tonstation.app Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tonstation.app/
Submission Tags: 0xscam
Submission: On September 10 via api (September 10th 2024, 6:53:57 am UTC) from US — Scanned from NL

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is tonstation.app. The Cisco Umbrella rank of the primary domain is 219541.
TLS certificate: Issued by WE1 on August 16th 2024. Valid for: 3 months.

This is the only time tonstation.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4b43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
9	3

5 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

tonstation.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4b43 (United States)

ASN13335 (CLOUDFLARENET, US)

static.sidusheroes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oauth.telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	tonstation.app tonstation.app — Cisco Umbrella Rank: 219541	3 MB
2	telegram.org telegram.org — Cisco Umbrella Rank: 6669 oauth.telegram.org — Cisco Umbrella Rank: 155007	6 KB
2	sidusheroes.com static.sidusheroes.com — Cisco Umbrella Rank: 221689	600 KB
9	3

	Domain	Requested by
5	tonstation.app	tonstation.app
2	static.sidusheroes.com	tonstation.app
1	oauth.telegram.org	telegram.org
1	telegram.org	tonstation.app
9	4

This site contains no links.

Subject Issuer	Validity	Valid
tonstation.app WE1	`2024-08-16` - `2024-11-14`	3 months	crt.sh
sidusheroes.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2024-08-10` - `2025-09-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://tonstation.app/
Frame ID: 24ED971CDF378E760AAA92F018ABC461
Requests: 8 HTTP requests in this frame

Frame: https://oauth.telegram.org/embed/tonstationgames_bot?origin=https%3A%2F%2Ftonstation.app&return_to=https%3A%2F%2Ftonstation.app%2F
Frame ID: 06BA6E2361F76939FBC453385319DCDB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tonstation

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

3518 kB
Transfer

6632 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
tonstation.app/ 394 B
658 B 92ms
64ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tonstation.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fde699cf07388ee2eeb49c8b0f03ffd4c6909cc6bdc9dcc83462a5c5a83c4141

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c0d80e1ffcd0a73-AMS
content-encoding: br
content-type: text/html
date: Tue, 10 Sep 2024 06:53:52 GMT
last-modified: Tue, 06 Aug 2024 09:21:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZcvl9Mo8I9ldeM2zZyeZcdyc5LFZzMQqTnFnglVrUn2otbq1kUtsDaUuRdeEKVnK4mvdnQsxO5HcslyeBJOqclAKwBni64f755hxpemqLPPFXCHkNxa%2FQfYruPd2nQhfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding

GET
H3 200 index-CIypfdmF.js Show response
tonstation.app/assets/ 6 MB
3 MB 95ms
94ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tonstation.app/assets/index-CIypfdmF.js
Requested by: Host: tonstation.app
URL: https://tonstation.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64382964d86ff988da2bb9369c36817b228aaa24b9c8e3ac2a76194c03b8a1f4

Request headers

Referer: https://tonstation.app/
Origin: https://tonstation.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 06:53:52 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Aug 2024 09:21:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b1eb16-2d5b41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iimiX%2BMwXP7zXqvSR6%2BVG%2FTEIOxaH%2FhZcncHZMGRUdtze5TwKKeV13Nkv0rtJ4voX3nccNkON5k8VJokAYuJPsMxGqSFVNCF5aTUCT6BTSxzh4%2Ba6QfT%2FICtR124SVbvDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c0d80e2a8c20a73-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2972481

GET
H3 200 index-2kfPXE2o.css
tonstation.app/assets/ 21 KB
5 KB 89ms
89ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tonstation.app/assets/index-2kfPXE2o.css
Requested by: Host: tonstation.app
URL: https://tonstation.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ed64c631370a2227a2f15536840bb2884768ee7ca3f1676f69a84f8a0f625a2

Request headers

Referer: https://tonstation.app/
Origin: https://tonstation.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 06:53:52 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Aug 2024 09:21:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b1eb15-1352"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D1RP3JGoiT2BV53eRPscmSj8Hhto6awYv3rybB5S6sItK%2B%2BflaP8MMfVnrmXX2RCs1DLKwrqMeYOcTJr5YtpkVAiKP7IfNsWB%2B6afkrFmNvdQTZ%2BTXTKQHyLwiAQfUnbFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c0d80e2a8c30a73-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4946

GET
H2 200 website-bg.png
static.sidusheroes.com/dev/superapp/ 303 KB
304 KB 269ms
229ms Image
image/png 2606:4700:20::ac43:4b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sidusheroes.com/dev/superapp/website-bg.png
Requested by: Host: tonstation.app
URL: https://tonstation.app/assets/index-2kfPXE2o.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a03d2de6897753d59a7b2d2a1ae43d3fed59e15697ce850449944482bc49e4a7

Request headers

Referer: https://tonstation.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 06:53:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Jul 2024 12:29:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: B5RD8EKM9MJRCQP8
etag: "e1ac664d631d007e609f1b1e48d939de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRpezoTAdl82u6sC4Rd0LhK80u3pUqCOIT8pUtuOWbxUdBMS4A%2BSSAumlVEwoh0r6Jj4XXeCEETbSo1Bx7XUG9ovzDZ8gIxqruDA3fHi1lTb7YO8lpvcAOMBBjfgzw8bStv6Qfaqjxk5BNa6QmVADIWgWLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c0d80e38f7506e0-AMS
content-length: 310561
x-amz-id-2: gEV74KIzfr3cphpTfctNykfCogVSs0py1+FJSQ8AwZKjLCg2z9+FCOqgaw8421gfTkwVYvMHg+U=

GET
H3 200 config.json Show response
tonstation.app/ 400 B
693 B 55ms
54ms Fetch
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tonstation.app/config.json
Requested by: Host: tonstation.app
URL: https://tonstation.app/assets/index-CIypfdmF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eee5fcaaa1254803ac2032418d4560a565358caeee5159b4562b65af0f4781e1

Request headers

Referer: https://tonstation.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 06:53:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Aug 2024 09:21:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b1eb16-190"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FrIF5lBTd8LsCB4PwzTTvMYX9rjA7dFHaT2P925Fxw%2FAVQisNR9qsrjGP43Y1NJ7UZDrvecer3C2OSUDOeX%2BURuVRTn47d1l%2B%2BGo7GYdpBJEVvzVjJEqblPtUNbyaCDmQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 8c0d80e919190a73-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
tonstation.app/ 394 B
652 B 28ms
28ms Other
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tonstation.app/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fde699cf07388ee2eeb49c8b0f03ffd4c6909cc6bdc9dcc83462a5c5a83c4141

Request headers

Referer: https://tonstation.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 06:53:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Aug 2024 09:21:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7083
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egLgJMd0eKE6GITMcLHQeByijBkvYzpUHmvs4h9i%2BHlrnKRsWdyqGhnCDdIm0HAUFfCYIm6TkFTCEEtoAe52PhodNU6yYdDbJS7wg%2FY9WItAhKwugaqQMSCer0vsw3JiBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8c0d80e9191b0a73-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 telegram-widget.js Show response
telegram.org/js/ 20 KB
6 KB 57ms
19ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/telegram-widget.js?22

Requested by

Host: tonstation.app
URL: https://tonstation.app/assets/index-CIypfdmF.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tonstation.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 06:53:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Mon, 03 Apr 2023 11:46:12 GMT
server: nginx/1.18.0
etag: W/"642abc84-4ff5"
content-type: application/javascript
cache-control: max-age=345600
expires: Sat, 14 Sep 2024 06:53:53 GMT

GET
H2 206 tap.webm
static.sidusheroes.com/prod/tonstation/landing/ 295 KB
296 KB 241ms
241ms Media
video/webm 2606:4700:20::ac43:4b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sidusheroes.com/prod/tonstation/landing/tap.webm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad18294745ccb74de7f4fe5a4f23968eaa178643c3dcf4c7493c7b4a368baaca

Request headers

Referer: https://tonstation.app/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 10 Sep 2024 06:53:53 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Aug 2024 09:25:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: GJCCS7MTR46FRRJ2
etag: "ccde9375b5c19964693b04e8d44cba99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTNBpjdHDTVTohdjLN3CdQgEClB4u4iSAIkrKz1lkwOFFUlcS77a2jWNko01nmmzvj8dgD%2B5pWphS9CTY0meyQOi3Efx782PyXhOBoai7mA%2Fr1D9b8INEOgLlYcIWEcrKavYwWlBpmVvVNW7hXsYNSMpsEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
Content-Range: bytes 0-302426/302427
cache-control: max-age=14400
cf-ray: 8c0d80e9882b06e0-AMS
Content-Length: 302427
x-amz-id-2: LLB+d+wunx5qNZb0i0bAYHCOIJN7CNj42FmAq9RU/OsAwH57+TitYSZ0eXlHDkzsDyZjFe3sLRM=

GET
H2 200 tonstationgames_bot
oauth.telegram.org/embed/ Frame 06BA 0
0 109ms
63ms Document
text/html 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.telegram.org/embed/tonstationgames_bot?origin=https%3A%2F%2Ftonstation.app&return_to=https%3A%2F%2Ftonstation.app%2F

Requested by

Host: telegram.org
URL: https://telegram.org/js/telegram-widget.js?22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tonstation.app
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	ALLOW-FROM https://tonstation.app

Request headers

Referer: https://tonstation.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-store
content-encoding: gzip
content-length: 694
content-security-policy: frame-ancestors https://tonstation.app
content-type: text/html; charset=utf-8
date: Tue, 10 Sep 2024 06:53:53 GMT
pragma: no-cache
server: nginx/1.18.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: ALLOW-FROM https://tonstation.app

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			oauth.telegram.org/	1970-01-21 08:01:35	Name: stel_ssid Value: 257c6f0ad96af27aaa_2396061245517729485

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oauth.telegram.org
static.sidusheroes.com
telegram.org
tonstation.app
188.114.96.3
2001:67c:4e8:f004::9
2606:4700:20::ac43:4b43
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
64382964d86ff988da2bb9369c36817b228aaa24b9c8e3ac2a76194c03b8a1f4
7ed64c631370a2227a2f15536840bb2884768ee7ca3f1676f69a84f8a0f625a2
a03d2de6897753d59a7b2d2a1ae43d3fed59e15697ce850449944482bc49e4a7
ad18294745ccb74de7f4fe5a4f23968eaa178643c3dcf4c7493c7b4a368baaca
eee5fcaaa1254803ac2032418d4560a565358caeee5159b4562b65af0f4781e1
fde699cf07388ee2eeb49c8b0f03ffd4c6909cc6bdc9dcc83462a5c5a83c4141

tonstation.app Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

100 %HTTPS

67 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

3518 kBTransfer

6632 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Indicators

tonstation.app Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

3518 kB
Transfer

6632 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions