botnet.guru - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 51.79.45.74, located in Victoria, Canada and belongs to OVH, FR. The main domain is botnet.guru.
TLS certificate: Issued by R3 on January 13th 2024. Valid for: 3 months.

This is the only time botnet.guru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	51.79.45.74 51.79.45.74	16276 (OVH) (OVH)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
7	2

6 51.79.45.74 (Victoria, Canada)

ASN16276 (OVH, FR)
PTR: ip74.ip-51-79-45.net

botnet.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	botnet.guru botnet.guru	200 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	7 KB
7	2

	Domain	Requested by
6	botnet.guru	botnet.guru cdn.jsdelivr.net
1	cdn.jsdelivr.net	botnet.guru
7	2

This site contains links to these domains. Also see Links.

Domain
www.apache.org
httpd.apache.org
keepsec.ca

Subject Issuer	Validity	Valid
botnet.guru R3	`2024-01-13` - `2024-04-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://botnet.guru/
Frame ID: 21F1EBC0214BC907F45EC1BDC7475BCD
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to apache!

Detected technologies

particles.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

<div id="particles-js">
/particles(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

207 kB
Transfer

223 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.apache.org/

Search URL Search Domain Scan URL

URL: https://httpd.apache.org/
Title: httpd.apache.org

Search URL Search Domain Scan URL

URL: https://keepsec.ca/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
botnet.guru/ 2 KB
1 KB 63ms
17ms Document
text/html 51.79.45.74
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://botnet.guru/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

51.79.45.74 Victoria, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip74.ip-51-79-45.net

Software

nginx/1.18.0 /

Resource Hash

7d6b3c5b6b1dbb5dfbbefa8bdfda5a9fa61c3a41fca4cf35e038304ae5eaec38

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 898
content-type: text/html
date: Sun, 14 Jan 2024 21:35:41 GMT
etag: "8e7-60ed46e95128f-gzip"
last-modified: Sat, 13 Jan 2024 14:16:51 GMT
pragma: no-cache
server: nginx/1.18.0
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 style.css
botnet.guru/ 1 KB
742 B 21ms
20ms Stylesheet
text/css 51.79.45.74
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://botnet.guru/style.css

Requested by

Host: botnet.guru
URL: https://botnet.guru/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

51.79.45.74 Victoria, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip74.ip-51-79-45.net

Software

nginx/1.18.0 /

Resource Hash

a611ee5b9c2dfcbe205fd9f85255eaa7c91e18a85d0735fe58ae3a46825a9f43

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://botnet.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 21:35:41 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 14:16:51 GMT
server: nginx/1.18.0
etag: "4b5-60ed46e95128f-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-length: 440
x-xss-protection: 1; mode=block

GET
H2 200 APACHE-LOGO.png
botnet.guru/ 124 KB
125 KB 21ms
21ms Image
image/png 51.79.45.74
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://botnet.guru/APACHE-LOGO.png

Requested by

Host: botnet.guru
URL: https://botnet.guru/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

51.79.45.74 Victoria, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip74.ip-51-79-45.net

Software

nginx/1.18.0 /

Resource Hash

3e85cc5059e84fe4e8603e7cac0e75612b981d6cc5bfe7e190b8ef3b8016760a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://botnet.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 21:35:41 GMT
last-modified: Sat, 13 Jan 2024 14:16:51 GMT
server: nginx/1.18.0
etag: "1f126-60ed46e95128f"
content-type: image/png
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-length: 127270
x-xss-protection: 1; mode=block

GET
H2 200 logo1.png
botnet.guru/ 23 KB
23 KB 39ms
39ms Image
image/png 51.79.45.74
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://botnet.guru/logo1.png

Requested by

Host: botnet.guru
URL: https://botnet.guru/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

51.79.45.74 Victoria, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip74.ip-51-79-45.net

Software

nginx/1.18.0 /

Resource Hash

bf1fa71c99184931522a43be71d9e62c92b7e7e7fe6b59199e9ed5771cf50f92

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://botnet.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 21:35:41 GMT
last-modified: Sat, 13 Jan 2024 14:16:51 GMT
server: nginx/1.18.0
etag: "5b1a-60ed46e95128f"
content-type: image/png
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-length: 23322
x-xss-protection: 1; mode=block

GET
H2 200 particles.min.js Show response
cdn.jsdelivr.net/npm/particles.js@2/ 23 KB
7 KB 541ms
99ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/particles.js@2/particles.min.js

Requested by

Host: botnet.guru
URL: https://botnet.guru/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

41fdf9a2e6ea446c29b6375902f4db59f17e70173a4db090c1654b9a96f44c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://botnet.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 Jan 2024 21:35:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15655
x-jsd-version: 2.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6428
x-served-by: cache-fra-eddf8230057-FRA, cache-lga21940-LGA
x-jsd-version-type: version
etag: W/"5a42-7l/79z0w4WZtVmX0i+4CEoXPrc0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Lato-LightItalic.ttf
botnet.guru/ 48 KB
48 KB 37ms
36ms Font
font/ttf 51.79.45.74
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://botnet.guru/Lato-LightItalic.ttf

Requested by

Host: botnet.guru
URL: https://botnet.guru/style.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

51.79.45.74 Victoria, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip74.ip-51-79-45.net

Software

nginx/1.18.0 /

Resource Hash

6d5176f3babd0ccba79845088f8e9ede5dbb7b408fb40161963daa95a71cef2e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://botnet.guru/style.css
Origin: https://botnet.guru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 21:35:41 GMT
last-modified: Sat, 13 Jan 2024 14:16:51 GMT
server: nginx/1.18.0
etag: "bfb8-60ed46e95128f"
content-type: font/ttf
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-length: 49080
x-xss-protection: 1; mode=block

GET
H2 200 particles.json Show response
botnet.guru/ 2 KB
3 KB 22ms
22ms XHR
application/json 51.79.45.74
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://botnet.guru/particles.json

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/particles.js@2/particles.min.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

51.79.45.74 Victoria, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip74.ip-51-79-45.net

Software

nginx/1.18.0 /

Resource Hash

4926687eb33405b5475d970f828493bdc06d6d325976012c8c28c1970fb1b1f2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://botnet.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 21:35:42 GMT
last-modified: Sat, 13 Jan 2024 14:16:51 GMT
server: nginx/1.18.0
etag: "90c-60ed46e95128f"
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-length: 2316
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

botnet.guru
cdn.jsdelivr.net
151.101.193.229
51.79.45.74
3e85cc5059e84fe4e8603e7cac0e75612b981d6cc5bfe7e190b8ef3b8016760a
41fdf9a2e6ea446c29b6375902f4db59f17e70173a4db090c1654b9a96f44c24
4926687eb33405b5475d970f828493bdc06d6d325976012c8c28c1970fb1b1f2
6d5176f3babd0ccba79845088f8e9ede5dbb7b408fb40161963daa95a71cef2e
7d6b3c5b6b1dbb5dfbbefa8bdfda5a9fa61c3a41fca4cf35e038304ae5eaec38
a611ee5b9c2dfcbe205fd9f85255eaa7c91e18a85d0735fe58ae3a46825a9f43
bf1fa71c99184931522a43be71d9e62c92b7e7e7fe6b59199e9ed5771cf50f92

botnet.guru Open in urlscan Pro 51.79.45.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

207 kBTransfer

223 kBSize

0 Cookies

3 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

botnet.guru Open in urlscan Pro
51.79.45.74 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

207 kB
Transfer

223 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions