urlscan.io logo urlscan.io
SecurityTrails logo

z23965b.top Open in urlscan Pro
2606:4700:3034::6815:41c0  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://z23965b.top/
Effective URL: https://z23965b.top/
Submission: On March 29 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3034::6815:41c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is z23965b.top.
TLS certificate: Issued by GTS CA 1P5 on March 11th 2024. Valid for: 3 months.
This is the only time z23965b.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:303... 13335 (CLOUDFLAR...)
22 2
Apex Domain
Subdomains		 Transfer
12 z23965b.top
z23965b.top
326 KB
22 1
Domain Requested by
12 z23965b.top z23965b.top
22 1

This site contains no links.

Subject Issuer Validity Valid
z23965b.top
GTS CA 1P5		 2024-03-11 -
2024-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://z23965b.top/
Frame ID: ECBFDFA384D6428A77703F7FDED70B41
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telegram Web

Page URL History Show full URLs

  1. http://z23965b.top/ HTTP 307
    https://z23965b.top/ Page URL

Page Statistics

22
Requests

55 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

326 kB
Transfer

2973 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://z23965b.top/ HTTP 307
    https://z23965b.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
z23965b.top/
Redirect Chain
  • http://z23965b.top/
  • https://z23965b.top/
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b841d55dd50ebb6a865238eac54c614f84c8e48c1c185cb4b64bd572eb1edbb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c07c96edcc03d8-FRA
content-encoding
br
content-type
text/html
date
Fri, 29 Mar 2024 14:18:00 GMT
last-modified
Mon, 22 May 2023 01:10:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkTimFBka%2BqtiYDEkTb%2BrKO7Z%2F%2BtaiwvyrJoxnd32pl18IOx6oOY0g2f1xOGMjQo4K66IQ0jnD62gNaftu66W682tOeI4hnJfDj%2Be6%2Bjahc6j0VHTJqcSbgOwUN2Dx8mr2r62b8E8K43XA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Location
https://z23965b.top/
Non-Authoritative-Reason
HttpsUpgrades
main.819061139ccc9269038f.css
z23965b.top/ 		405 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/main.819061139ccc9269038f.css
Requested by
Host: z23965b.top
URL: https://z23965b.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12236c8acfa460e9988f4f19d93cd8b5db723e9ea06175eecd4401ae86188dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:00 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Apr 2023 21:08:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6442fb38-65424"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7GaBhR17f0yoV%2F%2Bw5KaSzDcNJzBhKv4EK5mgdAyW2su2Js0NQrcSw2Ev5dAsjXb%2FGKLhdvf4hog5bZ53PG4mreTDmIsc3IHl6ObZjoXDITnth2CaHutkM34Huot9pfY2GC12FGEQYWjRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
86c07c9978e103d8-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Mar 2024 02:18:00 GMT
style-desktop.7ec8ed3b19fabb19d057.css
z23965b.top/ 		338 B
504 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/style-desktop.7ec8ed3b19fabb19d057.css
Requested by
Host: z23965b.top
URL: https://z23965b.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
322deb24d6d5efcf38e98818033dc373a21e67a4535703a0bae2772b13d9f5ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:00 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Apr 2023 21:08:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6442fb38-152"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5LrDEnX0su8785wJsLahTmSTYzBrXk1wJJ6JxRpZSGk%2FXTlqRdZIDlOOsv3zzFuU8ZhU7w1sduBgKbze%2Fy5%2BH03cb1eAiKczUrY3mZaMz0r4lwxOwjbvGDCYB6FfZvti%2BiYiq%2FjoFu4N5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
86c07c9978e203d8-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Mar 2024 02:18:00 GMT
mtproto.worker.ac5b2b0ca237c0a6bdf9.chunk.js
z23965b.top/ 		742 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/mtproto.worker.ac5b2b0ca237c0a6bdf9.chunk.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d850d375c0b28e6eb45ea7199114b604bf928c5664fa8b5357b661cfbe05ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
Origin
https://z23965b.top
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:00 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 22 May 2023 01:10:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646ac122-b988a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSBviTX2mTLVbnZ2jV8HWz%2BwyNYef8EgmY7VNAUt6uZd1xeBi0PFJr2kt3eGjmCcs6kmwFcWGHeVJ7Iqgt6rDTs7aKQ8EXxsvyl1sRt2083Y7XFJOiUojg0s%2BrdM5r5nah%2F6fMWREjEMOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9978e303d8-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Mar 2024 02:18:00 GMT
85.308e3be95e49c2e36d0d.bundle.js
z23965b.top/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/85.308e3be95e49c2e36d0d.bundle.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724d607cbb0fe2e93d7d91f0cf67cdc3bb62bd1ba94263ab98e76162d491b9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:00 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 21 May 2023 21:30:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646a8d7c-1e04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5nbpPeGroT%2BZUZG77zzALevGeXcGdiQMEvo7pMeRWkzpBFNhjohDR9sranjSznE7vyUochJpNyPa1Mvf64JHKjha1%2Bp2EkULedM%2FnBBYh5z2bevtDvKVVcUAOMeiL39ZVR0pa%2B2GubEIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9978e503d8-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Mar 2024 02:18:00 GMT
116.bf21f7cbbf3e2038822b.bundle.js
z23965b.top/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/116.bf21f7cbbf3e2038822b.bundle.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43227dbb16e25835a8df0eee2dff4e54b7a28a0465e38464faf36c73e1b2b8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 21 May 2023 21:30:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646a8d7c-5f70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uk0mSVHqZTnSyGKBBCILdhcWLChbn%2BUoo%2B3RtxChqyjivFWKBUukK8iWbBKZADSAod3RATqJtB4qmCKQtWxjthTZM96XMH17ijk%2BOZrkEGeY5LMbSimmgYvJ5WWQaaarTR6lFFnpE99qmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9978e703d8-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Mar 2024 02:18:00 GMT
main.9cc02d4d816eaf74c873.bundle.js
z23965b.top/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/main.9cc02d4d816eaf74c873.bundle.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2304f98cb92141bf7089e22324733eff7cacf90420cd6dc73d2d98d093b75d4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:00 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 22 May 2023 01:10:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646ac122-14707"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u0cJuCEurXOTOUgkD558AssgSAXAuHYrGyf2NvxGuSNuqzs3GkSDUmdhwWb02FP%2F1Kj%2BWDCW0dzmS6Jv9dqMBJdMTJ%2FAXBkS56cvsEgcpCof9ajv7mfDDvjfVyU2e3JcXYPKgDAZPGvCsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9978e803d8-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Mar 2024 02:18:00 GMT
mtproto.worker.ac5b2b0ca237c0a6bdf9.chunk.js
z23965b.top/ 		0
0
crypto.worker.aec39cf2478abcc434ba.chunk.js
z23965b.top/ 		0
0
crypto.worker.aec39cf2478abcc434ba.chunk.js
z23965b.top/ 		24 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/crypto.worker.aec39cf2478abcc434ba.chunk.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/main.9cc02d4d816eaf74c873.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87b85206b3c9720d2b2ef6656720a8cc70b3fde9666a087ce5daa2b0dba6132
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10529
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 May 2023 01:10:58 GMT
server
cloudflare
etag
W/"646ac122-5e2f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=arrUItYA33Upx5AsDisJVdCYwTDV%2BF%2FrLLTC1mISGRjTNOU84OOKkb9GdR00FlAqT0SXf4B%2Bw1E6Fepg44Hy6aLlJUOB32IDY85eetyECSebaCyFxxu7O58Al6zkBAoz8IjIJTr5CnKUsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9cb9719ea3-CDG
expires
Fri, 29 Mar 2024 23:22:32 GMT
favicon.ico
z23965b.top/assets/img/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/assets/img/favicon.ico?v=jw3mK7G9Ry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 21 Apr 2023 21:08:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6442fb38-3aee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgpQmS9X6JNQ6zMxhjQhLXz0A4yRH7vd35Ay46C1%2FCmaRaW5iShRqiafVDczBoSSC0NNqKoY4Oag2L2iW%2B8CUKgA9gxxtvecNOwRJGF0rFfON2desfeyoPyNQRZQE6h%2F5q4RDo5v7cB0lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
86c07c9cc9779ea3-CDG
alt-svc
h3=":443"; ma=86400
104.b23fc99c0ad8aab75e1a.chunk.js
z23965b.top/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/104.b23fc99c0ad8aab75e1a.chunk.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/main.9cc02d4d816eaf74c873.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e3e93f0c28761d227195423db2f66c2a7eba747a95b559c7ca0e5ea6d84b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10529
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 21:30:36 GMT
server
cloudflare
etag
W/"646a8d7c-1158d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvsQuebwnyUMB7xtZspXO2iPWTfokTAuu%2BVD6kII9kKsX53BeugASU9HootLCnR1T6oMNVNgjnYPAoxP6Ne%2Fiwm%2FikiWjBcnly5x9atUKAdxjGD2E1iPdp4hxGF%2FOVbdI%2F%2Bl%2F1Kj1OSnmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9cd9989ea3-CDG
expires
Fri, 29 Mar 2024 23:22:32 GMT
301.8586974f41f40a1f65a9.chunk.js
z23965b.top/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/301.8586974f41f40a1f65a9.chunk.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/main.9cc02d4d816eaf74c873.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
389d2677f2de7700a040e663b4c887032bba7cd52f473848a1b7f927464a7146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10529
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 21:30:36 GMT
server
cloudflare
etag
W/"646a8d7c-6e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UIEgd2C1OSWrq6Hyth63R%2Be3FXybbGzz4y3NVjy%2FUECqJV35VCLzKKkOnOtMVkaH6ebcn0ABCIJZ9YKrRWxGwWLXvxfeB2BVh%2BsAP4qkPoGtfajI4o5KR%2FethIFWtv8v2OoYTKDe6BMVCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9cd99b9ea3-CDG
expires
Fri, 29 Mar 2024 23:22:32 GMT
8.f400704066ccf1976603.chunk.js
z23965b.top/ 		24 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/8.f400704066ccf1976603.chunk.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/main.9cc02d4d816eaf74c873.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:41c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
138d20dde55ea86511bff53e7b1fe7c2e6b4cf068e2870c11fb574536f1a3938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10529
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 21:30:36 GMT
server
cloudflare
etag
W/"646a8d7c-5e90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMKY1%2F%2BINMe29KP4L1gQ%2FiRNNIISAA600y1KOFDMMA8tuLwQEqTUC7ao0%2BSDEhk1Jm%2FMxTRnLfz71kw6Q11VvU2W%2Fi1bLKAmYxntrsUSqV%2Br%2BQShI3fyzx9S0TYEnUtJaethNYQKFe8WdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9cd99c9ea3-CDG
expires
Fri, 29 Mar 2024 23:22:32 GMT
41.6ab156a3a39d7a08893f.chunk.js
z23965b.top/ 		35 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/41.6ab156a3a39d7a08893f.chunk.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/main.9cc02d4d816eaf74c873.bundle.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b2508b04b3bef5275419629c0e3f1f01df2cf69c6c97c245373f49317a1a3b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000
age
8673
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 21:30:36 GMT
server
cloudflare
etag
W/"646a8d7c-8d61"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rOdSewXO5zIWIIRrSRQUJc87NL9IQ5cSY4oNjfgD1By2QcMdhuUFcH2dncawCvP7AJtW%2F%2B%2FF3axAeUG8h3zI%2FDZ87m5YY7G7sb%2B4uNI1xYSdGy8RDv%2Bpfyo09FmgN%2B3HFZ4i9%2BkBl3QnwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9dcaa29ea3-CDG
expires
Fri, 29 Mar 2024 23:53:28 GMT
480.ae04319350676a95d995.chunk.js
z23965b.top/ 		1 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/480.ae04319350676a95d995.chunk.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/main.9cc02d4d816eaf74c873.bundle.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cc937c3ad4bb9c7647e2e2d7bf6ddda6a7afb2c3920a93fe734a8d86a8fa959b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000
age
3093
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 21:30:36 GMT
server
cloudflare
etag
W/"646a8d7c-16d484"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1UI9T8p5QFVePZ0kGSDjP%2FM8edSjnKz4%2FW8BeDyTs9Z06MbBOhTTf5xnaCOK5SUnukO4rXmbX%2BhF%2Bs6pmBykDM11%2FkkZ4m3Wu4eb%2FYperqX5Y3LIK7gGTxDK2MTCHcQsQLxA%2BHvNaa4dtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9dcaa39ea3-CDG
expires
Sat, 30 Mar 2024 01:26:28 GMT
709.a4e57090af591a963d94.chunk.js
z23965b.top/ 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/709.a4e57090af591a963d94.chunk.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/main.9cc02d4d816eaf74c873.bundle.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
71c69c4bc5e13b1fa195bed92fb5818ae00e516674c0e710322cf804197c8e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000
age
3093
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 May 2023 00:56:52 GMT
server
cloudflare
etag
W/"646abdd4-1490"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q6sJkOXCUPlc9LcC2gLwo4%2FlP6nYn%2FrnAk5FF4SOWpBcJTFhKc5TQys%2BHlrKi8mOlAzhc28DoUQiH3Em9Ul55iiYF74JMkxQ%2BHO%2BofN2gFsNAHvVsfngkTy6roZpgx1RbOZbs%2F%2BSdnqwyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9dcaa49ea3-CDG
expires
Sat, 30 Mar 2024 01:26:28 GMT
0619f363-e1f5-4940-a28c-4cbd9debd497
https://z23965b.top/ 		0
0
b492cc56-f71a-43f8-8dc3-8b83b27b32b3
https://z23965b.top/ 		0
0
d276dc10-2768-4d37-b63e-0b9788fcd19c
https://z23965b.top/ 		0
0
npm.qr-code-styling.f8f57a1c721e03c3f699.chunk.js
z23965b.top/ 		64 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/npm.qr-code-styling.f8f57a1c721e03c3f699.chunk.js
Requested by
Host: z23965b.top
URL: https://z23965b.top/main.9cc02d4d816eaf74c873.bundle.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
932e9a817af82373fc18ab3c39ad1bbc706d3b4e5979407c0ad4f5320b099136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000
age
17741
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 21 Apr 2023 21:08:08 GMT
server
cloudflare
etag
W/"6442fb38-ff4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXQLToiVufScUaT%2Bcms3%2FPXE%2F8OV1%2F7sRbomdV2wVMzwryXv4jlHt1nKJc87Swm%2F9RjvQUiaGD%2Fk7TsER22H1t%2F1wfjee0J1pomCIRWH4xfov7I8PVY08qq8Lw5VU66LtGTTJfj3ra9F%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86c07c9f4c4d9ea3-CDG
expires
Fri, 29 Mar 2024 21:22:20 GMT
logo_padded.svg
z23965b.top/assets/img/ 		1 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://z23965b.top/assets/img/logo_padded.svg
Requested by
Host: z23965b.top
URL: https://z23965b.top/709.a4e57090af591a963d94.chunk.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://z23965b.top/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:18:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Apr 2023 21:08:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6442fb38-42d"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTiV%2F1OfVr51KpdFPxtcntgamjFBBTpE2YPRYBkYQ0Qi0El1L%2BZdfD9fv54qZbK%2BDEkltlzEhvjt0nt4L89hLVQ2RwEWvMIRWoLokWtEvMdNJY5IpiTZcPaxFkbUBQHRuJBK%2BuARextn3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
86c07ca77e219ea3-CDG
alt-svc
h3=":443"; ma=86400
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
z23965b.top
URL
https://z23965b.top/mtproto.worker.ac5b2b0ca237c0a6bdf9.chunk.js
Domain
z23965b.top
URL
https://z23965b.top/crypto.worker.aec39cf2478abcc434ba.chunk.js
Domain
z23965b.top
URL
blob:https://z23965b.top/0619f363-e1f5-4940-a28c-4cbd9debd497
Domain
z23965b.top
URL
blob:https://z23965b.top/b492cc56-f71a-43f8-8dc3-8b83b27b32b3
Domain
z23965b.top
URL
blob:https://z23965b.top/d276dc10-2768-4d37-b63e-0b9788fcd19c

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| webpackChunktweb object| rootScope function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes object| customProperties object| themeController function| formatDateAccordingToTodayNew function| fillTipDates function| dispatchHeavyAnimationEvent object| sequentialDom object| appDownloadManager object| appMediaPlaybackController object| appNavigationController object| liteMode object| windowSize function| getVisibleRect function| generatePathData function| p function| putPreloader function| getRichValueWithCaret function| compareNodes function| placeCaretAtEnd function| PopupNewMedia function| SlicedArray function| ScrollSaver object| internalLinkProcessor object| emoticonsDropdown object| appSidebarRight function| getStream function| getStreamCached object| groupCallController object| callsController object| appDialogsManager object| appSidebarLeft object| uiNotificationsManager object| appImManager object| syncedPlayers object| emojiRenderers function| wrapRichText object| animationIntersector object| lottieLoader object| pagesManager

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000