urlscan.io logo urlscan.io
SecurityTrails logo

ini777.bayar.vip Open in urlscan Pro
103.224.182.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://roblox1.com/
Effective URL: https://ini777.bayar.vip/
Submission Tags: phishingrod
Submission: On June 07 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 103.224.182.242, located in and belongs to . The main domain is ini777.bayar.vip.
TLS certificate: Issued by R3 on May 19th 2024. Valid for: 3 months.
This is the only time ini777.bayar.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.161.68 13335 (CLOUDFLAR...)
1 103.224.182.242 ()
4 3
Apex Domain
Subdomains		 Transfer
2 roblox1.com
roblox1.com
6 KB
1 bayar.vip
ini777.bayar.vip
869 B
4 2
Domain Requested by
2 roblox1.com
1 ini777.bayar.vip ini777.bayar.vip
4 2

This site contains no links.

Subject Issuer Validity Valid
roblox1.com
WE1		 2024-06-06 -
2024-09-04		 3 months crt.sh
medicentercrotone.com
R3		 2024-05-19 -
2024-08-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ini777.bayar.vip/
Frame ID: 141614D12012AF11C5C7A38BA3EC5AAE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://roblox1.com/ Page URL
  2. https://ini777.bayar.vip/ Page URL

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

7 kB
Transfer

10 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://roblox1.com/ Page URL
  2. https://ini777.bayar.vip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
roblox1.com/ 		72 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://roblox1.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
233ace1d14ba231c3b4c38639cffc541d3374fcbb7ede9fd0cb71d91e96288ec

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
1
alt-svc
h3=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
88ffb56269369f17-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 07 Jun 2024 09:45:18 GMT
expires
Fri, 07 Jun 2024 09:55:17 GMT
last-modified
Tue, 03 Jan 2023 11:16:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AEl4cObuJos59wEcz%2FBqHQVDn1oRQPcSHNNKR4ApIA%2Bn2TaE11631uFGTi1HtpZ7Lfn27357QXcbmY4mDRldHnEowfpH9v1suOtJSU5DzSSV%2BZFVdmN%2FqqxODIR4wA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
a4a52dba09b7f377bdeb96b2e6035e26cc53663e
x-github-request-id
1631:39F917:18E1753:19B76E7:6662D6AD
x-proxy-cache
MISS
x-served-by
cache-fra-eddf8230144-FRA
x-timer
S1717753518.477372,VS0,VE2
Primary Request /
ini777.bayar.vip/ 		1 KB
869 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ini777.bayar.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.242 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://roblox1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

connection
close
content-encoding
gzip
content-length
574
content-type
text/html; charset=UTF-8
date
Fri, 07 Jun 2024 09:45:23 GMT
server
Apache
vary
Accept-Encoding
favicon.ico
roblox1.com/ 		9 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://roblox1.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roblox1.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
b0fe7eca65d1516fb7d37c4bf935f4d2cd7388ce
date
Fri, 07 Jun 2024 09:45:18 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
via
1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230039-FRA
server
cloudflare
x-github-request-id
2E5B:257536:19E4356:1ABA97B:6662D6AE
x-timer
S1717753519.563780,VS0,VE109
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=riftUPZs9XZ%2B9Q3DDkuVtC7a5brLTFqeEziA3I%2FIB5l0JLh5uxvGz5wI243Feg2fEfElFp7g5QalO3llHiJx%2FDhb%2By%2Bm8qK176dimVQKtthW9ylyTfETGHlyEQnf4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
88ffb562ea0c9f17-FRA
x-proxy-cache
MISS
iife.min.js
ini777.bayar.vip/js/fingerprint/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ini777.bayar.vip
URL
https://ini777.bayar.vip/js/fingerprint/iife.min.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://roblox1.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ini777.bayar.vip
roblox1.com
ini777.bayar.vip
103.224.182.242
172.67.161.68
233ace1d14ba231c3b4c38639cffc541d3374fcbb7ede9fd0cb71d91e96288ec