ts3.ravichampion.com Open in urlscan Pro
46.28.45.204  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ts3.ravichampion.com/	12 KB 6 KB	795ms 144ms	Document text/html	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/8.1.27 Resource Hash 26686fdaf83ae3090c444fe8eec1a78ab356e51054502c1e14c3b5d58c6ca87d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Tue, 20 Aug 2024 01:20:35 GMT platform hostinger server LiteSpeed vary Accept-Encoding x-powered-by PHP/8.1.27
GET H2	200	jquery-3.7.1.min.js Show response code.jquery.com/	85 KB 30 KB	488ms 40ms	Script application/javascript	151.101.194.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.7.1.min.js Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Request headers Referer https://ts3.ravichampion.com/ Origin https://ts3.ravichampion.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:36 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 3234918 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 30336 x-served-by cache-lga21978-LGA, cache-mxp6935-MXP last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1724116836.049417,VS0,VE0 etag W/"28feccc0-155ed" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 124689, 57155
GET H2	200	font-roboto.css ts3.ravichampion.com/lander/Telegram/css/	6 KB 710 B	144ms 142ms	Stylesheet text/css	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://ts3.ravichampion.com/lander/Telegram/css/font-roboto.css Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 7dc681d034591a7547af531a6c9d5a757a37179f9d9796db25a990a510e51182 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:35 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 17 Apr 2024 11:19:37 GMT server LiteSpeed etag "1783-661fb049-9a809f8eb1cf43ee;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 571 expires Tue, 27 Aug 2024 01:20:35 GMT
GET H2	200	bootstrap.min.css ts3.ravichampion.com/lander/Telegram/css/	42 KB 7 KB	144ms 143ms	Stylesheet text/css	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://ts3.ravichampion.com/lander/Telegram/css/bootstrap.min.css Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:35 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 17 Apr 2024 11:19:37 GMT server LiteSpeed etag "a61b-661fb049-8c00013638e0187a;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 7443 expires Tue, 27 Aug 2024 01:20:35 GMT
GET H2	200	telegram.css ts3.ravichampion.com/lander/Telegram/css/	113 KB 21 KB	164ms 163ms	Stylesheet text/css	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://ts3.ravichampion.com/lander/Telegram/css/telegram.css Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 84afc71b84b195aa7f042b2c9984d2fafc73ace34ab1ae86832787c1737db8d2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:35 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 17 Apr 2024 11:19:37 GMT server LiteSpeed etag "1c29d-661fb049-61f885fa7e06454b;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 21169 expires Tue, 27 Aug 2024 01:20:35 GMT
GET		783814846986958.js connect.facebook.net/en_US/	0 0
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	225 KB 60 KB	651ms 48ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash 82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 20 Aug 2024 01:20:36 GMT document-policy force-load-at-top content-security-policy-report-only default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; x-fb-server-load 35 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58912 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=14, rtx=0, c=13, mss=1288, tbw=2811, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug sXz0iKJ47wWRWIJUtuQdMsrFNvBBVzFT1fXT85sICDLsZhKnPQdpnfv5qT5O84PyToXsyoR6eDefK+DVvqwcQg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	RRR.jpg ts3.ravichampion.com/	105 KB 105 KB	266ms 266ms	Image image/jpeg	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://ts3.ravichampion.com/RRR.jpg Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3d0fe59124d919c9c8cab03c6527f57018abf20bc6099eb095248cf0334de827 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:35 GMT content-security-policy upgrade-insecure-requests last-modified Wed, 17 Apr 2024 11:19:37 GMT server LiteSpeed etag "1a258-661fb049-e8f64256aee75de7;;;" content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 107096 expires Tue, 27 Aug 2024 01:20:35 GMT
GET H2	200	tgwallpaper.min.js Show response ts3.ravichampion.com/lander/Telegram/js/	3 KB 2 KB	391ms 390ms	Script application/x-javascript	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://ts3.ravichampion.com/lander/Telegram/js/tgwallpaper.min.js Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 1d724dbc182d52d1b7b367fcf6fa14a9ffac4a63c1de1d52648cf123f6c50593 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:35 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 17 Apr 2024 11:19:37 GMT server LiteSpeed etag "d3a-661fb049-a9038380155f881c;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1588 expires Tue, 27 Aug 2024 01:20:35 GMT
GET H2	200	pattern.svg ts3.ravichampion.com/lander/Telegram/images/	226 KB 66 KB	141ms 141ms	Image image/svg+xml	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://ts3.ravichampion.com/lander/Telegram/images/pattern.svg Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/lander/Telegram/css/telegram.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://ts3.ravichampion.com/lander/Telegram/css/telegram.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:36 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 17 Apr 2024 11:19:37 GMT server LiteSpeed etag "3891a-661fb049-42166cff5baeee9b;br" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 67510 expires Tue, 27 Aug 2024 01:20:36 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 ts3.ravichampion.com/lander/Telegram/fonts/	11 KB 11 KB	149ms 148ms	Font font/woff2	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://ts3.ravichampion.com/lander/Telegram/fonts/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/lander/Telegram/css/font-roboto.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://ts3.ravichampion.com/lander/Telegram/css/font-roboto.css Origin https://ts3.ravichampion.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:36 GMT content-security-policy upgrade-insecure-requests last-modified Wed, 17 Apr 2024 11:19:37 GMT server LiteSpeed etag "2b20-661fb049-82151ac919a16b7a;;;" content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 11040 expires Tue, 27 Aug 2024 01:20:36 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 ts3.ravichampion.com/lander/Telegram/fonts/	11 KB 11 KB	150ms 149ms	Font font/woff2	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://ts3.ravichampion.com/lander/Telegram/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/lander/Telegram/css/font-roboto.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://ts3.ravichampion.com/lander/Telegram/css/font-roboto.css Origin https://ts3.ravichampion.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:36 GMT content-security-policy upgrade-insecure-requests last-modified Wed, 17 Apr 2024 11:19:37 GMT server LiteSpeed etag "2b14-661fb049-c493267a2df637eb;;;" content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 11028 expires Tue, 27 Aug 2024 01:20:36 GMT
GET H2	200	api.js Show response ts3.ravichampion.com/	798 B 365 B	142ms 141ms	Script application/x-javascript	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://ts3.ravichampion.com/api.js Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 38e74ea018ae272f68e7b52f8ee13f9f326078a5dcb7432e9d5219fc40831f71 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:36 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 17 Apr 2024 11:21:23 GMT server LiteSpeed etag "31e-661fb0b3-15b4c4af85224a47;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 279 expires Tue, 27 Aug 2024 01:20:36 GMT
GET H2	200	783814846986958 Show response connect.facebook.net/signals/config/	64 KB 13 KB	128ms 127ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/783814846986958?v=2.9.165&r=stable&domain=ts3.ravichampion.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash 53b02d813501af663bbd64d829629fc86fe29e19548d2933693718206a18a3a9 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 20 Aug 2024 01:20:36 GMT document-policy force-load-at-top x-fb-server-load 59 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=69, mss=1288, tbw=67419, tp=-1, tpl=-1, uplat=94, ullat=0 pragma public x-fb-debug 4eHIHs4LmvPo4DTFw9vADeenGtXnZg8fCBHK5NLz/7vfgR3eSzx98TEnLgQZ2TQ1+ObdWXoldzYjDhKCDDyJug== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	512ms 33ms	Image text/plain	157.240.252.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=783814846986958&ev=PageView&dl=https%3A%2F%2Fts3.ravichampion.com%2F&rl=&if=false&ts=1724116836991&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724116836985.364479532742440970&ler=empty&cdl=API_unavailable&it=1724116836836&coo=false&rqm=GET Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=14, rtx=0, c=10, mss=1288, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 20 Aug 2024 01:20:37 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	650ms 172ms	Image image/png	157.240.252.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=783814846986958&ev=PageView&dl=https%3A%2F%2Fts3.ravichampion.com%2F&rl=&if=false&ts=1724116836991&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724116836985.364479532742440970&ler=empty&cdl=API_unavailable&it=1724116836836&coo=false&rqm=FGET Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Tue, 20 Aug 2024 01:20:37 GMT document-policy force-load-at-top x-fb-server-load 49 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7405025431241615354", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=14, rtx=0, c=10, mss=1288, tbw=3098, tp=-1, tpl=-1, uplat=138, ullat=0 pragma no-cache x-fb-debug ehgELZqGmUzjMQZ3+XBelJxo7zS3LDksbzuSwYKLO8Q96wEvObUj4l9DorTJvmPP/HK2rfnX3KIylnZbMcO1rw== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7405025431241615354"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	script.js Show response userstatics.com/get/	133 B 709 B	241ms 89ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://userstatics.com/get/script.js?referrer=https://ts3.ravichampion.com/ Requested by Host: ts3.ravichampion.com URL: https://ts3.ravichampion.com/lander/Telegram/js/tgwallpaper.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:37 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/javascript; charset=utf-8 access-control-allow-origin https://ts3.ravichampion.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nH9FYifh504yJm6O65wqZfPwGCV8%2FkmPrdbbw6XJQ8kP%2BnIIYQsVuZ3Tm1x%2BT7Gajvk6wjH9YAgrUJolrAedQhGv5u0EBV%2F46BotHB152wQvDDnchXG7avoIlJeIYIBoLyI%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8b5e8fd90c3c0e2b-MXP access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400
GET H2	200	favicon.ico ts3.ravichampion.com/lander/Telegram/	15 KB 3 KB	142ms 142ms	Other image/x-icon	46.28.45.204 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://ts3.ravichampion.com/lander/Telegram/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.28.45.204 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://ts3.ravichampion.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 01:20:37 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 17 Apr 2024 11:19:37 GMT server LiteSpeed etag "3aee-661fb049-9480d755aabac550;br" vary Accept-Encoding content-type image/x-icon cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 3210 expires Tue, 27 Aug 2024 01:20:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

connect.facebook.net

URL

https://connect.facebook.net/en_US/783814846986958.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| rediredtToOffer function| fbq function| _fbq object| TWallpaper function| setTextInTelegramDescription function| getParameterByName function| redirectToTelegram object| tme_bg function| toggleTheme object| darkMedia function| checkCookiesAndSetValues function| submitForm

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ts3.ravichampion.com/	1970-01-20 22:55:17	Name: fb_pixel Value: 783814846986958
			ts3.ravichampion.com/	1970-01-20 22:55:56	Name: PHPREFS Value: full
			.ravichampion.com/	1970-01-21 01:04:52	Name: _fbp Value: fb.1.1724116836985.364479532742440970

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
connect.facebook.net
ts3.ravichampion.com
userstatics.com
www.facebook.com
connect.facebook.net
151.101.194.137
157.240.252.13
157.240.252.35
188.114.96.3
46.28.45.204
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4
1d724dbc182d52d1b7b367fcf6fa14a9ffac4a63c1de1d52648cf123f6c50593
26686fdaf83ae3090c444fe8eec1a78ab356e51054502c1e14c3b5d58c6ca87d
38e74ea018ae272f68e7b52f8ee13f9f326078a5dcb7432e9d5219fc40831f71
3d0fe59124d919c9c8cab03c6527f57018abf20bc6099eb095248cf0334de827
4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78
53b02d813501af663bbd64d829629fc86fe29e19548d2933693718206a18a3a9
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7dc681d034591a7547af531a6c9d5a757a37179f9d9796db25a990a510e51182
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
84afc71b84b195aa7f042b2c9984d2fafc73ace34ab1ae86832787c1737db8d2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a