bot.telegrambot.xyz Open in urlscan Pro
103.139.3.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bot.telegrambot.xyz/
Submission: On February 26 via automatic, source certstream-suspicious (February 26th 2020, 10:35:17 am UTC)

Summary HTTP 22 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 103.139.3.22, located in China and belongs to WEST263GO-HK West263 International Limited, HK. The main domain is bot.telegrambot.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 26th 2020. Valid for: 3 months.

This is the only time bot.telegrambot.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	103.139.3.22 103.139.3.22	139021 (WEST263GO...) (WEST263GO-HK West263 International Limited)
2	115.223.14.234 115.223.14.234	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
1	2401:b180:200... 2401:b180:2000:20::23	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1	47.88.68.21 47.88.68.21	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
22	5

16 103.139.3.22 (China)

ASN139021 (WEST263GO-HK West263 International Limited, HK)

bot.telegrambot.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 115.223.14.234 (Wuhan, China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

s22.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2401:b180:2000:20::23 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

z1.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.88.68.21 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

cnzz.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	telegrambot.xyz bot.telegrambot.xyz	177 KB
3	cnzz.com s22.cnzz.com c.cnzz.com z1.cnzz.com	5 KB
1	mmstat.com cnzz.mmstat.com	381 B
0	duoshuo.com Failed static.duoshuo.com Failed
22	4

	Domain	Requested by
16	bot.telegrambot.xyz	bot.telegrambot.xyz
1	cnzz.mmstat.com	bot.telegrambot.xyz
1	z1.cnzz.com	bot.telegrambot.xyz
1	c.cnzz.com	s22.cnzz.com
1	s22.cnzz.com	bot.telegrambot.xyz
0	static.duoshuo.com Failed	bot.telegrambot.xyz
22	6

This site contains links to these domains. Also see Links.

Domain
weibo.com
t.qq.com
www.miitbeian.gov.cn
www.cnzz.com

Subject Issuer	Validity	Valid
moive.telegrambot.xyz Let's Encrypt Authority X3	`2020-02-26` - `2020-05-26`	3 months	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-02-04` - `2021-02-04`	a year	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-07-29` - `2020-07-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bot.telegrambot.xyz/
Frame ID: 3E6809345E43E4ED2AA9EC217CB0D9BB
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

91 %
HTTPS

25 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

183 kB
Transfer

644 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://weibo.com/
Title: 微博

Search URL Search Domain Scan URL

URL: http://t.qq.com/
Title: 腾讯微博

Search URL Search Domain Scan URL

URL: http://www.miitbeian.gov.cn/
Title: 鲁ICP备12345678号

Search URL Search Domain Scan URL

URL: https://www.cnzz.com/stat/website.php?web_id=1274560158
Title: 站长统计

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bot.telegrambot.xyz/	23 KB 4 KB	2931ms 221ms	Document text/html	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `b45a557a56722f592b490502ce303e9bb33585e513454ea1fa725b93da097e73` Request headers :method GET :authority bot.telegrambot.xyz :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 server nginx date Wed, 26 Feb 2020 10:34:47 GMT content-type text/html last-modified Tue, 25 Feb 2020 12:25:00 GMT vary Accept-Encoding etag W/"5e55121c-5a19" content-encoding gzip
GET H2	200	bootstrap.min.css bot.telegrambot.xyz/skin/ecms082/css/	98 KB 20 KB	3909ms 3908ms	Stylesheet text/css	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/skin/ecms082/css/bootstrap.min.css?ver=1.3 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `15940aae85e36a00a368d0351187586a8d7955d961fbda73a8fa12b3c27f7756` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Wed, 26 Feb 2020 10:34:48 GMT content-encoding gzip last-modified Thu, 07 Jan 2016 04:22:18 GMT server nginx etag W/"568de7fa-18787" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 expires Wed, 26 Feb 2020 22:34:48 GMT
GET H2	200	font-awesome.min.css bot.telegrambot.xyz/skin/ecms082/css/	21 KB 6 KB	4298ms 4297ms	Stylesheet text/css	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/skin/ecms082/css/font-awesome.min.css?ver=1.3 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Wed, 26 Feb 2020 10:34:48 GMT content-encoding gzip last-modified Thu, 07 Jan 2016 04:22:24 GMT server nginx etag W/"568de800-55e0" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 expires Wed, 26 Feb 2020 22:34:48 GMT
GET H2	200	main.css bot.telegrambot.xyz/skin/ecms082/css/	74 KB 18 KB	4688ms 4688ms	Stylesheet text/css	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/skin/ecms082/css/main.css?ver=1.3 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `bf67d544d4c9f13a0f11cfa13479608038d573b0761dc29a15eff509c0b0e3d5` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Wed, 26 Feb 2020 10:34:48 GMT content-encoding gzip last-modified Sun, 27 Mar 2016 03:20:38 GMT server nginx etag W/"56f75186-127bf" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 expires Wed, 26 Feb 2020 22:34:48 GMT
GET H2	200	jquery.min.js Show response bot.telegrambot.xyz/skin/ecms082/js/	90 KB 36 KB	5277ms 5276ms	Script application/javascript	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/skin/ecms082/js/jquery.min.js?ver=1.3 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `5b430be7474d67af29a2b036fe83c807d997737dce3c116eb2f76323b7f1794f` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 26 Feb 2020 10:34:48 GMT content-encoding gzip last-modified Thu, 07 Jan 2016 04:22:36 GMT server nginx etag W/"568de80c-169b4" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 expires Wed, 26 Feb 2020 22:34:48 GMT
GET H2	200	logo.png bot.telegrambot.xyz/skin/ecms082/images/	2 KB 2 KB	5900ms 5899ms	Image image/png	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Show image Full URL https://bot.telegrambot.xyz/skin/ecms082/images/logo.png Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `bb577d788eb5db5fcfe50cb946a3aacfeecb49f95c3004009a231b17a3c351dd` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 26 Feb 2020 10:34:48 GMT last-modified Sat, 18 Jun 2016 06:55:12 GMT server nginx etag "5764f050-838" content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 2104 expires Fri, 27 Mar 2020 10:34:48 GMT
GET H2	200	loginjs.php Show response bot.telegrambot.xyz/e/member/login/	281 B 315 B	5900ms 5899ms	Script text/html	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/e/member/login/loginjs.php Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `964f3082bdbd28df21db00a03f5bb05cb451ce95e8d64a2400127801920f7f03` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers status 200 date Wed, 26 Feb 2020 10:34:48 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	loginjs2.php Show response bot.telegrambot.xyz/e/member/login/	376 B 351 B	12433ms 12432ms	Script text/html	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/e/member/login/loginjs2.php Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `0087be5c48b5b2e408c474d88a2852365a6efb79159d48945dfcbd6876558bd3` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers status 200 date Wed, 26 Feb 2020 10:34:53 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	z_stat.php Show response s22.cnzz.com/	12 KB 4 KB	831ms 293ms	Script application/javascript	115.223.14.234 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Full URL https://s22.cnzz.com/z_stat.php?id=1274560158&web_id=1274560158 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 115.223.14.234 Wuhan, China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `4632fadff0693f8b61cc1c22ec99397dd6cb1973d1b6e20e7eb66b1f27adbe17` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 26 Feb 2020 10:34:50 GMT content-encoding gzip x-swift-cachetime 5400 x-powered-by PHP/5.5.25 x-cache MISS TCP_REFRESH_MISS dirn:12:113795729 status 200 x-swift-savetime Wed, 26 Feb 2020 10:34:50 GMT content-length 4082 last-modified Wed, 26 Feb 2020 10:34:50 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1582713290 content-type application/javascript via cache60.l2cn2302[34,200-0,M], cache17.l2cn2302[36,0], cache6.cn1782[44,200-0,M], cache20.cn1782[45,0] cache-control max-age=5400,s-maxage=5400 timing-allow-origin * eagleid 73df0ea815827132902155790e
GET H2	200	bootstrap.min.js Show response bot.telegrambot.xyz/skin/ecms082/js/	31 KB 10 KB	873ms 872ms	Script application/javascript	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/skin/ecms082/js/bootstrap.min.js?ver=1.3 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 26 Feb 2020 10:34:53 GMT content-encoding gzip last-modified Thu, 07 Jan 2016 04:23:04 GMT server nginx etag W/"568de828-7c4b" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 expires Wed, 26 Feb 2020 22:34:53 GMT
GET H2	200	loader.js Show response bot.telegrambot.xyz/skin/ecms082/js/	15 KB 7 KB	2100ms 2100ms	Script application/javascript	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/skin/ecms082/js/loader.js?ver=1.3 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `8632e3c03f573e5272e6ce1c884f0c5ebe622e079e93070f2cf1d9acaf7b671f` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 26 Feb 2020 10:34:53 GMT content-encoding gzip last-modified Thu, 07 Jan 2016 05:05:46 GMT server nginx etag W/"568df22a-3d2e" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 expires Wed, 26 Feb 2020 22:34:53 GMT
GET H2	200	header_bg.png bot.telegrambot.xyz/skin/ecms082/images/	515 B 688 B	2090ms 2090ms	Image image/png	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Show image Full URL https://bot.telegrambot.xyz/skin/ecms082/images/header_bg.png Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `5e04e76048762feb4ab00303a025f9adeef533597555d79a7a79b484435a9a14` Request headers Referer https://bot.telegrambot.xyz/skin/ecms082/css/main.css?ver=1.3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 26 Feb 2020 10:34:53 GMT last-modified Thu, 07 Jan 2016 04:35:04 GMT server nginx etag "568deaf8-203" content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 515 expires Fri, 27 Mar 2020 10:34:53 GMT
GET H2	200	fontawesome-webfont.woff bot.telegrambot.xyz/skin/ecms082/fonts/	64 KB 64 KB	2868ms 2868ms	Font font/woff	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/skin/ecms082/fonts/fontawesome-webfont.woff?v=4.2.0 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1` Request headers Referer https://bot.telegrambot.xyz/skin/ecms082/css/font-awesome.min.css?ver=1.3 Origin https://bot.telegrambot.xyz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Feb 2020 10:34:53 GMT last-modified Thu, 07 Jan 2016 04:32:10 GMT server nginx etag "568dea4a-ffac" content-type font/woff status 200 accept-ranges bytes content-length 65452
GET H2	200	bg_04.png bot.telegrambot.xyz/skin/ecms082/images/	192 KB 0	12954ms 12954ms	Image image/png	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Show image Full URL https://bot.telegrambot.xyz/skin/ecms082/images/bg_04.png Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash Request headers Referer https://bot.telegrambot.xyz/skin/ecms082/css/main.css?ver=1.3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 26 Feb 2020 10:34:54 GMT last-modified Thu, 07 Jan 2016 16:30:32 GMT server nginx etag "568e92a8-75033" content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 479283 expires Fri, 27 Mar 2020 10:34:54 GMT
GET H2	200	core.php Show response c.cnzz.com/	969 B 909 B	306ms 305ms	Script application/javascript	115.223.14.234 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Full URL https://c.cnzz.com/core.php?web_id=1274560158&t=z Requested by Host: s22.cnzz.com URL: https://s22.cnzz.com/z_stat.php?id=1274560158&web_id=1274560158 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 115.223.14.234 Wuhan, China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `689f80d37b1918b86449f2fe2af045e9fff97f269af9d1cf42b542b2cbc3fe72` Request headers Referer https://bot.telegrambot.xyz/ Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 26 Feb 2020 10:35:02 GMT content-encoding gzip x-swift-cachetime 900 x-powered-by PHP/5.5.25 x-cache MISS TCP_REFRESH_MISS dirn:12:425711625 status 200 x-swift-savetime Wed, 26 Feb 2020 10:35:02 GMT content-length 619 last-modified Wed, 26 Feb 2020 10:35:02 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1582713302 content-type application/javascript via cache47.l2cn2302[46,200-0,M], cache3.l2cn2302[47,0], cache20.cn1782[56,200-0,M], cache20.cn1782[57,0] timing-allow-origin * eagleid 73df0ea815827133021244667e expires Wed, 26 Feb 2020 10:50:02 GMT
GET H2	200	stat.htm z1.cnzz.com/	2 B 112 B	1176ms 629ms	Image text/html	2401:b180:2000:20::23 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://z1.cnzz.com/stat.htm?id=1274560158&r=&lg=en-us&ntime=none&cnzz_eid=735018882-1582713290-&showp=1600x1200&p=https%3A%2F%2Fbot.telegrambot.xyz%2F&t=%E6%88%91%E7%9A%84%E7%BD%91%E7%AB%99&umuuid=17081106beb738-0e1988fc0bb538-37647e03-1d4c00-17081106bec9e2&h=1&rnd=814719374 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2401:b180:2000:20::23 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Wed, 26 Feb 2020 10:35:03 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	icon-play-48.png bot.telegrambot.xyz/skin/ecms082/images/	4 KB 4 KB	8413ms 8413ms	Image image/png	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Show image Full URL https://bot.telegrambot.xyz/skin/ecms082/images/icon-play-48.png Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `fde00debe894bbb18a52e680390c399a7d1fefb56674e8f86e829577da9b9f20` Request headers Referer https://bot.telegrambot.xyz/skin/ecms082/css/main.css?ver=1.3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 26 Feb 2020 10:35:06 GMT last-modified Thu, 07 Jan 2016 04:37:24 GMT server nginx etag "568deb84-f94" content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 3988 expires Fri, 27 Mar 2020 10:35:06 GMT
GET H2	200	tail_bg.gif bot.telegrambot.xyz/skin/ecms082/images/	386 B 560 B	8411ms 8411ms	Image image/gif	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Show image Full URL https://bot.telegrambot.xyz/skin/ecms082/images/tail_bg.gif Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `1f30ea29ddd41c965e395d47a3db088ddc63883a7ca41c50d88e10a6eecd3390` Request headers Referer https://bot.telegrambot.xyz/skin/ecms082/css/main.css?ver=1.3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 26 Feb 2020 10:35:06 GMT last-modified Thu, 07 Jan 2016 04:38:36 GMT server nginx etag "568debcc-182" content-type image/gif status 200 cache-control max-age=2592000 accept-ranges bytes content-length 386 expires Fri, 27 Mar 2020 10:35:06 GMT
GET H2	200	9.gif cnzz.mmstat.com/	43 B 381 B	659ms 164ms	Image image/gif	47.88.68.21 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://cnzz.mmstat.com/9.gif?abc=1&rnd=398873253 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.88.68.21 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Wed, 26 Feb 2020 10:35:02 GMT server nginx p3p CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" status 200 cache-control no-cache content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET		embed.js static.duoshuo.com/	0 0

GET H2	200	main.js Show response bot.telegrambot.xyz/skin/ecms082/js/	15 KB 4 KB	8099ms 8099ms	Script application/javascript	103.139.3.22 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL https://bot.telegrambot.xyz/skin/ecms082/js/main.js?ver=1.3 Requested by Host: bot.telegrambot.xyz URL: https://bot.telegrambot.xyz/skin/ecms082/js/loader.js?ver=1.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.139.3.22 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software nginx / Resource Hash `da4756447f2cb8882215882428270dcee551bb7689e7eed948b3716b6abe730c` Request headers Referer https://bot.telegrambot.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 26 Feb 2020 10:35:06 GMT content-encoding gzip last-modified Sat, 26 Mar 2016 16:24:04 GMT server nginx etag W/"56f6b7a4-3c28" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 expires Wed, 26 Feb 2020 22:35:06 GMT
GET		lazyload.min.js bot.telegrambot.xyz/skin/ecms082/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.duoshuo.com
URL: https://static.duoshuo.com/embed.js

Domain: bot.telegrambot.xyz
URL: https://bot.telegrambot.xyz/skin/ecms082/js/lazyload.min.js?ver=1.3

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bot.telegrambot.xyz
c.cnzz.com
cnzz.mmstat.com
s22.cnzz.com
static.duoshuo.com
z1.cnzz.com
bot.telegrambot.xyz
static.duoshuo.com
103.139.3.22
115.223.14.234
2401:b180:2000:20::23
47.88.68.21
0087be5c48b5b2e408c474d88a2852365a6efb79159d48945dfcbd6876558bd3
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
15940aae85e36a00a368d0351187586a8d7955d961fbda73a8fa12b3c27f7756
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1f30ea29ddd41c965e395d47a3db088ddc63883a7ca41c50d88e10a6eecd3390
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
4632fadff0693f8b61cc1c22ec99397dd6cb1973d1b6e20e7eb66b1f27adbe17
5b430be7474d67af29a2b036fe83c807d997737dce3c116eb2f76323b7f1794f
5e04e76048762feb4ab00303a025f9adeef533597555d79a7a79b484435a9a14
689f80d37b1918b86449f2fe2af045e9fff97f269af9d1cf42b542b2cbc3fe72
8632e3c03f573e5272e6ce1c884f0c5ebe622e079e93070f2cf1d9acaf7b671f
964f3082bdbd28df21db00a03f5bb05cb451ce95e8d64a2400127801920f7f03
b45a557a56722f592b490502ce303e9bb33585e513454ea1fa725b93da097e73
bb577d788eb5db5fcfe50cb946a3aacfeecb49f95c3004009a231b17a3c351dd
bf67d544d4c9f13a0f11cfa13479608038d573b0761dc29a15eff509c0b0e3d5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
da4756447f2cb8882215882428270dcee551bb7689e7eed948b3716b6abe730c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fde00debe894bbb18a52e680390c399a7d1fefb56674e8f86e829577da9b9f20

bot.telegrambot.xyz Open in urlscan Pro 103.139.3.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

25 %IPv6

4 Domains

6 Subdomains

5 IPs

2 Countries

183 kBTransfer

644 kBSize

0 Cookies

4 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

Indicators

bot.telegrambot.xyz Open in urlscan Pro
103.139.3.22 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

25 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

183 kB
Transfer

644 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions