urlscan.io logo urlscan.io
SecurityTrails logo

mwlkxjepoy.sbs Open in urlscan Pro
172.67.176.190  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mwlkxjepoy.sbs/#ce
Effective URL: https://mwlkxjepoy.sbs/
Submission Tags: 0xscam
Submission: On January 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 172.67.176.190, located in United States and belongs to CLOUDFLARENET, US. The main domain is mwlkxjepoy.sbs.
TLS certificate: Issued by WE1 on January 11th 2025. Valid for: 3 months.
This is the only time mwlkxjepoy.sbs was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
1 12 172.67.176.190 13335 (CLOUDFLAR...)
15 2
Apex Domain
Subdomains		 Transfer
12 mwlkxjepoy.sbs
mwlkxjepoy.sbs
77 KB
15 1
Domain Requested by
12 mwlkxjepoy.sbs 1 redirects mwlkxjepoy.sbs
15 1

This site contains links to these domains. Also see Links.

Domain
core.telegram.org
Subject Issuer Validity Valid
mwlkxjepoy.sbs
WE1		 2025-01-11 -
2025-04-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mwlkxjepoy.sbs/
Frame ID: 161D87F7BB34149861D09E7471BF1594
Requests: 9 HTTP requests in this frame

Frame: https://mwlkxjepoy.sbs/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js
Frame ID: 6A7C8C49A4E208BF5911E11FA73A66B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telegram Support

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

15
Requests

67 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

76 kB
Transfer

264 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://mwlkxjepoy.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://mwlkxjepoy.sbs/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mwlkxjepoy.sbs/ 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mwlkxjepoy.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a1ec4afcc981943fccbd39c8c3cd8381054ae3db217a13cf090b35110545a3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
90087cf8be96429e-EWR
content-encoding
zstd
content-type
text/html
date
Sat, 11 Jan 2025 22:54:22 GMT
last-modified
Thu, 09 Jan 2025 09:53:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Nnn%2FdKyBbW9nrPx6hjUMXZ3eHuZsLtfs8KsrpbtZVVPNDkjjhyxt3fwpLoyqVPfVjV4rudGfzxTPrO7oXh4GHVyZ9D4chEixwmudwsa2OVuzOn9CmEeFfFjEIeSWXlMmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=8877&min_rtt=8596&rtt_var=2365&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3894&recv_bytes=2288&delivery_rate=505306&cwnd=254&unsent_bytes=0&cid=c09179dbe09170c1&ts=583&x=0"
vary
Accept-Encoding
bootstrap.min.css
mwlkxjepoy.sbs/files/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mwlkxjepoy.sbs/files/bootstrap.min.css
Requested by
Host: mwlkxjepoy.sbs
URL: https://mwlkxjepoy.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mwlkxjepoy.sbs/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"677f9c88-a61b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F3%2Bk%2FF3bSyUgJW%2BeBr%2Ff9h1uUPOcCNuenSRPHumPOjoZ7B5YATXbSjg%2BWWpIiEZ32qQoiD0OACFJJP9Q7jC%2BGcIG%2FyP4eP0knVjARqgjUpAr02jA7ues5ivQWdW9t4Mrtw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90087cfc5bbc429e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9979&min_rtt=8542&rtt_var=2823&sent=24&recv=17&lost=0&retrans=0&sent_bytes=18751&recv_bytes=2734&delivery_rate=990502&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=1171&x=0"
date
Sat, 11 Jan 2025 22:54:22 GMT
content-type
text/css
last-modified
Thu, 09 Jan 2025 09:53:12 GMT
vary
Accept-Encoding
server
cloudflare
index.css
mwlkxjepoy.sbs/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mwlkxjepoy.sbs/index.css
Requested by
Host: mwlkxjepoy.sbs
URL: https://mwlkxjepoy.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c212d7f877e37e31e5f815aff89652da368f22981004a7e9d3cf867e9c96599

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mwlkxjepoy.sbs/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"677f9c88-580"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QTN4yre3KlyosMqn1rZ%2FgwtUnMFMp7%2FxtVGaKBT8HjacM6xMG7QOImwLw%2FNfcDN%2Fq9r%2FMcd0m%2BQhVs5laHmyYw7MRtr5QztVitI1yOD6mkXGku9Z%2Fod%2F3h3J3eE%2BufdWUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90087cfc6bd5429e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9682&min_rtt=8542&rtt_var=2104&sent=39&recv=19&lost=0&retrans=0&sent_bytes=36098&recv_bytes=2734&delivery_rate=1488614&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=1192&x=0"
date
Sat, 11 Jan 2025 22:54:22 GMT
content-type
text/css
last-modified
Thu, 09 Jan 2025 09:53:12 GMT
vary
Accept-Encoding
server
cloudflare
telegram.css
mwlkxjepoy.sbs/files/ 		113 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mwlkxjepoy.sbs/files/telegram.css
Requested by
Host: mwlkxjepoy.sbs
URL: https://mwlkxjepoy.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fed69363a40e503cfcb65023e8bfdb9b98de62b1b7d938fcfb727fd16066580

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mwlkxjepoy.sbs/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"677f9c88-1c21c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhI7BbC9BhZjeSKJOdgqbBtjpDS1%2FT4wDrGKN6axgSOecYwCFcaXf%2F2TeZ6Fy%2BuEI9kK8cqDqtqI3XD8lbAA29aDL7PBsHAn1B9A3H%2B26C4S7C7XJv83yZX8f3UitEIgNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90087cfc6bd7429e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9353&min_rtt=8542&rtt_var=1377&sent=42&recv=22&lost=0&retrans=0&sent_bytes=37320&recv_bytes=2734&delivery_rate=1488614&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=1412&x=0"
date
Sat, 11 Jan 2025 22:54:22 GMT
content-type
text/css
last-modified
Thu, 09 Jan 2025 09:53:12 GMT
vary
Accept-Encoding
server
cloudflare
i18n.js
mwlkxjepoy.sbs/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwlkxjepoy.sbs/js/i18n.js
Requested by
Host: mwlkxjepoy.sbs
URL: https://mwlkxjepoy.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad7e5604b38a58e74ebfcf5208551752c671234341958e3b1585bd7eea42e9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mwlkxjepoy.sbs/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"677f9c88-d1c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6F6%2FHpmvCsvwy8RlwpKG3OfHJN%2FBc3k20DKZtDUapPICjAkxk0QCZbVXReM5EwMKUiXY3pHaG4ZA%2Ft4%2BoLbstqxCd0X1Wv4fofAkh3bxC%2Ffh7gyE1AmWvjjzFi5NWp3IA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90087cfc6bda429e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8795&min_rtt=8542&rtt_var=648&sent=21&recv=15&lost=0&retrans=0&sent_bytes=16467&recv_bytes=2734&delivery_rate=990502&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=1147&x=0"
date
Sat, 11 Jan 2025 22:54:22 GMT
content-type
application/javascript
last-modified
Thu, 09 Jan 2025 09:53:12 GMT
vary
Accept-Encoding
server
cloudflare
main.js
mwlkxjepoy.sbs/files/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwlkxjepoy.sbs/files/main.js
Requested by
Host: mwlkxjepoy.sbs
URL: https://mwlkxjepoy.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c4d88fd78f3b8efb16f845e75be7f1bb288fdf2fd39d033868a0346db7fadb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mwlkxjepoy.sbs/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"677f9c88-53e6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ziPNBkR8pdc6XNXilmNPu6FXR%2BBbs9ma4S23XE%2FQs05QtKH3yJ8dptb%2BHKhzTjLkoFjLER7ZR0oWMtBrFjH%2FInvudQN%2BqK%2F64D453yI0XJwkxV6n7qdumbfqaJA1DioYOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90087cfc6bdc429e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8846&min_rtt=8596&rtt_var=1383&sent=15&recv=12&lost=0&retrans=0&sent_bytes=9238&recv_bytes=2734&delivery_rate=990502&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=1104&x=0"
date
Sat, 11 Jan 2025 22:54:22 GMT
content-type
application/javascript
last-modified
Thu, 09 Jan 2025 09:53:12 GMT
vary
Accept-Encoding
server
cloudflare
tgsticker.js
mwlkxjepoy.sbs/files/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwlkxjepoy.sbs/files/tgsticker.js
Requested by
Host: mwlkxjepoy.sbs
URL: https://mwlkxjepoy.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f843ec50116b144b274c206d7fe25d70328ea6cf38bfcd349c1647f400c284b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mwlkxjepoy.sbs/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"677f9c88-6019"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xtcrSLo%2FrV56BlY2fwzPiOXqwvUlQHO3JueS%2FRhmlaAPlzAhNFAt%2FX0F2hHW3Rxa7O51YtqGyvwoZbA%2FDKSn%2F1g0b0K4Ke1pN4qTNXVaDGAkdG7Hbz4aoop4ClQoGTy2xw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90087cfc6bdd429e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9682&min_rtt=8542&rtt_var=2104&sent=33&recv=19&lost=0&retrans=0&sent_bytes=28998&recv_bytes=2734&delivery_rate=1488614&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=1187&x=0"
date
Sat, 11 Jan 2025 22:54:22 GMT
content-type
application/javascript
last-modified
Thu, 09 Jan 2025 09:53:12 GMT
vary
Accept-Encoding
server
cloudflare
t_logo_sprite.svg
mwlkxjepoy.sbs/img/ 		23 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwlkxjepoy.sbs/img/t_logo_sprite.svg
Requested by
Host: mwlkxjepoy.sbs
URL: https://mwlkxjepoy.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
832fbefd7a4fe8f651058597d9f1910883d1cbd56d0ceb343e7d6170aeecf982

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mwlkxjepoy.sbs/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"677f9c88-5a4c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BEBWbfhTzw1G8PfwDdRBMBFi9wOkuNcu%2Ba4zWkRfcj9vys9NyLo8qGe7h8MR7Voif%2FZFhouH6gKOYWP2hD5IWYihLpPu9r5l9gLyAi6CmD8E8CZFjSEAtk%2FgtDzFk5HACQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90087d018b5b429e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13171&min_rtt=8513&rtt_var=8093&sent=83&recv=50&lost=0&retrans=0&sent_bytes=71977&recv_bytes=19551&delivery_rate=3616302&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=2049&x=0"
date
Sat, 11 Jan 2025 22:54:23 GMT
content-type
image/svg+xml
last-modified
Thu, 09 Jan 2025 09:53:12 GMT
vary
Accept-Encoding
server
cloudflare
main.js
mwlkxjepoy.sbs/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/ Frame 6A7C
Redirect Chain
  • https://mwlkxjepoy.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://mwlkxjepoy.sbs/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js?
8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwlkxjepoy.sbs/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js?
Requested by
Host: mwlkxjepoy.sbs
URL: https://mwlkxjepoy.sbs/
Protocol
H2
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3bcaa2eb520af11f838d1d8f60fac6f5b06b75497249d12032d7a817a3cef42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18DcS8VUB601lygPRvLW2HlEZbSndtLbadDBi4pqPhKRDYEtD1RNxZOw7df9TFHKveA5IhqakESS6UJwggA3u4L6PF55umSaXB2H0R45sTTVenbCN8azH6DOU32cOI7QRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
90087d01dbad429e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10665&min_rtt=8513&rtt_var=3889&sent=67&recv=31&lost=0&retrans=0&sent_bytes=66275&recv_bytes=3036&delivery_rate=3616302&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=1516&x=0"
date
Sat, 11 Jan 2025 22:54:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbUfVINVNZv2tsQPs2plFjMG%2FfiFYm36O9byjbgnWRTuZME1YXs7a%2FsLgBIGvxVtpVJ23WKTLxiM4ikZvp4iWRnPdEy6zbpwSZTQ143CwoNVBZ2GLMyh2bE6AtqQ%2B9mWxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90087d01bb75429e-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=TCP&rtt=8950&min_rtt=8513&rtt_var=614&sent=66&recv=30&lost=0&retrans=0&sent_bytes=65743&recv_bytes=2941&delivery_rate=3616302&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=1481&x=0"
date
Sat, 11 Jan 2025 22:54:22 GMT
vary
Accept-Encoding
server
cloudflare
tgsticker-worker.js
mwlkxjepoy.sbs/js/ Frame 		0
0
90087cf8be96429e
mwlkxjepoy.sbs/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6A7C 		0
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mwlkxjepoy.sbs/cdn-cgi/challenge-platform/h/b/jsd/r/90087cf8be96429e
Requested by
Host: mwlkxjepoy.sbs
URL: https://mwlkxjepoy.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLhTEhKvWrRIZGSPTpVGmYrGd4rDkatjf8A%2BxLtydV6lVl%2BsgrJ5L6%2FoQrNoupkwHVLgrQPkimRPB36mj6%2FepIKYKSo3g73zsjxM6kHOFuH8p0oShXNKEpwpQbLpdAjcAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90087d02ccee429e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10410&min_rtt=8513&rtt_var=3427&sent=82&recv=49&lost=0&retrans=0&sent_bytes=71034&recv_bytes=19551&delivery_rate=3616302&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=1680&x=0"
content-length
0
date
Sat, 11 Jan 2025 22:54:23 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
favicon.ico
mwlkxjepoy.sbs/files/img/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mwlkxjepoy.sbs/files/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mwlkxjepoy.sbs/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"677f9c88-3aee"
age
941
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynfDZ8mDDzXMMYpDjoY7N2YqEU1YVqJ6MQ9PaOCY4C1wHVXUonOzksrX5%2BFzOLeXyXYPL4wdqtl8qXMuDgWkUGnFJTp7wbKruf7kSVmYPHJUNptnvFAlkUDfI%2Bi2PuRouw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90087d057849429e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=11341&min_rtt=8513&rtt_var=4924&sent=93&recv=55&lost=0&retrans=0&sent_bytes=82114&recv_bytes=19918&delivery_rate=3616302&cwnd=256&unsent_bytes=0&cid=c09179dbe09170c1&ts=2092&x=0"
date
Sat, 11 Jan 2025 22:54:23 GMT
content-type
image/x-icon
last-modified
Thu, 09 Jan 2025 09:53:12 GMT
vary
Accept-Encoding
server
cloudflare
tgsticker-worker.js
mwlkxjepoy.sbs/js/ Frame 		0
0
tgsticker-worker.js
mwlkxjepoy.sbs/js/ Frame 		0
0
tgsticker-worker.js
mwlkxjepoy.sbs/js/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mwlkxjepoy.sbs
URL
https://mwlkxjepoy.sbs/js/tgsticker-worker.js
Domain
mwlkxjepoy.sbs
URL
https://mwlkxjepoy.sbs/js/tgsticker-worker.js
Domain
mwlkxjepoy.sbs
URL
https://mwlkxjepoy.sbs/js/tgsticker-worker.js
Domain
mwlkxjepoy.sbs
URL
https://mwlkxjepoy.sbs/js/tgsticker-worker.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| updateLanguage number| startTime function| dT object| jsonpCallbacks function| twitterCustomShareInit function| blogRecentNewsInit function| blogSideImageUpdate function| blogSideImageInit function| cancelEvent function| trackDlClick function| backToTopInit function| backToTopGo function| backToTopResize function| backToTopScroll function| removePreloadInit function| getXY function| dropdownClick function| dropdownHide function| dropdownPageClick function| escapeHTML function| videoTogglePlay function| getDevPageNav function| showTitleIfOverflows function| initDevPageNav function| updateDevPageNav function| updateMenuAffix function| initScrollVideos function| checkScrollVideos function| videoPreloadPosterDimensions function| isVisibleEnough function| getFullOffsetY function| redraw function| initRipple function| mainInitRetinaVideos function| mainInitDemoAutoplay function| mainDemoVideoHover function| mainDemoVideoDoHover function| mainInitLogo function| mainInitTgStickers function| setCookie function| getCookie function| mainScrollTo object| RLottie object| QueryableWorkerProxy function| QueryableWorker function| FrameQueue function| triggerEvent

1 Cookies

Domain/Path Name / Value
.mwlkxjepoy.sbs/ Name: cf_clearance
Value: NpKe5LtEuWOWcl7Ml09j6ZT9K5u_0fDtDx_8X39loGM-1736636063-1.2.1.1-O8oCplADUe2n.tFnUvFezdfTCVssrNB11jLvQLicDH8fXq13qqUcQW5kVZT1mX1jd5v8t.souP29ZNNVOLvv5XKUtJCCZVQshMgGgmTH7S95a.EEHB_viynFdxKa8zZJNa0T39VDX8xUtEux7Km3VohzPuBldx0RvZsVN_2XJ0ILD98bYxAHmzO_l2dcx7XwfyihmALWs_ULpi8imdE1V6bDxgbj03.ifDxnPMwPBEZJWtLMFODUNtbQUeNSuByxtD6K05mRkDn0nffgWC2iXal4gBaTjuZaRBFhSdqNXq8