entry5297-js2024r1.usercontent.dev Open in urlscan Pro
178.128.255.27  Malicious Activity! Public Scan

URL: https://entry5297-js2024r1.usercontent.dev/
Submission: On October 09 via manual from US — Scanned from NL

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 178.128.255.27, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is entry5297-js2024r1.usercontent.dev.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 19th 2023. Valid for: a year.
This is the only time entry5297-js2024r1.usercontent.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
15 178.128.255.27 14061 (DIGITALOC...)
21 2
Apex Domain
Subdomains
Transfer
15 usercontent.dev
entry5297-js2024r1.usercontent.dev
229 KB
21 1
Domain Requested by
15 entry5297-js2024r1.usercontent.dev entry5297-js2024r1.usercontent.dev
21 1

This site contains no links.

Subject Issuer Validity Valid
*.usercontent.dev
Go Daddy Secure Certificate Authority - G2
2023-09-19 -
2024-10-20
a year crt.sh

This page contains 1 frames:

Primary Page: https://entry5297-js2024r1.usercontent.dev/
Frame ID: 3DB786BCABF5D792AFC077E792665502
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Telegram Web

Page Statistics

21
Requests

71 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

229 kB
Transfer

880 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
entry5297-js2024r1.usercontent.dev/
13 KB
5 KB
Document
General
Full URL
https://entry5297-js2024r1.usercontent.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
9bdf4d34050fa578ae666db5d9e55b554679600ef092b1b500a161d381fe55a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Oct 2024 21:52:59 GMT
ETag
W/"65ae8d49-3523"
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Transfer-Encoding
chunked
Vary
Accept-Encoding
index-1XCs23jU.js
entry5297-js2024r1.usercontent.dev/
122 KB
43 KB
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
5e5c4018ad3cb73c70d4dfbcbfaeef9de9dc2b219dc2fb5ae75c79eb6d48672c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer
https://entry5297-js2024r1.usercontent.dev/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-1e792"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:52:59 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
index-G2JAgzYZ.css
entry5297-js2024r1.usercontent.dev/
436 KB
75 KB
Stylesheet
General
Full URL
https://entry5297-js2024r1.usercontent.dev/index-G2JAgzYZ.css
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
fc855af42357a68a1df1e45e9202a14a3fe9d4c4e3ff8fc8d60ceb475f210e48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer
https://entry5297-js2024r1.usercontent.dev/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-6d1de"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:52:59 GMT
Content-Type
text/css
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
truncated
/
369 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
crypto.worker-9wi-02Dm.js
entry5297-js2024r1.usercontent.dev/
67 KB
24 KB
Fetch
General
Full URL
https://entry5297-js2024r1.usercontent.dev/crypto.worker-9wi-02Dm.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
ebc5b09fbc7df9f7c09009dccf79419fa2c2e5e64b3dca84c5a5e3ea6d717439

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://entry5297-js2024r1.usercontent.dev/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-10cf6"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
mtproto.worker-sEyxOJ8j.js
entry5297-js2024r1.usercontent.dev/
0
0

favicon.ico
entry5297-js2024r1.usercontent.dev/assets/img/
15 KB
15 KB
Other
General
Full URL
https://entry5297-js2024r1.usercontent.dev/assets/img/favicon.ico?v=jw3mK7G9Ry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://entry5297-js2024r1.usercontent.dev/

Response headers

ETag
"65ae8d49-3aee"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15086
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
image/x-icon
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
crypto.worker-9wi-02Dm.js
entry5297-js2024r1.usercontent.dev/
0
0

lang-NnSplsja.js
entry5297-js2024r1.usercontent.dev/
109 KB
31 KB
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/lang-NnSplsja.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
70a30023648928ec2b9d71442a2c789efa7766403c49268519e69e0693ea44af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer
https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-1b40a"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
langSign-lcKrqmwM.js
entry5297-js2024r1.usercontent.dev/
2 KB
1 KB
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/langSign-lcKrqmwM.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
900f22723c45f67600638812021437a089daa7c2f0a559ebb85a0726183cee79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer
https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-66e"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
countries-lRU-UavE.js
entry5297-js2024r1.usercontent.dev/
24 KB
4 KB
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/countries-lRU-UavE.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
8528a55ba5d25bb2b6463f369b7a2046c08ced5f20256978a06119c0d50d08a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer
https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-5e21"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
pageSignQR-oitYk0rL.js
entry5297-js2024r1.usercontent.dev/
6 KB
3 KB
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/pageSignQR-oitYk0rL.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
b7157a964dfa01541a6e8901dc68214253c9f119dd8c17093ae9ba3da50cd93d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-1629"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
page-GAj3-m6E.js
entry5297-js2024r1.usercontent.dev/
10 KB
4 KB
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/page-GAj3-m6E.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
0035223453ce1914d94e65e40ead5c8e45e05981ac58cb5dd268cef4fbbbe301

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-27f7"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
button-85HZPfu9.js
entry5297-js2024r1.usercontent.dev/
8 KB
4 KB
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/button-85HZPfu9.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
1af4d30d05ed7d60f0a41949e096a76d850cb4ad14c28549a4d3a3c3d78b5851

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-21a3"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
putPreloader-cEMZBXwJ.js
entry5297-js2024r1.usercontent.dev/
699 B
783 B
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/putPreloader-cEMZBXwJ.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
a5f1ca9968fd9b44b20c587938824eab72d0e8b514f0eb643415eb7cbf05a31d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-2bb"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
textToSvgURL-Z4O-nL1S.js
entry5297-js2024r1.usercontent.dev/
357 B
590 B
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/textToSvgURL-Z4O-nL1S.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
36cb02e59322028c02c5365bd56cbd129b3eb2fb4aaec625160ca2dc9786a4bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-165"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
qr-code-styling-ogpV7fl-.js
entry5297-js2024r1.usercontent.dev/
65 KB
17 KB
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/qr-code-styling-ogpV7fl-.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
6c4900d40f3335423817340edddd7655d96e707156923fcf3cbf5a6520008d6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-10254"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
_commonjsHelpers-5-cIlDoe.js
entry5297-js2024r1.usercontent.dev/
290 B
537 B
Script
General
Full URL
https://entry5297-js2024r1.usercontent.dev/_commonjsHelpers-5-cIlDoe.js
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/index-1XCs23jU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
a8df41d98a0fa3d1cb8c8661377ac1a572beb9cd0b68e968f92d69f7c8331483

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://entry5297-js2024r1.usercontent.dev
Referer

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"65ae8d49-122"
Connection
keep-alive
Date
Wed, 09 Oct 2024 21:53:00 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
2223b59c-1598-4da1-95cd-90530f434c7e
https://entry5297-js2024r1.usercontent.dev/
0
0

8b80145e-32b0-4fe0-a798-e83b10443dca
https://entry5297-js2024r1.usercontent.dev/
0
0

7ac424d8-b556-4438-abff-94b3414840dd
https://entry5297-js2024r1.usercontent.dev/
0
0

logo_padded.svg
entry5297-js2024r1.usercontent.dev/assets/img/
1 KB
0
Fetch
General
Full URL
https://entry5297-js2024r1.usercontent.dev/assets/img/logo_padded.svg
Requested by
Host: entry5297-js2024r1.usercontent.dev
URL: https://entry5297-js2024r1.usercontent.dev/pageSignQR-oitYk0rL.js
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://entry5297-js2024r1.usercontent.dev/

Response headers

ETag
"65ae8d49-42d"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1069
Date
Wed, 09 Oct 2024 21:53:02 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 22 Jan 2024 15:44:09 GMT
Server
nginx/1.10.3
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
entry5297-js2024r1.usercontent.dev
URL
https://entry5297-js2024r1.usercontent.dev/mtproto.worker-sEyxOJ8j.js
Domain
entry5297-js2024r1.usercontent.dev
URL
https://entry5297-js2024r1.usercontent.dev/crypto.worker-9wi-02Dm.js
Domain
entry5297-js2024r1.usercontent.dev
URL
blob:https://entry5297-js2024r1.usercontent.dev/2223b59c-1598-4da1-95cd-90530f434c7e
Domain
entry5297-js2024r1.usercontent.dev
URL
blob:https://entry5297-js2024r1.usercontent.dev/8b80145e-32b0-4fe0-a798-e83b10443dca
Domain
entry5297-js2024r1.usercontent.dev
URL
blob:https://entry5297-js2024r1.usercontent.dev/7ac424d8-b556-4438-abff-94b3414840dd

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| rootScope function| deferredPromise function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes object| customProperties object| windowSize object| liteMode object| themeController object| overlayCounter function| formatDateAccordingToTodayNew function| fillTipDates function| dispatchHeavyAnimationEvent object| pagesManager object| sequentialDom function| putPreloader

0 Cookies