urlscan.io logo urlscan.io
SecurityTrails logo

onlyrtk.top Open in urlscan Pro
2606:4700:3033::ac43:a3bf  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3Y2npoM?Peague
Effective URL: https://onlyrtk.top/lnd?externalid=3ea3180b3b6f29e470dad9972fcfe7bf&a=5104&toto=1754102
Submission: On September 29 via manual from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3033::ac43:a3bf, located in United States and belongs to CLOUDFLARENET, US. The main domain is onlyrtk.top.
TLS certificate: Issued by WE1 on September 6th 2024. Valid for: 3 months.
This is the only time onlyrtk.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
6 3
Apex Domain
Subdomains		 Transfer
3 onlyrtk.top
onlyrtk.top
4 KB
2 mtika.top
mtika.top
8 KB
1 digitaloceanspaces.com
tonplace.ams3.cdn.digitaloceanspaces.com
61 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6945
425 B
6 4
Domain Requested by
3 onlyrtk.top mtika.top
2 mtika.top
1 tonplace.ams3.cdn.digitaloceanspaces.com onlyrtk.top
1 bit.ly 1 redirects
6 4

This site contains no links.

Subject Issuer Validity Valid
mtika.top
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh
onlyrtk.top
WE1		 2024-09-06 -
2024-12-05		 3 months crt.sh
*.ams3.cdn.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-19 -
2025-05-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://onlyrtk.top/lnd?externalid=3ea3180b3b6f29e470dad9972fcfe7bf&a=5104&toto=1754102
Frame ID: CCD7B8DE14A631383496F84F0DF08354
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ton place Ferrari430

Page URL History Show full URLs

  1. https://bit.ly/3Y2npoM?Peague HTTP 301
    https://mtika.top/click?o=117&a=5104 Page URL
  2. https://onlyrtk.top/lnd?externalid=3ea3180b3b6f29e470dad9972fcfe7bf&a=5104&toto=1754102 Page URL

Page Statistics

6
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

73 kB
Transfer

94 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3Y2npoM?Peague HTTP 301
    https://mtika.top/click?o=117&a=5104 Page URL
  2. https://onlyrtk.top/lnd?externalid=3ea3180b3b6f29e470dad9972fcfe7bf&a=5104&toto=1754102 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3Y2npoM?Peague HTTP 301
  • https://mtika.top/click?o=117&a=5104

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
mtika.top/
Redirect Chain
  • https://bit.ly/3Y2npoM?Peague
  • https://mtika.top/click?o=117&a=5104
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mtika.top/click?o=117&a=5104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c496 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8caa60c35fba42ef-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 29 Sep 2024 07:49:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0uXZ57bGCFtIYhglceyax2ZnmrgMQNjJY1lQRJ7xAtz0pqw8H%2FIGfm4wVioOi3sNJJnP63WdFTQ3wrqh5dZBUfEeo0Cy93ji9ChAR4iTblpu05S8dPChFF0dMOe63G7WFy7krEJtyuY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
127
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Sun, 29 Sep 2024 07:49:40 GMT
location
https://mtika.top/click?o=117&a=5104
referrer-policy
unsafe-url
server
nginx
via
1.1 google
speculation
mtika.top/cdn-cgi/ 		128 B
458 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mtika.top/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c496 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mtika.top
Referer
https://mtika.top/click?o=117&a=5104

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bmDJk8bIlOIOmQcv6Ims5EdqgdnuK9j6RwEMYjwUZSUcvq9%2Bd6k%2BV1v41WkvU9kPTdGSmlIIb2RDZmSLKAz0pxvGUsbBmpWav9ZwCR1eP6mb3lTPxmOmKoMVWyTxbpSExZWsq06zYeg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa60c73a1b42ef-EWR
access-control-allow-origin
https://mtika.top
content-length
128
date
Sun, 29 Sep 2024 07:49:41 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
Primary Request lnd
onlyrtk.top/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onlyrtk.top/lnd?externalid=3ea3180b3b6f29e470dad9972fcfe7bf&a=5104&toto=1754102
Requested by
Host: mtika.top
URL: https://mtika.top/click?o=117&a=5104
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a3bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a1194899eaec3913c209e1bba37c95fc397fd952145ebc5a4bb6695dbadf36

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8caa60c88e970f77-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 29 Sep 2024 07:49:42 GMT
last-modified
Tue, 17 Sep 2024 20:43:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUcJ8C9jCMmFtQM1aKBdUG%2B3x756BAR4xWw8YIsgdF0klJAwTDpFdGkHpPvWqg4xp3gP%2FHbdYcU2k6JUOq%2BKxzoZuVOx6n335DM8pAO7f%2BDPvELL36fQ60J9ZDbpVKtcVXwPKyKRwyYo7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
onlyrtk.top/cdn-cgi/ 		128 B
547 B 		Other
General
Check archive.org
Download Go to
Full URL
https://onlyrtk.top/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a3bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://onlyrtk.top
Referer
https://onlyrtk.top/lnd?externalid=3ea3180b3b6f29e470dad9972fcfe7bf&a=5104&toto=1754102

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydX75OaWRPOt17U1NJQpRNiluPSf9MGCrYUiL0R7VEHTBgtV8HJhaPf%2BVbtcnaAk4jzMQ5S2ula3ieFiU7%2BzvBRT5APlKhojIjnBVgt9CyoxaPKSTrPka00JtC38T6%2Fid%2BPBXreWPlXpHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa60c9df1a0f77-EWR
access-control-allow-origin
https://onlyrtk.top
content-length
128
date
Sun, 29 Sep 2024 07:49:42 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
eac6bb60-364a-4231-7feb-ad79be50e089.jpeg
tonplace.ams3.cdn.digitaloceanspaces.com/photos/279/w600h600/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tonplace.ams3.cdn.digitaloceanspaces.com/photos/279/w600h600/eac6bb60-364a-4231-7feb-ad79be50e089.jpeg
Requested by
Host: onlyrtk.top
URL: https://onlyrtk.top/lnd?externalid=3ea3180b3b6f29e470dad9972fcfe7bf&a=5104&toto=1754102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62cc735e4da046f4660c364d2a4e97ce6cce7bad0b63f28a98df04ab78121e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://onlyrtk.top/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status
HIT
etag
"e5955650d31b83321eef4091da0ed0ba"
date
Sun, 29 Sep 2024 07:49:42 GMT
x-rgw-object-type
Normal
content-type
binary/octet-stream
x-do-cdn-uuid
57ba8381-2baf-4e90-b5ef-0eed583aefb4
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 31 Jul 2024 07:31:32 GMT
x-amz-meta-content-type
image/jpeg
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=604800
x-amz-request-id
tx00000c63277f89dfe331e-0066ac916f-674b77f9-ams3c
cf-ray
8caa60cabb266991-PHL
accept-ranges
bytes
content-length
62094
server
cloudflare
favicon.ico
onlyrtk.top/ 		24 B
481 B 		Other
General
Check archive.org
Download Go to
Full URL
https://onlyrtk.top/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a3bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3c4292e34fd85227920c03447164929ccf8cebeef167a9026f3ccddf2a9252

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://onlyrtk.top/lnd?externalid=3ea3180b3b6f29e470dad9972fcfe7bf&a=5104&toto=1754102

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
EXPIRED
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jfNBpmYSQo7al%2BQ2qYVQg0KvymenpUfrVZ3ccd6IgrTceM0SgM2yYkuGAUMFRYUtxs8mtzLmno3yFQdzrAm%2BYJOV9sPjvejimQhKmmIGSirbitz%2FPXD29SC9go4EQX0KYt%2B1X7evLtR36w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa60cb5fde0f77-EWR
date
Sun, 29 Sep 2024 07:49:42 GMT
content-type
text/html; charset=utf-8
last-modified
Thu, 05 Sep 2024 15:13:46 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setCookie function| getCookie function| startCountdown

5 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: o8t7NE-4c6e412eb3fb06bb57-00F
mtika.top/ Name: U-eb160de1de89d9058fcb0b968dbbbd68
Value: unique
mtika.top/ Name: o_eb160de1de89d9058fcb0b968dbbbd68
Value: fa67803b-515d-46a2-bcc0-89b2afc9224b
onlyrtk.top/ Name: FCI
Value: 3ea3180b3b6f29e470dad9972fcfe7bf
onlyrtk.top/ Name: countdownEnd
Value: 1727606982073

1 Console Messages

Source Level URL
Text
network error URL: https://onlyrtk.top/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()