Report - entry1064-jsround1.usercontent.dev/

Report Overview

Submitted URL
entry1064-jsround1.usercontent.dev/
IP
178.128.255.27
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-05-08 15:31:17
Access
public
Website Title
Telegram Web Reader
Final URL
entry1064-jsround1.usercontent.dev/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
venus.web.telegram.org	47739	2003-12-15	2017-01-29	2024-05-07	995 B	1.0 kB	149.154.167.99
entry1064-jsround1.usercontent.dev	unknown	unknown	No data	No data	2.3 kB	494 kB	178.128.255.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	entry1064-jsround1.usercontent.dev/main.js	1.8 MB	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/main.js IP 178.128.255.27 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen2 Hash 0e423dd7bccbefee061038a365821760 bbe4c481ff7c8c1915175a0e7fc9625c888da782 404f05977baa3e9ce041348428a296a69c3ac4cf8c51c2fff4484a503a0f5944 Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[3]	2.2 kB	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[3] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash 044dbca48b89fd889a4e1e9a08640a38 c1c2d8e5a04a9e599c143481778506f82d76b0ea 08eaf923c3d2e02f1b84a66d370d8bccfa34b02392f85f777cfd96fdb9c2db94 Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[7]	450 B	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[7] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash 08b8f3aa6d1aeb621eee3bdfcadb1277 181bac42ef87de2e29400dcd9308e6d7f692d19b 80573521751db787656cdd8448db96ae902dfbebc9a4c753832328f259dccc2e Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[8]	278 B	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[8] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash ec7ded7ab8dcdb85faf638e555f2943d 47751c6d06558e981a131e861d650601cae3e25e e7b149a045731b0b39b875de22ea0bb5188b8147094f3d85465d214e6ea528f4 Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[9]	217 B	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[9] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash 289d71b59ef673ea57ac02196dc725c9 597caf1820e61175373a88301c295536d3aa92b1 2c258c7839167d5fcc791f6e39cd09eaf661207dc1aeee73b206b8558ab350f8 Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[10]	901 B	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[10] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash 0835e8869934e33b17b15ba151dbfdf0 14e323557e0d245332c0ad269a1dfed095a944aa e94e3b1d80c9fa366ab30080170a5385049de7afb6366c6e860d34fcaac75cb4 Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[0]	3.3 kB	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[0] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash dfedda53af5810b790575464598b6e50 945dfb9d1ebf002b803d2d6b8eb557154ab43632 f17714f4fd323aa8a2c289960169d9c00870af3a22e6cd3b22635f08b5d8d827 Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[1]	3.3 kB	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[1] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash f6e1b1196bcf3b75ee270b7d8908d517 d57946f701b6cec618d7880316e77cda3c3fc8d3 e7b7017e22b885ee876623fc10ec4226895320caaa1df003b37a0a3a54a1b143 Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[6]	1.8 kB	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[6] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash 91020bec4255d6a1e4ad0bf6fa998c87 e8e3d38d572bc352193c9aae70a3729e89a75adf cc4aca3e8287dcad3512361aafadabda0cab3df684204993abdfc6c2932ee8c9 Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[2]	2.8 kB	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[2] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash 9fdcb7aae8b5ce31288cd2d68ec9d006 ab4d8783001987a7e6221de981b842ff92863dd8 ff1f2c46c4b1ab8bb5177cdbbcfb94622c6b39a7f1e927f380ca4ec20b37ccd2 Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[4]	1.3 kB	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[4] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash 0c0a25b170e6e47fac76c6ed07127263 188b4053bbe4ccdb86c7aa0c14a8a17e3ecd88ea d98158aaa05e04986cf0bb45a07f63bdfb12f6d6cc8cf18f602f70af1eb63956 Loading...

	entry1064-jsround1.usercontent.dev/lodash.templateSources[5]	911 B	2024-05-08	2024-05-08
Pretty URL entry1064-jsround1.usercontent.dev/lodash.templateSources[5] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2024-05-08 17:31:24 Last Seen2024-05-08 17:31:24 Times Seen1 Hash 96060c7c2666b58e8cb61143abea6fed a03675a13f450690cbfd904705194ec0ae9199bd b63efa4d1a986bee24a49cc1c28c803ac1cabcbbadaab65bc01aa1c427780f9f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-20 02:02:57 Times Seen353148 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

HTTP Transactions (7)

	URL	IP	Response	Size
	entry1064-jsround1.usercontent.dev/	178.128.255.27	200 OK	155 B
URL User Request GET HTTP/1.1 entry1064-jsround1.usercontent.dev/ IP 178.128.255.27:443 ASN #14061 DIGITALOCEAN-ASN Certificate IssuerGoDaddy.com, Inc. Subject.usercontent.dev Fingerprint78:43:A4:A9:FD:A6:01:6F:C7:04:DE:D3:79:89:BD:91:53:29:1D:7F ValidityTue, 19 Sep 2023 19:38:17 GMT - Sun, 20 Oct 2024 19:38:17 GMT File type HTML document, ASCII text Size 155 B (155 bytes) Hash 1b0e167ed61d17d56cb6ae03aa3f695c d24124e49b4bdccc3af791f9a9543ccf3c0bb063 bb9b5f365b7007b816525717926838647d7954887e27f78a882e1075a586f351 HTTP Headers `GET / HTTP/1.1 Host: entry1064-jsround1.usercontent.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.10.3 Date: Wed, 08 May 2024 16:32:19 GMT Content-Type: text/html; charset=UTF-8 Last-Modified: Mon, 01 Jun 2020 11:46:47 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"5ed4eaa7-bc" Content-Encoding: gzip`

	entry1064-jsround1.usercontent.dev/main.js	178.128.255.27	200 OK	455 kB
URL GET HTTP/1.1 entry1064-jsround1.usercontent.dev/main.js IP 178.128.255.27:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://entry1064-jsround1.usercontent.dev/ Certificate IssuerGoDaddy.com, Inc. Subject.usercontent.dev Fingerprint78:43:A4:A9:FD:A6:01:6F:C7:04:DE:D3:79:89:BD:91:53:29:1D:7F ValidityTue, 19 Sep 2023 19:38:17 GMT - Sun, 20 Oct 2024 19:38:17 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (54340) Size 455 kB (455209 bytes) Hash 0e423dd7bccbefee061038a365821760 bbe4c481ff7c8c1915175a0e7fc9625c888da782 404f05977baa3e9ce041348428a296a69c3ac4cf8c51c2fff4484a503a0f5944 HTTP Headers `GET /main.js HTTP/1.1 Host: entry1064-jsround1.usercontent.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://entry1064-jsround1.usercontent.dev/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.10.3 Date: Wed, 08 May 2024 16:32:19 GMT Content-Type: application/javascript; charset=UTF-8 Last-Modified: Mon, 01 Jun 2020 11:46:47 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"5ed4eaa7-1c34a8" Content-Encoding: gzip`

	entry1064-jsround1.usercontent.dev/4f7b3514e2fcd90cb4f747f39001df86.png	178.128.255.27	200 OK	11 kB
URL GET HTTP/1.1 entry1064-jsround1.usercontent.dev/4f7b3514e2fcd90cb4f747f39001df86.png IP 178.128.255.27:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://entry1064-jsround1.usercontent.dev/ Certificate IssuerGoDaddy.com, Inc. Subject.usercontent.dev Fingerprint78:43:A4:A9:FD:A6:01:6F:C7:04:DE:D3:79:89:BD:91:53:29:1D:7F ValidityTue, 19 Sep 2023 19:38:17 GMT - Sun, 20 Oct 2024 19:38:17 GMT File type PNG image data, 320 x 320, 8-bit/color RGBA, non-interlaced Size 11 kB (11419 bytes) Hash 4f7b3514e2fcd90cb4f747f39001df86 4b01a7615ee7faa69babae049d6d5e50822c2fc7 ae410f14e23eccf83f76230e70d192e4b7fc0ddf2b1bfe43380baff708e8328c HTTP Headers `GET /4f7b3514e2fcd90cb4f747f39001df86.png HTTP/1.1 Host: entry1064-jsround1.usercontent.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://entry1064-jsround1.usercontent.dev/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.10.3 Date: Wed, 08 May 2024 16:32:20 GMT Content-Type: image/png Content-Length: 11419 Last-Modified: Mon, 01 Jun 2020 11:46:47 GMT Connection: keep-alive ETag: "5ed4eaa7-2c9b" Accept-Ranges: bytes`

	venus.web.telegram.org/apiw1	149.154.167.99	404 Not Found	84 B
URL POST HTTP/2 venus.web.telegram.org/apiw1 IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://entry1064-jsround1.usercontent.dev/ Certificate IssuerGoDaddy.com, Inc. Subject.web.telegram.org Fingerprint74:51:4A:F8:C5:D2:E1:36:68:30:25:98:05:27:E8:6F:57:FC:E0:3B ValidityWed, 30 Aug 2023 00:40:43 GMT - Mon, 30 Sep 2024 00:40:43 GMT File type data Size 84 B (84 bytes) Hash e62f72b8594fcef7eb7889912a78074e 54d074b788ea0254c5b08f5c69bfee5a72994770 8632c99b3178acc051a40f8ff8a0c1866a49d6429f4e0103e742d1b0ab01351e HTTP Headers `POST /apiw1 HTTP/1.1 Host: venus.web.telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Length: 40 Origin: https://entry1064-jsround1.usercontent.dev DNT: 1 Connection: keep-alive Referer: https://entry1064-jsround1.usercontent.dev/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.18.0 date: Wed, 08 May 2024 15:30:51 GMT content-type: application/octet-stream content-length: 84 pragma: no-cache cache-control: no-store access-control-allow-origin: * access-control-allow-methods: POST, OPTIONS access-control-allow-headers: origin, content-type access-control-max-age: 1728000 strict-transport-security: max-age=35768000 X-Firefox-Spdy: h2`

	entry1064-jsround1.usercontent.dev/crypto-worker.js	178.128.255.27	200 OK	26 kB
URL GET HTTP/1.1 entry1064-jsround1.usercontent.dev/crypto-worker.js IP 178.128.255.27:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://entry1064-jsround1.usercontent.dev/ Certificate IssuerGoDaddy.com, Inc. Subject.usercontent.dev Fingerprint78:43:A4:A9:FD:A6:01:6F:C7:04:DE:D3:79:89:BD:91:53:29:1D:7F ValidityTue, 19 Sep 2023 19:38:17 GMT - Sun, 20 Oct 2024 19:38:17 GMT File type JavaScript source, ASCII text, with very long lines (31624) Size 26 kB (25664 bytes) Hash 70b74f3e234813c0e9be855addc19b85 9c7ce5a5447631d031c851691b915dc0d2d39c91 6d5e85399b931c0ab9f540353bf95a2dd9bac3abc7219797ef1d49a33edf346d HTTP Headers `GET /crypto-worker.js HTTP/1.1 Host: entry1064-jsround1.usercontent.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://entry1064-jsround1.usercontent.dev/ Sec-Fetch-Dest: worker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.10.3 Date: Wed, 08 May 2024 16:32:20 GMT Content-Type: application/javascript; charset=UTF-8 Last-Modified: Mon, 01 Jun 2020 11:46:47 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"5ed4eaa7-12639" Content-Encoding: gzip`

	entry1064-jsround1.usercontent.dev/favicon.ico	178.128.255.27	404 Not Found	131 B
URL GET HTTP/1.1 entry1064-jsround1.usercontent.dev/favicon.ico IP 178.128.255.27:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://entry1064-jsround1.usercontent.dev/ Certificate IssuerGoDaddy.com, Inc. Subject.usercontent.dev Fingerprint78:43:A4:A9:FD:A6:01:6F:C7:04:DE:D3:79:89:BD:91:53:29:1D:7F ValidityTue, 19 Sep 2023 19:38:17 GMT - Sun, 20 Oct 2024 19:38:17 GMT File type HTML document, ASCII text, with CRLF line terminators Size 131 B (131 bytes) Hash 75498ccdf6d1ca96d29735566023829a 2951272e362fdf3d79488531406a383f96cf6332 dd2943d2f8c69925d2c6248e82f232d5c75efca81b0b16d580773e2d890133b6 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: entry1064-jsround1.usercontent.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://entry1064-jsround1.usercontent.dev/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 404 Not Found Server: nginx/1.10.3 Date: Wed, 08 May 2024 16:32:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip`

	venus.web.telegram.org/apiw1	149.154.167.99	404 Not Found	169 B
URL POST HTTP/2 venus.web.telegram.org/apiw1 IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://entry1064-jsround1.usercontent.dev/ Certificate IssuerGoDaddy.com, Inc. Subject.web.telegram.org Fingerprint74:51:4A:F8:C5:D2:E1:36:68:30:25:98:05:27:E8:6F:57:FC:E0:3B ValidityWed, 30 Aug 2023 00:40:43 GMT - Mon, 30 Sep 2024 00:40:43 GMT File type HTML document, ASCII text, with CRLF line terminators Size 169 B (169 bytes) Hash c2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a HTTP Headers `POST /apiw1 HTTP/1.1 Host: venus.web.telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Length: 340 Origin: https://entry1064-jsround1.usercontent.dev DNT: 1 Connection: keep-alive Referer: https://entry1064-jsround1.usercontent.dev/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 404 Not Found server: nginx/1.18.0 date: Wed, 08 May 2024 15:30:54 GMT content-type: text/html content-length: 169 pragma: no-cache cache-control: no-store access-control-allow-origin: * access-control-allow-methods: POST, OPTIONS access-control-allow-headers: origin, content-type access-control-max-age: 1728000 X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML