www.telegramhk.cc Open in urlscan Pro
172.67.136.183 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.telegramhk.cc/
Submission: On January 06 via automatic, source certstream-suspicious (January 6th 2025, 9:45:54 am UTC) — Scanned from CA

Summary HTTP 25 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 25 HTTP transactions. The main IP is 172.67.136.183, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.telegramhk.cc.
TLS certificate: Issued by WE1 on January 4th 2025. Valid for: 3 months.

This is the only time www.telegramhk.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
9	172.67.136.183 172.67.136.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.91.74.174 199.91.74.174	21859 (ZEN-ECN) (ZEN-ECN)
14	104.21.20.160 104.21.20.160	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	3

9 172.67.136.183 (United States)

ASN13335 (CLOUDFLARENET, US)

www.telegramhk.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.91.74.174 (Mexico)

ASN21859 (ZEN-ECN, US)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.21.20.160 (None, )

ASN13335 (CLOUDFLARENET, US)

image.sanxiang-sh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	sanxiang-sh.com image.sanxiang-sh.com	22 MB
9	telegramhk.cc www.telegramhk.cc	56 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 73455 collect-v6.51.la — Cisco Umbrella Rank: 78995	36 KB
25	3

	Domain	Requested by
14	image.sanxiang-sh.com	www.telegramhk.cc
9	www.telegramhk.cc	www.telegramhk.cc
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	www.telegramhk.cc
25	4

This site contains links to these domains. Also see Links.

Domain
00-25-1333705940.cos.ap-hongkong.myqcloud.com
www.sanxiang-sh.com
apps.apple.com
beian.miit.gov.cn

Subject Issuer	Validity	Valid
telegramhk.cc WE1	`2025-01-04` - `2025-04-04`	3 months	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh
bb91c0aa.sni.cloudflaressl.com WE1	`2024-11-12` - `2025-02-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.telegramhk.cc/
Frame ID: F2FA606BD1E18976992BD6551FA1B67D
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram下载_Telegram官网_纸飞机下载

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

22144 kB
Transfer

22195 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://00-25-1333705940.cos.ap-hongkong.myqcloud.com/shater.zip
Title: Telegram for 中文电脑版

Search URL Search Domain Scan URL

URL: https://www.sanxiang-sh.com/upload/Telegram.apk
Title: Telegram for Android安卓版

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/telegram-messenger/id686449807
Title: Telegram for iPhone/iPad

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.telegramhk.cc/	6 KB 3 KB	726ms 656ms	Document text/html	172.67.136.183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.136.183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9c0dd2b350c63e97a0c053e5be324e103cbb6a6e2c8fa87f977a603aac9dffea` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8fdac6d98934a1ea-YYZ content-encoding zstd content-type text/html; charset=utf-8 date Mon, 06 Jan 2025 09:45:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPyXieoJFYbMXt%2FXnSPcSOroCRWNGzW%2FYWLlR2a2BbNqFrsIwv2BdpLwb7ax3iXYeWIdxTSmekUZcQ5oM1%2F5%2FI4RiEh%2BNLPoiAlQplpd%2BQdtweRlkp4c8tXf946PL26dLEe9QQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=18056&min_rtt=17991&rtt_var=2907&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3988&recv_bytes=2353&delivery_rate=218338&cwnd=241&unsent_bytes=0&cid=a41fe0e41c439409&ts=676&x=0" vary accept-encoding
GET H2	200	style.min.css www.telegramhk.cc/static/css/	18 KB 4 KB	858ms 856ms	Stylesheet text/css	172.67.136.183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegramhk.cc/static/css/style.min.css Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.136.183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `61d17c5a72ecc31914197ec2b00e9541f97c1576dba707b6961c09002d6e1f4d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cpkPzv9gboOD%2FD%2BkYPyg6yXAojR8Lw0KolKoiy%2BoghpActWyFrtpLUZ4VAFNCpulNv316OX9LJJwOaB8AGgX7Zs8hEbftx3la7JdGaaDOIk2mMr5qNN%2B9cMvODgXVXZDIY%2FUNA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ddbae4a1ea-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18084&min_rtt=17991&rtt_var=2237&sent=14&recv=13&lost=0&retrans=0&sent_bytes=6874&recv_bytes=2483&delivery_rate=359897&cwnd=241&unsent_bytes=0&cid=a41fe0e41c439409&ts=1543&x=0" date Mon, 06 Jan 2025 09:45:44 GMT content-type text/css; charset=utf-8 last-modified Fri, 03 Jan 2025 08:26:13 GMT vary Accept-Encoding server cloudflare
GET H2	200	js-sdk-pro.min.js Show response sdk.51.la/	35 KB 35 KB	2274ms 454ms	Script text/plain	199.91.74.174 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL https://sdk.51.la/js-sdk-pro.min.js?id=3KK9Zot37TeXAqY2&ck=3KK9Zot37TeXAqY2 Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.91.74.174 , Mexico, ASN21859 (ZEN-ECN, US), Reverse DNS Software openresty / Resource Hash `ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control no-store access-control-allow-credentials true via LA-MEX-queretaro-EDGE1-CACHE6[273],LA-MEX-queretaro-EDGE1-CACHE6[ovl,270],LA-MEX-queretaro-EDGE2-CACHE7[ovl,270],CHN-HElangfang-GLOBAL6-CACHE29[ovl,25] access-control-allow-origin * x-ccdn-req-id-46b1 069fa7a8d3c05adc5b52b4d0b3bdb1c2 date Mon, 06 Jan 2025 09:45:45 GMT content-type text/plain; charset=utf-8 server openresty
GET H2	200	telegram-logo.png image.sanxiang-sh.com/	10 KB 10 KB	91ms 29ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/telegram-logo.png Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93be4e2a9b593ac4d78b29c43d2b8e7cda4ba12299eb1517853e19e5ea9057c2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cf-cache-status HIT etag "e94e30d49b2c58c8ce7bf1a96be1458a" age 4322 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgvFaJBjzueKI8hWa676dE7d8PcgrQZwWK6kx%2BBOEPXzTEQvQctEMbFvQusKIhL%2FgHou5vVRfncw5KQsIzOVNrISRLKHTdjCy9rQ%2FxDO8IKUFRCI19FoBFNISNIqhLLWT1vInbbdd0o%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18122&min_rtt=18051&rtt_var=3919&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4040&recv_bytes=2308&delivery_rate=215843&cwnd=239&unsent_bytes=0&cid=e8a09c5f6f26f0e3&ts=35&x=0" date Mon, 06 Jan 2025 09:45:43 GMT content-type image/jpeg last-modified Tue, 17 Dec 2024 06:25:16 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8fdac6de1bda39d2-YYZ accept-ranges bytes content-length 9739 server cloudflare
GET H2	200	td_laptop.png image.sanxiang-sh.com/tg-03/	185 KB 186 KB	371ms 310ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/td_laptop.png Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a1d4890b3e91a01c20c65b75f1ae028e3c445cad1fd2d249dd0868876dfe4b4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "40d4266e5aadc87cceec1ab420dc2692" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MWQmW1tT12YazWBCkdzLjqa9JKwspz3An3eDZQaeB3XiW69gI%2Bv51HrtwPJL71s294ktRnfqRxaUXB%2FoJJYpjVf97OxH3dOiX38KoRTUmgrFTiwBnUUNxDlPjYNEPtQkfmqfRKXmMR0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6de1bd839d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18005&min_rtt=17000&rtt_var=558&sent=23&recv=21&lost=0&retrans=2&sent_bytes=17312&recv_bytes=2405&delivery_rate=145326&cwnd=243&unsent_bytes=0&cid=e8a09c5f6f26f0e3&ts=299&x=0" content-length 189734 date Mon, 06 Jan 2025 09:45:43 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:48 GMT vary Accept-Encoding server cloudflare
GET H2	200	SiteAndroid.jpg image.sanxiang-sh.com/tg-03/	21 KB 21 KB	356ms 355ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/SiteAndroid.jpg Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "f5eb8dcf9b18f19053034101e920574e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dsQU0Z5Wz1fjsndAy%2BH573PzochBQUXeZYyczdCvvUKjI5%2FTqnuNzWykSQNvi%2BFolwh0kvBmSE4Hk95sD7rPR8KSeHCShdzuUxEB31zM2ksgg1MwRcc0zd%2BOUGnxNAU297vx067gpKw%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6de6bf239d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18157&min_rtt=17000&rtt_var=285&sent=207&recv=76&lost=0&retrans=24&sent_bytes=235468&recv_bytes=2405&delivery_rate=211813&cwnd=136&unsent_bytes=0&cid=e8a09c5f6f26f0e3&ts=411&x=0" content-length 21090 date Mon, 06 Jan 2025 09:45:43 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:46 GMT vary Accept-Encoding server cloudflare
GET H2	200	SiteiOS.jpg image.sanxiang-sh.com/tg-03/	31 KB 31 KB	347ms 346ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/SiteiOS.jpg Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "89486a05599a1cfd549f8fb2d70e7d73" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdkJdDID9SFwgYvzZmX%2B0TbtjAiOr4pujvwvZG4QjNPZ6v5KYBrgmIwnvsXPnw1nMXD2oD3wOtbbh%2B4ZuUFCclaxSHBEqUOIaB5SrptsrZ%2B6%2F0JM3fdGl8xMnwIP83jTAjtC%2F%2BwvBBs%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6e08cae39d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18459&min_rtt=17000&rtt_var=613&sent=231&recv=89&lost=0&retrans=28&sent_bytes=261234&recv_bytes=2529&delivery_rate=72743&cwnd=136&unsent_bytes=0&cid=e8a09c5f6f26f0e3&ts=742&x=0" content-length 31305 date Mon, 06 Jan 2025 09:45:44 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:47 GMT vary Accept-Encoding server cloudflare
GET H2	200	d1.gif image.sanxiang-sh.com/tg-03/	2 MB 2 MB	370ms 369ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/d1.gif Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "cbd2d6af702cab22fb23c7d159abc428" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GA%2F1FDSc2FkOuwku68%2B1q%2B8tdiT47GX1h93%2FlqdFvxt7RfJswjhHT02eDQ0Ua%2FmMywsYHHXyl0l8n1o1H3PxNUSlieJ4gRqr70838U1vW0mNbd1dZgPT63Vy8gy6Qh2PqcpTI2hQmlU%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6e10cd639d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18440&min_rtt=17000&rtt_var=369&sent=260&recv=103&lost=1&retrans=32&sent_bytes=298265&recv_bytes=2529&delivery_rate=216708&cwnd=11&unsent_bytes=0&cid=e8a09c5f6f26f0e3&ts=825&x=0" content-length 2415534 date Mon, 06 Jan 2025 09:45:44 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:42 GMT vary Accept-Encoding server cloudflare
GET H2	200	d2.gif image.sanxiang-sh.com/tg-03/	2 MB 2 MB	255ms 254ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/d2.gif Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8acbaebd980880be300562b4721fda46636837c7ca7e174edfe0dc8f9248d97b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "3ddffc96032b4b586b63950436e1b19f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrTqccmM4pDfNVFXRb9A0N4pcSbzWaXIFUuVlVWvTrMLtklD7xN3Tct5K3pmcX%2F0fx%2FPzda5%2B0P5or86qt6n2AUzyNIj8uGsGsZVNj4eJylhXJ3mbBVk140AIKM%2BVCR1CZlfb%2BWswzA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6b9239d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18379&min_rtt=17000&rtt_var=548&sent=2376&recv=1025&lost=0&retrans=297&sent_bytes=3070395&recv_bytes=3011&delivery_rate=1459596&cwnd=102&unsent_bytes=0&cid=e8a09c5f6f26f0e3&ts=2868&x=0" content-length 1867995 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:42 GMT vary Accept-Encoding server cloudflare
GET H2	200	d3.gif image.sanxiang-sh.com/tg-03/	2 MB 2 MB	395ms 391ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/d3.gif Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4461cfec85ed4d48b6aa70f9feb464520862cf001dd3b36ce84401112ebdc5f1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "b66ccb48aae5492d0043602a8809739d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MM%2BQmUHE2UEAZd7Q%2FBVmXZltYBiHL%2B2%2Bh4M9SqH3Q0PsVbn6CGNSQVxYeK27bstb%2FxSBeP%2BZauxcZiQcRWGzMndlKtpblYYSXyVbzPWj2XWopQVWvfn%2FhhpKdAmY0%2FSiKoe7LGa1Cr0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6b9339d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18195&min_rtt=17000&rtt_var=367&sent=2634&recv=1102&lost=4&retrans=324&sent_bytes=3409227&recv_bytes=3011&delivery_rate=2995109&cwnd=98&unsent_bytes=19740&cid=e8a09c5f6f26f0e3&ts=2970&x=0" content-length 2146221 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:42 GMT vary Accept-Encoding server cloudflare
GET H2	200	d4.gif image.sanxiang-sh.com/tg-03/	3 MB 3 MB	475ms 471ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/d4.gif Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1ada80884d0ad4df743330129d9fbdcf0ca1603ef669276d3772b84697daff16` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "28746cea3fa3fe45e9a77eac83cc83eb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kzzBH%2BGK3SWnzwY1XqYboonnO7%2FZ8ApOvNB%2BtmXvx5rAWbvCLFkuk9odX4G91kW0nSlCaLA6%2FfcmQglvpHDJybrgSbqBzJ03A8hmZW7eNQTXaKENHCIZfmtiPwAstCjGvaPekFpbXAY%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6b9439d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18595&min_rtt=17000&rtt_var=560&sent=2649&recv=1108&lost=5&retrans=327&sent_bytes=3428967&recv_bytes=3011&delivery_rate=2937360&cwnd=98&unsent_bytes=64484&cid=e8a09c5f6f26f0e3&ts=2977&x=0" content-length 3373417 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:45 GMT vary Accept-Encoding server cloudflare
GET H2	200	d5.gif image.sanxiang-sh.com/tg-03/	2 MB 2 MB	394ms 390ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/d5.gif Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `424f0701dcb8542900712d39693b91db8758a1ddb0a33c21cfb502a8a71cdad8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "6ae9949dd516f905186883c3dc5f082b" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAuR7SCyXEdfURf6FCwk6AfWVYml1D8v1XADu0%2BNY259xcjmdeKJl3byf%2F6NQk3HYBTqz1olNvFR7O8Fehn%2B00KAOfxcvUai4%2FqzLLxaefVsfhU5yLB1L0RRucrNUaqchvFlIpSoCBo%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6b9639d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18460&min_rtt=17000&rtt_var=466&sent=2619&recv=1095&lost=9&retrans=323&sent_bytes=3389487&recv_bytes=3011&delivery_rate=2749869&cwnd=98&unsent_bytes=38164&cid=e8a09c5f6f26f0e3&ts=2965&x=0" content-length 1696890 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:44 GMT vary Accept-Encoding server cloudflare
GET H2	200	d6.gif image.sanxiang-sh.com/tg-03/	2 MB 2 MB	394ms 390ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/d6.gif Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `de5ccab1886506b6c45b16b5037a80f20e1ba53b3e5fda65e174a784559e8e30` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "443b2a218ba5a3010b778986488af448" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iSy%2FtMysWsLIBofVNTbZiALfE5SLIvOe2h1HZxcfmqX6LyIjOjKtnqLlLsd%2F50epIzea%2Br0NT6zrBkEhdncEPOVT3f%2Fws4usCo6k5d5Ujd2YouPI9Y8F4aZbf0xqmHDprnvujDrNXC0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6b9739d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18460&min_rtt=17000&rtt_var=466&sent=2623&recv=1095&lost=9&retrans=323&sent_bytes=3394751&recv_bytes=3011&delivery_rate=2749869&cwnd=98&unsent_bytes=32900&cid=e8a09c5f6f26f0e3&ts=2966&x=0" content-length 1999661 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:43 GMT vary Accept-Encoding server cloudflare
GET H2	200	d7.gif image.sanxiang-sh.com/tg-03/	3 MB 3 MB	393ms 390ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/d7.gif Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d6037e1cea2e2ec907c6315e6fcff8cf5ab39a6857408ab5800504b7f28897d7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "1a1a1e97120c2dd2b6b3c8c0f77ca236" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oX4Sq%2BLfaIRhLsW3j19%2FdAt%2BfPE4J22TLgcjFEyrBfOFE%2B6N%2FDxtO%2BTpWIy89itApAPlG%2BSh9rpzov4Ek77c7TxYG5b3f3TBq9yfxftXGQUy4EoUkq%2B3BHTNBTObne2tkt3c8WEfcGM%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6b9a39d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18376&min_rtt=17000&rtt_var=399&sent=2617&recv=1094&lost=9&retrans=323&sent_bytes=3386855&recv_bytes=3011&delivery_rate=2675049&cwnd=98&unsent_bytes=40796&cid=e8a09c5f6f26f0e3&ts=2964&x=0" content-length 3222729 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:45 GMT vary Accept-Encoding server cloudflare
GET H2	200	d8.gif image.sanxiang-sh.com/tg-03/	2 MB 2 MB	392ms 389ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/d8.gif Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d362fd03c23bf20a038ed5b9e3169ef8cb07df1f7d17ea3b03c6752641cf523` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "80515db845d4fc2b936127d4324ff322" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2F6KDS1lBz%2Bhe3gDoqXvExzleUuoBreV13h8UxpkMcyTgB8IXEJ7Jcy9iZIhXfEyk2OPB0HpjsQgyzx6Nc4COMr82gy0AKmZlyKVRDKPYg8jNeVMGUbbxSrhHz9iv2RM7Ojn5tV3Bp8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6b9b39d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18711&min_rtt=17000&rtt_var=398&sent=2607&recv=1087&lost=11&retrans=323&sent_bytes=3373695&recv_bytes=3011&delivery_rate=2507043&cwnd=98&unsent_bytes=53956&cid=e8a09c5f6f26f0e3&ts=2960&x=0" content-length 2603040 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:46 GMT vary Accept-Encoding server cloudflare
GET H2	200	d9.gif image.sanxiang-sh.com/tg-03/	3 MB 3 MB	392ms 389ms	Image image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-03/d9.gif Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e76ed8bc1cf9d0a09c8b6407af9bc59dad845b5b4aa220ee89037035f35abbf8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "5d09f9927641c16d5b62da8f2f877f50" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lnb2KDGCoa%2B1DOc25mnbI51c1VskEO2DYTYYXOLiHmecGRlIMkJyeCO1LiddPkyZA9zSqM6YHM2qHG6ZDMarepG8jrcVxTUWjaSoM8i69X4eL3QBwXESa1zwKwgDERLXViT5yjMMQys%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6b9d39d2-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18541&min_rtt=17000&rtt_var=414&sent=2613&recv=1091&lost=10&retrans=323&sent_bytes=3381591&recv_bytes=3011&delivery_rate=2583357&cwnd=98&unsent_bytes=46060&cid=e8a09c5f6f26f0e3&ts=2962&x=0" content-length 2968347 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 09:57:46 GMT vary Accept-Encoding server cloudflare
GET H3	200	jquery.js Show response www.telegramhk.cc/static/js/	85 KB 32 KB	1180ms 1180ms	Script text/javascript	172.67.136.183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegramhk.cc/static/js/jquery.js Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.136.183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f1a9c17b50d6278a694406d9e5dce160f81afd7a2683dfdf07f0651c38bdaa8e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EcOsRLoMsSK%2FPfUpzdJyHGhtDJAaU8h2fcShXwr957P6tGDKPdR2d9flhe8sCLkEtzGJJ4nOKYyvT4LPlCx8hvmkBh6K3ELMPuV5vtFrlrkdppgyAfx%2FssqiuW4nCILm81QCVQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6e35a3dac60-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24203&min_rtt=18544&rtt_var=9796&sent=18&recv=15&lost=1&retrans=1&sent_bytes=5653&recv_bytes=8692&delivery_rate=624&cwnd=8400&unsent_bytes=0&cid=c02c8a7532cafbf0&ts=2060&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 06 Jan 2025 09:45:45 GMT content-type text/javascript; charset=utf-8 last-modified Wed, 11 Dec 2024 07:34:27 GMT vary Accept-Encoding priority u=2,i=?0
GET H3	200	public.js Show response www.telegramhk.cc/static/js/	1 KB 1 KB	653ms 652ms	Script text/javascript	172.67.136.183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegramhk.cc/static/js/public.js Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.136.183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d980ce2f83a0af6ceca8264539e0380ff235e8c621bca2f22f1bc2db9b4fa5f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wS1eLJmhoVSpdgTqR%2Bjzu4XyXwOu62eaY%2Bi4NkOvXIhAuInVFuRKN0cPjaqiblsv15QBFCUYZOmDZ6RcKGNeDSD6jx9HmOgceXXODNYAI291beEbyuLHSTj4t%2FcP8IAjCMesAA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ea3c45ac60-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=43802&min_rtt=18278&rtt_var=24499&sent=55&recv=37&lost=8&retrans=7&sent_bytes=46496&recv_bytes=9738&delivery_rate=161629&cwnd=5880&unsent_bytes=0&cid=c02c8a7532cafbf0&ts=2632&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 06 Jan 2025 09:45:45 GMT content-type text/javascript; charset=utf-8 last-modified Wed, 11 Dec 2024 07:34:27 GMT vary Accept-Encoding priority u=2,i=?0
POST H2	200	collect Show response collect-v6.51.la/v6/	0 281 B	3934ms 1050ms	XHR text/plain	199.91.74.174 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js?id=3KK9Zot37TeXAqY2&ck=3KK9Zot37TeXAqY2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.91.74.174 , Mexico, ASN21859 (ZEN-ECN, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers via LA-MEX-queretaro-EDGE1-CACHE6[964],LA-MEX-queretaro-EDGE1-CACHE6[ovl,963] access-control-allow-origin https://www.telegramhk.cc x-ccdn-req-id-46b1 1e8dd41dcbe506a1c3ecb920c78f18d9 content-length 0 date Mon, 06 Jan 2025 09:45:49 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials true
GET H3	200	t_logo_sprite.svg www.telegramhk.cc/static/image/	23 KB 7 KB	1019ms 1017ms	Image image/svg+xml	172.67.136.183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telegramhk.cc/static/image/t_logo_sprite.svg Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.136.183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `832fbefd7a4fe8f651058597d9f1910883d1cbd56d0ceb343e7d6170aeecf982` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvtdSRwPhZIGY%2BGv2pDRV%2Fgezn3CWOzXa1ue1pU%2Fh%2FT6DaV600xUM%2B2pTh0J2lWPlsX8kaDnR6NTvoXH5qG8m2ny2xnDzu93P%2FX4kAZLrQEaAZBMJYABCvNrcmR3TvC0CMH8Yg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6e9bac60-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=42981&min_rtt=18278&rtt_var=15842&sent=72&recv=53&lost=14&retrans=13&sent_bytes=60589&recv_bytes=13413&delivery_rate=95393&cwnd=4116&unsent_bytes=0&cid=c02c8a7532cafbf0&ts=3672&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/svg+xml last-modified Wed, 11 Dec 2024 07:34:27 GMT vary Accept-Encoding priority u=3,i
GET H3	200	app_icon_desktop.svg www.telegramhk.cc/static/image/	229 B 845 B	818ms 816ms	Image image/svg+xml	172.67.136.183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telegramhk.cc/static/image/app_icon_desktop.svg Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.136.183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d84cf7d9e230233427c136156aba2a0a7dbdf253df830c0c5603c2ced735c4d6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fyd2FTEsvTAY40G3aMS%2FUMRYa4HIVnkVM8oVux1xhpYXA%2Fj%2BJdY2ftmWrtc2wk5PScAOFVLrg9OE12O5sHlheL2AqFyfTctTmgizoIy7%2BtrT0zd2aJjj7FmlEl77u8DgLkO6Iw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6e9cac60-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40879&min_rtt=18278&rtt_var=19955&sent=65&recv=46&lost=13&retrans=12&sent_bytes=54933&recv_bytes=13104&delivery_rate=13676&cwnd=4116&unsent_bytes=0&cid=c02c8a7532cafbf0&ts=3456&x=1", cfExtPri, cfHdrFlush;dur=14 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/svg+xml last-modified Wed, 11 Dec 2024 07:34:27 GMT vary Accept-Encoding priority u=3,i
GET H3	200	SiteIconAndroid.svg www.telegramhk.cc/static/image/	999 B 1 KB	835ms 833ms	Image image/svg+xml	172.67.136.183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telegramhk.cc/static/image/SiteIconAndroid.svg Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.136.183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3399887fac9f9b581a8c81860c56fca807c0ed6876307a12c54e0161aa4721db` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDsYZvZwZrFXcUha%2BFN85gsWtY2ZUSG1ugWbnEVQ%2FWNHPM0nktLF0pgngtzKvNND0nzmzwB1XR5%2B3Fj1mQo7kG0m5HE4lHzHqkJO8gxZDkH7zvtrFFpoeOYyJMH5K0iUA1SzIQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6e9dac60-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40879&min_rtt=18278&rtt_var=19955&sent=65&recv=46&lost=13&retrans=12&sent_bytes=54933&recv_bytes=13104&delivery_rate=13676&cwnd=4116&unsent_bytes=0&cid=c02c8a7532cafbf0&ts=3456&x=1", cfExtPri, cfHdrFlush;dur=15 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/svg+xml last-modified Wed, 11 Dec 2024 07:34:27 GMT vary Accept-Encoding priority u=3,i
GET H3	200	SiteIconApple.svg www.telegramhk.cc/static/image/	443 B 988 B	797ms 796ms	Image image/svg+xml	172.67.136.183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telegramhk.cc/static/image/SiteIconApple.svg Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.136.183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a5c59c1b52f5dd4d1c06a628f27079f4481d0ee7b40bccd1cd91ff963e2d674f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4pnExXE%2FAPeVlV3Qp96VHRZOmNdxGlxHrRXm1vQH1Y9UgR5qZ%2FYr8xgH85rUDq1ssdpJUWzB5q5akMy1LrvTYCSDZQvtH3nVkTGjxLT%2B%2BgiQaYUa9Ja%2Bji3D%2FTyjULnp82K0Q%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6e9eac60-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40879&min_rtt=18278&rtt_var=19955&sent=60&recv=46&lost=13&retrans=12&sent_bytes=50817&recv_bytes=13104&delivery_rate=13676&cwnd=4116&unsent_bytes=0&cid=c02c8a7532cafbf0&ts=3451&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/svg+xml last-modified Wed, 11 Dec 2024 07:34:27 GMT vary Accept-Encoding priority u=3,i
GET H3	200	top.png www.telegramhk.cc/static/image/	5 KB 5 KB	798ms 797ms	Image image/png	172.67.136.183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telegramhk.cc/static/image/top.png Requested by Host: www.telegramhk.cc URL: https://www.telegramhk.cc/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.136.183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e2326e81a256b498613bdd5599ae74bec527702dcec52903073cf438dbd0e7a0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9uF8CC1BlEYpGbjsyNRKg%2B2EdJCk4BZdRJKSrA6BSqc9pMZsgqizQIyUtl3eyyMPg8cWAHPMDPPYD%2Bjj5ScKfv%2BxtCjygNXFPr7%2Fbu0nfqx0GNxRSlKZUY5P2M5sC9mpB6uJg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8fdac6ee6ea0ac60-YYZ accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40879&min_rtt=18278&rtt_var=19955&sent=62&recv=46&lost=13&retrans=12&sent_bytes=51852&recv_bytes=13104&delivery_rate=13676&cwnd=4116&unsent_bytes=0&cid=c02c8a7532cafbf0&ts=3452&x=1", cfExtPri, cfHdrFlush;dur=0 content-length 4650 date Mon, 06 Jan 2025 09:45:46 GMT content-type image/png last-modified Wed, 11 Dec 2024 07:34:27 GMT vary Accept-Encoding priority u=3,i
GET H2	200	telegram-favicon.ico image.sanxiang-sh.com/	4 KB 5 KB	29ms 29ms	Other image/jpeg	104.21.20.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://image.sanxiang-sh.com/telegram-favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.160 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `181349b08b8da309823b3b6a670ce13581ff82af7b03db71ba60c705d0620261` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramhk.cc/ Response headers cf-cache-status HIT etag "975b4112a366cca6b9bf2c84e268268c" age 438 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6isE8QaV7LZ9NA63edhcnHoIF3f6jfIT1IrVhpb7IFGmpVSTfzTaOe0VXYRg42XEbAhTb3OmFk9%2Buf2Ljww6vYKeHmf0X9W2hQoNaVwAXOQoWRW3k4%2FH4GJfYC2e9zpmhMmUezy6yNE%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18299&min_rtt=17000&rtt_var=425&sent=19690&recv=5575&lost=0&retrans=2462&sent_bytes=25852541&recv_bytes=3222&delivery_rate=218774&cwnd=316&unsent_bytes=0&cid=e8a09c5f6f26f0e3&ts=6638&x=0" date Mon, 06 Jan 2025 09:45:49 GMT content-type image/jpeg last-modified Fri, 06 Dec 2024 07:06:32 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8fdac707585239d2-YYZ accept-ranges bytes content-length 4286 server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.telegramhk.cc/	1969-12-31 23:59:59	Name: __vtins__3KK9Zot37TeXAqY2 Value: %7B%22sid%22%3A%20%2248fb885d-2b60-5633-9bf4-0dc03c9a5c69%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201736158545960%2C%20%22ct%22%3A%201736156745960%7D
www.telegramhk.cc/	1970-01-21 11:51:56	Name: __51uvsct__3KK9Zot37TeXAqY2 Value: 1
www.telegramhk.cc/	1970-01-21 11:51:56	Name: __51vcke__3KK9Zot37TeXAqY2 Value: acb3753b-1e61-577f-961d-dbbd6593b762
www.telegramhk.cc/	1970-01-21 11:51:56	Name: __51vuft__3KK9Zot37TeXAqY2 Value: 1736156745964

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
image.sanxiang-sh.com
sdk.51.la
www.telegramhk.cc
104.21.20.160
172.67.136.183
199.91.74.174
15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365
181349b08b8da309823b3b6a670ce13581ff82af7b03db71ba60c705d0620261
1ada80884d0ad4df743330129d9fbdcf0ca1603ef669276d3772b84697daff16
3399887fac9f9b581a8c81860c56fca807c0ed6876307a12c54e0161aa4721db
3a1d4890b3e91a01c20c65b75f1ae028e3c445cad1fd2d249dd0868876dfe4b4
424f0701dcb8542900712d39693b91db8758a1ddb0a33c21cfb502a8a71cdad8
4461cfec85ed4d48b6aa70f9feb464520862cf001dd3b36ce84401112ebdc5f1
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc
5d362fd03c23bf20a038ed5b9e3169ef8cb07df1f7d17ea3b03c6752641cf523
5d980ce2f83a0af6ceca8264539e0380ff235e8c621bca2f22f1bc2db9b4fa5f
61d17c5a72ecc31914197ec2b00e9541f97c1576dba707b6961c09002d6e1f4d
832fbefd7a4fe8f651058597d9f1910883d1cbd56d0ceb343e7d6170aeecf982
8acbaebd980880be300562b4721fda46636837c7ca7e174edfe0dc8f9248d97b
93be4e2a9b593ac4d78b29c43d2b8e7cda4ba12299eb1517853e19e5ea9057c2
9c0dd2b350c63e97a0c053e5be324e103cbb6a6e2c8fa87f977a603aac9dffea
a5c59c1b52f5dd4d1c06a628f27079f4481d0ee7b40bccd1cd91ff963e2d674f
ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153
d6037e1cea2e2ec907c6315e6fcff8cf5ab39a6857408ab5800504b7f28897d7
d84cf7d9e230233427c136156aba2a0a7dbdf253df830c0c5603c2ced735c4d6
de5ccab1886506b6c45b16b5037a80f20e1ba53b3e5fda65e174a784559e8e30
e2326e81a256b498613bdd5599ae74bec527702dcec52903073cf438dbd0e7a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76ed8bc1cf9d0a09c8b6407af9bc59dad845b5b4aa220ee89037035f35abbf8
f1a9c17b50d6278a694406d9e5dce160f81afd7a2683dfdf07f0651c38bdaa8e

www.telegramhk.cc Open in urlscan Pro 172.67.136.183 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

22144 kBTransfer

22195 kBSize

4 Cookies

4 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

4 Cookies

Indicators

www.telegramhk.cc Open in urlscan Pro
172.67.136.183 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

22144 kB
Transfer

22195 kB
Size

4
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!