www.elementaiconnect.com Open in urlscan Pro
43.130.41.192 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.elementaiconnect.com/
Effective URL:
https://www.elementaiconnect.com/
Submission: On January 14 via manual (January 14th 2024, 9:40:01 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 3 domains to perform 13 HTTP transactions. The main IP is 43.130.41.192, located in Santa Clara, United States and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is www.elementaiconnect.com.
TLS certificate: Issued by R3 on January 1st 2024. Valid for: 3 months.

This is the only time www.elementaiconnect.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1 1	101.32.223.174 101.32.223.174	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
10	43.130.41.192 43.130.41.192	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	23.36.162.17 23.36.162.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	95.101.111.174 95.101.111.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	124.220.205.65 124.220.205.65	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
13	5

1 101.32.223.174 (Hong Kong, Hong Kong) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.elementaiconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 43.130.41.192 (Santa Clara, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.elementaiconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-17.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.111.174 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-174.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.220.205.65 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

cdn.dcloud.net.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	elementaiconnect.com 1 redirects www.elementaiconnect.com	2 MB
2	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5963 api.livechatinc.com — Cisco Umbrella Rank: 5415	27 KB
1	dcloud.net.cn cdn.dcloud.net.cn — Cisco Umbrella Rank: 79216	579 B
13	3

	Domain	Requested by
11	www.elementaiconnect.com	1 redirects www.elementaiconnect.com
1	cdn.dcloud.net.cn	www.elementaiconnect.com
1	api.livechatinc.com	cdn.livechatinc.com
1	cdn.livechatinc.com	www.elementaiconnect.com
13	4

This site contains no links.

Subject Issuer	Validity	Valid
elementaiconnect.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-08-15`	a year	crt.sh
*.dcloud.net.cn Certum Domain Validation CA SHA2	`2023-08-05` - `2024-09-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.elementaiconnect.com/
Frame ID: D3F3AE3FE5D692C5BE83E60359B4132F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome

Page URL History Show full URLs

http://www.elementaiconnect.com/ HTTP 301
https://www.elementaiconnect.com/ Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

4
Countries

1820 kB
Transfer

3351 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.elementaiconnect.com/ HTTP 301
https://www.elementaiconnect.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.elementaiconnect.com/ Redirect Chain http://www.elementaiconnect.com/ https://www.elementaiconnect.com/	2 KB 1 KB	573ms 203ms	Document text/html	43.130.41.192 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.elementaiconnect.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.130.41.192 Santa Clara, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `23c2c2c477f54e9de4b77ec633032fa9494f7463f0bc827ba5d81d1ae77b445b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 14 Jan 2024 21:39:55 GMT ETag W/"65989675-827" Last-Modified Fri, 05 Jan 2024 23:53:25 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Cache-Status MISS Redirect headers Connection keep-alive Content-Length 166 Content-Type text/html Date Sun, 14 Jan 2024 21:39:54 GMT Location https://www.elementaiconnect.com/ Server nginx X-Cache-Status MISS
GET H/1.1	404 Not Found	index.css www.elementaiconnect.com/static/	0 0	194ms 194ms	Stylesheet text/html	43.130.41.192 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.elementaiconnect.com/static/index.css Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.130.41.192 Santa Clara, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 21:39:55 GMT Server nginx Connection keep-alive Content-Length 548 X-Cache-Status MISS Content-Type text/html
GET H/1.1	200 OK	index.97465e7b.css www.elementaiconnect.com/static/	94 KB 29 KB	583ms 388ms	Stylesheet text/css	43.130.41.192 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.elementaiconnect.com/static/index.97465e7b.css Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.130.41.192 Santa Clara, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `f6789ee8a50f44f18ba717956bd34c4cd17b1d658443e92408976907b83a0242` Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 21:39:55 GMT Content-Encoding gzip Last-Modified Fri, 05 Jan 2024 23:53:25 GMT Server nginx ETag W/"65989675-17894" X-Cache-Status MISS Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43200 Connection keep-alive Expires Mon, 15 Jan 2024 09:39:55 GMT
GET H/1.1	200 OK	chunk-vendors.d8342fed.js Show response www.elementaiconnect.com/static/js/	865 KB 307 KB	644ms 322ms	Script application/javascript	43.130.41.192 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.elementaiconnect.com/static/js/chunk-vendors.d8342fed.js Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.130.41.192 Santa Clara, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `0384d5790e0af027c0aea5b12f0aa40ac87648dadb866ba6c42662b8287a03f7` Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 21:39:55 GMT Content-Encoding gzip Last-Modified Fri, 05 Jan 2024 23:53:25 GMT Server nginx ETag W/"65989675-d832d" X-Cache-Status HIT Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Mon, 15 Jan 2024 05:50:22 GMT
GET H/1.1	200 OK	index.9e132577.js Show response www.elementaiconnect.com/static/js/	1 MB 207 KB	646ms 323ms	Script application/javascript	43.130.41.192 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.elementaiconnect.com/static/js/index.9e132577.js Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.130.41.192 Santa Clara, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `9b0e3264a12e08b96d80a2feffdc5277a769659fad1ebd326f45fd288179c934` Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 21:39:55 GMT Content-Encoding gzip Last-Modified Fri, 05 Jan 2024 23:53:25 GMT Server nginx ETag W/"65989675-102d3b" X-Cache-Status HIT Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Mon, 15 Jan 2024 05:50:22 GMT
GET H2	200	tracking.js Show response cdn.livechatinc.com/	89 KB 27 KB	72ms 13ms	Script application/javascript	23.36.162.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/tracking.js Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `de5db3e7dc74a7e7c3202c6d4924ef12a28d3d5a32031393427766df6a1baca1` Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers x-amz-version-id txLuQU90slnvUCHJq6KPOj8cNn5LfOCX content-encoding br date Sun, 14 Jan 2024 21:39:55 GMT last-modified Fri, 12 Jan 2024 10:06:50 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 x-amz-server-side-encryption AES256 etag W/"2dd36935c6e4d89fd7328d1271d09fcd" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=28800 x-amz-cf-id yOWtOTzqqoohT0f6wo--KFkykzQf3JrMSeJomqFCNhGL2nJC1SQxgg== content-length 27439 expires Mon, 15 Jan 2024 05:39:55 GMT
GET H2	200	get_dynamic_configuration Show response api.livechatinc.com/v3.6/customer/action/	126 B 222 B	615ms 554ms	Script application/javascript	95.101.111.174 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=15150300&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.elementaiconnect.com%2F&channel_type=code&jsonp=__y5jzcwjfy0m Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.174 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-174.deploy.static.akamaitechnologies.com Software / Resource Hash `e6aad4866f9929977c28fff0c7d52679234c254113d7c9a1fc96395fa8b2cd2d` Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 21:39:56 GMT content-length 126 vary Accept-Encoding content-type application/javascript; charset=UTF-8
GET H/1.1	200 OK	pages-loginShow-loginShow.d6b5a6f6.js Show response www.elementaiconnect.com/static/js/	23 KB 7 KB	162ms 162ms	Script application/javascript	43.130.41.192 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.elementaiconnect.com/static/js/pages-loginShow-loginShow.d6b5a6f6.js Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/static/js/index.9e132577.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.130.41.192 Santa Clara, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `13b825026d0f1e81da771b0775442a26c914955ddfbc055a9a92bf02f78270de` Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 21:39:57 GMT Content-Encoding gzip Last-Modified Fri, 05 Jan 2024 23:53:25 GMT Server nginx ETag W/"65989675-5cba" X-Cache-Status HIT Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Sun, 14 Jan 2024 10:57:10 GMT
GET H/1.1	200 OK	Cerebri-Sans-Bold.ttf www.elementaiconnect.com/static/pic/	97 KB 97 KB	198ms 198ms	Font application/octet-stream	43.130.41.192 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.elementaiconnect.com/static/pic/Cerebri-Sans-Bold.ttf Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.130.41.192 Santa Clara, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `807189bd6c5156609672e9e875db36fb2aa14ceb9cf85f5983f64a79847cb6ca` Request headers Referer https://www.elementaiconnect.com/ Origin https://www.elementaiconnect.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 21:39:57 GMT Last-Modified Fri, 05 Jan 2024 23:53:25 GMT Server nginx ETag "65989675-184a0" X-Cache-Status MISS Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 99488
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `93eb2fd2d2eb48bba369686e37c971fe57d959221ab45bebd59bfd6cb96094a0` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	BG-1.png www.elementaiconnect.com/static/kpl/pic/	606 KB 607 KB	162ms 162ms	Image image/png	43.130.41.192 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.elementaiconnect.com/static/kpl/pic/BG-1.png Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.130.41.192 Santa Clara, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `de8485f8ded93036bc7f00a27fcc16f650336d07e76f5afb263f938fdf1914bf` Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 21:39:57 GMT Last-Modified Fri, 05 Jan 2024 23:53:25 GMT Server nginx ETag "65989675-9792f" X-Cache-Status HIT Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 620847 Expires Tue, 13 Feb 2024 05:08:39 GMT
GET H/1.1	200 OK	BG-2.1bc2edf2.png www.elementaiconnect.com/static/img/	526 KB 526 KB	368ms 367ms	Image image/png	43.130.41.192 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.elementaiconnect.com/static/img/BG-2.1bc2edf2.png Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.130.41.192 Santa Clara, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `58a6fc0b080ee27b02107dc9084d864ff8bef73aed18f0013e276276a8b6e84a` Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 21:39:57 GMT Last-Modified Fri, 05 Jan 2024 23:53:25 GMT Server nginx ETag "65989675-837a9" X-Cache-Status HIT Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 538537 Expires Tue, 13 Feb 2024 05:08:39 GMT
GET H/1.1	200 OK	BG-3.df2b2f9d.png www.elementaiconnect.com/static/img/	10 KB 10 KB	167ms 167ms	Image image/png	43.130.41.192 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.elementaiconnect.com/static/img/BG-3.df2b2f9d.png Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.130.41.192 Santa Clara, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `13e71e702c64fbb0512ad3f652d6c075bca7176238eab81cb71a9a250ce787d4` Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 21:39:57 GMT Last-Modified Fri, 05 Jan 2024 23:53:25 GMT Server nginx ETag "65989675-2750" X-Cache-Status HIT Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 10064 Expires Tue, 13 Feb 2024 05:08:40 GMT
GET H/1.1	200 OK	shadow-grey.png cdn.dcloud.net.cn/img/	136 B 579 B	1565ms 186ms	Image image/png	124.220.205.65 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.dcloud.net.cn/img/shadow-grey.png Requested by Host: www.elementaiconnect.com URL: https://www.elementaiconnect.com/static/index.97465e7b.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.220.205.65 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash `ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f` Request headers accept-language de-DE,de;q=0.9 Referer https://www.elementaiconnect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 21:40:00 GMT Last-Modified Thu, 06 Jun 2019 06:42:07 GMT Server nginx ETag "5cf8b5bf-88" Content-Type image/png Cache-Control max-age=7200 Connection close Accept-Ranges bytes Content-Length 136 Expires Sun, 14 Jan 2024 23:40:00 GMT

Verdicts & Comments Add Verdict or Comment

Malicious page.domain
Submitted on January 14th 2024, 9:42:07 pm UTC — From United States

Threats: Brand Impersonation Scam
Comment: This is a scam impersonating Element AI, do not invest.

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dcloud.net.cn/	1970-01-21 03:17:08	Name: __uni__uid Value: rBEQRWWkVLBWDgworaU7Ag==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.elementaiconnect.com/static/index.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.livechatinc.com
cdn.dcloud.net.cn
cdn.livechatinc.com
www.elementaiconnect.com
101.32.223.174
124.220.205.65
23.36.162.17
43.130.41.192
95.101.111.174
0384d5790e0af027c0aea5b12f0aa40ac87648dadb866ba6c42662b8287a03f7
13b825026d0f1e81da771b0775442a26c914955ddfbc055a9a92bf02f78270de
13e71e702c64fbb0512ad3f652d6c075bca7176238eab81cb71a9a250ce787d4
23c2c2c477f54e9de4b77ec633032fa9494f7463f0bc827ba5d81d1ae77b445b
58a6fc0b080ee27b02107dc9084d864ff8bef73aed18f0013e276276a8b6e84a
807189bd6c5156609672e9e875db36fb2aa14ceb9cf85f5983f64a79847cb6ca
93eb2fd2d2eb48bba369686e37c971fe57d959221ab45bebd59bfd6cb96094a0
9b0e3264a12e08b96d80a2feffdc5277a769659fad1ebd326f45fd288179c934
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
de5db3e7dc74a7e7c3202c6d4924ef12a28d3d5a32031393427766df6a1baca1
de8485f8ded93036bc7f00a27fcc16f650336d07e76f5afb263f938fdf1914bf
e6aad4866f9929977c28fff0c7d52679234c254113d7c9a1fc96395fa8b2cd2d
f6789ee8a50f44f18ba717956bd34c4cd17b1d658443e92408976907b83a0242

www.elementaiconnect.com Open in urlscan Pro 43.130.41.192 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

5 IPs

4 Countries

1820 kBTransfer

3351 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious page.domain Submitted on January 14th 2024, 9:42:07 pm UTC — From United States

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

16 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

www.elementaiconnect.com Open in urlscan Pro
43.130.41.192 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

4
Countries

1820 kB
Transfer

3351 kB
Size

1
Cookies

13 HTTP transactions
1 data transactions

Malicious page.domain
Submitted on January 14th 2024, 9:42:07 pm UTC — From United States

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!