activation-light.ns.tgbot.pl Open in urlscan Pro
185.60.134.246 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://activation-light.ns.tgbot.pl/
Submission: On November 02 via api (November 2nd 2024, 9:38:26 pm UTC) from US — Scanned from PL

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 185.60.134.246, located in Russian Federation and belongs to RU-JSCIOT, RU. The main domain is activation-light.ns.tgbot.pl.
TLS certificate: Issued by E5 on November 2nd 2024. Valid for: 3 months.

This is the only time activation-light.ns.tgbot.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	185.60.134.246 185.60.134.246	29182 (RU-JSCIOT) (RU-JSCIOT)
2	172.67.142.245 172.67.142.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

6 185.60.134.246 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: nsinfobot.fvds.ru

activation-light.ns.tgbot.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	tgbot.pl activation-light.ns.tgbot.pl	480 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1222	90 KB
8	2

	Domain	Requested by
6	activation-light.ns.tgbot.pl	activation-light.ns.tgbot.pl
2	use.fontawesome.com	activation-light.ns.tgbot.pl use.fontawesome.com
8	2

This site contains no links.

Subject Issuer	Validity	Valid
activation-light.ns.tgbot.pl E5	`2024-11-02` - `2025-01-31`	3 months	crt.sh
use.fontawesome.com WE1	`2024-09-09` - `2024-12-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://activation-light.ns.tgbot.pl/
Frame ID: 040B1245158E71F5725465224702EFC1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

activation-light.ns.tgbot.pl

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

570 kB
Transfer

610 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response activation-light.ns.tgbot.pl/	4 KB 2 KB	243ms 79ms	Document text/html	185.60.134.246 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://activation-light.ns.tgbot.pl/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.60.134.246 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS nsinfobot.fvds.ru Software nginx/1.24.0 (Ubuntu) / Resource Hash `452c1d796ca4cfeccb8b6d47b99a1c19eb829b3ba509047e3cef40d8e2e2be04` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 02 Nov 2024 21:38:21 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server nginx/1.24.0 (Ubuntu) Transfer-Encoding chunked
GET H/1.1	200 OK	bootstrap.min.css activation-light.ns.tgbot.pl/css/	156 KB 156 KB	154ms 153ms	Stylesheet text/css	185.60.134.246 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://activation-light.ns.tgbot.pl/css/bootstrap.min.css Requested by Host: activation-light.ns.tgbot.pl URL: https://activation-light.ns.tgbot.pl/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.60.134.246 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS nsinfobot.fvds.ru Software nginx/1.24.0 (Ubuntu) / Resource Hash `2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://activation-light.ns.tgbot.pl/ Response headers ETag "64010745-26f1b" Connection keep-alive Accept-Ranges bytes Content-Length 159515 Date Sat, 02 Nov 2024 21:38:21 GMT Content-Type text/css Last-Modified Thu, 02 Mar 2023 20:29:57 GMT Server nginx/1.24.0 (Ubuntu)
GET H/1.1	200 OK	jquery-3.6.4.min.js Show response activation-light.ns.tgbot.pl/js/	88 KB 88 KB	310ms 155ms	Script application/javascript	185.60.134.246 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://activation-light.ns.tgbot.pl/js/jquery-3.6.4.min.js Requested by Host: activation-light.ns.tgbot.pl URL: https://activation-light.ns.tgbot.pl/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.60.134.246 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS nsinfobot.fvds.ru Software nginx/1.24.0 (Ubuntu) / Resource Hash `a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://activation-light.ns.tgbot.pl/ Response headers ETag "642f297e-15ec3" Connection keep-alive Accept-Ranges bytes Content-Length 89795 Date Sat, 02 Nov 2024 21:38:21 GMT Content-Type application/javascript Last-Modified Thu, 06 Apr 2023 20:20:14 GMT Server nginx/1.24.0 (Ubuntu)
GET H/1.1	200 OK	bootstrap.bundle.js Show response activation-light.ns.tgbot.pl/js/	223 KB 223 KB	345ms 173ms	Script application/javascript	185.60.134.246 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://activation-light.ns.tgbot.pl/js/bootstrap.bundle.js Requested by Host: activation-light.ns.tgbot.pl URL: https://activation-light.ns.tgbot.pl/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.60.134.246 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS nsinfobot.fvds.ru Software nginx/1.24.0 (Ubuntu) / Resource Hash `675b7ec3167b121e53d6c2ba69e3d63211103a0851e236552f08f0ad464045e1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://activation-light.ns.tgbot.pl/ Response headers ETag "64010746-37a8c" Connection keep-alive Accept-Ranges bytes Content-Length 227980 Date Sat, 02 Nov 2024 21:38:22 GMT Content-Type application/javascript Last-Modified Thu, 02 Mar 2023 20:29:58 GMT Server nginx/1.24.0 (Ubuntu)
GET H2	200	all.css use.fontawesome.com/releases/v5.6.1/css/	52 KB 12 KB	652ms 283ms	Stylesheet text/css	172.67.142.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.6.1/css/all.css Requested by Host: activation-light.ns.tgbot.pl URL: https://activation-light.ns.tgbot.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://activation-light.ns.tgbot.pl Referer https://activation-light.ns.tgbot.pl/ Response headers cache-control max-age=31556926 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"b8085bf2c839791244bd95f56fb93c01" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t3yUU1rFm5k05oaCLliHjdWBIMbRb%2Bh2eApsMCrIs0owCikE16mtdOgNwgmhYxsfXNZ%2B20pVS5dfdEqUudsC3OF44VpRFruFBIJ7KdcbtKbJHQAr1Y%2FgRGlPXkAAmfmLJ8ZXPpoC"}],"group":"cf-nel","max_age":604800} cf-ray 8dc745689ba4c3ae-WAW access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=21693&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3996&recv_bytes=2280&delivery_rate=177788&cwnd=242&unsent_bytes=0&cid=4f6b706db84f4a71&ts=288&x=0" date Sat, 02 Nov 2024 21:38:22 GMT content-type text/css last-modified Fri, 22 Sep 2023 01:45:41 GMT vary Origin, Accept-Encoding server cloudflare
GET H/1.1	200 OK	logo.png activation-light.ns.tgbot.pl/img/	9 KB 10 KB	290ms 99ms	Image image/png	185.60.134.246 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://activation-light.ns.tgbot.pl/img/logo.png Requested by Host: activation-light.ns.tgbot.pl URL: https://activation-light.ns.tgbot.pl/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.60.134.246 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS nsinfobot.fvds.ru Software nginx/1.24.0 (Ubuntu) / Resource Hash `d5f4f0a87bd5ea497434c7279f19130173226b69359b453b7774fa024bbd389a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://activation-light.ns.tgbot.pl/ Response headers ETag "64010746-253c" Connection keep-alive Accept-Ranges bytes Content-Length 9532 Date Sat, 02 Nov 2024 21:38:22 GMT Content-Type image/png Last-Modified Thu, 02 Mar 2023 20:29:58 GMT Server nginx/1.24.0 (Ubuntu)
GET H2	200	fa-solid-900.woff2 use.fontawesome.com/releases/v5.6.1/webfonts/	77 KB 78 KB	324ms 324ms	Font font/woff2	172.67.142.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-solid-900.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://activation-light.ns.tgbot.pl Referer https://use.fontawesome.com/releases/v5.6.1/css/all.css Response headers cf-cache-status MISS etag "59ea9019c9b9bc4d83ab9783e830735c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oNIiMbuuQN%2BuPWmzmMKSiXdRsMoQYNqVGzG5cy20M8CY%2Fn6qBQM7f%2FKAl9xF4vVqVVhB4Ebuu31G3EANiGCVp9zzu0jACjqmXcpbNymHDzGSUU9PXE%2FgrM9tFmrjNZ6lIUvWJr4u"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=21982&sent=21&recv=26&lost=0&retrans=0&sent_bytes=16650&recv_bytes=2411&delivery_rate=770348&cwnd=246&unsent_bytes=0&cid=4f6b706db84f4a71&ts=621&x=0" date Sat, 02 Nov 2024 21:38:22 GMT content-type font/woff2 last-modified Fri, 22 Sep 2023 01:45:43 GMT vary Origin, Accept-Encoding cache-control max-age=31556926 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc7456a6e24c3ae-WAW accept-ranges bytes access-control-allow-origin * content-length 79072 server cloudflare
GET H/1.1	200 OK	favicon.ico activation-light.ns.tgbot.pl/	1 KB 1 KB	87ms 87ms	Other image/x-icon	185.60.134.246 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://activation-light.ns.tgbot.pl/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.60.134.246 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS nsinfobot.fvds.ru Software nginx/1.24.0 (Ubuntu) / Resource Hash `52a91e1ef357d929818013f62485e4a4daca84438b4cc7a14c29a9378aca29b6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://activation-light.ns.tgbot.pl/ Response headers ETag "64010746-47e" Connection keep-alive Accept-Ranges bytes Content-Length 1150 Date Sat, 02 Nov 2024 21:38:22 GMT Content-Type image/x-icon Last-Modified Thu, 02 Mar 2023 20:29:58 GMT Server nginx/1.24.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			activation-light.ns.tgbot.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: dksun1vug75chaak80mu5g8sn0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://activation-light.ns.tgbot.pl/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activation-light.ns.tgbot.pl
use.fontawesome.com
172.67.142.245
185.60.134.246
08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
452c1d796ca4cfeccb8b6d47b99a1c19eb829b3ba509047e3cef40d8e2e2be04
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
52a91e1ef357d929818013f62485e4a4daca84438b4cc7a14c29a9378aca29b6
675b7ec3167b121e53d6c2ba69e3d63211103a0851e236552f08f0ad464045e1
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
d5f4f0a87bd5ea497434c7279f19130173226b69359b453b7774fa024bbd389a

activation-light.ns.tgbot.pl Open in urlscan Pro 185.60.134.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

570 kBTransfer

610 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

activation-light.ns.tgbot.pl Open in urlscan Pro
185.60.134.246 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

570 kB
Transfer

610 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions