![](/screenshots/0cb55305-319b-4a12-ba71-b9318a4f27b4.png)
userbot-6hs2.onrender.com
Open in
urlscan Pro
216.24.57.253
Public Scan
Submission: On February 28 via automatic, source certstream-suspicious — Scanned from SE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 28th 2023. Valid for: a year.
This is the only time userbot-6hs2.onrender.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 216.24.57.253 216.24.57.253 | 397273 (RENDER) (RENDER) | |
3 | 142.251.208.106 142.251.208.106 | 15169 (GOOGLE) (GOOGLE) | |
4 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.16.86.20 104.16.86.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.16.126.175 104.16.126.175 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 140.82.121.3 140.82.121.3 | 36459 (GITHUB) (GITHUB) | |
1 | 185.199.111.133 185.199.111.133 | 54113 (FASTLY) (FASTLY) | |
2 | 172.67.215.147 172.67.215.147 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.185.227 142.250.185.227 | 15169 (GOOGLE) (GOOGLE) | |
19 | 8 |
ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f10.1e100.net
fonts.googleapis.com |
ASN36459 (GITHUB, US)
PTR: lb-140-82-121-3-fra.github.com
github.com |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-133.github.com
raw.githubusercontent.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195 |
88 KB |
4 |
onrender.com
userbot-6hs2.onrender.com |
10 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36 |
2 KB |
2 |
hikari.gay
static.hikari.gay |
38 KB |
2 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 761 |
106 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 339 |
55 KB |
1 |
gstatic.com
fonts.gstatic.com |
21 KB |
1 |
githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4486 |
25 KB |
1 |
github.com
1 redirects
github.com — Cisco Umbrella Rank: 2883 |
3 KB |
19 | 9 |
Domain | Requested by | |
---|---|---|
4 | cdnjs.cloudflare.com |
userbot-6hs2.onrender.com
|
4 | userbot-6hs2.onrender.com |
userbot-6hs2.onrender.com
|
3 | fonts.googleapis.com |
userbot-6hs2.onrender.com
|
2 | static.hikari.gay |
unpkg.com
userbot-6hs2.onrender.com |
2 | unpkg.com |
userbot-6hs2.onrender.com
|
2 | cdn.jsdelivr.net |
userbot-6hs2.onrender.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | raw.githubusercontent.com |
userbot-6hs2.onrender.com
|
1 | github.com | 1 redirects |
19 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-28 - 2024-02-27 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://userbot-6hs2.onrender.com/
Frame ID: 7012FFD362F349AAE2151008EF63BB09
Requests: 19 HTTP requests in this frame
Screenshot
![](/screenshots/0cb55305-319b-4a12-ba71-b9318a4f27b4.png)
Page Title
Hikka userbotDetected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/SweetAlert2.png)
Detected patterns
- /npm/sweetalert2@([\d.]+)
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://github.com/hikariatama/assets/raw/master/spouting-whale_1f433.png HTTP 302
- https://raw.githubusercontent.com/hikariatama/assets/master/spouting-whale_1f433.png
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
userbot-6hs2.onrender.com/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert2@11
cdn.jsdelivr.net/npm/ |
63 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ |
1 KB 917 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lottie.min.js
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.8.1/ |
265 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snowstorm-min.js
cdnjs.cloudflare.com/ajax/libs/Snowstorm/20131208/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dotlottie-player.js
unpkg.com/@dotlottie/player-component@1.0.0/dist/ |
332 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr-code-styling.js
unpkg.com/qr-code-styling@1.5.0/lib/ |
64 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
cdn.jsdelivr.net/npm/css.gg/icons/ |
316 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
userbot-6hs2.onrender.com/static/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spouting-whale_1f433.png
raw.githubusercontent.com/hikariatama/assets/master/ Redirect Chain
|
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
root.js
userbot-6hs2.onrender.com/static/ |
19 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4T7FajtZbx.lottie
static.hikari.gay/ |
2 KB 2 KB |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
4 KB 786 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 516 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
check_session
userbot-6hs2.onrender.com/ |
1 B 203 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Movement.ttf
static.hikari.gay/ |
36 KB 36 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0JIpUj3WIZ1RFN55B8whE.woff2
fonts.gstatic.com/s/hubballi/v4/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
87 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| lottie object| bodymovin object| dotlottie-player object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| QRCodeStyling object| snowStorm boolean| autoStart boolean| excludeMobile number| flakesMax number| flakesMaxActive number| animationInterval boolean| useGPU object| className object| flakeBottom boolean| followMouse string| snowColor string| snowCharacter boolean| snowStick object| targetElement boolean| useMeltEffect boolean| useTwinkleEffect boolean| usePositionFixed boolean| usePixelPosition boolean| freezeOnBlur number| flakeLeftOffset number| flakeRightOffset number| flakeWidth number| flakeHeight number| vMaxX number| vMaxY number| zIndex boolean| timer object| flakes boolean| disabled boolean| active number| meltFrameCount object| meltFrames function| setXY object| events function| randomizeWind function| scrollHandler function| resizeHandler function| resizeHandlerAlt function| freeze function| resume function| toggleSnow function| show function| SnowFlake function| snow function| mouseMove function| createSnow function| timerInit function| init function| start boolean| skip_creds boolean| auth_required function| auth object| qr_interval boolean| qr_login object| old_qr_sizes function| isInt function| isValidPhone function| finish_login function| show_2fa function| show_eula function| tg_code function| switch_block function| error_message function| error_state string| _api_id string| _api_hash string| _phone string| _2fa_pass string| _tg_pass string| _current_block function| is_phone function| process_next0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
github.com
raw.githubusercontent.com
static.hikari.gay
unpkg.com
userbot-6hs2.onrender.com
104.16.126.175
104.16.86.20
104.17.25.14
140.82.121.3
142.250.185.227
142.251.208.106
172.67.215.147
185.199.111.133
216.24.57.253
04c2c26190e5e8fa09172b34612ad0bece7c93e0727b18f3d3b3f283f598e963
0624fb21a679a4db7422cf2d9d12a2743af106c64354dba1e271c9959e6de8f7
19aa295521f5fe3828d378798ce690ff429956271afab0ac12883f188bcf95be
19b70f9047398c8ae4738335e5cb1d391375b544ba9dedfaa3e067373e5e89bb
23da49eb37cfb174a3ffcb076ce649e3b1d10306e5d225872eee85ac063e287d
3b9a22fb2e2a555a68719c1bcb0376d385fc493ba30bccafd755b1cd32a49b1f
5dbe3018be8f55b74eb58d4009097ef0b5365caafb2bc869f04084e0e7682854
64a9fc4c032875a0ba8bfa3385549c5697b46fdd789b357b53d1874a0193f97a
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69340a5477d26b5da85860c876d9aa58f870093ef5eeaf72d43a9f4d1d59d8bf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
9ffc5c7bca10422cb337c6c8d053f89ef7ad7cad8231c5b03891400c77179254
a9be43ab30acf7010e224f5117b19e8636b95a7f3276c5508d5abe9530c4fea4
addd94fd47d249c84ce8a646409c732c226c8c61a494d7ffb8a58f6d2a4501a7
b097f79a6fd12fb33e89792093a07a9d43710a04796b949dc3d58c53d270ef29
b741437f08ff5a83072016e615fb8eb59bf5c2d03defb4027ec151de9d4ae0da
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
ef5e898959bac0426908ee712c75e35c328ea39b94a26d9999871cca1ef582c3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e