URL: http://rbx.samu3l.wtf/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:211e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f62e1e724cb78c6837fef0d6a2fd9d0840c69fc2314a95e0a5489499b3c8bf40

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rbx.samu3l.wtf/auth/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 11:47:09 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWRZVKlutNgdvwIjWI8UGhATBa2epFgCdxcZK1MSlz0HZeGd1AP%2BJ4EvyeZClZANjPeHMI4cbI6lSN4Wb1GuXeAh3BYct0dwyTaicym01zXdpKImjkp96AXbUpD89ZnKMKlaVypaSvQSvgox9g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Vary: Accept-Encoding
Cache-Control: no-store
Connection: keep-alive
CF-RAY: 7bef119d9a089bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 22ms
22ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: rbx.samu3l.wtf
URL: http://rbx.samu3l.wtf/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://rbx.samu3l.wtf/
Origin: http://rbx.samu3l.wtf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 11:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3933253
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230075-FRA, cache-yyz4558-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwDUwTA4vey4u6J1F9zL7Sao9cupGCdXnZKnmAfr3VvfnOo%2BbLrtUDapA%2FZNYd8AdjPwFNh2QELAy8DZwTCMjReVJoht08hAmXwU8TiKgNF6hAX%2B5fbdTyqMwcfc%2BDn8HqkEM%2BPHvqYuwmCjjAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7bef119dbda13a5a-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: http://rbx.samu3l.wtf/auth/home Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	error	URL: http://rbx.samu3l.wtf/auth/home Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
security	error	URL: http://rbx.samu3l.wtf/auth/home Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' https://cdn.samu3l.wtf https://.roblox.com https://.samu3l.wtf https://.rbxcdn.com https://cloudflare.com https://.cloudflare.com https://challenges.cloudflare.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://rbx.samu3l.wtf:5000 https://rbx.samu3l.wtf". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: http://rbx.samu3l.wtf/_framework/aspnetcore-browser-refresh.js(Line 233) Message: Refused to connect to 'wss://localhost:39715/' because it violates the following Content Security Policy directive: "connect-src 'self' https://cdn.samu3l.wtf https://.rbxcdn.com https://.roblox.com https://.rbx.samu3l.wtf wss://.rbx.samu3l.wtf https://.samu3l.wtf https://cloudflare.com https://.cloudflare.com https://challenges.cloudflare.com https://*.cdn.com https://rbx.samu3l.wtf".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data: https://cdn.samu3l.wtf https://.roblox.com https://.rbxcdn.com https://.samu3l.wtf https://rbx.samu3l.wtf; child-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://cdn.samu3l.wtf https://.roblox.com https://.samu3l.wtf https://.rbxcdn.com https://cloudflare.com https://.cloudflare.com https://challenges.cloudflare.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://rbx.samu3l.wtf:5000 https://rbx.samu3l.wtf; frame-src 'self' https://cloudflare.com https://cdn.samu3l.wtf https://.samu3l.wtf https://.rbxcdn.com https://.roblox.com https://.cloudflare.com https://challenges.cloudflare.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com https://.rbxcdn.com https://.roblox.com https://cloudflare.com https://.samu3l.wtf https://.cloudflare.com https://challenges.cloudflare.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css; font-src 'self' fonts.gstatic.com; connect-src 'self' https://cdn.samu3l.wtf https://.rbxcdn.com https://.roblox.com https://.rbx.samu3l.wtf wss://.rbx.samu3l.wtf https://.samu3l.wtf https://cloudflare.com https://.cloudflare.com https://challenges.cloudflare.com https://.cdn.com https://rbx.samu3l.wtf; worker-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
rbx.samu3l.wtf
static.cloudflareinsights.com
static.cloudflareinsights.com
2606:4700:3030::6815:211e
2606:4700::6810:5814
2f1647e65fbf0e27fb8cb115f79a31151c7770eaf54b87fe4792c83b26a01cd3
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
691161bac7062c5603376bae2fe9d784ac6aae063a6439bf4d0fc085720377ba
90e1d0606fa3311c6c79f2e5afe9ec7063cf219e85714627a03c0f4f3e0da2a0
b3986ac418049f1e4fa2d6f12c0ae91d71403090461d9b47ad8e0af1c02ad314
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f62e1e724cb78c6837fef0d6a2fd9d0840c69fc2314a95e0a5489499b3c8bf40
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

rbx.samu3l.wtf Open in urlscan Pro 2606:4700:3030::6815:211e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

22 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

1232 kBTransfer

1438 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

4 Console Messages

Security Headers

Indicators

rbx.samu3l.wtf Open in urlscan Pro
2606:4700:3030::6815:211e Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

22 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1232 kB
Transfer

1438 kB
Size

0
Cookies

9 HTTP transactions
2 data transactions