Ktkt ru

Ktkt.ru Traffic Analysis

If you are using an old bookmark, there is a good chance the file might have moved.

So far, I am not sure what these scans are about. Is anybody else seeing this or know more about what may be happening? The combination of «CONNECT» requests and OCSP requests may suggest that someone is attempting to use my honeypot as a proxy or has it misconfigured as a proxy. But there is no payload to the OCSP requests.

Any ideas about what may be happening here?

HTTP/2 (Hypertext Transfer Protocol version 2) is a major revision of the HTTP protocol, which is the foundation of data communication on the World Wide Web. It was developed as an improvement over the previous HTTP/1.1 version to enhance web performance and efficiency.

*HypeStat.com is not promoting or affiliated with ktkt.ru in any way. Only publicly available statistics data are displayed.

Domain: ktkt.ru Rank:
(Rank based on keywords, cost and organic traffic) 13,993,017 Organic Keywords:
(Number of keywords in top 20 Google SERP) 56 Organic Traffic:
(Number of visitors coming from top 20 search results) 3 Organic Cost:
((How much need to spend if get same number of visitors from Google Adwords) Possible causes are:.00

Desktop summary

Server IP: 195.98.95.114 ASN: AS6856 ISP: Ic-voronezh Server Location: Voronezh
Voronezhskaya Oblast’, VOR
394000
Russia, RU

An SSL (Secure Sockets Layer) certificate is a digital certificate that establishes a secure encrypted connection between a web server and a user’s web browser. It provides authentication and encryption, ensuring that data transmitted between the server and the browser remains private and protected. ktkt.ru supports HTTPS.

404 from the Web Server at oldradio.com

Nice 94.3 la ke buena

Root domain: ktkt.ru Enforcement:
(Chrome is not preventing your site from opening new windows or tabs.) Off Status:
(The status of the site reviewed for the abusive experiences.) Not reviewed

Google.com would generate approximately $1.8 per day if the source of income were advertisements, which equates to an estimated monthly revenue of $52.5 and annual gross revenue of approximately $638.8. Based on these figures, the site’s net worth is estimated at around $1.5K.

Mobile summary

Google Safe Browsing is a service provided by Google that helps protect users from visiting websites that may contain malicious or harmful content, such as malware, phishing attempts, or deceptive software.

DNS entries (Domain Name System) are a critical component of the Internet infrastructure. They act as directories that translate human-readable domain names (such as example.com) to machine-readable IP addresses. DNS records are stored on DNS servers and help forward internet traffic efficiently.

These are the technologies used at ktkt.ru. ktkt.ru has a total of 6 technologies installed in 8 different categories.

La Buena 94.3 (KTKT 990 AM) is a Spanish Adult Contemporary radio station licensed to Tucson, AZ, and serves the Tucson radio market. The station is currently owned by Lotus Communications.

Ktkt.ru may be hosted in multiple data centers distributed in different locations around the world. This is probably just one of them.

Daily Revenue: $1.75 Monthly Revenue: $52.50 Yearly Revenue: $638.75 *All earnings values are estimates only.

Abusive Experience Report ▼

Common Name: ktkt.ru
Organization:
Location:
Issuer: R3
Valid from: Feb 16 08:47:22 2021 GMT
Valid until: May 17 08:47:22 2021 GMT
Authority: Is not a CA
Keysize:

*HypeStat.com is not promoting or affiliated with ktkt.ru in any way. Only publicly available statistics data are displayed.

Ktkt.ru is ranked #4,406,547 in the world. This website is viewed by an estimated 3.6K visitors daily, generating a total of 4.3K pageviews. This equates to about 107.6K monthly visitors.

Retrieved from «https://en.wikipedia.org/wiki/Special:Badtitle»

Website compression is the process of reducing the size of website files, such as HTML, CSS, JavaScript, and image files, to improve website performance and load times. Compressing website files can significantly reduce the amount of data that needs to be transferred from the server to the user’s browser, resulting in faster page load times and improved user experience. Files on ktkt.ru are reduced by 72%.

Daily Revenue Loss: Search engine indexes are huge databases or collections of net pages that search engines like google like google and yahoo use to retrieve applicable facts while customers carry out searches. These indexes are created through search engines like google and yahoo through crawling and indexing net pages from throughout the internet..10 Monthly Revenue Loss: $3.14 Yearly Revenue Loss: $38.24 Daily Pageviews Blocked: 256 Monthly Pageviews Blocked: 7,666 Yearly Pageviews Blocked: 93,272

Recently Analyzed Sites

The same source IP also attempted CONNECT requests to these hostnames, indicating that they may be looking for a proxy.

Root domain: ktkt.ru Ad filtering:
(Chrome is not filtering ads on your site.) Off Status:
(The status of the site that is reviewed for the Better Ads Standards.) Not reviewed

• Use Show/Hide ESTIMATED data form to hide (Website worth, Daily ads revenue, Daily Visits, Daily Pageviews)
• Use Show/Hide WHOIS data form to hide whois data
• Use Remove form to remove all data
• If you have any problem with REMOVE/HIDE your data just drop an email at support (at) hypestat.com and we will remove/hide your site data manualy.

GET /itcom2020/ocsp.srf HTTP/1.1
User-Agent: fasthttp
Host: service.itk23.ru

SEMrush is a complete on line advertising and marketing platform that gives a extensive variety of gear and functions to help companies and entrepreneurs in enhancing their on line visibility and optimizing their virtual advertising and marketing strategies.

Domain WHOIS is a public database that provides information about domain names, including registered owners, contact information, domain registrars, registration and expiration dates, name servers, and other relevant information. Domain registration for this website began on June 4, 2006 and will expire on October 2, 2024 if not renewed. This website is now assigned through the registrar . The WHOIS data for this website’s domain was last updated on October 2, 2024.

Top Sites

Initially, I figured that they may be searching for private CAs. But the requests are repetitive to particular IP addresses—the «fasthttp» user-agent points to a client written in Go.

Common Name: R3
Organization: Let’s Encrypt
Location: US
Issuer: DST Root CA X3
Valid from: Oct 7 19:21:40 2020 GMT
Valid until: Sep 29 19:21:40 2021 GMT
Authority: Is a CA
Keysize: 2048 Bits

Install HypeStat extension in your browser to see statistics and technologies used with one click.

GET /ocsp/ocsp.srf HTTP/1.1
User-Agent: fasthttp
Host: uc.ktkt.ru

OCSP, the «Online Certificate Status Protocol,» is a more modern alternative to «CRL»s (Certificate Revocation Lists). A client connecting via TLS will receive an OCSP URL as part of the certificate. OCSP implements a web service that may be used to verify if the certificate is still «good.» Alternatively, the TLS server may attach a recently created OCSP message with the certificate («OCSP Stapling»). For Let’s Encrypt, for example, the OCSP URL is http://r3.o.lencr.org. A typical OCSP request would include additional data on the URL.

Daily Unique Visitors: 3,550 Monthly Visits: 107,565 Pages per Visit: 1.20 Daily Pageviews: 4,259 Avg. visit duration: n/a Bounce rate: n/a Global Reach: 7.2E-5% HypeRank: 4,406,547 SEMrush Rank: 13,993,017 *All traffic values are estimates only.

Last night, I noticed a lot of requests to one of our honeypots for «/ocsp.srf» and «/itcom2020/ocsp.srf». The requests all looked very similar:

—
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

Whois Lookup ▼

The requested page title is invalid. It may be empty, contain unsupported characters, or include a non-local or incorrectly linked interwiki prefix. You may be able to locate the desired page by searching for its name (with the interwiki prefix, if any) in the search box.

Too many repeated programs on holiday

Browser Extension

Источники:

https://www.oldradio.com/archives/stations/tus/tusradio.htm&rut=c30d42c0e8a357fa0601c2d4ca1754fe0a37de23ad8ad708df6e87dc4b2226d9
https://hypestat.com/info/ktkt.ru&rut=6245299cead06178dacf15d1efb53dcd8a790773e1eccc7e7204673ce87f744b
https://www.instagram.com/ktktv/&rut=7652c4c730888b5e19e58ef3714a29716b8094394afa4cce82f1af129a56cf8e
https://isc.sans.edu/diary/Why+is+my+Honeypot+a+Russian+Certificate+Authority/28652/&rut=c15fd7df967951d507da1acf80d370e000d828c7316c1fadac5753d855e59365
https://en.wikipedia.org/wiki/KTKT&rut=2c4e67389dc87d806c1d4741954dd437ca9f95bf1cf53fc34bf22d0dfc2ba691
https://radiostationusa.fm/online/la-buena-943&rut=b6d4c78bb0720eab79abfaeb25d3944437ea0f65338595761cd46371f73a4a81
https://www.youtube.com/channel/UCqEIBvdqW3lDiyU4O_Yn9ug&rut=a3e92b5f14da68b225fedd39ad377a60dd702552a2b03ac55a075f1c212e2d0b
https://ktkt.edu.vn/&rut=71a9199e34bea083ca6e10b81eab95b2759f15b4c73fc22654a7448788179adc