telegram-phone.ru - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3033::ac43:8248, located in United States and belongs to CLOUDFLARENET, US. The main domain is telegram-phone.ru.
TLS certificate: Issued by WE1 on November 25th 2024. Valid for: 3 months.

This is the only time telegram-phone.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3033::ac43:8248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3

2 2606:4700:3033::ac43:8248 (United States)

ASN13335 (CLOUDFLARENET, US)

telegram-phone.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

telegram-warning.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 740	4 KB
2	telegram-phone.ru telegram-phone.ru	9 KB
1	telegram-warning.org telegram-warning.org
4	3

	Domain	Requested by
2	unpkg.com	1 redirects telegram-phone.ru
2	telegram-phone.ru
1	telegram-warning.org	telegram-phone.ru
4	3

This site contains no links.

Subject Issuer	Validity	Valid
telegram-phone.ru WE1	`2024-11-25` - `2025-02-23`	3 months	crt.sh
telegram-warning.org WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://telegram-phone.ru/Ulogll
Frame ID: A6D34CE30D6392FF9C6B447824ABE7A2
Requests: 3 HTTP requests in this frame

Frame: https://telegram-warning.org/
Frame ID: 958EC9956A504508E207A3CB1B8C985B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Телеграм Оповещение

Page Statistics

4
Requests

75 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

13 kB
Transfer

16 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/@vkontakte/vk-bridge/dist/browser.min.js HTTP 302
https://unpkg.com/@vkontakte/vk-bridge@2.15.3/dist/browser.min.js

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Ulogll Show response
telegram-phone.ru/ 1 KB
1 KB 356ms
266ms Document
text/html 2606:4700:3033::ac43:8248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-phone.ru/Ulogll
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3033::ac43:8248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8447abd6af70e2ca66fc4a03348560f14986c4f8475c904f45b3a8c3c606397a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8f818c77bc8dd371-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Thu, 26 Dec 2024 13:51:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LDafnf10a63RtXSb2GXrp5JzNct88PGiTUjZ1k0QVnH1UJYJ1IyEsye5pUfFuURsxE1KZAKRecY6vGqlzdxq0484p2k6M0%2B9nf0ZpjPTi1QUsKTWATN31xKL4oXto7dc5M%2BE5XRAeyY1i8Ybl55qpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=6169&min_rtt=6114&rtt_var=1037&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3388&recv_bytes=2345&delivery_rate=616640&cwnd=255&unsent_bytes=0&cid=dd3f69cb3448c88c&ts=270&x=0"
vary: Accept-Encoding

GET
H3 200 /
telegram-warning.org/ Frame 958E 0
0 218ms
196ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-warning.org/
Requested by: Host: telegram-phone.ru
URL: https://telegram-phone.ru/Ulogll
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f818c79a84ed381-FRA
content-encoding: zstd
content-type: text/html
date: Thu, 26 Dec 2024 13:51:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8keAW%2B5w1vJV5vt0HdfvOmCirw3Lv6HqxYwvGxo7RCs0p8Fu4GP6eBqH3lbnJX8rsxj10%2FnTLys5hU4Mn0YBceGDYOMULbiBI9wDbJvgWvGCXJVE9oZ4l8liZ8hpC1Yo88I4aFhow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=6514&min_rtt=6201&rtt_var=1312&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4245&recv_bytes=4478&delivery_rate=863&cwnd=12000&unsent_bytes=0&cid=9d2c9b237cf8b448&ts=200&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2

200

browser.min.js Show response
unpkg.com/@vkontakte/vk-bridge@2.15.3/dist/
Redirect Chain

https://unpkg.com/@vkontakte/vk-bridge/dist/browser.min.js
https://unpkg.com/@vkontakte/vk-bridge@2.15.3/dist/browser.min.js

8 KB
4 KB

20ms
20ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@vkontakte/vk-bridge@2.15.3/dist/browser.min.js

Requested by

Host: telegram-phone.ru
URL: https://telegram-phone.ru/Ulogll

Protocol

H2

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f77b521806775ecd79926f462462f71ec85efe0762a1c91a267309e9a79117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1f35-E/Lg7qeWLsPZqgw3+JBonBZwIRY"
age: 208419
x-content-type-options: nosniff
date: Thu, 26 Dec 2024 13:51:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 22 Jun 1984 21:50:00 GMT
fly-request-id: 01JFVD1JZ8GG44ERT6TFFW5VZ1-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8f818c79cae718cf-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /@vkontakte/vk-bridge@2.15.3/dist/browser.min.js
content-encoding: br
cf-cache-status: HIT
age: 245
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8f818c79aac018cf-FRA
access-control-allow-origin: *
date: Thu, 26 Dec 2024 13:51:58 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JG1KJJ9EKKC76BQZEFS8WMTX-fra
server: cloudflare

GET
H2 520 favicon.ico
telegram-phone.ru/ 7 KB
8 KB 138ms
138ms Other
text/html 2606:4700:3033::ac43:8248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram-phone.ru/favicon.ico

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3033::ac43:8248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3277e43c29944d7c0adf63888d51f6f91aece48cfb751f30e8962ec10a1ef506

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BwEPyjR9a4GfZUQLsif1H9zS4orqZrj4pdovGgXNN6zf9nAgbvpq58c0IKrCD%2FipvItOE5CYXPBv473g8YwfMJ9FXO8tpirjmgIG1ghutuEUVRSYXd3%2F8jNEMFB99scLc2HidCMP2WVsCiWLeqGA%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: same-origin
cf-ray: 8f818c7d3f81d371-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6179&min_rtt=6114&rtt_var=796&sent=11&recv=14&lost=0&retrans=0&sent_bytes=4690&recv_bytes=2490&delivery_rate=616640&cwnd=257&unsent_bytes=0&cid=dd3f69cb3448c88c&ts=1021&x=0"
content-length: 7205
date: Thu, 26 Dec 2024 13:51:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| vkConnect object| vkBridge

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://telegram-phone.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 520 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

telegram-phone.ru
telegram-warning.org
unpkg.com
188.114.97.3
2606:4700:3033::ac43:8248
2606:4700::6811:f8cb
3277e43c29944d7c0adf63888d51f6f91aece48cfb751f30e8962ec10a1ef506
8447abd6af70e2ca66fc4a03348560f14986c4f8475c904f45b3a8c3c606397a
89f77b521806775ecd79926f462462f71ec85efe0762a1c91a267309e9a79117

telegram-phone.ru Open in urlscan Pro 2606:4700:3033::ac43:8248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

4 Requests

75 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

13 kBTransfer

16 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

telegram-phone.ru Open in urlscan Pro
2606:4700:3033::ac43:8248 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

13 kB
Transfer

16 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions