Report - nikaluis16.vercel.app/spwi.html/

Report Overview

Visited public
2025-06-08 13:41:22
Tags
suspicious
Submit Tags
URL
nikaluis16.vercel.app/spwi.html/
Finishing URL
nikaluis16.vercel.app/spwi.html/
IP / ASN
216.198.79.193
#16509 AMAZON-02
Title
Meta Business Help Center
Suspicious - Suspicious Javascript code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nikaluis16.vercel.app	unknown	2020-01-28	2025-06-08	2025-06-08	6.8 kB	1.0 MB	216.198.79.193
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-06-04	438 B	88 kB	142.250.74.42
api.db-ip.com	98326	2010-05-18	2017-01-30	2025-06-05	444 B	1.2 kB	104.26.4.15

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-06-08	medium	nikaluis16.vercel.app/spwi.html/	Detects file containing Telegram Bot API

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-06-07	medium	nikaluis16.vercel.app/spwi.html/	Facebook, Inc.

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed
2025-06-08	medium	nikaluis16.vercel.app	Sinkholed

ThreatFox

No alerts detected

Telegram Bot detected

URL
nikaluis16.vercel.app/spwi.html/
IP / ASN
216.198.79.193
#16509 AMAZON-02

Token
8103465693:AAFMqJ_90UqqXKEx0izVrgI0Zhl8dWmAJfU

Bot Overview
User ID 8103465693
Username dsadasx_2_bot
First Name djsai
Last Name
Chat Information
Chat ID -4863716788
Chat Type group
Title sdax
User Count 2
Admins 1
Pending Messages 0

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	nikaluis16.vercel.app/spwi.html/	ScriptElement	152 kB	2024-02-15	2025-07-06
Pretty URL nikaluis16.vercel.app/spwi.html/ IP 216.198.79.193 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-15 03:47 Last Seen2025-07-06 05:10 Times Seen12532 Hash 246cdd9342d6df668fd36e314d7a3ffd e7f22a012295f5927074845f8556da9e50390261 6e9718d5fbecd8e2f158db327e1e58f2b865bec456b59f058c0b8c65a91ac0b6 Loading...

	nikaluis16.vercel.app/spwi.html/	ScriptElement	2.3 kB	2024-02-15	2025-07-06
Pretty URL nikaluis16.vercel.app/spwi.html/ IP 216.198.79.193 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-15 03:47 Last Seen2025-07-06 05:10 Times Seen12446 Hash 3edd31c7a0371af06d714ca479808dee eaf11285d3b5593d666da6837d6c834f5614f61a 32e343a3d26ddd039f4f95587ced16ab59e263fab366741ffbd04cc3a9a11bff Loading...

	nikaluis16.vercel.app/spwi.html/	ScriptElement	36 kB	2025-05-26	2025-06-12
Pretty URL nikaluis16.vercel.app/spwi.html/ IP 216.198.79.193 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-26 10:23 Last Seen2025-06-12 11:27 Times Seen28 Hash 6fbafad565c7fc13845bec783f8faafd c85fdaf3c3af2a7fb894514c0603b29964e016cf 2a7e4666a0c7a799bf9dc9e82f7f3bc8d4b2b113c8be38afc660ad00d23d95a7 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js	ScriptElement	88 kB	2023-08-31	2025-07-06
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-07-06 05:18 Times Seen44945 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

HTTP Transactions (17)

URL IP Response Size

GET nikaluis16.vercel.app/img/doc.png

216.198.79.193

200 OK

5.7 kB

URL GET
nikaluis16.vercel.app/img/doc.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
5.7 kB (5723 bytes)
Hash
95382a6dab40d5911185a921c53e6f6b
4229cb577571111d747021988aac9dd6cd50634f
e341d9055288dfcd7dd5facab6c915f6b7bcffbf80f8b48468c7275b8cada069

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/doc.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163910
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="doc.png"
content-type: image/png
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "95382a6dab40d5911185a921c53e6f6b"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::nzv2r-1749390061584-c6e8097df93f
content-length: 5723
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/img/2FA.png

216.198.79.193

200 OK

115 kB

URL GET
nikaluis16.vercel.app/img/2FA.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
PNG image data, 541 x 252, 8-bit/color RGBA, non-interlaced
Size
115 kB (114767 bytes)
Hash
03d39d5d071182aba1b01ba2e859de39
7ba8f968b03e92fd59a6c4f6ce5c8aa36a5d2b92
a7fd65363687e512751d88f7850b61969427e8d3aa9a177946bcd4bc280b71ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/2FA.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163910
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="2FA.png"
content-type: image/png
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "03d39d5d071182aba1b01ba2e859de39"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::tk4gs-1749390061586-c28af76608c6
content-length: 114767
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/img/phone.png

216.198.79.193

200 OK

255 kB

URL GET
nikaluis16.vercel.app/img/phone.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
PNG image data, 640 x 280, 8-bit/color RGBA, non-interlaced
Size
255 kB (255341 bytes)
Hash
3c18a93313e72ab9967152a4e92aa238
74671591dd7cc381c6ec6de1137b83c0e2f4d7ec
fbc7addde1cd6057bd59c03941fcf38a6ac17dd90312d142ebd7520891c3656e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/phone.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163910
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="phone.png"
content-type: image/png
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "3c18a93313e72ab9967152a4e92aa238"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::k5c4w-1749390061587-a840dd671343
content-length: 255341
X-Firefox-Spdy: h2

GET ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

142.250.74.42

200 OK

88 kB

URL GET
ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87533 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:09:32 GMT
expires: Fri, 05 Jun 2026 13:09:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 261089
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/img/fb_round_logo.png

216.198.79.193

200 OK

43 kB

URL GET
nikaluis16.vercel.app/img/fb_round_logo.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced
Size
43 kB (42676 bytes)
Hash
81bb5cf1e451109cf0b1868b2152914b
b70017639afc079394be1ea8625f7c4beb44d617
676c83478e410d324fe56aca428d3305505732c648667b22e15c8222117c75e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/fb_round_logo.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163911
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="fb_round_logo.png"
content-type: image/png
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "81bb5cf1e451109cf0b1868b2152914b"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::g7fsv-1749390061583-963f47205afe
content-length: 42676
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/img/save_img.png

216.198.79.193

200 OK

7.6 kB

URL GET
nikaluis16.vercel.app/img/save_img.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
7.6 kB (7550 bytes)
Hash
8d3bcd1278891fc1e52d38e72549b3d0
af1ab86b5a3993c468c3be9c59a8ed3d9091454d
8fc3f44a189200b47c93a90ad8dffe40fcdeda8a718e62bb4baf98f00d536e97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/save_img.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163910
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="save_img.png"
content-type: image/png
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "8d3bcd1278891fc1e52d38e72549b3d0"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::5pfdg-1749390061583-a277b14397dd
content-length: 7550
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/img/meta-logo-grey.png

216.198.79.193

200 OK

106 kB

URL GET
nikaluis16.vercel.app/img/meta-logo-grey.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
PNG image data, 900 x 240, 8-bit/color RGBA, non-interlaced
Size
106 kB (105511 bytes)
Hash
ffba640622dd859d554ee43a03d53769
c91a100db7bfc04df9a5f3223d5b6f17536bf5ee
139d38d0fbfed2fd9f2b782af9b3eb08005b9bc75faaa31fe29720cc64bcab0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/meta-logo-grey.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163910
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="meta-logo-grey.png"
content-type: image/png
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "ffba640622dd859d554ee43a03d53769"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::5pfdg-1749390061585-e8dddbcd10dd
content-length: 105511
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/img/star.png

216.198.79.193

200 OK

2.0 kB

URL GET
nikaluis16.vercel.app/img/star.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
PNG image data, 41 x 41, 8-bit colormap, non-interlaced
Size
2.0 kB (1980 bytes)
Hash
aae920faed2a3fe4c3083b339cd783df
be5e47195c28b585d65478e2399d0d5f9b74435c
f75d9bcacc1a1aabc6f93c383f5494307d91f7f302c266626d6dc92b4b86585e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/star.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163910
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="star.png"
content-type: image/png
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "aae920faed2a3fe4c3083b339cd783df"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::5pfdg-1749390061588-c1725308b412
content-length: 1980
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/spwi.html/

216.198.79.193

200 OK

275 kB

URL User Request GET
nikaluis16.vercel.app/spwi.html/
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
HTML document, ASCII text, with very long lines (617), with CRLF line terminators
Size
275 kB (275317 bytes)
Hash
950cd837972c51f2b52b5e90aa25175d
994ba41f674e2e6a9a6d0bbf86dbc85666346054
c8eefbca56d204f175406b05676ded752e580ec2c6edf49259d1850e16ecf8e6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code
YARAhub by abuse.ch	malware	Detects file containing Telegram Bot API
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /spwi.html/ HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 197387
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="spwi.html"
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "950cd837972c51f2b52b5e90aa25175d"
last-modified: Fri, 06 Jun 2025 06:51:13 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::nk45h-1749390061287-fa4c9dd7000c
content-length: 54300
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/styles/bootstrap.min.css

216.198.79.193

200 OK

156 kB

URL GET
nikaluis16.vercel.app/styles/bootstrap.min.css
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
156 kB (155798 bytes)
Hash
b4dd849207168b85ac838a42c9918373
408e4d863dd139eebbeb93afea9ae0367570c7cd
77dec0eb636b3e7b02d88b5858f21d7cabd174e99bfc22cc93cefb3042aeb99b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles/bootstrap.min.css HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163911
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="bootstrap.min.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "b4dd849207168b85ac838a42c9918373"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::5pfdg-1749390061577-acc1434212a6
content-length: 25307
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/styles/style.css

216.198.79.193

200 OK

12 kB

URL GET
nikaluis16.vercel.app/styles/style.css
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
ASCII text
Size
12 kB (11743 bytes)
Hash
261ac8d831a93d6c8e0c44b7e4fc6da2
702a3d3d13ea93dc7f2706f8e71583ae8d88bd8f
7c5bb18aa44d610a82d366d61d682c0259b8fc15280d28e7de891f9e692ad888

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles/style.css HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163911
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="style.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "261ac8d831a93d6c8e0c44b7e4fc6da2"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::5pfdg-1749390061581-1098811376f6
content-length: 2970
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/spwi.html/img/meta-logo-grey.png

216.198.79.193

404 Not Found

79 B

URL GET
nikaluis16.vercel.app/spwi.html/img/meta-logo-grey.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
ASCII text
Size
79 B (79 bytes)
Hash
503d74f5f0e99ff749372be679144c79
3469be15fd025909894cb3696720732aff674617
d46351f3fa65171516797fa602481666e1b1c91e18d409ebd55ff3d4ef306bbb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /spwi.html/img/meta-logo-grey.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cache-control: public, max-age=0, must-revalidate
content-type: text/plain; charset=utf-8
date: Sun, 08 Jun 2025 13:41:02 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-error: NOT_FOUND
x-vercel-id: arn1::nzv2r-1749390062029-da61d00501f4
content-length: 79
X-Firefox-Spdy: h2

GET api.db-ip.com/v2/free/self/

104.26.4.15

200 OK

208 B

URL GET
api.db-ip.com/v2/free/self/
IP
104.26.4.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerGoogle Trust Services
Subjectdb-ip.com
Fingerprint07:B7:54:3B:D5:F9:34:0C:68:0B:2B:B3:3E:37:4A:0F:69:0A:79:E6
ValiditySun, 04 May 2025 00:17:55 GMT - Sat, 02 Aug 2025 01:17:39 GMT

File type
JSON text data
Size
208 B (208 bytes)
Hash
b3cbea51f9a9fcaf6275e88da822e6aa
b9740712e7a8e51a3cfa95a11c75c671644c5ab2
9976a8ae9b1a43de4fb568b400d7026c135c71935aa1041418252b0882ba41ff

HTTP Headers

GET /v2/free/self/ HTTP/1.1
Host: api.db-ip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nikaluis16.vercel.app/
Origin: https://nikaluis16.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 08 Jun 2025 13:41:02 GMT
content-type: application/json
content-encoding: br
access-control-allow-origin: *
cache-control: max-age=1800
x-iplb-request-id: A29EDE0A:6F80_93878F2E:0050_684592EE_7F555502:6F90
x-iplb-instance: 54170
cf-cache-status: EXPIRED
last-modified: Sun, 08 Jun 2025 13:41:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouGMmgZyJlMxcio1vT0xcsJnSXEqv98hRsczHosb0%2F1uh8AUnrjuMMPoDp7eHJVhsLuaclxT2HVx3GjpZnJjRLgNS9rxP1HitvLUGFKteFyjbcPFDm2ibUi%2Bwlq6kPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94c8cdf0af2b56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6412&min_rtt=496&rtt_var=11758&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3266&recv_bytes=1216&delivery_rate=4318091&cwnd=254&unsent_bytes=0&cid=f5ffc8f2605ed096&ts=143&x=0"
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/ico.ico

216.198.79.193

200 OK

5.4 kB

URL GET
nikaluis16.vercel.app/ico.ico
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
5.4 kB (5430 bytes)
Hash
6701a4ba0b931af579be35b93631da04
c8161484acccdd0cae1cd6484f56942cb7ffd7dc
ce8a22ece441cfd0f09fb0359b8d683fed0e66f8bec0bbc067a8257c95b05fd8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ico.ico HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 146348
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="ico.ico"
content-encoding: br
content-type: image/vnd.microsoft.icon
date: Sun, 08 Jun 2025 13:41:02 GMT
etag: "6701a4ba0b931af579be35b93631da04"
last-modified: Fri, 06 Jun 2025 21:01:53 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::tk4gs-1749390062312-1b799c1b87be
content-length: 909
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/spwi.html/img/meta-logo-grey.png

216.198.79.193

404 Not Found

79 B

URL GET
nikaluis16.vercel.app/spwi.html/img/meta-logo-grey.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
ASCII text
Size
79 B (79 bytes)
Hash
4cb6985f5613e34691dafb4b8d892041
43bd117b348de75d7e2b4795de4277b9d841bac7
c609e86f4f333e382b1a7180d7bff306726fa7d2235c5258f110cc183b5f8916

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /spwi.html/img/meta-logo-grey.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cache-control: public, max-age=0, must-revalidate
content-type: text/plain; charset=utf-8
date: Sun, 08 Jun 2025 13:41:01 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-error: NOT_FOUND
x-vercel-id: arn1::k5c4w-1749390061583-0d7869eed5a8
content-length: 79
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/img/dir.png

216.198.79.193

200 OK

5.1 kB

URL GET
nikaluis16.vercel.app/img/dir.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
5.1 kB (5071 bytes)
Hash
aef2b30f6701ba271c07e3e26ffc416e
71cb73ec54a5fc973ccd4f4127b6716f6370709f
60a4bddc93553f14c2dfef0299fa5f3ad0e4005f7b8054e34db89b8afe6a0f2f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/dir.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163910
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="dir.png"
content-type: image/png
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "aef2b30f6701ba271c07e3e26ffc416e"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::nzv2r-1749390061593-c4a69308a253
content-length: 5071
X-Firefox-Spdy: h2

GET nikaluis16.vercel.app/img/no_avatar.png

216.198.79.193

200 OK

6.0 kB

URL GET
nikaluis16.vercel.app/img/no_avatar.png
IP
216.198.79.193:443
ASN
#16509 AMAZON-02

Requested by
https://nikaluis16.vercel.app/spwi.html/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintE3:1E:98:A9:DD:8B:60:D7:46:D6:CC:B1:15:28:72:F4:76:3D:CE:C1
ValidityMon, 21 Apr 2025 19:55:43 GMT - Sun, 20 Jul 2025 19:55:42 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (6043 bytes)
Hash
d5d30f28ca92743610c956684a424b7e
fd4a7207b724254d981a4ed4c7f675fd87868535
4b842e25c6be485fd7f06b745ac91db2b6e9eee778c5442b157be78d51f83563

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/no_avatar.png HTTP/1.1
Host: nikaluis16.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nikaluis16.vercel.app/spwi.html/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 163910
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="no_avatar.png"
content-type: image/png
date: Sun, 08 Jun 2025 13:41:01 GMT
etag: "d5d30f28ca92743610c956684a424b7e"
last-modified: Fri, 06 Jun 2025 16:09:10 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::tk4gs-1749390061594-2a659fe5704e
content-length: 6043
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Telegram Bot detected

Token

Bot Overview

Chat Information

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (17)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate