entry1286-jsround2.usercontent.dev Open in urlscan Pro
178.128.255.27 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://entry1286-jsround2.usercontent.dev/
Submission Tags: @phish_report
Submission: On October 09 via api (October 9th 2024, 7:59:56 pm UTC) from FI — Scanned from NL

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 178.128.255.27, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is entry1286-jsround2.usercontent.dev.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 19th 2023. Valid for: a year.

This is the only time entry1286-jsround2.usercontent.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
17	178.128.255.27 178.128.255.27		14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
18	2

17 178.128.255.27 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

entry1286-jsround2.usercontent.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	usercontent.dev entry1286-jsround2.usercontent.dev	279 KB
18	1

	Domain	Requested by
17	entry1286-jsround2.usercontent.dev	entry1286-jsround2.usercontent.dev
18	1

This site contains no links.

Subject Issuer	Validity	Valid
*.usercontent.dev Go Daddy Secure Certificate Authority - G2	`2023-09-19` - `2024-10-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://entry1286-jsround2.usercontent.dev/
Frame ID: 179129DEC1DE8228DFB276AC7846FC27
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram Lightweight Client Contest

Page Statistics

18
Requests

94 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

279 kB
Transfer

721 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response entry1286-jsround2.usercontent.dev/	18 KB 4 KB	140ms 42ms	Document text/html	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `f7627df8ed80df0cf4f7f13c2f84b7bce4d0210b47976c35faae6563b4f43d1c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 09 Oct 2024 21:10:07 GMT ETag W/"5ed4e947-48df" Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3 Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	bundle.min.css entry1286-jsround2.usercontent.dev/styles/	54 KB 10 KB	43ms 35ms	Stylesheet text/css	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `f6bd3c4c7ae23fa8726b853b2d1d25c423e943002c23111998a4a774d3dc4287` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Transfer-Encoding chunked Content-Encoding gzip ETag W/"5ed4e947-d920" Connection keep-alive Date Wed, 09 Oct 2024 21:10:07 GMT Content-Type text/css Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3 Vary Accept-Encoding
GET H/1.1	200 OK	BigInteger.min.js Show response entry1286-jsround2.usercontent.dev/scripts/vendor/big-integer/	31 KB 8 KB	96ms 27ms	Script application/javascript	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/scripts/vendor/big-integer/BigInteger.min.js Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `510d3c8536cf78127dd53319664f8ad80a3e1eb02fc284cbe6776d1b50cf91ae` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Transfer-Encoding chunked Content-Encoding gzip ETag W/"5ed4e947-7c73" Connection keep-alive Date Wed, 09 Oct 2024 21:10:07 GMT Content-Type application/javascript; charset=UTF-8 Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3 Vary Accept-Encoding
GET H/1.1	200 OK	bundle.min.js Show response entry1286-jsround2.usercontent.dev/scripts/	343 KB 101 KB	265ms 193ms	Script application/javascript	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/scripts/bundle.min.js Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `c47c9e031f6608eb2e35639b8b54c08d685a5e793006160dd99240415b0c51bf` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Transfer-Encoding chunked Content-Encoding gzip ETag W/"5ed4e947-55aef" Connection keep-alive Date Wed, 09 Oct 2024 21:10:07 GMT Content-Type application/javascript; charset=UTF-8 Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3 Vary Accept-Encoding
GET H/1.1	200 OK	lottie_light.min.js Show response entry1286-jsround2.usercontent.dev/scripts/vendor/lottie/	147 KB 41 KB	195ms 123ms	Script application/javascript	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/scripts/vendor/lottie/lottie_light.min.js Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `15c2ac5123fe8eb0839c79f717d8be3441ddd8b0c7fc45c2a572c41f1a4520fb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Transfer-Encoding chunked Content-Encoding gzip ETag W/"5ed4e947-24bd0" Connection keep-alive Date Wed, 09 Oct 2024 21:10:07 GMT Content-Type application/javascript; charset=UTF-8 Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3 Vary Accept-Encoding
GET H/1.1	200 OK	pako_inflate.min.js Show response entry1286-jsround2.usercontent.dev/scripts/vendor/pako/	22 KB 8 KB	133ms 62ms	Script application/javascript	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/scripts/vendor/pako/pako_inflate.min.js Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `ff794daf49c42d4246cf8a7a66c9525a74b58db0dc015e5c8602a6ab8faa1b2d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Transfer-Encoding chunked Content-Encoding gzip ETag W/"5ed4e947-5899" Connection keep-alive Date Wed, 09 Oct 2024 21:10:07 GMT Content-Type application/javascript; charset=UTF-8 Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3 Vary Accept-Encoding
GET H/1.1	200 OK	logo.svg entry1286-jsround2.usercontent.dev/images/	981 B 1 KB	28ms 28ms	Image image/svg+xml	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://entry1286-jsround2.usercontent.dev/images/logo.svg Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `aded800180de99b81f502c11501cf7b5c3165421ccf7794fef0f720893d0c551` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Response headers ETag "5ed4e947-3d5" Connection keep-alive Accept-Ranges bytes Content-Length 981 Date Wed, 09 Oct 2024 21:10:08 GMT Content-Type image/svg+xml Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3
GET H/1.1	200 OK	input-autocomplete-icon-open.svg entry1286-jsround2.usercontent.dev/images/	667 B 909 B	30ms 30ms	Image image/svg+xml	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://entry1286-jsround2.usercontent.dev/images/input-autocomplete-icon-open.svg Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `37060021914267d516d3993e43b546892cbbd06b45424007ae1a9f279d4e82bb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Response headers ETag "5ed4e947-29b" Connection keep-alive Accept-Ranges bytes Content-Length 667 Date Wed, 09 Oct 2024 21:10:08 GMT Content-Type image/svg+xml Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3
GET H/1.1	200 OK	checkbox-checked.svg entry1286-jsround2.usercontent.dev/images/	839 B 1 KB	33ms 33ms	Image image/svg+xml	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://entry1286-jsround2.usercontent.dev/images/checkbox-checked.svg Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `86c989d5374a46bc81d0f04cf1207c721bb1e180e8487ca8d00718cc938acd9a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Response headers ETag "5ed4e947-347" Connection keep-alive Accept-Ranges bytes Content-Length 839 Date Wed, 09 Oct 2024 21:10:08 GMT Content-Type image/svg+xml Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3
GET H/1.1	200 OK	phone-edit-icon.svg entry1286-jsround2.usercontent.dev/images/	773 B 1015 B	24ms 24ms	Image image/svg+xml	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://entry1286-jsround2.usercontent.dev/images/phone-edit-icon.svg Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `0827ca403310cf2d46e04272acc323bab9cd5a2f57a57d26d16f3f6cab10cc5a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Response headers ETag "5ed4e947-305" Connection keep-alive Accept-Ranges bytes Content-Length 773 Date Wed, 09 Oct 2024 21:10:08 GMT Content-Type image/svg+xml Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3
GET H/1.1	200 OK	input-password-icon.svg entry1286-jsround2.usercontent.dev/images/	712 B 954 B	31ms 30ms	Image image/svg+xml	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://entry1286-jsround2.usercontent.dev/images/input-password-icon.svg Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `ee9059a4b059a878481a9f0344760185b3c76aa9ec5d3c8ffc8011bc7f9f187b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://entry1286-jsround2.usercontent.dev/styles/bundle.min.css Response headers ETag "5ed4e947-2c8" Connection keep-alive Accept-Ranges bytes Content-Length 712 Date Wed, 09 Oct 2024 21:10:08 GMT Content-Type image/svg+xml Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3
GET H/1.1	200 OK	TwoFactorSetupMonkeyIdle.tgs Show response entry1286-jsround2.usercontent.dev/anims/	6 KB 6 KB	28ms 28ms	Fetch application/octet-stream	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/anims/TwoFactorSetupMonkeyIdle.tgs Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/scripts/bundle.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `02cd3fc7070538ec8d12ede7d2cba21e2e48393e50b24d67fbd40d6c86da7471` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers ETag "5ed4e947-17c8" Connection keep-alive Accept-Ranges bytes Content-Length 6088 Date Wed, 09 Oct 2024 21:10:08 GMT Content-Type application/octet-stream Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3
GET		worker.js entry1286-jsround2.usercontent.dev/scripts/	0 0

GET H/1.1	404 Not Found	favicon.ico entry1286-jsround2.usercontent.dev/	571 B 421 B	32ms 32ms	Other text/html	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `b1e5fc0c284e4b731279af7c700e87572a938d50cd905cb9c2d45ddbc7ba124d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Transfer-Encoding chunked Content-Encoding gzip Date Wed, 09 Oct 2024 21:10:08 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server nginx/1.10.3 Connection keep-alive
GET H/1.1	200 OK	TwoFactorSetupMonkeyTracking.tgs Show response entry1286-jsround2.usercontent.dev/anims/	13 KB 13 KB	54ms 54ms	Fetch application/octet-stream	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/anims/TwoFactorSetupMonkeyTracking.tgs Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/scripts/bundle.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `cf3a826ff2d5367ab566421261d3f69ad482c557022e4d7b1348a2f52d1d6ea8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers ETag "5ed4e947-3205" Connection keep-alive Accept-Ranges bytes Content-Length 12805 Date Wed, 09 Oct 2024 21:10:08 GMT Content-Type application/octet-stream Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3
GET H/1.1	200 OK	TwoFactorSetupMonkeyClose.tgs Show response entry1286-jsround2.usercontent.dev/anims/	27 KB 28 KB	54ms 54ms	Fetch application/octet-stream	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/anims/TwoFactorSetupMonkeyClose.tgs Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/scripts/bundle.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `0af3ae0086bad42bf4548007949a18a2c5f649a257b9023a337de7f309df7e5a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers ETag "5ed4e947-6d1b" Connection keep-alive Accept-Ranges bytes Content-Length 27931 Date Wed, 09 Oct 2024 21:10:08 GMT Content-Type application/octet-stream Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3
GET H/1.1	200 OK	TwoFactorSetupMonkeyCloseAndPeek.tgs Show response entry1286-jsround2.usercontent.dev/anims/	27 KB 28 KB	54ms 54ms	Fetch application/octet-stream	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/anims/TwoFactorSetupMonkeyCloseAndPeek.tgs Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/scripts/bundle.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `a5e118263eb5f34010b292f5e98409346f2d40dd3f44bc85785d97fdafebaa4a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers ETag "5ed4e947-6dcb" Connection keep-alive Accept-Ranges bytes Content-Length 28107 Date Wed, 09 Oct 2024 21:10:08 GMT Content-Type application/octet-stream Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3
GET H/1.1	200 OK	TwoFactorSetupMonkeyCloseAndPeekToIdle.tgs Show response entry1286-jsround2.usercontent.dev/anims/	28 KB 28 KB	54ms 54ms	Fetch application/octet-stream	178.128.255.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://entry1286-jsround2.usercontent.dev/anims/TwoFactorSetupMonkeyCloseAndPeekToIdle.tgs Requested by Host: entry1286-jsround2.usercontent.dev URL: https://entry1286-jsround2.usercontent.dev/scripts/bundle.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 / Resource Hash `83a67f9c0792dab16575f972853670b4138348a15a0e16cc3f247391aa0caf26` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers ETag "5ed4e947-6e41" Connection keep-alive Accept-Ranges bytes Content-Length 28225 Date Wed, 09 Oct 2024 21:10:09 GMT Content-Type application/octet-stream Last-Modified Mon, 01 Jun 2020 11:40:55 GMT Server nginx/1.10.3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: entry1286-jsround2.usercontent.dev
URL: https://entry1286-jsround2.usercontent.dev/scripts/worker.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://entry1286-jsround2.usercontent.dev/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://entry1286-jsround2.usercontent.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
worker	info	URL: https://entry1286-jsround2.usercontent.dev/scripts/worker.js Message: worker received request for 267d61c01a3ee0d1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

entry1286-jsround2.usercontent.dev
entry1286-jsround2.usercontent.dev
178.128.255.27
02cd3fc7070538ec8d12ede7d2cba21e2e48393e50b24d67fbd40d6c86da7471
0827ca403310cf2d46e04272acc323bab9cd5a2f57a57d26d16f3f6cab10cc5a
0af3ae0086bad42bf4548007949a18a2c5f649a257b9023a337de7f309df7e5a
15c2ac5123fe8eb0839c79f717d8be3441ddd8b0c7fc45c2a572c41f1a4520fb
37060021914267d516d3993e43b546892cbbd06b45424007ae1a9f279d4e82bb
510d3c8536cf78127dd53319664f8ad80a3e1eb02fc284cbe6776d1b50cf91ae
83a67f9c0792dab16575f972853670b4138348a15a0e16cc3f247391aa0caf26
86c989d5374a46bc81d0f04cf1207c721bb1e180e8487ca8d00718cc938acd9a
a5e118263eb5f34010b292f5e98409346f2d40dd3f44bc85785d97fdafebaa4a
aded800180de99b81f502c11501cf7b5c3165421ccf7794fef0f720893d0c551
b1e5fc0c284e4b731279af7c700e87572a938d50cd905cb9c2d45ddbc7ba124d
c47c9e031f6608eb2e35639b8b54c08d685a5e793006160dd99240415b0c51bf
cf3a826ff2d5367ab566421261d3f69ad482c557022e4d7b1348a2f52d1d6ea8
ee9059a4b059a878481a9f0344760185b3c76aa9ec5d3c8ffc8011bc7f9f187b
f6bd3c4c7ae23fa8726b853b2d1d25c423e943002c23111998a4a774d3dc4287
f7627df8ed80df0cf4f7f13c2f84b7bce4d0210b47976c35faae6563b4f43d1c
ff794daf49c42d4246cf8a7a66c9525a74b58db0dc015e5c8602a6ab8faa1b2d

entry1286-jsround2.usercontent.dev Open in urlscan Pro 178.128.255.27 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

94 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

279 kBTransfer

721 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

entry1286-jsround2.usercontent.dev Open in urlscan Pro
178.128.255.27 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

279 kB
Transfer

721 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!