urlscan.io logo urlscan.io
SecurityTrails logo

altlex.online Open in urlscan Pro
2606:4700:3034::ac43:da5f  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://altlex.online/
Effective URL: https://altlex.online/
Submission Tags: mastodon urlabuse #phishing #telegram Search All
Submission: On October 06 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3034::ac43:da5f, located in United States and belongs to CLOUDFLARENET, US. The main domain is altlex.online.
TLS certificate: Issued by GTS CA 1P5 on October 2nd 2023. Valid for: 3 months.
This is the only time altlex.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
7 2001:67c:4e8:... 62041 (TELEGRAM)
1 146.75.116.193 54113 (FASTLY)
5 23.38.98.27 20940 (AKAMAI-ASN1)
1 2.16.238.13 20940 (AKAMAI-ASN1)
15 6
2    2606:4700:3034::ac43:da5f (United States)

ASN13335 (CLOUDFLARENET, US)
altlex.online
7    2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)
telegram.org
1    146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
5    23.38.98.27 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-27.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2.16.238.13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-13.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
Apex Domain
Subdomains		 Transfer
7 telegram.org
telegram.org — Cisco Umbrella Rank: 10325
144 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 766
141 KB
2 altlex.online
altlex.online
6 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2907
880 B
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7529
32 KB
15 5
Domain Requested by
7 telegram.org altlex.online
telegram.org
5 analytics.tiktok.com altlex.online
analytics.tiktok.com
2 altlex.online 1 redirects
1 analytics.pangle-ads.com analytics.tiktok.com
1 i.imgur.com altlex.online
15 5

This site contains links to these domains. Also see Links.

Domain
telegram.org
t.me
Subject Issuer Validity Valid
altlex.online
GTS CA 1P5		 2023-10-02 -
2023-12-31		 3 months crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2023-08-11 -
2024-09-11		 a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.pangle-ads.com
RapidSSL TLS ECC CA G1		 2023-08-10 -
2024-09-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://altlex.online/
Frame ID: 81C10F7E8582225AD8ECA1A195F336BE
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telegram: Join Group Chat

Page URL History Show full URLs

  1. http://altlex.online/ HTTP 301
    https://altlex.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

15
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

323 kB
Transfer

983 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://altlex.online/ HTTP 301
    https://altlex.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
altlex.online/
Redirect Chain
  • http://altlex.online/
  • https://altlex.online/
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://altlex.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:da5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa9c94faf60267475a972dd029f1528b995cc295f7ff8a21f83c502caeeec59e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
811adbfa7e29d916-HEL
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 06 Oct 2023 03:36:18 GMT
last-modified
Mon, 02 Oct 2023 09:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform
hostinger
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6ZswMHzkqtbuQwEgay%2FXhUxdVN6JJ2fCv03eikCNMK0TIGf9nJGlT0DKiwjHW8b0CrxfpCP5JLvhZSlJJCkp2uR2Pygfmc4%2BrP38W9nwWNjsdA1Wx%2Bn5owdLlQXMrnX6TfqsyuMkKE9D9Si"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
811adbf9393bd933-HEL
Connection
keep-alive
Content-Type
text/html
Date
Fri, 06 Oct 2023 03:36:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibGey5d8PxlcjFrmNxN%2Fxp59xi6OzCM0a%2BSNTi13XEl6WLKZZm3%2Bqh4BqKEnQljCUZ%2Byz%2BZF5e6B7Cr5DviUgtx7RRXJn3kY%2FwtwWd0u4HV7U6NiefD7%2BJimXbDneFyD%2Be1vvK71nF2B7AwF"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
content-security-policy
upgrade-insecure-requests
location
https://altlex.online/
platform
hostinger
x-turbo-charged-by
LiteSpeed
font-roboto.css
telegram.org/css/ 		6 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/font-roboto.css?1
Requested by
Host: altlex.online
URL: https://altlex.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://altlex.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:36:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
W/"63512b7d-1816"
content-type
text/css
cache-control
max-age=345600
expires
Tue, 10 Oct 2023 03:36:18 GMT
bootstrap.min.css
telegram.org/css/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/bootstrap.min.css?3
Requested by
Host: altlex.online
URL: https://altlex.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://altlex.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:36:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-a61b"
content-type
text/css
cache-control
max-age=345600
expires
Tue, 10 Oct 2023 03:36:18 GMT
telegram.css
telegram.org/css/ 		112 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/telegram.css?236
Requested by
Host: altlex.online
URL: https://altlex.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
acd326a9263ee8c4cbc757fed46333732a0e3f8f48d398cbd4f8e36a09fdaf76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://altlex.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:36:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 10:58:55 GMT
server
nginx/1.18.0
etag
W/"64183c6f-1c0b3"
content-type
text/css
cache-control
max-age=345600
expires
Tue, 10 Oct 2023 03:36:18 GMT
xcy5qn5.jpg
i.imgur.com/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/xcy5qn5.jpg
Requested by
Host: altlex.online
URL: https://altlex.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
41902b34f9d8f441523c031b56acdc806c86374dffe0c1a727022c56aca76246
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://altlex.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:36:18 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1234080
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, MISS, HIT
content-length
32511
x-served-by
cache-iad-kiad7000150-IAD, cache-fra-eddf8230023-FRA
last-modified
Thu, 21 Sep 2023 20:48:18 GMT
server
cat factory 1.0
x-timer
S1696563379.617890,VS0,VE0
etag
"50fc07ff6f0a1970d81b9980b4a4106d"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
4CSTiczBQG00W3IhxBQ_Ra9qDCk-ULAv-rqh9CG7DG_P1J4W0p512A==
x-cache-hits
0, 32
tgwallpaper.min.js
telegram.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/tgwallpaper.min.js?3
Requested by
Host: altlex.online
URL: https://altlex.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://altlex.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:36:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 19:57:25 GMT
server
nginx/1.18.0
etag
W/"62211da5-ba3"
content-type
application/javascript
cache-control
max-age=345600
expires
Tue, 10 Oct 2023 03:36:18 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKCRFHRC77U6580FETU0&lib=ttq
Requested by
Host: altlex.online
URL: https://altlex.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8f8c0ae49d12d8f15adec6a5f56e59d05734f37b1eb0a5c94b9529275ad97b98

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://altlex.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id
1298ab69.c9e927e
date
Fri, 06 Oct 2023 03:36:18 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time
112,23.38.99.91
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=23, inner; dur=18
content-length
1937
pragma
no-cache
server
nginx
x-tt-logid
202310060336184E84FCF43B7CA3991960
x-cache-remote
TCP_MISS from a23-46-238-77.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
23,23.46.238.77
x-tt-trace-host
01284b4aec9e2037dfc37bfeff703911f1419ae1377103f8d5079311ce0d0e8fc69e55359725b48b3db181fe8ca08966bb124d6ceba71b1dc2064853b416fd94fa064175fa54f183982a2f0f10cb9c1bbab1689f5d391713627956942b1d1054fde4d482cc8df1d3a06cb252864fa4e99a
expires
Fri, 06 Oct 2023 03:36:18 GMT
pattern.svg
telegram.org/img/tgme/ 		226 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/tgme/pattern.svg?1
Requested by
Host: telegram.org
URL: https://telegram.org/css/telegram.css?236
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4

Request headers

Referer
https://telegram.org/css/telegram.css?236
Origin
https://altlex.online
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:36:18 GMT
content-encoding
gzip
last-modified
Thu, 05 Jan 2023 17:52:04 GMT
server
nginx/1.18.0
etag
W/"63b70e44-3891a"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=345600
expires
Tue, 10 Oct 2023 03:36:18 GMT
truncated
/ 		978 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77c7245862717d06e6aed1bb0804aa07959e081c9e50a6ee51fcceeda6a66fb0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://altlex.online
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:36:18 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b20"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11040
expires
Tue, 10 Oct 2023 03:36:18 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://altlex.online
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:36:18 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b14"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11028
expires
Tue, 10 Oct 2023 03:36:18 GMT
main.MWQ0NWRkZTlhMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		389 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKCRFHRC77U6580FETU0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://altlex.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id
c9e9298
date
Fri, 06 Oct 2023 03:36:18 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202309211238193D00C1DBC5E216CF896C
vary
Accept-Encoding
x-cache
TCP_HIT from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
015aa300b64d785990c83dcaa08303863393fe5a93f8f176e21ec52e836288657038923ce0bd83247061fbfc8cfb2b441f89ba2702d5b9f834c6793011f7146d57de3bb9b2085a974f0f3d438138b5eaeb3d9095ff8355dd557701f1cfca7d5ab5
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=18
content-length
102823
identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://altlex.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id
c9e92aa
date
Fri, 06 Oct 2023 03:36:19 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230907110710A3E17FF6BA90138D5F3A
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018c2c88748710049b87b86c06511915036ae1509453e71224c1fc91378c16d101c5c9dc7d92ac9759f01aa2115b0d4be90b450d8c4f2cbb404e2358047aeedb2e683765dd1d4569cb7282425028a0c4eb7c7e1d64bec1036323fc3073cfe197be
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
35923
pangle_pixel
analytics.pangle-ads.com/api/v2/ 		0
880 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-13.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://altlex.online/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
36798b3.11526a6c
date
Fri, 06 Oct 2023 03:36:19 GMT
x-bytefaas-request-id
2023100603361936179F3544AE239465FD
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-239-13.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-parent-response-time
96,2.16.239.13
server-timing
cdn-cache; desc=MISS, edge; dur=83, origin; dur=13, inner; dur=6
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023100603361936179F3544AE239465FD
x-cache-remote
TCP_MISS from a23-60-159-175.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
access-control-max-age
86400
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-bytefaas-execution-duration
4.37
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
13,23.60.159.175
x-tt-trace-host
01284b4aec9e2037dfc37bfeff703911f19abba1a78dc39c95e6ea827e1f076a1c900b78bb475ead7a981d5be59f5f5285325df5b17be5f9e69aae1c442cbb860f1803c208e86df4a861045297797592e1fea31bbbd639f5017fedc8a8ffca3684a4a25ed8392e89b9b6bb3bc2baab8745
access-control-allow-headers
*
expires
Fri, 06 Oct 2023 03:36:19 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
791 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://altlex.online/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1697835c.c9e92b3
date
Fri, 06 Oct 2023 03:36:19 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time
149,23.38.99.91
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=56, inner; dur=49
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023100603361934C8CD3F83E0A1F62025
x-cache-remote
TCP_MISS from a23-48-215-197.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
56,23.48.215.197
x-tt-trace-host
01284b4aec9e2037dfc37bfeff703911f1419ae1377103f8d5079311ce0d0e8fc6e758f85c7d3e0a5d3e3364b0e804fe3301fe069e0ec156a6fb68490f55217599fe58f250f748c7c4076e776a4f2df33ce9c3373c1ade76f8eb0dd9c4462b1bc05ae0f7c899cdb3ad087cf2c8be0d3f78
access-control-allow-headers
Authorization,*
expires
Fri, 06 Oct 2023 03:36:19 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
648 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://altlex.online/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
c9e92d0
date
Fri, 06 Oct 2023 03:36:19 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing
inner; dur=33, cdn-cache; desc=MISS, edge; dur=7, origin; dur=126
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231006033619E108E95E0B344089894A
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
126,23.38.99.91
x-tt-trace-host
01284b4aec9e2037dfc37bfeff703911f1954489b5b48afdb94cf740384a7eb2a892dba4f671dd3b600896cacc7f9954f43c5c9f8577795a17b9f1b0e56238b23e89e3537dab7be55a4c058caf767ec5bef6bfb302cf030b98a5a61a4fea146381
access-control-allow-headers
Authorization,*
expires
Fri, 06 Oct 2023 03:36:19 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 string| TiktokAnalyticsObject object| ttq object| TWallpaper string| hash object| el object| tme_bg function| toggleTheme object| darkMedia object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

3 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: _ttp
Value: 2WNBuPM8KJlHqotgr6MnFp3KCzW
.altlex.online/ Name: _tt_enable_cookie
Value: 1
.altlex.online/ Name: _ttp
Value: ewooTmL9so0s7pgKFfrwcLJVXDJ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests