urlscan.io logo urlscan.io
SecurityTrails logo

roostairdrop.com Open in urlscan Pro
172.67.187.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://launch-roost.wtf/
Effective URL: https://roostairdrop.com/
Submission: On March 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 9 HTTP transactions. The main IP is 172.67.187.142, located in United States and belongs to CLOUDFLARENET, US. The main domain is roostairdrop.com.
TLS certificate: Issued by GTS CA 1P5 on March 27th 2024. Valid for: 3 months.
This is the only time roostairdrop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 172.67.187.142 13335 (CLOUDFLAR...)
3 2a02:4780:1e:... 47583 (AS-HOSTINGER)
2 172.67.213.53 13335 (CLOUDFLAR...)
9 4
Apex Domain
Subdomains		 Transfer
4 roostairdrop.com
roostairdrop.com
1 MB
3 roost.wtf
roost.wtf
197 KB
2 zhu-ni-hao-yun.sh
zhu-ni-hao-yun.sh
4 KB
1 launch-roost.wtf
launch-roost.wtf
451 B
9 4
Domain Requested by
4 roostairdrop.com roostairdrop.com
3 roost.wtf roostairdrop.com
2 zhu-ni-hao-yun.sh roostairdrop.com
1 launch-roost.wtf 1 redirects
9 4

This site contains links to these domains. Also see Links.

Domain
github.com
twitter.com
discord.gg
basescan.org
Subject Issuer Validity Valid
roostairdrop.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
roost.wtf
ZeroSSL RSA Domain Secure Site CA		 2024-03-20 -
2024-06-18		 3 months crt.sh
zhu-ni-hao-yun.sh
GTS CA 1P5		 2024-03-13 -
2024-06-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://roostairdrop.com/
Frame ID: 30D1D5AD7CE87AE62531848A0BFEB961
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

$ROOST ON BASE

Page URL History Show full URLs

  1. https://launch-roost.wtf/ HTTP 301
    https://roostairdrop.com/ Page URL

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

1490 kB
Transfer

4608 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://launch-roost.wtf/ HTTP 301
    https://roostairdrop.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
roostairdrop.com/
Redirect Chain
  • https://launch-roost.wtf/
  • https://roostairdrop.com/
2 MB
760 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://roostairdrop.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b621202bd3b2bba3a9f5c2ae04d2ab72f9b6b45d71c3d4da6569b9bfcd51dcdf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86bb1e0e5a1a4bc6-BUF
content-encoding
br
content-type
text/html
date
Thu, 28 Mar 2024 22:39:39 GMT
last-modified
Wed, 27 Mar 2024 05:52:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7l%2FoEYBfS%2F%2BCnSc7UI3IEJHL93DZulV7XuncArZyfEiLx1p4HgWEsuxpAcwPXLu46ETPj7IJ%2Bgwymorgi7Ra8oHyufPi%2BfSZ%2FfwaRE8zK%2BDpfvwFcx6m25wR3%2FnP8cPzrR3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
86bb1e0d3ee34bc0-BUF
date
Thu, 28 Mar 2024 22:39:39 GMT
expires
Thu, 28 Mar 2024 23:39:39 GMT
location
https://roostairdrop.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hueElxpssTjiQsQ%2B0xbT5vKGuw24fHIbiA7Ww2YYAx3scDL%2FXKYTl%2FW3zSnYXDyy0x1tMZn2yatRDg2uk0tINwyOhV1kv74GBzTNhqNO0WQcfNtLHvM4GTKdZVf1fYvmeR5WGN%2BzIJyCEri4pfcI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
contracts.js
roostairdrop.com/js/ 		78 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roostairdrop.com/js/contracts.js
Requested by
Host: roostairdrop.com
URL: https://roostairdrop.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd05e9e877407229da4ffa6b95e862c921b509200c332174d18c4c7cb262872

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://roostairdrop.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:39:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Mar 2024 05:43:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
100699
etag
W/"6603b201-13808"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lq6fGEypP%2Fw66C9QFQ7nO1MJWxqD3R7kEUhQCxRQJhrEcjigxajYvVODipgLP%2Bb98hDROsOE8ie2c8PaoCnlt6NKugzX9HZxP8G%2FgjWvP8iJrRz6OTnxEbvex8BdX6rN7LUj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
86bb1e129b5b4bc6-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
roostairdrop.com/js/ 		969 KB
311 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roostairdrop.com/js/main.js
Requested by
Host: roostairdrop.com
URL: https://roostairdrop.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
447f6c9aec1115e85293147bb5bb25d016c9938a96c728e77eae1c437bef484b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://roostairdrop.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:39:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Mar 2024 05:43:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
100699
etag
W/"6603b204-f2548"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Hdoa6Qf59CPImFoqSbymzK7GIMTGKMjhidQlcoZg0gyXzhkm3kKUJxbB%2Bxk9WJ%2BmxFJRDy8oz8AGXMhps0VaJACNIi6JynlXH2ULaBk0AU5iBHzovpZkUcGuacUK3ur12qf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
86bb1e129b5c4bc6-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
entry.js
roostairdrop.com/js/ 		261 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roostairdrop.com/js/entry.js
Requested by
Host: roostairdrop.com
URL: https://roostairdrop.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7347ce1506d974c4fbf378e9bcaf4e1a5714505fe177729ce834e87b23b33b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://roostairdrop.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:39:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Mar 2024 05:43:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
100698
etag
W/"6603b202-41415"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MekJuEKskynfsUaTVY%2BaXYRGVS1%2FSeTbQIYWDxpfJ94x3vyPDKPdO8cqy2WWuNuSVCEDFxeU6Qp%2B%2BgQWj9LeR9JVUbO%2B4%2BVGqYYeqvAqu69bf3UqfS9LXWL2U5qNhHW9yNlE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
86bb1e12db6e4bc6-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
roost.wtf/images/ 		21 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roost.wtf/images/logo.svg
Requested by
Host: roostairdrop.com
URL: https://roostairdrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:1e:5d47:cf50:b5e9:b0e5:5b64 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
2b73ee1e28e83cbd8b57b7e14dc0de7ee304b88609159de81764c7d7b9a0408b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://roostairdrop.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:39:41 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
age
291283
alt-svc
h3=":443"; ma=86400
content-length
9632
x-hcdn-cache-status
HIT
last-modified
Thu, 21 Mar 2024 05:10:06 GMT
server
hcdn
etag
"554e-65fbc12e-6a1f3633b95598be;br"
x-hcdn-request-id
82c2b2e7490eaf95911fa121f84df625-bos-edge2
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
expires
Mon, 01 Apr 2024 13:44:58 GMT
dfdsfsdfdf.svg
roost.wtf/images/ 		543 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roost.wtf/images/dfdsfsdfdf.svg
Requested by
Host: roostairdrop.com
URL: https://roostairdrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:1e:5d47:cf50:b5e9:b0e5:5b64 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
043ec8fdbaef48f818be0377c3539c25fd4cd2ca221c8458bb83728333a48238
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://roostairdrop.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:39:41 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
age
40828
alt-svc
h3=":443"; ma=86400
content-length
188903
x-hcdn-cache-status
HIT
last-modified
Thu, 21 Mar 2024 14:35:29 GMT
server
hcdn
etag
"87b20-65fc45b1-35ddcc2a4cbd2427;br"
x-hcdn-request-id
dc65a29dee8067bd9d1403e51ff086ca-bos-edge2
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
expires
Thu, 04 Apr 2024 11:19:13 GMT
truncated
/ 		807 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9d378536357444a2c87c474dce9e4bc8bc2723f84320be0254dd599c2f3753f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e4a0d33c180238c4208d615d5a01fb80c896aef6b356ae3d3fad4b1b44868b6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d9159009623464495f50a8bb25831e11e4ea132a0b5e4bba62000d411269b6f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		463 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bbd3b47e240d77e20a70d845304ed16fd2c73d5e3b72816b1a07685032aa588

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e81f62ce1264450b3bb215d4e3fddb981cfe4f304cdeff9179f8ee25bf4545e7

Request headers

Referer
Origin
https://roostairdrop.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b229ffb7940a8cdafb87dea1f687289078fa3013784fe807783f3dac64a2975

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
deba1f2dd4241768425e45517ff4776bd6704fbc3ddd18414f9ba4821da1e097

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fc889134c1f87b0fdafaae5708de4a333314aeda3782a7ae41e324460b98a34

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		337 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
711c89356b2f35ab224c7cc05ea2c603e82bbd9f071b03795b40722cbf7a1794

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e4b7e2e8bdd588de1f3ac2163f3d414dd8ca2f402e9973e359906a0cfc5e8cf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5aa859da7c3fd37f3d4f8a03403bed5e3f7597b274ed6c88b6385e9c5ab091d5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		639 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad63d20d9018a5822e193e2c7e47dd345338020545fdf10dfa423a5eaac4b23d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		106 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a28ec068986395ebf925029aa85589e43c0158408be02809233967392f682c3f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c2d4d84aa1b243d9b12208dc9801aea0a6235263d3b87c98f1b21d13f2d9c97

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
authenticate
zhu-ni-hao-yun.sh/api/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zhu-ni-hao-yun.sh/api/authenticate
Requested by
Host: roostairdrop.com
URL: https://roostairdrop.com/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
155d2e1926be6c84087ad59d748f42b97da44afa0475448b7b131e7043426152

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://roostairdrop.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:39:42 GMT
ratelimit-reset
60
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
ratelimit-limit
15
alt-svc
h3=":443"; ma=86400
ratelimit-policy
15;w=60
server
cloudflare
etag
W/"fa6-7/hVPxlUIrOqSIdz/kGJu03RMeo"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xazJj0vEg9ks%2BMI1VvzxtDCz5ASk0phYYkUQ5Anw44ITXU2Abxfja7Ey8cW23u6A77iuo%2BHOi2HCNmqk5J0ZAilDintBMEm25QEBJshpMx0ly6TwVBRmtIynlpNbtxql1Qr%2B8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://roostairdrop.com
access-control-allow-credentials
true
cf-ray
86bb1e1f5e17a226-YYZ
access-control-allow-headers
jwt, session, content-type
ratelimit-remaining
14
authenticate
zhu-ni-hao-yun.sh/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zhu-ni-hao-yun.sh/api/authenticate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://roostairdrop.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
jwt, session, content-type
access-control-allow-origin
https://roostairdrop.com
access-control-max-age
86400
allow
POST
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86bb1e1e2bfaa226-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 28 Mar 2024 22:39:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMnCehEJ33YZpCZ2uhpJ5QUOkPR1IjFAAV4X9kkONdc79%2FK4SPgFLTJ5yKTXgELJOvKJjTZIUa7PD%2B5lPUZ8toG8SvMbizeo8jI5MptrmpNx0K5vILh6OrohQluID%2FSDo71QLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
favicon.ico
roost.wtf/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://roost.wtf/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:1e:5d47:cf50:b5e9:b0e5:5b64 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
a0b2e25c5419e34b627e877428cdce36be1c62f3a040c6abb3840ad05935499d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://roostairdrop.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:39:41 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
age
1989
alt-svc
h3=":443"; ma=86400
content-length
2029
x-hcdn-cache-status
HIT
last-modified
Thu, 21 Mar 2024 07:11:47 GMT
server
hcdn
etag
"10be-65fbddb3-9b866d7c275c38ba;br"
x-hcdn-request-id
56d54ea258459a0d6607d055c7e47483-bos-edge2
content-type
image/x-icon
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
expires
Thu, 04 Apr 2024 22:06:32 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal string| UNIQUE_IDENTITY object| popups object| webpackChunkpink function| e object| a function| t object| n object| r object| c object| o function| s object| f object| u function| d undefined| b function| h function| p function| g number| v string| w string| y string| k string| m string| C string| x string| E object| P string| I string| B string| A object| M function| N function| S object| T object| R function| O function| J function| K object| connector

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

launch-roost.wtf
roost.wtf
roostairdrop.com
zhu-ni-hao-yun.sh
172.67.187.142
172.67.213.53
2606:4700:3032::6815:4e46
2a02:4780:1e:5d47:cf50:b5e9:b0e5:5b64
043ec8fdbaef48f818be0377c3539c25fd4cd2ca221c8458bb83728333a48238
155d2e1926be6c84087ad59d748f42b97da44afa0475448b7b131e7043426152
1e4a0d33c180238c4208d615d5a01fb80c896aef6b356ae3d3fad4b1b44868b6
2b73ee1e28e83cbd8b57b7e14dc0de7ee304b88609159de81764c7d7b9a0408b
2e4b7e2e8bdd588de1f3ac2163f3d414dd8ca2f402e9973e359906a0cfc5e8cf
447f6c9aec1115e85293147bb5bb25d016c9938a96c728e77eae1c437bef484b
4bbd3b47e240d77e20a70d845304ed16fd2c73d5e3b72816b1a07685032aa588
5aa859da7c3fd37f3d4f8a03403bed5e3f7597b274ed6c88b6385e9c5ab091d5
5fd05e9e877407229da4ffa6b95e862c921b509200c332174d18c4c7cb262872
711c89356b2f35ab224c7cc05ea2c603e82bbd9f071b03795b40722cbf7a1794
7b229ffb7940a8cdafb87dea1f687289078fa3013784fe807783f3dac64a2975
7c2d4d84aa1b243d9b12208dc9801aea0a6235263d3b87c98f1b21d13f2d9c97
7d7347ce1506d974c4fbf378e9bcaf4e1a5714505fe177729ce834e87b23b33b
8fc889134c1f87b0fdafaae5708de4a333314aeda3782a7ae41e324460b98a34
9d9159009623464495f50a8bb25831e11e4ea132a0b5e4bba62000d411269b6f
a0b2e25c5419e34b627e877428cdce36be1c62f3a040c6abb3840ad05935499d
a28ec068986395ebf925029aa85589e43c0158408be02809233967392f682c3f
ad63d20d9018a5822e193e2c7e47dd345338020545fdf10dfa423a5eaac4b23d
b621202bd3b2bba3a9f5c2ae04d2ab72f9b6b45d71c3d4da6569b9bfcd51dcdf
d9d378536357444a2c87c474dce9e4bc8bc2723f84320be0254dd599c2f3753f
deba1f2dd4241768425e45517ff4776bd6704fbc3ddd18414f9ba4821da1e097
e81f62ce1264450b3bb215d4e3fddb981cfe4f304cdeff9179f8ee25bf4545e7