betsonvictory.kz
Open in
urlscan Pro
194.146.41.103
Malicious Activity!
Public Scan
Submission: On September 15 via api from LU — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 13th 2023. Valid for: 3 months.
This is the only time betsonvictory.kz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 194.146.41.103 194.146.41.103 | 202958 (HOSTER-AL...) (HOSTER-ALM Hoster.KZ - Almaty) | |
1 | 151.101.2.137 151.101.2.137 | 54113 (FASTLY) (FASTLY) | |
1 | 157.240.251.9 157.240.251.9 | 32934 (FACEBOOK) (FACEBOOK) | |
12 | 3 |
ASN202958 (HOSTER-ALM Hoster.KZ - Almaty, KZ)
PTR: apkz2.hoster.kz
betsonvictory.kz |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
betsonvictory.kz
betsonvictory.kz |
145 KB |
1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186 |
53 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 918 |
24 KB |
12 | 3 |
Domain | Requested by | |
---|---|---|
10 | betsonvictory.kz |
betsonvictory.kz
|
1 | connect.facebook.net |
betsonvictory.kz
|
1 | code.jquery.com |
betsonvictory.kz
|
12 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
telegram.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
betsonvictory.kz R3 |
2023-09-13 - 2023-12-12 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-06-25 - 2023-09-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://betsonvictory.kz/
Frame ID: ABEE18279D2EEF381CF80FFAF2FB4AEA
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Telegram: Join Group ChatDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Download
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
betsonvictory.kz/ |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.slim.min.js
code.jquery.com/ |
69 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-roboto_1.css
betsonvictory.kz/css/ |
7 KB 730 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min_3.css
betsonvictory.kz/css/ |
42 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram_232.css
betsonvictory.kz/css/ |
120 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img1.jpg
betsonvictory.kz/file/ |
41 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tgwallpaper.min_3.js
betsonvictory.kz/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
197 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pattern.svg
betsonvictory.kz/img/tgme/ |
225 KB 69 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
betsonvictory.kz/fonts/Roboto/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
betsonvictory.kz/fonts/Roboto/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
betsonvictory.kz/fonts/Roboto/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery object| gets object| c function| fbq function| _fbq object| TWallpaper object| tme_bg function| toggleTheme object| darkMedia0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
betsonvictory.kz
code.jquery.com
connect.facebook.net
151.101.2.137
157.240.251.9
194.146.41.103
088578d742531f662a0c1b6bc30a8f7da681fe01937fda7ff4791cbbaaf57d4a
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
63db15f00ab6b5a8cf92bff0cd98448c373732d7d3d4edc9c7a3b4d129e9627c
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
9231ebed71118b4d1d99ac92a995477abed458882e73bc5d2752c93d82364e7d
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
c58a3ca9103e4882604b29bbf77ae4094e3a63e9bd9b8629ed8e414b5ffbfaf4
daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20
dc8a358ea24d39281665fe6f202e9934fcd432ed7510f4803d27cde13db2d0c7