telegram-support.click Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://telegram-support.click/
Submission Tags: falconsandbox
Submission: On November 29 via api (November 29th 2024, 9:52:52 am UTC) from US — Scanned from NL

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 7 domains to perform 17 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is telegram-support.click.
TLS certificate: Issued by WE1 on November 29th 2024. Valid for: 3 months.

This is the only time telegram-support.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.73.113.68 20.73.113.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	95.163.234.142 95.163.234.142	197695 (AS-REGRU ...) (AS-REGRU "Domain names registrar REG.RU")
1	34.117.59.81 34.117.59.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
17	7

6 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

telegram-support.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.73.113.68 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cloud.51degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.234.142 (Russian Federation)

ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU)
PTR: 95-163-234-142.cloudvps.regruhosting.ru

push-service.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	telegram-support.click telegram-support.click	66 KB
3	push-service.site push-service.site	730 B
2	gstatic.com fonts.gstatic.com	36 KB
2	51degrees.com cloud.51degrees.com — Cisco Umbrella Rank: 230958	4 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	82 KB
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 7599	453 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
17	7

	Domain	Requested by
6	telegram-support.click	telegram-support.click
3	push-service.site	telegram-support.click
2	fonts.gstatic.com	fonts.googleapis.com
2	cloud.51degrees.com	telegram-support.click cloud.51degrees.com
2	cdnjs.cloudflare.com	telegram-support.click cdnjs.cloudflare.com
1	ipinfo.io	telegram-support.click
1	fonts.googleapis.com	telegram-support.click
17	7

This site contains links to these domains. Also see Links.

Domain
telegram.org

Subject Issuer	Validity	Valid
telegram-support.click WE1	`2024-11-29` - `2025-02-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.51degrees.com Go Daddy Secure Certificate Authority - G2	`2023-11-29` - `2024-12-30`	a year	crt.sh
push-service.site E5	`2024-11-18` - `2025-02-16`	3 months	crt.sh
ipinfo.io R11	`2024-11-15` - `2025-02-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://telegram-support.click/
Frame ID: A4716FC40B6DBB4F05FC6F3FBC1329BB
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram - active sessions

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

7
IPs

5
Countries

191 kB
Transfer

393 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
telegram-support.click/ 9 KB
4 KB 157ms
112ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-support.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4d060ccb1c1621d699732002cf6c8ca65513d619438c72f4f4705b4d3e9d06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ea1b4f02f9f662a-AMS
content-encoding: zstd
content-type: text/html
date: Fri, 29 Nov 2024 09:52:46 GMT
last-modified: Fri, 11 Oct 2024 12:39:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FfMcAzDh4o6T%2BG5ZcM6O31c3syW6QRgU6XQBGuoIm53WbLHpohG4Hgnwg%2BTTCOweLt73uWz4x5%2FvBe0gfkkHF3VyduL9Q5N3ylsFtJfLXoDq%2BNkcvZ8GqtvNDeW8UGq7hF66g7rLsPx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=17099&min_rtt=16656&rtt_var=3233&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4146&recv_bytes=4489&delivery_rate=637&cwnd=12000&unsent_bytes=0&cid=8efa86dde8c03c93&ts=123&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 89ms
34ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: telegram-support.click
URL: https://telegram-support.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://telegram-support.click/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 09:52:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 09:52:46 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 29 Nov 2024 08:25:10 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 54ms
28ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: telegram-support.click
URL: https://telegram-support.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://telegram-support.click/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 28342
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ll7P2MwpYTZHEgGwbpp7pYLVC9R9GCYdg2Stc1Gl7ETO2Fb2MQv4CQBDyMzexYj4e1%2FpXH3KGz4gky8kTpaPpjRiTigf7jPE3Aut1HcIH5GsQ9JhNnIkm84Iw13pgqcYGoZQ%2FVPk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 09:52:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 09:52:46 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ea1b4f10f5b0b64-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H3 200 index.b233d0f2.css
telegram-support.click/ 27 KB
7 KB 157ms
157ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-support.click/index.b233d0f2.css
Requested by: Host: telegram-support.click
URL: https://telegram-support.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e261dfafcd3be988d46091f872baf6ad46fc8694c80c35a58ee842fbf3d411b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://telegram-support.click/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67091c3c-6af2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9qQaOVoF0XQF0bERMwFTV%2BThNOOZ8T82w3SgSyk6FuM1IbstKZzbOH2WU54bx1ypdOzI8JSi087JkLmIo7RuGxulKMWx23k1hrW%2FMKyvbgQDxPWGHrTACWHxVIY0DXlx6JjASspJ9BBm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea1b4f0e87f662a-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17598&min_rtt=16171&rtt_var=3070&sent=17&recv=14&lost=0&retrans=0&sent_bytes=7925&recv_bytes=5226&delivery_rate=232265&cwnd=12000&unsent_bytes=0&cid=8efa86dde8c03c93&ts=270&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 09:52:46 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 12:38:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 AQSXaghshpOKI_yx3Eg.js Show response
cloud.51degrees.com/api/v4/ 6 KB
3 KB 402ms
33ms Script
application/javascript 20.73.113.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.51degrees.com/api/v4/AQSXaghshpOKI_yx3Eg.js
Requested by: Host: telegram-support.click
URL: https://telegram-support.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.73.113.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 466f2e597f3eef8c70859a1b973da7e55719732b7b278d321574da2189303e1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://telegram-support.click/

Response headers

51d-version: 4.3.100.0
cache-control: private,max-age=1800
content-encoding: br
etag: "c-1003770195-1735214480"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
request-context: appId=cid-v1:1d4ebf5f-f33b-4efe-97fb-0580a09ad87e
51d-instance: ed0fb8bc0b3a
51d-region: westeurope
date: Fri, 29 Nov 2024 09:52:45 GMT
content-type: application/javascript
vary: Accept-Encoding
server: Kestrel

GET
H3 200 index.1e7d6458.js Show response
telegram-support.click/ 177 KB
51 KB 178ms
178ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-support.click/index.1e7d6458.js
Requested by: Host: telegram-support.click
URL: https://telegram-support.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6489fdd5497609763a3a1040d5e5d2fac8bb5e3aab48a0f3b9c42f8dca802fe3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://telegram-support.click
Referer: https://telegram-support.click/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67091c74-2c47b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8FSo82sQa9Fz%2BhjAJZKEu%2BfZd7nj0F0VYyI%2BzQ22c9bDhztkYmSdefy96WbjCGKaDVzUQdNxFkpMBw3EiUkJSMM%2BSrqbcxac8v%2Fdmh4qNpNIJF%2BEC2xAfQsjvkmWYNeiJvajcdQ9nzo"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea1b4f0e880662a-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20410&min_rtt=16160&rtt_var=6800&sent=26&recv=19&lost=3&retrans=3&sent_bytes=18363&recv_bytes=5451&delivery_rate=115596&cwnd=8400&unsent_bytes=0&cid=8efa86dde8c03c93&ts=306&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 09:52:46 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 12:39:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 nullset_log.php Show response
telegram-support.click/ 213 B
811 B 67ms
67ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-support.click/nullset_log.php?id=%C2%9E%C3%A9e&page=login
Requested by: Host: telegram-support.click
URL: https://telegram-support.click/index.1e7d6458.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72d1144a33ed0587fb5faa1393fd542103425dece160f5850ffc729c0a617617

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://telegram-support.click/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HMbM8Ldi4temEFZkOsF2xuRBiyucBbKbn9iONQhlvBn%2BqGKEGMS0Sa09VD%2Bp2JTYQH2PIR5ESZqXNh3za40nw%2FDcjQDMx6ehnru9U%2FVpbAw8n0jeW0vmGKoew7kj%2FSlRTRyu0qBviPP0"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea1b4f2ca66662a-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24874&min_rtt=15026&rtt_var=4857&sent=74&recv=44&lost=3&retrans=3&sent_bytes=71809&recv_bytes=7198&delivery_rate=501509&cwnd=10800&unsent_bytes=0&cid=8efa86dde8c03c93&ts=502&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 09:52:46 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare

GET
H3 404 nullset_log.php Show response
telegram-support.click/ 213 B
809 B 111ms
111ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-support.click/nullset_log.php?id=%C2%9E%C3%A9e&page=sessionPage
Requested by: Host: telegram-support.click
URL: https://telegram-support.click/index.1e7d6458.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72d1144a33ed0587fb5faa1393fd542103425dece160f5850ffc729c0a617617

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://telegram-support.click/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ukn53CEDsU4tSVI3Swj5GowIcGMG76AaoG5hhP89Qad6XNU1E2aTM755KpysgqGTMkiBwFfmdNBIuie8hp5RGrt73gAGOSeiD0%2BIbee7gTrEihzf%2FYAOGLkPu8WpIlQs%2FmHJx%2BHx%2FY3P"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea1b4f2ca69662a-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23696&min_rtt=15026&rtt_var=5998&sent=76&recv=45&lost=3&retrans=3&sent_bytes=72667&recv_bytes=7242&delivery_rate=13516&cwnd=10800&unsent_bytes=0&cid=8efa86dde8c03c93&ts=546&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 09:52:46 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK gettime.php Show response
push-service.site/ 10 B
246 B 240ms
58ms XHR
text/html 95.163.234.142
AS-REGRU "Domain ...

General

Check archive.org

Show headers Download Go to

Full URL: https://push-service.site/gettime.php
Requested by: Host: telegram-support.click
URL: https://telegram-support.click/index.1e7d6458.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.163.234.142 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS: 95-163-234-142.cloudvps.regruhosting.ru
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 74a67b357daf90589018402261bc1f701f0fd5ef1710118e43f0aa0a5f4619e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://telegram-support.click/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 10
Keep-Alive: timeout=5, max=100
Date: Fri, 29 Nov 2024 09:52:46 GMT
Content-Type: text/html; charset=UTF-8
Server: Apache/2.4.52 (Ubuntu)
Connection: Keep-Alive

GET
H2 200 json Show response
ipinfo.io/ 246 B
453 B 158ms
119ms Fetch
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/json?token=2eabdfa57abae2

Requested by

Host: telegram-support.click
URL: https://telegram-support.click/index.1e7d6458.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

9f2f6c305a51d08181f23f4d2e6abe52622b4371748cbc33c964e4eba5d6f127

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://telegram-support.click/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169
date: Fri, 29 Nov 2024 09:52:46 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

POST
H2 200 json Show response
cloud.51degrees.com/api/v4/ 1 KB
980 B 88ms
26ms Fetch
application/json 20.73.113.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.51degrees.com/api/v4/json
Requested by: Host: cloud.51degrees.com
URL: https://cloud.51degrees.com/api/v4/AQSXaghshpOKI_yx3Eg.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.73.113.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: c5d0b83ae8925f7a80cb8e2b2add6d9a34aa0bdcd73d70c79f1238da0216ac7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://telegram-support.click/

Response headers

51d-version: 4.3.100.0
cache-control: private,max-age=1800
content-encoding: br
etag: "c-1003770195-1735214480"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
request-context: appId=cid-v1:1d4ebf5f-f33b-4efe-97fb-0580a09ad87e
51d-instance: ed0fb8bc0b3a
access-control-allow-origin: *
51d-region: westeurope
date: Fri, 29 Nov 2024 09:52:45 GMT
content-type: application/json
vary: Accept-Encoding
server: Kestrel

GET
H3 200 favicon.aebc76ec.ico
telegram-support.click/ 2 KB
3 KB 100ms
100ms Other
image/x-icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-support.click/favicon.aebc76ec.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://telegram-support.click/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67091c3a-969"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rf8jXGVa9Orx9bheU05sXON5NHMcbrgmp6M6siLgLX%2FZ33MbkLbkP4QFiOK7h1uv1sLeIHAb2T2iqwuhY0ePJxNmkqvuu4Id5G283Y84xz8nuwQgh6rR%2Bc4G3IT26URQ2TM06yOnBJ9U"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea1b4f38b15662a-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23810&min_rtt=15026&rtt_var=4726&sent=78&recv=46&lost=3&retrans=3&sent_bytes=73523&recv_bytes=7610&delivery_rate=33810&cwnd=10800&unsent_bytes=0&cid=8efa86dde8c03c93&ts=656&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 09:52:46 GMT
content-type: image/x-icon
last-modified: Fri, 11 Oct 2024 12:38:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK gettime.php Show response
push-service.site/ 10 B
245 B 55ms
55ms XHR
text/html 95.163.234.142
AS-REGRU "Domain ...

General

Check archive.org

Show headers Download Go to

Full URL: https://push-service.site/gettime.php
Requested by: Host: telegram-support.click
URL: https://telegram-support.click/index.1e7d6458.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.163.234.142 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS: 95-163-234-142.cloudvps.regruhosting.ru
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 74a67b357daf90589018402261bc1f701f0fd5ef1710118e43f0aa0a5f4619e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://telegram-support.click/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 10
Keep-Alive: timeout=5, max=99
Date: Fri, 29 Nov 2024 09:52:46 GMT
Content-Type: text/html; charset=UTF-8
Server: Apache/2.4.52 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 200
OK isusersignin.php Show response
push-service.site/ 5 B
239 B 113ms
55ms XHR
text/html 95.163.234.142
AS-REGRU "Domain ...

General

Check archive.org

Show headers Download Go to

Full URL: https://push-service.site/isusersignin.php?id=%C2%9E%C3%A9e
Requested by: Host: telegram-support.click
URL: https://telegram-support.click/index.1e7d6458.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.163.234.142 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS: 95-163-234-142.cloudvps.regruhosting.ru
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://telegram-support.click/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 5
Keep-Alive: timeout=5, max=98
Date: Fri, 29 Nov 2024 09:52:46 GMT
Content-Type: text/html; charset=UTF-8
Server: Apache/2.4.52 (Ubuntu)
Connection: Keep-Alive

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 30ms
29ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://telegram-support.click
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "5eb03e5f-12d68"
age: 24882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYK72Z1A1xj17VoOAA7lm7WtgkCMeGNQRMXTVyRz3ZZ12XNYZoRdguhD21a5sk0TBqw3rlitJY%2BxHM5NIwlbirgDgyR1DS3klWTJwaxMRP16HMTYprrZtSZwLNWubIFE3AH%2B2CKx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 09:52:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 09:52:46 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ea1b4f51e8f6685-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 53ms
21ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://telegram-support.click
Referer: https://fonts.googleapis.com/

Response headers

age: 151330
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 15:50:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 15:50:36 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 55ms
24ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://telegram-support.click
Referer: https://fonts.googleapis.com/

Response headers

age: 246844
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| parcelRequired7c6 object| fod function| fiftyoneDegreesManager

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			telegram-support.click/	1970-01-21 01:22:40	Name: server Value: https://push-service.site/
			telegram-support.click/	1970-01-21 01:22:40	Name: timestamp Value: 1732873966

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://telegram-support.click/nullset_log.php?id=%C2%9E%C3%A9e&page=login Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://telegram-support.click/nullset_log.php?id=%C2%9E%C3%A9e&page=sessionPage Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
cloud.51degrees.com
fonts.googleapis.com
fonts.gstatic.com
ipinfo.io
push-service.site
telegram-support.click
104.17.25.14
142.250.185.227
188.114.97.3
20.73.113.68
2a00:1450:4001:800::200a
34.117.59.81
95.163.234.142
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3a4d060ccb1c1621d699732002cf6c8ca65513d619438c72f4f4705b4d3e9d06
466f2e597f3eef8c70859a1b973da7e55719732b7b278d321574da2189303e1b
504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357
6489fdd5497609763a3a1040d5e5d2fac8bb5e3aab48a0f3b9c42f8dca802fe3
72d1144a33ed0587fb5faa1393fd542103425dece160f5850ffc729c0a617617
74a67b357daf90589018402261bc1f701f0fd5ef1710118e43f0aa0a5f4619e6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9f2f6c305a51d08181f23f4d2e6abe52622b4371748cbc33c964e4eba5d6f127
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
c5d0b83ae8925f7a80cb8e2b2add6d9a34aa0bdcd73d70c79f1238da0216ac7f
e261dfafcd3be988d46091f872baf6ad46fc8694c80c35a58ee842fbf3d411b1
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

telegram-support.click Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

14 %IPv6

7 Domains

7 Subdomains

7 IPs

5 Countries

191 kBTransfer

393 kBSize

2 Cookies

1 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

telegram-support.click Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

7
IPs

5
Countries

191 kB
Transfer

393 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions