Submitted URL: https://uudairoblox.com/
Effective URL: https://uudairoblox.com/?ct=other
Submission Tags: phishingrod
Submission: On April 13 via api from DE — Scanned from DE

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 18 HTTP transactions. The main IP is 202.92.4.12, located in Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is uudairoblox.com.
TLS certificate: Issued by R3 on April 12th 2024. Valid for: 3 months.
This is the only time uudairoblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 202.92.4.12 135905 (VNPT-AS-V...)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.245.35.58 16509 (AMAZON-02)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 172.96.185.251 133752 (LEASEWEB-...)
2 2a02:ec80:300... 14907 (WIKIMEDIA)
1 172.67.171.17 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.44.232.136 14618 (AMAZON-AES)
18 12
Apex Domain
Subdomains
Transfer
6 uudairoblox.com
uudairoblox.com
34 KB
2 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3060
136 KB
2 pusher.com
js.pusher.com — Cisco Umbrella Rank: 16173
stats.pusher.com — Cisco Umbrella Rank: 7851
16 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 376
fonts.googleapis.com — Cisco Umbrella Rank: 35
31 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93
53 KB
1 robuxtudong.com
robuxtudong.com
3 KB
1 naptheroblox.asia
naptheroblox.asia
36 KB
1 naprobuxkhuyenmai.com
naprobuxkhuyenmai.com
3 KB
1 oneesports.vn
cdn.oneesports.vn
978 KB
1 1000logos.net
1000logos.net — Cisco Umbrella Rank: 73097
95 KB
1 cssscript.com
www.cssscript.com — Cisco Umbrella Rank: 383797
5 KB
18 11
Domain Requested by
6 uudairoblox.com 1 redirects uudairoblox.com
2 upload.wikimedia.org uudairoblox.com
1 stats.pusher.com js.pusher.com
1 fonts.googleapis.com www.cssscript.com
1 i.ytimg.com uudairoblox.com
1 robuxtudong.com uudairoblox.com
1 naptheroblox.asia uudairoblox.com
1 naprobuxkhuyenmai.com uudairoblox.com
1 cdn.oneesports.vn uudairoblox.com
1 1000logos.net uudairoblox.com
1 www.cssscript.com uudairoblox.com
1 js.pusher.com uudairoblox.com
1 ajax.googleapis.com uudairoblox.com
18 13

This site contains no links.

Subject Issuer Validity Valid
uudairoblox.com.imgkstvs.nethost-4011.000web.xyz
R3
2024-04-12 -
2024-07-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
js.pusher.com
Amazon RSA 2048 M03
2024-03-13 -
2025-04-10
a year crt.sh
cssscript.com
GTS CA 1P5
2024-02-25 -
2024-05-25
3 months crt.sh
1000logos.net
Cloudflare Inc ECC CA-3
2023-09-19 -
2024-09-18
a year crt.sh
oneesports.vn
Sectigo RSA Domain Validation Secure Server CA
2023-07-06 -
2024-08-04
a year crt.sh
*.naprobuxkhuyenmai.com
R3
2024-01-09 -
2024-04-08
3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-10-18 -
2024-10-16
a year crt.sh
naptheroblox.asia
GTS CA 1P5
2024-03-31 -
2024-06-29
3 months crt.sh
robuxtudong.com
E1
2024-03-27 -
2024-06-25
3 months crt.sh
edgestatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.pusher.com
Gandi Standard SSL CA 2
2023-04-11 -
2024-04-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://uudairoblox.com/?ct=other
Frame ID: A4A2BE810C83FF9ADCE2ECE2C6876241
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Nạp thẻ Roblox, robux - Trang nạp tiền game Roblox, robux

Page URL History Show full URLs

  1. https://uudairoblox.com/ HTTP 302
    https://uudairoblox.com/?ct=other Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

50 %
IPv6

11
Domains

13
Subdomains

12
IPs

5
Countries

1389 kB
Transfer

1771 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://uudairoblox.com/ HTTP 302
    https://uudairoblox.com/?ct=other Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
uudairoblox.com/
Redirect Chain
  • https://uudairoblox.com/
  • https://uudairoblox.com/?ct=other
15 KB
4 KB
Document
General
Full URL
https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.92.4.12 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
7c8652eaf2b3131bb9e780907e2269d76dd97fe2b63bfe6396c147c9f82f782a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
4267
content-type
text/html; charset=UTF-8
date
Sat, 13 Apr 2024 03:45:19 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
content-length
4218
content-type
text/html; charset=UTF-8
date
Sat, 13 Apr 2024 03:45:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
?ct=other
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
bootstrap.min.css
uudairoblox.com/assets/css/
118 KB
18 KB
Stylesheet
General
Full URL
https://uudairoblox.com/assets/css/bootstrap.min.css
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.92.4.12 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/?ct=other
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:19 GMT
content-encoding
br
last-modified
Fri, 04 Feb 2022 09:56:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
18270
expires
Sat, 20 Apr 2024 03:45:19 GMT
style.css
uudairoblox.com/assets/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://uudairoblox.com/assets/css/style.css
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.92.4.12 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5b3cee0ac3f1abf2da5f5805d313c115b7624cb59f8c4500a8ae23e53440354c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/?ct=other
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:19 GMT
content-encoding
br
last-modified
Fri, 04 Feb 2022 09:56:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
1292
expires
Sat, 20 Apr 2024 03:45:19 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Apr 2025 08:14:51 GMT
notice.js
uudairoblox.com/assets/Pusher/
289 B
302 B
Script
General
Full URL
https://uudairoblox.com/assets/Pusher/notice.js
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.92.4.12 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
17f7b13429b49b1962440cc32593bd80c068cf5e39a0d9a8bd98063861cff8fe

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/?ct=other
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:19 GMT
content-encoding
br
last-modified
Mon, 07 Feb 2022 14:42:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
185
expires
Sat, 20 Apr 2024 03:45:19 GMT
pusher.min.js
js.pusher.com/3.2/
61 KB
16 KB
Script
General
Full URL
https://js.pusher.com/3.2/pusher.min.js
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.35.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-35-58.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ac49ed51815aea589c675015d76658c4861970490ae49037812d82736abe12c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 01:23:41 GMT
content-encoding
gzip
via
1.1 d8ec42efeb409ac816e90eb0236c1f4a.cloudfront.net (CloudFront)
last-modified
Tue, 06 Nov 2018 11:41:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
1131699
etag
W/"223f8956969929a24a2193c3be47ef23"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=2592000
x-amz-cf-id
DPqxijB5gu6qgZwyY4sS6fLLvxvGAFRoCT6oldWHHWFCsQcBkE2D9g==
tata.js
www.cssscript.com/demo/toast-prompt-tata/dist/
16 KB
5 KB
Script
General
Full URL
https://www.cssscript.com/demo/toast-prompt-tata/dist/tata.js
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b7abad2d88131c1561507582fe9772b47cba9e6852a51d09494765be7e0267

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59397
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 17 Mar 2018 06:14:06 GMT
server
cloudflare
etag
W/"5aacb22e-3fc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H5poozM%2B0h5QkFSZGxj1yr3gEAv34t5iUms1YAhBo4v0%2B1FrR4b0Hx3oLr57zG%2FB%2FTnt9tTPMYo2D0JEMlBdGWfUgUqaWpvqhct1oppuDnEXYlYUKyDOyb%2Frgrg%2BjMF0RyXhQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
87387672bde34397-EWR
expires
Sat, 12 Apr 2025 11:15:22 GMT
Roblox-Logo.png
1000logos.net/wp-content/uploads/2017/09/
94 KB
95 KB
Image
General
Full URL
https://1000logos.net/wp-content/uploads/2017/09/Roblox-Logo.png
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:472d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4611125512a84f9eef0cb209ca74952d995aa8b66fe8a47ed193d7c82207d554

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:19 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Sep 2022 18:28:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
37114
etag
"631f7a31-17987"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFD70OHjk7hkkFW5HUJSFapbCN6xEIOJia5gaTRXbUu%2FVRDExkxavCM%2F61S4kDSHKkog8UUSRdQ4j5oFlZAeLJCf6leptyywjeIy9JhyVR0TP1He18JEOxexQNver2JxK%2Fr9j7c%2BVcX1Wm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=172800
accept-ranges
bytes
cf-ray
873876723abe9153-FRA
content-length
96647
expires
Sun, 14 Apr 2024 17:26:45 GMT
Roblox-banner-ngang.jpg
cdn.oneesports.vn/cdn-data/sites/4/2024/03/
976 KB
978 KB
Image
General
Full URL
https://cdn.oneesports.vn/cdn-data/sites/4/2024/03/Roblox-banner-ngang.jpg
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
449eefe586cc779e76719f788c1c1f81235124a39be80f67f26bb1b6461fb8ec

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Sat, 13 Apr 2024 03:45:21 GMT
last-modified
Thu, 14 Mar 2024 19:14:08 GMT
x-ms-blob-committed-block-count
1
etag
0x8DC445AECA7FA07
x-azure-ref
20240413T034519Z-164d799447db656gzyh4d9h88000000003s000000000nctk
x-cache
TCP_MISS
content-type
image/jpeg
x-ms-request-id
16cb796d-101e-00e4-2855-8de31c000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
59668169
accept-ranges
bytes
content-length
999699
8001e07543e6d6edf31fd12c8eab724c.png
naprobuxkhuyenmai.com/upload/setting/
3 KB
3 KB
Image
General
Full URL
https://naprobuxkhuyenmai.com/upload/setting/8001e07543e6d6edf31fd12c8eab724c.png
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.185.251 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
172.96.185.251-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
4d44fc251ed408df5d90386c75f4e1f65f053726d0cfc0bda4e154f7ad67a06b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:20 GMT
last-modified
Wed, 03 May 2023 03:20:30 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2727
expires
Sat, 20 Apr 2024 03:45:20 GMT
Roblox_Logo_2021.png
upload.wikimedia.org/wikipedia/commons/4/48/
135 KB
136 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/commons/4/48/Roblox_Logo_2021.png
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
5e4c9c15b32e4fb40b65d7df92919fb2af2b6e212efd397925409ae59908ced4
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 05:06:40 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
81519
x-cache-status
hit-front
x-cache
cp3081 hit, cp3081 hit/30
server-timing
cache;desc="hit-front", host;desc="cp3081"
content-length
138644
x-client-ip
2a01:4a0:2b::4
x-object-meta-sha1base36
a3yhf16xw3h2szgch38xyqvd15y89u8
last-modified
Sat, 27 Nov 2021 16:20:44 GMT
server
ATS/9.1.4
etag
e012918ccf08170ad1f78938fdb1dcfe
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
hot.gif
naptheroblox.asia/images/
35 KB
36 KB
Image
General
Full URL
https://naptheroblox.asia/images/hot.gif
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d64775d034d3af316bf0cc5f05f68b95336db55e73243b48c84b65cddf739bd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:20 GMT
cf-cache-status
MISS
last-modified
Mon, 08 Jan 2024 08:01:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a8c0L07G5cWObvsYwxw%2BFwA5o9kVY1%2B7a5KzhfdKA07pSeZ%2FsVsvtqNSbg9jo7lOnUVutPuRPnHCgjjLT7zmo6ocImSJAZFkffyb8JfW6fsOFCxskutVsQwntcyfnih%2FpP7gag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2629000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
873876744e113679-FRA
alt-svc
h3=":443"; ma=86400
content-length
35888
expires
Sat, 20 Apr 2024 03:45:20 GMT
da-quy-1.png
robuxtudong.com/wp-content/uploads/2023/12/
3 KB
3 KB
Image
General
Full URL
https://robuxtudong.com/wp-content/uploads/2023/12/da-quy-1.png
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83428cc3233838946116425b3277e129efda4c64a88c7113053da54d0b7067f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:20 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2823
last-modified
Fri, 29 Dec 2023 08:23:20 GMT
server
cloudflare
etag
"b07-658e81f8-7b3e3092d82ea00b;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNBmU4NAMn0N3haZcpOxOKpBgdlMMsfXNX%2Fy%2FEwoYRUwvMktsEIUegUFOD9HZa%2BOir7lwAGG6S95RaVg848pxn5m0ffiAYrDIIOnTgtMN5pVEi6GKz4yq3j%2BtRl4qta0aKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
87387673adca900d-FRA
expires
Sat, 20 Apr 2024 03:45:20 GMT
hq720.jpg
i.ytimg.com/vi/0Nqfp1LSXUw/
52 KB
53 KB
Image
General
Full URL
https://i.ytimg.com/vi/0Nqfp1LSXUw/hq720.jpg?sqp=-oaymwEhCK4FEIIDSFryq4qpAxMIARUAAAAAGAElAADIQj0AgKJD&rs=AOn4CLDL8wmxZBOO9Zf679ZfdW49-uC0mg
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc7fe42eca7eef0f19db0930c3c29cc353f386bd7573e99687c33be909c1080e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:19 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53333
x-xss-protection
0
server
sffe
etag
"1660370408"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 13 Apr 2024 05:45:19 GMT
bootstrap.min.js
uudairoblox.com/assets/js/
36 KB
9 KB
Script
General
Full URL
https://uudairoblox.com/assets/js/bootstrap.min.js
Requested by
Host: uudairoblox.com
URL: https://uudairoblox.com/?ct=other
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.92.4.12 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/?ct=other
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:20 GMT
content-encoding
br
last-modified
Fri, 04 Feb 2022 09:56:30 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
9515
expires
Sat, 20 Apr 2024 03:45:20 GMT
icon
fonts.googleapis.com/
569 B
775 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.cssscript.com
URL: https://www.cssscript.com/demo/toast-prompt-tata/dist/tata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Apr 2024 03:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Apr 2024 03:45:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Apr 2024 03:45:19 GMT
1
stats.pusher.com/timeline/v2/jsonp/
0
75 B
Script
General
Full URL
https://stats.pusher.com/timeline/v2/jsonp/1?session=ODc0MzkzNzQ3&bundle=MQ%3D%3D&key=MTBkNWVhN2U3YjYzMmRiMDljNzI%3D&lib=anM%3D&version=My4yLjQ%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE3MTI5Nzk5MTk5MDZ9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNzEyOTc5OTE5OTE5fSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNzEyOTc5OTE5OTIwfSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTcxMjk3OTkxOTkyMH0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTcxMjk3OTkxOTkyMH0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTcxMjk3OTkyMDIxMX0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiI2ODYzODIuOTA4Mzc5NiJ9LCJ0aW1lc3RhbXAiOjE3MTI5Nzk5MjAyMTF9XQ%3D%3D
Requested by
Host: js.pusher.com
URL: https://js.pusher.com/3.2/pusher.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.232.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-232-136.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:45:20 GMT
server
awselb/2.0
content-length
0
content-type
application/javascript; charset=utf-8
Roblox_Logo_2021.png
upload.wikimedia.org/wikipedia/commons/4/48/
135 KB
0
Other
General
Full URL
https://upload.wikimedia.org/wikipedia/commons/4/48/Roblox_Logo_2021.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
5e4c9c15b32e4fb40b65d7df92919fb2af2b6e212efd397925409ae59908ced4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://uudairoblox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 05:06:40 GMT
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
81519
x-cache-status
hit-front
x-cache
cp3081 hit, cp3081 hit/30
server-timing
cache;desc="hit-front", host;desc="cp3081"
content-length
138644
x-client-ip
2a01:4a0:2b::4
x-object-meta-sha1base36
a3yhf16xw3h2szgch38xyqvd15y89u8
last-modified
Sat, 27 Nov 2021 16:20:44 GMT
server
ATS/9.1.4
etag
e012918ccf08170ad1f78938fdb1dcfe
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Pusher object| tata object| pusher object| channel function| Select

1 Cookies

Domain/Path Name / Value
uudairoblox.com/ Name: PHPSESSID
Value: 742e067d1d2dad5bf4f26dee212cb6aa

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1000logos.net
ajax.googleapis.com
cdn.oneesports.vn
fonts.googleapis.com
i.ytimg.com
js.pusher.com
naprobuxkhuyenmai.com
naptheroblox.asia
robuxtudong.com
stats.pusher.com
upload.wikimedia.org
uudairoblox.com
www.cssscript.com
172.67.171.17
172.96.185.251
18.245.35.58
188.114.96.3
202.92.4.12
2606:4700:20::ac43:472d
2620:1ec:bdf::45
2a00:1450:4001:808::200a
2a00:1450:4001:810::200a
2a00:1450:4001:813::2016
2a02:ec80:300:ed1a::2:b
52.44.232.136
17f7b13429b49b1962440cc32593bd80c068cf5e39a0d9a8bd98063861cff8fe
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
449eefe586cc779e76719f788c1c1f81235124a39be80f67f26bb1b6461fb8ec
4611125512a84f9eef0cb209ca74952d995aa8b66fe8a47ed193d7c82207d554
4d44fc251ed408df5d90386c75f4e1f65f053726d0cfc0bda4e154f7ad67a06b
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5ac49ed51815aea589c675015d76658c4861970490ae49037812d82736abe12c
5b3cee0ac3f1abf2da5f5805d313c115b7624cb59f8c4500a8ae23e53440354c
5e4c9c15b32e4fb40b65d7df92919fb2af2b6e212efd397925409ae59908ced4
7c8652eaf2b3131bb9e780907e2269d76dd97fe2b63bfe6396c147c9f82f782a
7d64775d034d3af316bf0cc5f05f68b95336db55e73243b48c84b65cddf739bd
83428cc3233838946116425b3277e129efda4c64a88c7113053da54d0b7067f2
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
c9b7abad2d88131c1561507582fe9772b47cba9e6852a51d09494765be7e0267
cc7fe42eca7eef0f19db0930c3c29cc353f386bd7573e99687c33be909c1080e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c