Report - www.roblox.com.kz/create/chopgens

Report Overview

Visited public
2023-08-25 14:24:48
Tags
Submit Tags
URL
www.roblox.com.kz/create/chopgens
Finishing URL
www.roblox.com.kz/create/chopgens
IP / ASN
67.217.56.83
#19318 IS-AS-1
Title
CHOP GEN - Link Creator

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-24 18:12:03	1.3 kB	2.8 kB	142.250.74.131
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-08-25 05:00:51	454 B	161 kB	104.18.11.207
www.roblox.com.kz	unknown	2022-08-16	2021-05-20 08:03:58	2023-08-02 04:30:13	1.2 kB	5.2 kB	67.217.56.83
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-08-24 18:12:16	899 B	25 kB	151.101.1.229
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-08-25 05:11:26	412 B	31 kB	69.16.175.42
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-08-25 02:23:38	531 B	32 kB	216.58.207.227
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12 16:01:39	2023-08-25 05:08:58	340 B	942 B	54.230.80.227
previews.123rf.com	22502	2005-03-04	2014-10-31 12:40:58	2023-08-24 15:06:54	519 B	116 kB	143.204.55.12
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-08-25 04:02:02	462 B	4.3 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-08-25	medium	roblox.com.kz	Sinkholed
2023-08-25	medium	roblox.com.kz	Sinkholed
2023-08-25	medium	roblox.com.kz	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/sweetalert2@11.1.2/dist/sweetalert2.all.min.js	ScriptElement	64 kB	2023-05-31	2025-07-05
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11.1.2/dist/sweetalert2.all.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 16:10 Last Seen2025-07-05 20:50 Times Seen4 Hash e1126479b595a17f5a302192ea09082b ec863e4b32964829419a2ded0d1b4c1a2a801dc0 e66f0f10ac757cfcb01e5b21799b034ea361f87966d83d3ffae587ea5bf03b06 Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-07-16
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 08:26 Times Seen244754 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.roblox.com.kz/assets/createdual/js/scripts.js	ScriptElement	8.7 kB	2023-08-25	2023-08-25
Pretty URL www.roblox.com.kz/assets/createdual/js/scripts.js IP 67.217.56.83 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 16:24 Last Seen2023-08-25 16:24 Times Seen1 Hash 9fc17b231cfc9a3733f20d2ba2b57fff 597d005c7da7ae7a48699925d9fc8472598e44ab 5c555a50242cf7b2e70331638398d375687607a25e1083703c6902d35e7cf026 Loading...

HTTP Transactions (15)

URL IP Response Size

GET www.roblox.com.kz/create/chopgens

67.217.56.83

200 OK

1.0 kB

URL User Request GET HTTP/1.1
www.roblox.com.kz/create/chopgens
IP
67.217.56.83:80
ASN
#19318 IS-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.0 kB (1010 bytes)
Hash
a37a0f8c802d8b4f25dd40333a300a7c
6956620de164c3bbc4e246795c038c8a25f488b3
1a46f9e1f09a775929f487cec8057be955acea8472a1bcc972f3c48779bcfad5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /create/chopgens HTTP/1.1
Host: www.roblox.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Aug 2023 14:24:31 GMT
Server: Apache/2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=tk4pm8k42e15vfa4eep54i63h4; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1010
Keep-Alive: timeout=2, max=100
Content-Type: text/html; charset=UTF-8

GET cdn.jsdelivr.net/npm/sweetalert2@11.1.2/dist/sweetalert2.min.css

151.101.1.229

200 OK

4.6 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11.1.2/dist/sweetalert2.min.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
http://www.roblox.com.kz/create/chopgens
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (22731), with no line terminators
Size
4.6 kB (4559 bytes)
Hash
f62883ebf52031323a99699381ce85d6
1fd43b72b1b46394f8e013b6251fe280e06cbaa1
79fa5bac8d8baa2dac2f92f9913ef0b7a9bb0763acc65ac7e2c0be7b56c1124e

HTTP Headers

GET /npm/sweetalert2@11.1.2/dist/sweetalert2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.roblox.com.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.1.2
x-jsd-version-type: version
etag: W/"58cb-H9Q7crG0Y5T44BO2JR/igOBsuqE"
content-encoding: br
accept-ranges: bytes
date: Fri, 25 Aug 2023 14:24:32 GMT
age: 1924741
x-served-by: cache-fra-eddf8230079-FRA, cache-bma1654-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4559
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/sweetalert2@11.1.2/dist/sweetalert2.all.min.js

151.101.1.229

200 OK

19 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11.1.2/dist/sweetalert2.all.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
http://www.roblox.com.kz/create/chopgens
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (41337)
Size
19 kB (18580 bytes)
Hash
e1126479b595a17f5a302192ea09082b
ec863e4b32964829419a2ded0d1b4c1a2a801dc0
e66f0f10ac757cfcb01e5b21799b034ea361f87966d83d3ffae587ea5bf03b06

HTTP Headers

GET /npm/sweetalert2@11.1.2/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.roblox.com.kz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.1.2
x-jsd-version-type: version
etag: W/"fb4a-7IY+SzKWSClBmi3tDRtMGiqAHcA"
content-encoding: br
accept-ranges: bytes
date: Fri, 25 Aug 2023 14:24:32 GMT
age: 732118
x-served-by: cache-fra-etou8220067-FRA, cache-bma1654-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18580
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.6.0.min.js

69.16.175.42

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
http://www.roblox.com.kz/create/chopgens
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.roblox.com.kz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Aug 2023 14:24:32 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1692973472.dop023.sk1.t,1692973472.cds224.sk1.hn,1692973472.cds210.sk1.c
X-Firefox-Spdy: h2

GET www.roblox.com.kz/assets/createdual/css/styles.css

67.217.56.83

200 OK

769 B

URL GET HTTP/1.1
www.roblox.com.kz/assets/createdual/css/styles.css
IP
67.217.56.83:80
ASN
#19318 IS-AS-1

Requested by
http://www.roblox.com.kz/create/chopgens

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
769 B (769 bytes)
Hash
2d181b551f4da8236a0e9777f2ccf9bc
518056eba1b701485022f4834c79403c6ef92c7d
13dae7e9197d0d076bc6f5d6ac61a50120273ddbecf767328c0f92f278e27e03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/createdual/css/styles.css HTTP/1.1
Host: www.roblox.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.roblox.com.kz/create/chopgens
Cookie: PHPSESSID=tk4pm8k42e15vfa4eep54i63h4
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Aug 2023 14:24:32 GMT
Server: Apache/2
Last-Modified: Sat, 19 Aug 2023 01:58:20 GMT
ETag: "c62-6033cfabee700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 769
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css

GET www.roblox.com.kz/assets/createdual/js/scripts.js

67.217.56.83

200 OK

2.3 kB

URL GET HTTP/1.1
www.roblox.com.kz/assets/createdual/js/scripts.js
IP
67.217.56.83:80
ASN
#19318 IS-AS-1

Requested by
http://www.roblox.com.kz/create/chopgens

File type
Unicode text, UTF-8 text, with very long lines (1867), with CRLF line terminators
Size
2.3 kB (2294 bytes)
Hash
9fc17b231cfc9a3733f20d2ba2b57fff
597d005c7da7ae7a48699925d9fc8472598e44ab
5c555a50242cf7b2e70331638398d375687607a25e1083703c6902d35e7cf026

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/createdual/js/scripts.js HTTP/1.1
Host: www.roblox.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.roblox.com.kz/create/chopgens
Cookie: PHPSESSID=tk4pm8k42e15vfa4eep54i63h4
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Aug 2023 14:24:32 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 22 Aug 2023 23:22:02 GMT
ETag: "21e6-6038b43237a80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2294
Keep-Alive: timeout=2, max=100
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8e74102f303b0535c8587d521395cebe
936e529d5828ae70021800db8db848b3d632c4d6
068d6139df8cb1c07f39a092a7894b13d5683b6ce7017252f9b2359671794f1b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Aug 2023 14:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8e74102f303b0535c8587d521395cebe
936e529d5828ae70021800db8db848b3d632c4d6
068d6139df8cb1c07f39a092a7894b13d5683b6ce7017252f9b2359671794f1b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Aug 2023 14:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eabedde19de92ba362e059f86a21228a
bb7d5fdb0dfc83d382342048727762c7ecbe9b65
4cd337791925978e75fba004c32ec1b38867aec24988be8802f46e102e3f76e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Aug 2023 14:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://www.roblox.com.kz/create/chopgens
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.roblox.com.kz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:21:56 GMT
expires: Fri, 23 Aug 2024 15:21:56 GMT
cache-control: public, max-age=31536000
age: 82956
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eabedde19de92ba362e059f86a21228a
bb7d5fdb0dfc83d382342048727762c7ecbe9b65
4cd337791925978e75fba004c32ec1b38867aec24988be8802f46e102e3f76e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Aug 2023 14:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9b0a1f4a3b29f2fb04237945c55d38c0
6977e0c5ebebdc57af34f1f76c56177f73e8d3ea
e9866bf9c9e7ddd120055dca581cf10527e79fea0f4d8cd7ce677e28545e0125

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 25 Aug 2023 14:24:32 GMT
Last-Modified: Fri, 25 Aug 2023 13:22:17 GMT
Server: ECAcc (amb/6AFD)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fV8C582XdgAFtUPMq3Ba_Tn36fOkVLpxEqEbIfXiTaZC_LQf_AHytA==
Age: 3735

GET previews.123rf.com/images/ionutparvu/ionutparvu1612/ionutparvu161200253/67602020-chop-stamp-sign-text-word-logo-green.jpg

143.204.55.12

200 OK

115 kB

URL GET HTTP/2
previews.123rf.com/images/ionutparvu/ionutparvu1612/ionutparvu161200253/67602020-chop-stamp-sign-text-word-logo-green.jpg
IP
143.204.55.12:443
ASN
#16509 AMAZON-02

Requested by
http://www.roblox.com.kz/create/chopgens
Certificate
IssuerAmazon
Subject123rf.com
FingerprintBF:0B:87:B3:A0:D6:D4:4F:5E:89:8F:32:61:75:8D:49:08:7C:22:96
ValidityTue, 09 May 2023 00:00:00 GMT - Thu, 06 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, description=CHOP stamp sign text word logo green.], progressive, precision 8, 1300x1300, components 3\012- data
Size
115 kB (115446 bytes)
Hash
1cd507d3c0d9ada7b43898110c732d19
6ed80ebde269308434eb36bc845a4174f6fac9fc
99e055616f1ee0ed1cc96bece9cd5d7acdcab888d896dab47976696fcfb94d74

HTTP Headers

GET /images/ionutparvu/ionutparvu1612/ionutparvu161200253/67602020-chop-stamp-sign-text-word-logo-green.jpg HTTP/1.1
Host: previews.123rf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.roblox.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 115446
x-amz-id-2: qUd8Mn0/fQtxXITG/f3htBJ5V0GQCEQT4rEuZ7KtPkGf4Sf8W20VYGC02f1hu6lFlKuMdD3Rmfo=
x-amz-request-id: NDJJWTS928E22BNB
date: Fri, 25 Aug 2023 14:24:33 GMT
last-modified: Thu, 12 Nov 2020 23:47:47 GMT
etag: "1cd507d3c0d9ada7b43898110c732d19"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hxWcaZhbG8r99QZaDFs3x6QKKxth03cHPNmRsZ3b-616cI9vWN3DXw==
vary: Origin
X-Firefox-Spdy: h2

GET maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

104.18.11.207

200 OK

160 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.roblox.com.kz/create/chopgens
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65326)
Size
160 kB (160302 bytes)
Hash
816af0eddd3b4822c2756227c7e7b7ee
c470239d4c7db36d56dc3a74a080c62218c6edc4
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

HTTP Headers

GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.roblox.com.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Aug 2023 14:24:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 08/03/2021 15:44:07
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 0c835de6853c3382b93a518481c93460
cdn-cache: HIT
cf-cache-status: HIT
age: 26137728
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7fc47fc7ddb1b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

142.250.74.106

200 OK

3.7 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://www.roblox.com.kz/create/chopgens
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint94:C0:54:E4:BA:6C:E0:93:C6:8F:D9:27:1C:74:6F:E8:CE:6E:E2:BA
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (3750), with no line terminators
Size
3.7 kB (3660 bytes)
Hash
38757b12473d675c983c7470ee1f0a61
a129ecb417196eb43f4bbf84136628b307841f9f
e23eda003a31081a7bc1de26b2f75501a8d946f247ce2af4fd6765eddb7f6e62

HTTP Headers

GET /css2?family=Montserrat:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.roblox.com.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Aug 2023 14:24:32 GMT
date: Fri, 25 Aug 2023 14:24:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1