telegram--k.com Open in urlscan Pro
2606:4700:3035::ac43:b33c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://telegram--k.com/
Effective URL:
https://telegram--k.com/a/
Submission: On June 10 via api (June 10th 2023, 9:04:08 pm UTC) from SG — Scanned from SG

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3035::ac43:b33c, located in United States and belongs to CLOUDFLARENET, US. The main domain is telegram--k.com.
TLS certificate: Issued by GTS CA 1P5 on May 23rd 2023. Valid for: 3 months.

This is the only time telegram--k.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
3 3	2606:4700:303... 2606:4700:3030::6815:53aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 21	2606:4700:303... 2606:4700:3035::ac43:b33c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:626c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	3

3 2606:4700:3030::6815:53aa (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

telegram--k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3035::ac43:b33c (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

telegram--k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:626c (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	telegram--k.com 6 redirects telegram--k.com	670 KB
3	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 11874 in.getclicky.com — Cisco Umbrella Rank: 10212	6 KB
23	2

	Domain	Requested by
24	telegram--k.com	6 redirects telegram--k.com
2	in.getclicky.com	static.getclicky.com
1	static.getclicky.com	telegram--k.com
23	3

This site contains no links.

Subject Issuer	Validity	Valid
telegram--k.com GTS CA 1P5	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.getclicky.com E1	`2023-06-09` - `2023-09-07`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://telegram--k.com/a/
Frame ID: A09FAAFEE92484AE1C2B7379ECC834A9
Requests: 18 HTTP requests in this frame

Frame: https://telegram--k.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Frame ID: 1FA0B7EABB8F580A4BD0B7A892DCA42F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram Web

Page URL History Show full URLs

http://telegram--k.com/ HTTP 301
https://telegram--k.com/ HTTP 302
http://telegram--k.com/a HTTP 301
https://telegram--k.com/a HTTP 301
http://telegram--k.com/a/ HTTP 301
https://telegram--k.com/a/ Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Page Statistics

23
Requests

87 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

672 kB
Transfer

2692 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://telegram--k.com/ HTTP 301
https://telegram--k.com/ HTTP 302
http://telegram--k.com/a HTTP 301
https://telegram--k.com/a HTTP 301
http://telegram--k.com/a/ HTTP 301
https://telegram--k.com/a/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://telegram--k.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://telegram--k.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
telegram--k.com/a/
Redirect Chain

http://telegram--k.com/
https://telegram--k.com/
http://telegram--k.com/a
https://telegram--k.com/a
http://telegram--k.com/a/
https://telegram--k.com/a/

12 KB
5 KB

42ms
42ms

Document
text/html

2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7fa7b459bd753a93e003b6735d8f70e604794c9ecaac4aa60c3501785af48d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d549086793991b4-SIN
content-encoding: br
content-type: text/html
date: Sat, 10 Jun 2023 21:04:03 GMT
last-modified: Thu, 20 Oct 2022 07:03:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B%2BdY2k1Kud7kwjontLBTOIs8TLOtlswbooXDjzq1ylYrPdu4NOoe28VcA9RfO9pePWSpgEpXrKQGLbBQNt%2BhnXq5vwYn4QpsQO4A1OLW7GMEeKcsSD3oK8yCPDBWzRB2B0I83YkRy2Nva0Pc%2Bw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7d5490866e3540c6-SIN
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 10 Jun 2023 21:04:03 GMT
Expires: Sat, 10 Jun 2023 22:04:03 GMT
Location: https://telegram--k.com/a/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPjJBUQn8hehoQ6fEUYUkNtjAIQc0lJy15hvZrNQb%2FZJXa0JvEolqE6s3q5Zt3Yzmmd1N4X4d5z85t%2FoKdWejmmBlcYBXfMfgIKYPFf0QYZcZ%2BpzV%2B8Z3X8aYARyGa0iTfUqBrq3pakSTOQQrw0%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.cfeec47247082afdfa73.css
telegram--k.com/a/ 378 KB
66 KB 78ms
75ms Stylesheet
text/css 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/main.cfeec47247082afdfa73.css
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f333bb0c0f4376c34bbe944300aa64dc676dd522ea690b915162fd1c933d0053

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-5e932"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pg%2BBs75p6W7M1JGzW3s%2BU%2FENstIIxWUIjp1EIAhIDQQq0RgpVPlfVDAi%2BkG0cd%2B%2B7hpeb9rZQ%2F%2FGQegi%2FgTdze4P4mZO1is%2BuNmk2Ax2WxzQh8gv26pbEdh9NaCnkzGJU82vvKZzvvauNBUD8Ws%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7d549086c97b91b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:03 GMT

GET
H3 200 style-desktop.de205d0ae0e0c2493363.css
telegram--k.com/a/ 354 B
704 B 54ms
52ms Stylesheet
text/css 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/style-desktop.de205d0ae0e0c2493363.css
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 352d322f451b1fe8fe6be4f4eb38f134a3326ffb310b5256d9e2829e12f67a82

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-162"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWDyEUZoiC5FoA7EEojRq%2BM6LZ83tJOBtbp8lNIf97ue1ZDxk8TFqQM0w5hsRtggfx%2FGYWGXfasYoWQ%2F%2Bt9SI%2Bm2vmuqU0GFfJ5a2jZn4%2F7TADY4ssFRRPC87Z%2FuioQ9mUNYRh1kuhr4%2Fffpf%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7d549086c97c91b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:03 GMT

GET
H3 200 mtproto.worker.a7353b4d09f7ae6723a5.chunk.js Show response
telegram--k.com/a/ 672 KB
152 KB 100ms
98ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/mtproto.worker.a7353b4d09f7ae6723a5.chunk.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 788e06011f24c4a6216673ec7a0bd708e9a1854ea3c892445c445c6c6e66da94

Request headers

Referer: https://telegram--k.com/a/
Origin: https://telegram--k.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:24:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"635040c9-a80af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NV8ocPdCY%2BUnahIV4ymBAy%2BwWF3iYJpPw9RQkD0a7C6DAZnWhodR3nY0kmNes%2Fh1n%2FfypGVCBC%2B9X%2FMCQEFf4VAN2vW5pDDyVy0me0VLb9oriRgxpNfZtUP%2BUmYUiUkA2mfQfyJfloF5tPEBqEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d549086c97d91b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:03 GMT

GET
H3 200 437.c838e1c54ca086c1ad69.bundle.js Show response
telegram--k.com/a/ 7 KB
3 KB 44ms
42ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/437.c838e1c54ca086c1ad69.bundle.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa2bb13700c6fad6e92e6c0ee01459761665ef04ea47f7d5e024934d96e34c3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-1df0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQzqIp6KHWU%2BMj3QRXUK6ngn%2FTmUROi3A2ilUCI9kTiB2X8MRqcbitNVTwx%2BfQVOLzwG2eS8YZLFRKThmH53F29OeZMa2m3jrGCXgDIfqm%2FcE78I4mOK%2B5tGyCURcEfhlA4nkJnTkPl544Hh%2FKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d549086c97f91b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:03 GMT

GET
H3 200 773.e1a126c156026a9a591c.bundle.js Show response
telegram--k.com/a/ 48 KB
11 KB 44ms
43ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/773.e1a126c156026a9a591c.bundle.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01b13ccfff3d099463ced657919e47174680031ea9c20a7837ce227e4f32f85a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 02 Dec 2022 21:09:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"638a6982-bf4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3o3xkHKGPssB%2FWttih%2BjCXr9%2BkcoLF7Pc4Zd6Zb%2FsqQSX6QC%2FaV%2Bv4y92UAhDJtR%2BNCY5gWEOiuFtRioCVGP%2Bj0NQwmewrBq9RbLnI%2FzaYlFxwQUQVYdN3yNAaYz4NehbD%2FAlVwxXXVm2ZEi%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d549086c98091b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:03 GMT

GET
H3 200 main.01fb870dd61b44a0b199.bundle.js Show response
telegram--k.com/a/ 114 KB
27 KB 63ms
62ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/main.01fb870dd61b44a0b199.bundle.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b30fbd28b3ef88847590ab51ea040373a48363228805bcd6d6a6a13375e8423f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 11:20:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cb097-1c8d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kvhe9vZ7Q0sL9EqD4umYq1h0PFWvFx9CEGxT2tOWGBLTO7fXUQj0qQjdndFoAT65LSOdWIF%2F2lBdaTk%2BUdKccWMYV9Pqv3VilDGE9Esvza0Fh6wCyXh1lZoSAAgiwMb85q4QsG9NOIZXIM0Hxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d549086c98191b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:03 GMT

GET
H2 200 101374574.js Show response
static.getclicky.com/ 15 KB
6 KB 47ms
22ms Script
text/javascript 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/101374574.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a718eecd10a872f760e8146e435f91583b49487cfea6bb4fff6b2499e5ea4dc8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 16 Jun 2023 20:39:37 GMT
date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 20:39:37 GMT
server: cloudflare
age: 63259
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d5490870ef24022-SIN
alt-svc: h3=":443"; ma=86400
x-proxy-cache: MISS

GET mtproto.worker.a7353b4d09f7ae6723a5.chunk.js
telegram--k.com/a/ Frame 0
0

GET crypto.worker.1e1106c2eed88d1bff05.chunk.js
telegram--k.com/a/ Frame 0
0

GET
H3 200 crypto.worker.1e1106c2eed88d1bff05.chunk.js Show response
telegram--k.com/a/ 23 KB
9 KB 46ms
45ms Fetch
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/crypto.worker.1e1106c2eed88d1bff05.chunk.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/main.01fb870dd61b44a0b199.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee52de48cce74b8edff25184708862040ac186d228cb1c06ae9b17e7beb84155

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-5d8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hC%2F%2BG8ncAN6Fy9EgDLD3%2BnPNdScXlP5SkTC1BxfPsAoixOsxLUVDzi1Ead06kyq6YNKtv9gGobmq5ksUv%2FWGv9GK2JHZH%2FrNMZzJKbX%2F%2F0Z88H6Vw%2BJCAiMMgdWj1kjfuY19jkHLoPwOQjkAv0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d549087ca4591b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:03 GMT

GET
H3

200

invisible.js Show response
telegram--k.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/ Frame 1FA0
Redirect Chain

https://telegram--k.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://telegram--k.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

26 KB
12 KB

10ms
10ms

Script
application/javascript

2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram--k.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

Protocol

Server

2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8de6ee772d07704f97ba97e83fefc1f37538873abb82d9b0fb7194552fe5884b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJZ8QF0yDWAy5L%2F7mMvoPsV5Ewsy2Q7KTB%2BdFfWNaPjexG3n8Zb3RzAzELnvJli3bI7b6qaQjW6Z%2Ff4LWTLmB%2B332rRqOT78%2BU1GiBlHxqNSk75ndaBUzh5abuGuv%2B1WN2MdXDLJynH6huWm%2B%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d5490881a6d91b4-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 10 Jun 2023 21:04:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIW0PT5OF9ecHFDE8eRL%2BTER73aT4IorThvLtrZC%2B73mHC6U7gy0gEPL3Cdnz%2Ft3eiOLwzOluE37IcCxOQ9rKO7kRbmP9QITZ0zNUiTqlV28xBjS7HoZi1ulYlfT%2BYW4IhFGVWV5GNQXiO0%2BRvU%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7d5490880a6491b4-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 104.d2dcaecf3096868faf56.chunk.js Show response
telegram--k.com/a/ 52 KB
16 KB 58ms
58ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/104.d2dcaecf3096868faf56.chunk.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/main.01fb870dd61b44a0b199.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a36f0e8e3c28a55ffaf6bdcab94394e3a4de0c6c04c5a0122de26fd9829ac0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-d03f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wdCRnpWn%2B2bPkvRW9f1IYsH9lm%2BsjkKZe6hHqq8Lti42UePbNhVXLzJxsECe7%2BR3I9EkxJxonw8%2FtjMPi6Gxn6KoZaAl7herufrTBrTO7yz1hx3atG5WWfNghlVz9X2c2NtBQa%2FeuBB84F4ipk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d5490882a7491b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:03 GMT

GET
H3 200 301.5beb25e1ca4f91ab78d0.chunk.js Show response
telegram--k.com/a/ 2 KB
1 KB 48ms
47ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/301.5beb25e1ca4f91ab78d0.chunk.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/main.01fb870dd61b44a0b199.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5c2c63ccd688a8fa3de469c41d005ed423fa28fdf5ca738a28cab734cb6e2bd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-67f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIriGB%2BekE2ibO5UF49JjWF3OfgozkTlJKaGyDa4pTK6fhB3utE1x7K5Q3Nlmc6ZIgrl%2Bb1Z14S5%2FCRissH5olhCQlM620ruNO5m44RPejmqvL%2FsMs3K2XHjVWK4XfHQAm2tYCh0uWCQMWkfpH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d5490882a7591b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:03 GMT

GET
H3 200 8.2a5c88b8ffabc366242b.chunk.js Show response
telegram--k.com/a/ 22 KB
4 KB 45ms
44ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/8.2a5c88b8ffabc366242b.chunk.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/main.01fb870dd61b44a0b199.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d84fb6dc0eae842918627e342d3d737952586f225c6fa416eeddec249c50be4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-581b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nyg7aVdMTxPRWI%2BRLNZUFDIrRxrv2moqCpmeXz%2FgbzBGyvrSi9Dg4LpAfbMyA%2BNwzEuMY4BDf8OyXu4foptoQJMk9MDrX1VBfkD5CBUWTEjOerIeEnKLdqqnSJZy30ybNM7SgZzBGn5eLFXztXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d5490882a7691b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:03 GMT

GET
H3 200 pica.js
telegram--k.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 1FA0 6 KB
3 KB 10ms
9ms Other
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram--k.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9f5e67c01ebb3b34aba410e22d88b7e0e2c356f95f790774e4c740ff2750283

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zknUXB9auYGnVY5mpDSRpoI%2BctxMDcidWJ0RInd84BGGmB2ZL0zaot6ir56VIc8BARziBsw%2B%2FNxq6UNKYwMA%2F7gyIA38n8ueeDt9lZkbT%2FIA3TnmF%2F%2BDji%2Bi%2BMuAljS6gwyx9ClK%2FOgZqQE06b4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d5490882a7c91b4-SIN
alt-svc: h3=":443"; ma=86400

POST
H3 200 7d549086793991b4 Show response
telegram--k.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 1FA0 2 B
590 B 20ms
19ms XHR
text/plain 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/cdn-cgi/challenge-platform/h/b/cv/result/7d549086793991b4
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Jun 2023 21:04:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OH2NVskHPaSP7iqRyjsVtrT6vdZpYajNZVcnPGeCX0qzFb0Qz%2Bvn1%2F3H%2BgFSeqPmd9%2BF1aDpTr5F48mdQYsehgQW1%2BHcQwi3QYwsrF84QtLPMHyExNRR3XCuaFzGrRSoN6ErzlnmdDJaTaYjrq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7d5490895b2a91b4-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 in.php Show response
in.getclicky.com/ 155 B
302 B 781ms
771ms Script
text/javascript 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101374574&type=pageview&href=%2Fa%2F&title=Telegram%20Web&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.3361244615316179
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/101374574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0aa2bfb9106b81bb8d4101dca80f983471f1715d61dafc2fffa1a2b162ccd5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7d5490897b894022-SIN
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 953.a9c1e444676d9797e587.chunk.js Show response
telegram--k.com/a/ 34 KB
15 KB 57ms
56ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/953.a9c1e444676d9797e587.chunk.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/main.01fb870dd61b44a0b199.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a966a17be3bb09cd14acadc31d102c147a6298e233d1e1dc6d551cd45a2e09bc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-87f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imoAMuQzHJXELiuVt01xkCBCCRqNqYr1jyh6WWtfBd8in0qzNd%2F1lkyJLRATT3RlIH46D40jh01SUlO0l1DTV3T8IcbdLS0KMPXlgLwxPblA1T9utO3XR6SO5rd53xQJYYxghx81gYhaITsTGGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d5490898b4591b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:04 GMT

GET
H3 200 194.6d86456472ba5cb9dd4b.chunk.js Show response
telegram--k.com/a/ 1 MB
320 KB 91ms
91ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/194.6d86456472ba5cb9dd4b.chunk.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/main.01fb870dd61b44a0b199.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c6de408b21a48fb086f73f5e2f3442207983127f362fc8b2fc12001d2936cac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-12ebb9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wegMBnkPJXXaAKhhn2pNk2wXyWj5XtYJ9gc%2BJ2dF8WQ5gy4us00wawSn%2BHe%2BzqFBujj7%2BzhmUBrEqJ5SIi2My1adk%2FyhHZ0dFXAUU4zQRdxpg0vH2%2BO8HvfC5CXGrcZ1gH4mUdfsVPrBTUAC1CU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d5490898b4691b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:04 GMT

GET
H3 200 709.4c2facc565490ae3dd33.chunk.js Show response
telegram--k.com/a/ 5 KB
3 KB 41ms
41ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/709.4c2facc565490ae3dd33.chunk.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/main.01fb870dd61b44a0b199.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a79ff3e876c8beed1dad8c0848198cacb04a0c9272c0f2fd6099a883eb2ece

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-14db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpau7sjgtc3xrVBAs1iAGg7xU6FH7SccKQiiVW%2FC1I%2FEgdsRZayYlTLQ2JaHCd5m1EaR%2F%2FzfAzfOMl5QGC1TYHHu3lvC5aaQPqa0kK8%2BnH0xBvYt7B71NxbxAxYV4c%2Bpt5YiSx3SeIlELhntfrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d5490898b4791b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:04 GMT

GET
H3 200 npm.qr-code-styling.5c8af6e9c411419a66e1.chunk.js Show response
telegram--k.com/a/ 64 KB
16 KB 28ms
28ms Script
application/javascript 2606:4700:3035::ac43:b33c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram--k.com/a/npm.qr-code-styling.5c8af6e9c411419a66e1.chunk.js
Requested by: Host: telegram--k.com
URL: https://telegram--k.com/a/main.01fb870dd61b44a0b199.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ea8d93b82d854b95e606a39da6c3d203585d776a9b23cc5d6ed7132fde0e4a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 18:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63504027-ff4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XxChOV7Lvwb4d9yBEHKEzF%2FH4qrUGd11sQv9N6bghWRbXDL%2B9TYyl7XzvMqag9Alzigjr1mxrruvJ4EZK28ejsBPyBJW6sPYimLtm5s0eoLzpBIuAhXGdLBd%2Bmx8JCZWrBWkJDHs%2F3XGIWOX2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d54908abbf091b4-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Jun 2023 09:04:04 GMT

GET
H2 200 in.php Show response
in.getclicky.com/ 155 B
210 B 719ms
719ms Script
text/javascript 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101374574&type=pageview&href=%2Fa%2F&title=Telegram%20Web&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.9738650411022229
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/101374574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedea274761c2b60fcf191a2f557e1cebddacd4b017202ef81e7fea1dda51310

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://telegram--k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:04:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7d54908c2a5a4022-SIN
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telegram--k.com
URL: https://telegram--k.com/a/mtproto.worker.a7353b4d09f7ae6723a5.chunk.js

Domain: telegram--k.com
URL: https://telegram--k.com/a/crypto.worker.1e1106c2eed88d1bff05.chunk.js

Verdicts & Comments Add Verdict or Comment

Malicious page.domain
Submitted on June 10th 2023, 9:46:46 pm UTC — From Germany

Threats: Brand Impersonation Phishing
Brands: Telegram US
Comment: Phishing page for the Telegram web client

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
telegram--k.com/	1970-01-20 12:27:18	Name: XSRF-TOKEN Value: eyJpdiI6IlY2Yk5URit3YjlBSTdXakVKbGtrckE9PSIsInZhbHVlIjoiaThLTUZCQzZTNWNJWnRNZUViTmNaZ29sR3NxYmxoYytvOWYwaXdkc2dpU2JwaW9nTGNxSmh5eFhndGI3QVBiTUJWVUsrR3dRNEFCanZ3Sm9MV1QxWmRWT2Q0ZW5qUlpINS9tcDNwVWJjYmZtQWhpTHhrUWlpT0NWYVhqaEYrTU8iLCJtYWMiOiI5OTQ4YmNjYTFjZTIyODk3MDdiNGFlNmRmZGQ3NzQxMGFlYWUxMDAzMWYxNDMxZGQwMjRlNjViNzVhNWU0NDVkIiwidGFnIjoiIn0%3D
telegram--k.com/	1970-01-20 12:27:18	Name: laravel_session Value: eyJpdiI6InowZ3Y4clhoRWRjYTcwa2N0Mm8wdGc9PSIsInZhbHVlIjoiYmhYM3Evc1hDU0hwcTdWTnBCVW9lRTZ6TExKQ0VQc2xZR0YzK0RzYno4MUtBb3drVGxvd1Z3eVI0MDUrazZ6Q1UyaHdCWExpVThqVUo0Nk1RdTlGNXljdVg4YkFjRnhkd1owRU4wWTY3eFF6UExEVHRWYVp0Z3NObVh6NTYrdGwiLCJtYWMiOiI1OTJiZDk1N2FlMzI4ZjZiMWQ2ZDdiN2QxZjc0OWI0NjhhY2ZmYjVhNTdjMTdkYTAwYjhjZDExOTE1MmFiMjI1IiwidGFnIjoiIn0%3D
.telegram--k.com/	1970-01-20 12:27:12	Name: __cf_bm Value: 2nnZCGLO4GgZM0xD9tjqHAIXjE5hrxow494QVSjROKo-1686431044-0-Aal8ufghvt2b5FirIpVoU16n9b3cB+hOM+6W3hhAw1w10Z+2h0Th4+kniWWS4AznMg==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (403) was received when fetching the script.
worker	error	URL: https://telegram--k.com/a/ Message: Failed to fetch a worker script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

in.getclicky.com
static.getclicky.com
telegram--k.com
telegram--k.com
2606:4700:3030::6815:53aa
2606:4700:3035::ac43:b33c
2606:4700::6811:626c
01b13ccfff3d099463ced657919e47174680031ea9c20a7837ce227e4f32f85a
03a36f0e8e3c28a55ffaf6bdcab94394e3a4de0c6c04c5a0122de26fd9829ac0
08ea8d93b82d854b95e606a39da6c3d203585d776a9b23cc5d6ed7132fde0e4a
1aa2bb13700c6fad6e92e6c0ee01459761665ef04ea47f7d5e024934d96e34c3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d84fb6dc0eae842918627e342d3d737952586f225c6fa416eeddec249c50be4
352d322f451b1fe8fe6be4f4eb38f134a3326ffb310b5256d9e2829e12f67a82
4e0aa2bfb9106b81bb8d4101dca80f983471f1715d61dafc2fffa1a2b162ccd5
788e06011f24c4a6216673ec7a0bd708e9a1854ea3c892445c445c6c6e66da94
7e7fa7b459bd753a93e003b6735d8f70e604794c9ecaac4aa60c3501785af48d
8c6de408b21a48fb086f73f5e2f3442207983127f362fc8b2fc12001d2936cac
8de6ee772d07704f97ba97e83fefc1f37538873abb82d9b0fb7194552fe5884b
a718eecd10a872f760e8146e435f91583b49487cfea6bb4fff6b2499e5ea4dc8
a966a17be3bb09cd14acadc31d102c147a6298e233d1e1dc6d551cd45a2e09bc
a9f5e67c01ebb3b34aba410e22d88b7e0e2c356f95f790774e4c740ff2750283
b30fbd28b3ef88847590ab51ea040373a48363228805bcd6d6a6a13375e8423f
cedea274761c2b60fcf191a2f557e1cebddacd4b017202ef81e7fea1dda51310
e5a79ff3e876c8beed1dad8c0848198cacb04a0c9272c0f2fd6099a883eb2ece
e5c2c63ccd688a8fa3de469c41d005ed423fa28fdf5ca738a28cab734cb6e2bd
ee52de48cce74b8edff25184708862040ac186d228cb1c06ae9b17e7beb84155
f333bb0c0f4376c34bbe944300aa64dc676dd522ea690b915162fd1c933d0053

telegram--k.com Open in urlscan Pro 2606:4700:3035::ac43:b33c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

87 %HTTPS

100 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

672 kBTransfer

2692 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Malicious page.domain Submitted on June 10th 2023, 9:46:46 pm UTC — From Germany

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

60 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

telegram--k.com Open in urlscan Pro
2606:4700:3035::ac43:b33c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

87 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

672 kB
Transfer

2692 kB
Size

3
Cookies

23 HTTP transactions
0 data transactions

Malicious page.domain
Submitted on June 10th 2023, 9:46:46 pm UTC — From Germany

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!