el-msk.net
Open in
urlscan Pro
2a06:98c1:3121::7
Malicious Activity!
Public Scan
Submission Tags: https://phish.report @phish_report Search All
Submission: On April 02 via api from FI — Scanned from DE
Summary
TLS certificate: Issued by E1 on March 28th 2022. Valid for: 3 months.
This is the only time el-msk.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 2a06:98c1:312... 2a06:98c1:3121::7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 3.220.57.224 3.220.57.224 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a04:4e42:1b:... 2a04:4e42:1b::720 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700:7::... 2606:4700:7::a29f:9804 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 88.212.201.198 88.212.201.198 | 39134 (UNITEDNET) (UNITEDNET) | |
23 | 5 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-57-224.compute-1.amazonaws.com
source.unsplash.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
el-msk.net
el-msk.net |
390 KB |
4 |
randomuser.me
randomuser.me — Cisco Umbrella Rank: 212617 |
18 KB |
2 |
yadro.ru
1 redirects
counter.yadro.ru — Cisco Umbrella Rank: 7548 |
2 KB |
2 |
unsplash.com
1 redirects
source.unsplash.com — Cisco Umbrella Rank: 72598 images.unsplash.com — Cisco Umbrella Rank: 4525 |
11 KB |
1 |
medium.com
glyph.medium.com — Cisco Umbrella Rank: 20580 |
16 KB |
0 |
teslaevent.org
Failed
www.teslaevent.org Failed |
|
23 | 6 |
Domain | Requested by | |
---|---|---|
12 | el-msk.net |
el-msk.net
|
4 | randomuser.me |
el-msk.net
|
2 | counter.yadro.ru |
1 redirects
el-msk.net
|
1 | glyph.medium.com |
el-msk.net
|
1 | images.unsplash.com |
el-msk.net
|
1 | source.unsplash.com | 1 redirects |
0 | www.teslaevent.org Failed |
el-msk.net
|
23 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
medium.com |
twittercomelonmuskx.com |
tweetermusk.ug |
blog.bolt.io |
www.liveinternet.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.el-msk.net E1 |
2022-03-28 - 2022-06-26 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-12 - 2022-07-11 |
a year | crt.sh |
medium.com Cloudflare Inc ECC CA-3 |
2022-02-26 - 2022-05-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://el-msk.net/
Frame ID: 1D7E6E1ABDA761B436C170C89E1681EA
Requests: 27 HTTP requests in this frame
24 Outgoing links
These are links going to different origins than the main page.
Title: here
Search URL Search Domain Scan URL
Title: Homepage
Search URL Search Domain Scan URL
Title: About membership
Search URL Search Domain Scan URL
Title: Sign in
Search URL Search Domain Scan URL
Title: Get started
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Elon Musk
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Ben Einstein
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Zat Rana
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: douglas rushkoff
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Sign in
Search URL Search Domain Scan URL
Title: Get started
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://source.unsplash.com/200x200?man HTTP 302
- https://images.unsplash.com/photo-1546215364-12f3fff5d578?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=200&ixid=MnwxfDB8MXxyYW5kb218MHx8bWFufHx8fHx8MTY0ODg1ODY1Mg&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=200
- https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttps%3A//el-msk.net/;hElon%20Musk%20%u2014%20Official%20ETH%2C%20BTC%20Giveaway%20%u2013%20EIon%20Musk%20%u2013%20Medium;0.8301280579061616 HTTP 302
- https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//el-msk.net/;hElon%20Musk%20%u2014%20Official%20ETH%2C%20BTC%20Giveaway%20%u2013%20EIon%20Musk%20%u2013%20Medium;0.8301280579061616
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
el-msk.net/ |
183 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m2.css
el-msk.net/files/ |
63 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-branding-base.css
el-msk.net/files/ |
459 KB 62 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0_jTL6h8JXKd29jdTx.jpg
www.teslaevent.org/files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1_U3yrRtqWkn2cCwLnYCxN-w.jpg
www.teslaevent.org/files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1_U3yrRtqWkn2cCwLnYCxN-w1.jpg
www.teslaevent.org/files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava1.jpg
el-msk.net/files/ |
212 B 212 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_2HOTxT2gWf8GVaeYYG6TWQ.jpg
el-msk.net/files/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1__FB-MBhCP6dUlQVJalt8Cw.jpg
el-msk.net/files/ |
974 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0_xWNCv9gALD3YGOwB.png
el-msk.net/files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0_nl3cCLoFQlkX2dwt.jpg
el-msk.net/files/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1_U3yrRtqWkn2cCwLnYCxN-w2.jpg
www.teslaevent.org/files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1UHb2HozobNe2uMS7q2Iz5Q.png.jpeg
el-msk.net/files/ |
253 KB 254 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
74.jpg
randomuser.me/api/portraits/men/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
el-msk.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
44.jpg
randomuser.me/api/portraits/women/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
90.jpg
randomuser.me/api/portraits/women/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
46.jpg
randomuser.me/api/portraits/men/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
photo-1546215364-12f3fff5d578
images.unsplash.com/ Redirect Chain
|
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava1.jpg
el-msk.net/files/ |
212 B 212 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
15 KB 16 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ava1.jpg
el-msk.net/files/ |
212 B 212 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hit
counter.yadro.ru/ Redirect Chain
|
393 B 879 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.teslaevent.org
- URL
- https://www.teslaevent.org/files/0_jTL6h8JXKd29jdTx.jpg
- Domain
- www.teslaevent.org
- URL
- https://www.teslaevent.org/files/1_U3yrRtqWkn2cCwLnYCxN-w.jpg
- Domain
- www.teslaevent.org
- URL
- https://www.teslaevent.org/files/1_U3yrRtqWkn2cCwLnYCxN-w1.jpg
- Domain
- www.teslaevent.org
- URL
- https://www.teslaevent.org/files/1_U3yrRtqWkn2cCwLnYCxN-w2.jpg
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| d object| month function| obvInit object| GLOBALS3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.unsplash.com/ | Name: ugid Value: 11220b427a6ac795186b6e36bca58e725496195 |
|
.yadro.ru/ | Name: FTID Value: 1YHvOh16oUeI1YHvOh001S_y |
|
.yadro.ru/ | Name: VID Value: 3oMoAB0CnEuI1YHvOh001T0c |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
counter.yadro.ru
el-msk.net
glyph.medium.com
images.unsplash.com
randomuser.me
source.unsplash.com
www.teslaevent.org
www.teslaevent.org
2606:4700:7::a29f:9804
2a04:4e42:1b::720
2a06:98c1:3121::7
3.220.57.224
88.212.201.198
07b2fa37a61afa65b8e621b24da7408d287751fd5e7dcc887855ce077faaa425
0fe2f086119b954921792647e43232d3ac131f44b094336bca0a1ab1f80f8c45
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
290be3d3c351224b8fdfd669b6c38243ab47f74e0055f20b97893644e0406ad5
2dd777f56c1198b2d355316cc42222afbca00c97840222ffbac701133e3767d3
2effe07c2d1a1a0f55a7cda49b3acb07c83d313449493624402f131f6d1d3cbf
582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071
5e635738780a2952910257053cfb81fed989393f618cbcad73c5e7de209a71eb
85ef7dbfcf51a2ab85906c00f9f427ce142dffcd288ad040658eed39bc3ae582
99a9df080944a29084bf6f88ccc49b1f3a0cee1aed655c640ca433871a6af398
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
c3158839e928e82f44adeca5d63385d555831f82564931efeccc7d4f53bbeb92
d18466c01013e15ffa462559766dc50b6e3a6f959e7bc3386ab2bbe64614a31c
d1de21730854ea4db035a81914cb0bd57aa74d715af6f89b46a2d002917ca1ed
d8dab29a5736d5c2b0084d720d3db02c785560071609be501541922928fdf831
daf9d5ec5391d887bcee7a1ec79e5a83740ce6f805ff77a8d1ebc35e88f553a2
eb217de1fcb7086abfac67a3406be1dcebe1b865bcf6c0c482ffa7177846502c
eda1ebbb012c3bf5a4e4762716c221921d74c0e5e5d90916d0959d725e228699
fa247da32e590c310ded6f8fd21315ba870eb1b76feb2af75a126a7d5dee4e41
fe6f036d7593b3b9548ee4f63ed24931dc87bc615975f5cec38568fd91ecc59c
ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1