cardmanagerapp.hdsujnb.ru
Open in
urlscan Pro
172.67.190.161
Public Scan
Submission: On November 26 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on October 5th 2024. Valid for: 3 months.
This is the only time cardmanagerapp.hdsujnb.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 172.67.190.161 172.67.190.161 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:67c:4e8:... 2001:67c:4e8:f004::9 | 62041 (Telegram ...) (Telegram Telegram Messenger Inc) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700:303... 2606:4700:3031::ac43:bea1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:bb1f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 6 |
ASN13335 (CLOUDFLARENET, US)
cardmanagerapp.hdsujnb.ru | |
manager.hdsujnb.ru |
ASN62041 (Telegram Telegram Messenger Inc, VG)
telegram.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
hdsujnb.ru
cardmanagerapp.hdsujnb.ru manager.hdsujnb.ru |
181 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318 |
301 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
2 KB |
1 |
telegram.org
telegram.org — Cisco Umbrella Rank: 10608 |
22 KB |
19 | 4 |
Domain | Requested by | |
---|---|---|
11 | manager.hdsujnb.ru |
cardmanagerapp.hdsujnb.ru
|
4 | cardmanagerapp.hdsujnb.ru |
cardmanagerapp.hdsujnb.ru
|
1 | cdn.jsdelivr.net |
cardmanagerapp.hdsujnb.ru
|
1 | fonts.googleapis.com |
cardmanagerapp.hdsujnb.ru
|
1 | telegram.org |
cardmanagerapp.hdsujnb.ru
|
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hdsujnb.ru WE1 |
2024-10-05 - 2025-01-03 |
3 months | crt.sh |
*.telegram.org Go Daddy Secure Certificate Authority - G2 |
2024-08-10 - 2025-09-11 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA |
2024-05-04 - 2025-05-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cardmanagerapp.hdsujnb.ru/
Frame ID: 9532092FE5A339F859CDA5C515215755
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Theme Bot CatalogDetected technologies
Socket.io (JavaScript Frameworks) ExpandDetected patterns
- socket\.io.*\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
cardmanagerapp.hdsujnb.ru/ |
722 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram-web-app.js
telegram.org/js/ |
106 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bundle.js
cardmanagerapp.hdsujnb.ru/ |
558 KB 163 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
manager.hdsujnb.ru/socket.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
manager.hdsujnb.ru/socket.io/ |
118 B 573 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3e7297c8ba18982007097231eea98763.lottie
cardmanagerapp.hdsujnb.ru/ |
12 KB 13 KB |
Fetch
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
cardmanagerapp.hdsujnb.ru/ |
564 B 810 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dotlottie-player.wasm
cdn.jsdelivr.net/npm/@lottiefiles/dotlottie-web@0.18.1/dist/ |
693 KB 301 KB |
Fetch
application/wasm |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
/
manager.hdsujnb.ru/socket.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
manager.hdsujnb.ru/socket.io/ |
2 B 636 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
manager.hdsujnb.ru/socket.io/ |
32 B 664 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
/
manager.hdsujnb.ru/socket.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
manager.hdsujnb.ru/socket.io/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
manager.hdsujnb.ru/socket.io/ |
2 B 639 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
/
manager.hdsujnb.ru/socket.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
/
manager.hdsujnb.ru/socket.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
/
manager.hdsujnb.ru/socket.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
manager.hdsujnb.ru/socket.io/ |
2 B 642 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- manager.hdsujnb.ru
- URL
- https://manager.hdsujnb.ru/socket.io/?EIO=4&transport=polling&t=tup53p3v&sid=JBBhlYy8k9tNTPMCAAAY
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| Telegram function| TelegramGameProxy_receiveEvent object| TelegramGameProxy function| _0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cardmanagerapp.hdsujnb.ru
cdn.jsdelivr.net
fonts.googleapis.com
manager.hdsujnb.ru
telegram.org
manager.hdsujnb.ru
172.67.190.161
2001:67c:4e8:f004::9
2606:4700:3031::ac43:bea1
2606:4700::6812:bb1f
2a00:1450:4001:800::200a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
6e6c3ba940ac6d382baf83460cd03d5018b1ca2574f842ff74cce780ccd5d36c
737840c3f7163082daa573491432af1240d656d3ec274597ca353243003406bd
7d16d3a93e92d8a2c1f66dc01f724a06e70b72d1405363efefa95196e9626f84
98de2fe07245591e270c741c8b04cbb0a3e72d1c734bd7f5aad5b04512e11052
a35e2d3f50dd234f1d53dbf5745057d88bb041a6e52b0a542a09bf7d67e24604
dcb72a8d2478bc448bab6712de33a8370c2b3027d9ae9a079d1f4de5a6600634
e98b35eaf1ebdf8f06e6d7ac7d7808c76acb8576249bf492e1a08e936ca1ca16