entry1064-jsround1.usercontent.dev Open in urlscan Pro
178.128.255.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://entry1064-jsround1.usercontent.dev/
Submission: On May 09 via api (May 9th 2024, 2:39:20 pm UTC) from US — Scanned from NL

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 178.128.255.27, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is entry1064-jsround1.usercontent.dev.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 19th 2023. Valid for: a year.

This is the only time entry1064-jsround1.usercontent.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	178.128.255.27 178.128.255.27	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
10	3

5 178.128.255.27 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

entry1064-jsround1.usercontent.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

venus.web.telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	telegram.org venus.web.telegram.org — Cisco Umbrella Rank: 42443	2 KB
5	usercontent.dev entry1064-jsround1.usercontent.dev	483 KB
10	2

	Domain	Requested by
5	venus.web.telegram.org	entry1064-jsround1.usercontent.dev
5	entry1064-jsround1.usercontent.dev	entry1064-jsround1.usercontent.dev
10	2

This site contains no links.

Subject Issuer	Validity	Valid
*.usercontent.dev Go Daddy Secure Certificate Authority - G2	`2023-09-19` - `2024-10-20`	a year	crt.sh
*.web.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-08-30` - `2024-09-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://entry1064-jsround1.usercontent.dev/
Frame ID: 3BAF46E8A0FC6FE1D888DF97954E6724
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram Web Reader

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

485 kB
Transfer

1892 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
entry1064-jsround1.usercontent.dev/ 188 B
452 B 83ms
16ms Document
text/html 178.128.255.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://entry1064-jsround1.usercontent.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: bb9b5f365b7007b816525717926838647d7954887e27f78a882e1075a586f351

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 May 2024 15:40:47 GMT
ETag: W/"5ed4eaa7-bc"
Last-Modified: Mon, 01 Jun 2020 11:46:47 GMT
Server: nginx/1.10.3
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK main.js Show response
entry1064-jsround1.usercontent.dev/ 2 MB
445 KB 32ms
31ms Script
application/javascript 178.128.255.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://entry1064-jsround1.usercontent.dev/main.js
Requested by: Host: entry1064-jsround1.usercontent.dev
URL: https://entry1064-jsround1.usercontent.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 404f05977baa3e9ce041348428a296a69c3ac4cf8c51c2fff4484a503a0f5944

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://entry1064-jsround1.usercontent.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 09 May 2024 15:40:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:46:47 GMT
Server: nginx/1.10.3
ETag: W/"5ed4eaa7-1c34a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive

GET
DATA 200
OK truncated
/ 58 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK 4f7b3514e2fcd90cb4f747f39001df86.png
entry1064-jsround1.usercontent.dev/ 11 KB
11 KB 15ms
14ms Image
image/png 178.128.255.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://entry1064-jsround1.usercontent.dev/4f7b3514e2fcd90cb4f747f39001df86.png
Requested by: Host: entry1064-jsround1.usercontent.dev
URL: https://entry1064-jsround1.usercontent.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: ae410f14e23eccf83f76230e70d192e4b7fc0ddf2b1bfe43380baff708e8328c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://entry1064-jsround1.usercontent.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 09 May 2024 15:40:47 GMT
Last-Modified: Mon, 01 Jun 2020 11:46:47 GMT
Server: nginx/1.10.3
ETag: "5ed4eaa7-2c9b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11419

GET
H/1.1 200
OK crypto-worker.js
entry1064-jsround1.usercontent.dev/ 74 KB
25 KB 18ms
18ms Other
application/javascript 178.128.255.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://entry1064-jsround1.usercontent.dev/crypto-worker.js
Requested by: Host: entry1064-jsround1.usercontent.dev
URL: https://entry1064-jsround1.usercontent.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 6d5e85399b931c0ab9f540353bf95a2dd9bac3abc7219797ef1d49a33edf346d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://entry1064-jsround1.usercontent.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 09 May 2024 15:40:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:46:47 GMT
Server: nginx/1.10.3
ETag: W/"5ed4eaa7-12639"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive

POST
H2 200 apiw1 Show response
venus.web.telegram.org/ 84 B
345 B 223ms
24ms XHR
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://venus.web.telegram.org/apiw1

Requested by

Host: entry1064-jsround1.usercontent.dev
URL: https://entry1064-jsround1.usercontent.dev/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9a1caa6264f9a0808d4f843ee9bee8090e5304b147847b806397f8a8e48164f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://entry1064-jsround1.usercontent.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 09 May 2024 14:39:16 GMT
strict-transport-security: max-age=35768000
server: nginx/1.18.0
access-control-max-age: 1728000
access-control-allow-methods: POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: origin, content-type
content-length: 84

GET
H/1.1 404
Not Found favicon.ico
entry1064-jsround1.usercontent.dev/ 571 B
421 B 14ms
14ms Other
text/html 178.128.255.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://entry1064-jsround1.usercontent.dev/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.128.255.27 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: b1e5fc0c284e4b731279af7c700e87572a938d50cd905cb9c2d45ddbc7ba124d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://entry1064-jsround1.usercontent.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 09 May 2024 15:40:48 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H2 200 apiw1 Show response
venus.web.telegram.org/ 652 B
913 B 526ms
525ms XHR
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://venus.web.telegram.org/apiw1

Requested by

Host: entry1064-jsround1.usercontent.dev
URL: https://entry1064-jsround1.usercontent.dev/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0cbe46ef34c23b5bc1b4434dd9be4df26fbe64c6756c6ffdd7486955986f9e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://entry1064-jsround1.usercontent.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 09 May 2024 14:39:17 GMT
strict-transport-security: max-age=35768000
server: nginx/1.18.0
access-control-max-age: 1728000
access-control-allow-methods: POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: origin, content-type
content-length: 652

POST
H2 200 apiw1 Show response
venus.web.telegram.org/ 72 B
332 B 933ms
932ms XHR
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://venus.web.telegram.org/apiw1

Requested by

Host: entry1064-jsround1.usercontent.dev
URL: https://entry1064-jsround1.usercontent.dev/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

dd1c668fdf0b38ca2c35dde0d235cfd599ddc8afce6b077c0fd94045c9d2b1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://entry1064-jsround1.usercontent.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 09 May 2024 14:39:19 GMT
strict-transport-security: max-age=35768000
server: nginx/1.18.0
access-control-max-age: 1728000
access-control-allow-methods: POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: origin, content-type
content-length: 72

POST
H2 200 apiw1 Show response
venus.web.telegram.org/ 168 B
429 B 171ms
171ms XHR
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://venus.web.telegram.org/apiw1

Requested by

Host: entry1064-jsround1.usercontent.dev
URL: https://entry1064-jsround1.usercontent.dev/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9f39a6b892c9eb49788a5a3851a58fd918703a36a7f0037862c0265c02b1b6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://entry1064-jsround1.usercontent.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 09 May 2024 14:39:19 GMT
strict-transport-security: max-age=35768000
server: nginx/1.18.0
access-control-max-age: 1728000
access-control-allow-methods: POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: origin, content-type
content-length: 168

POST
H2 200 apiw1 Show response
venus.web.telegram.org/ 168 B
429 B 191ms
191ms XHR
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://venus.web.telegram.org/apiw1

Requested by

Host: entry1064-jsround1.usercontent.dev
URL: https://entry1064-jsround1.usercontent.dev/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

508c88b8dd9c7505a05aedc02b09c2e1075975254fea40bfeff01cd67c9de42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://entry1064-jsround1.usercontent.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 09 May 2024 14:39:19 GMT
strict-transport-security: max-age=35768000
server: nginx/1.18.0
access-control-max-age: 1728000
access-control-allow-methods: POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: origin, content-type
content-length: 168

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://entry1064-jsround1.usercontent.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

entry1064-jsround1.usercontent.dev
venus.web.telegram.org
178.128.255.27
2001:67c:4e8:f004::9
0cbe46ef34c23b5bc1b4434dd9be4df26fbe64c6756c6ffdd7486955986f9e60
404f05977baa3e9ce041348428a296a69c3ac4cf8c51c2fff4484a503a0f5944
508c88b8dd9c7505a05aedc02b09c2e1075975254fea40bfeff01cd67c9de42b
6d5e85399b931c0ab9f540353bf95a2dd9bac3abc7219797ef1d49a33edf346d
9a1caa6264f9a0808d4f843ee9bee8090e5304b147847b806397f8a8e48164f6
9f39a6b892c9eb49788a5a3851a58fd918703a36a7f0037862c0265c02b1b6d4
ae410f14e23eccf83f76230e70d192e4b7fc0ddf2b1bfe43380baff708e8328c
b1e5fc0c284e4b731279af7c700e87572a938d50cd905cb9c2d45ddbc7ba124d
bb9b5f365b7007b816525717926838647d7954887e27f78a882e1075a586f351
dd1c668fdf0b38ca2c35dde0d235cfd599ddc8afce6b077c0fd94045c9d2b1e7
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

entry1064-jsround1.usercontent.dev Open in urlscan Pro 178.128.255.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

485 kBTransfer

1892 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

entry1064-jsround1.usercontent.dev Open in urlscan Pro
178.128.255.27 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

485 kB
Transfer

1892 kB
Size

0
Cookies

10 HTTP transactions
1 data transactions