www.telegram.lgbt Open in urlscan Pro
154.82.100.194  Malicious Activity! Public Scan

URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Submission: On December 10 via manual from TW — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 27 HTTP transactions. The main IP is 154.82.100.194, located in Singapore and belongs to TERAEXCH, US. The main domain is www.telegram.lgbt.
TLS certificate: Issued by R3 on December 5th 2022. Valid for: 3 months.
This is the only time www.telegram.lgbt was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Live information

Domain & IP information

IP Address AS Autonomous System
21 154.82.100.194 399077 (TERAEXCH)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
27 5
Apex Domain
Subdomains
Transfer
21 telegram.lgbt
www.telegram.lgbt
480 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 26
region1.google-analytics.com — Cisco Umbrella Rank: 2554
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
164 KB
27 3
Domain Requested by
21 www.telegram.lgbt www.telegram.lgbt
3 www.googletagmanager.com www.telegram.lgbt
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
27 4
Subject Issuer Validity Valid
www.telegram.lgbt
R3
2022-12-05 -
2023-03-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.telegram.lgbt/TG_ZH/desktop.html
Frame ID: 8A4EC3CA48356102DF25BF349C6819B4
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Telegram中文桌面版

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

27
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

665 kB
Transfer

1397 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request desktop.html
www.telegram.lgbt/TG_ZH/
12 KB
4 KB
Document
General
Full URL
https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
57a8a84f533afbc33b3ca9e3bc6a896f1b9a6793817b4952ad3acb5bf7b85b03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
4283
content-type
text/html
date
Sat, 10 Dec 2022 05:08:20 GMT
etag
"e7a5ec4836f0d81:0"
last-modified
Fri, 04 Nov 2022 10:14:54 GMT
server
NgxFence
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-cache
DYNAMIC
x-powered-by
ASP.NET
bootstrap.min.css
www.telegram.lgbt/TG_ZH/desktop_files/
42 KB
11 KB
Stylesheet
General
Full URL
https://www.telegram.lgbt/TG_ZH/desktop_files/bootstrap.min.css
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Sat, 24 Sep 2022 10:13:06 GMT
server
NgxFence
etag
"ff181f3dfecfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
accept-ranges
bytes
content-length
10876
telegram.css
www.telegram.lgbt/TG_ZH/desktop_files/
108 KB
31 KB
Stylesheet
General
Full URL
https://www.telegram.lgbt/TG_ZH/desktop_files/telegram.css
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
6cee77ef142c982054236b281b015e0cc32ea3bd1754deb11d1cca80793fb5b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Sat, 24 Sep 2022 10:13:06 GMT
server
NgxFence
etag
"ff181f3dfecfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
accept-ranges
bytes
content-length
31409
gtm.js.download
www.telegram.lgbt/TG_ZH/desktop_files/
116 KB
55 KB
Script
General
Full URL
https://www.telegram.lgbt/TG_ZH/desktop_files/gtm.js.download
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
8cbaae5ea817ea19555ba3c88649f6db86533c6a0fb945042ac060b0c446199c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Sat, 24 Sep 2022 10:13:06 GMT
server
NgxFence
etag
"ff181f3dfecfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
DYNAMIC
content-type
text/plain
accept-ranges
bytes
content-length
56040
js
www.telegram.lgbt/TG_ZH/desktop_files/
105 KB
50 KB
Script
General
Full URL
https://www.telegram.lgbt/TG_ZH/desktop_files/js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
377a867c84d7622e8505d60ab3f2cd91c2bee74035d45971e9fd11f904cc3da6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Sat, 24 Sep 2022 10:13:06 GMT
server
NgxFence
etag
"ff181f3dfecfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
DYNAMIC
content-type
text/plain
accept-ranges
bytes
content-length
50938
js(1)
www.telegram.lgbt/TG_ZH/desktop_files/
206 KB
91 KB
Script
General
Full URL
https://www.telegram.lgbt/TG_ZH/desktop_files/js(1)
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
5a93b0bce4a0f9e2c5fe4117885c4d1adec6b2ab688ebfe5a32d492ea5e75ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Sat, 24 Sep 2022 10:13:06 GMT
server
NgxFence
etag
"ff181f3dfecfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
DYNAMIC
content-type
text/plain
main.js
www.telegram.lgbt/js/
21 KB
7 KB
Script
General
Full URL
https://www.telegram.lgbt/js/main.js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
39a10a24888c4e0898d8c9c9ed332d88d0203c08d0f5cfbbf82c84cd9eee584f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Fri, 04 Nov 2022 10:14:52 GMT
server
NgxFence
etag
"436a714736f0d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
7229
tgsticker.js.download
www.telegram.lgbt/TG_ZH/desktop_files/
75 KB
29 KB
Script
General
Full URL
https://www.telegram.lgbt/TG_ZH/desktop_files/tgsticker.js.download
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
9e7a2740a591d2bc7d8d68ce3cd194e6e8f608704e48c6c6895ded87088b802b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Sat, 24 Sep 2022 10:13:06 GMT
server
NgxFence
etag
"fcde233dfecfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
DYNAMIC
content-type
text/plain
accept-ranges
bytes
content-length
29276
download.js
www.telegram.lgbt/js/
3 KB
2 KB
Script
General
Full URL
https://www.telegram.lgbt/js/download.js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
a291e8c86066f8f1f2d02a1541e2969f7218297466d290cb825a6078193e2e3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
Origin
https://www.telegram.lgbt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Thu, 01 Dec 2022 11:33:45 GMT
server
NgxFence
etag
"a5637fc5785d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
1284
v652eace1692a40cfa3763df669d7439c1639079717194
www.telegram.lgbt/TG_ZH/desktop_files/
14 KB
6 KB
Script
General
Full URL
https://www.telegram.lgbt/TG_ZH/desktop_files/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
Origin
https://www.telegram.lgbt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Sat, 24 Sep 2022 10:13:06 GMT
server
NgxFence
etag
"d741263dfecfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
DYNAMIC
content-type
text/plain
accept-ranges
bytes
content-length
6247
gtm.js
www.googletagmanager.com/
120 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5X96JGP
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ffd186bca837a9cc259bf4b8570c247e14f33d6f4ef0527f930229ad0b6d2ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47668
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Dec 2022 05:08:21 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20f4c7a3a145bb8bd7bbed583088379b30196e62437926bb0433042b81102e19

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
twitter.png
www.telegram.lgbt/TG_ZH/img/
1 KB
1 KB
Image
General
Full URL
https://www.telegram.lgbt/TG_ZH/img/twitter.png
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop_files/telegram.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop_files/telegram.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Sat, 24 Sep 2022 10:13:13 GMT
server
NgxFence
etag
"351e4441fecfd81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
accept-ranges
bytes
content-length
1272
td_laptop.png
www.telegram.lgbt/TG_ZH/img/
185 KB
186 KB
Image
General
Full URL
https://www.telegram.lgbt/TG_ZH/img/td_laptop.png
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop_files/telegram.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
3a1d4890b3e91a01c20c65b75f1ae028e3c445cad1fd2d249dd0868876dfe4b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop_files/telegram.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Sat, 24 Sep 2022 10:13:13 GMT
server
NgxFence
etag
"8b6a3f41fecfd81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
accept-ranges
bytes
content-length
189734
config.js
www.telegram.lgbt/js/
360 B
576 B
Script
General
Full URL
https://www.telegram.lgbt/js/config.js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/js/download.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
e9885f72beec80104d584000fea488790bd8c910793bfb3879dc85c2fc54d98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Thu, 17 Nov 2022 09:32:07 GMT
server
NgxFence
etag
"eef157667fad81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
316
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-212845866-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X96JGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d21c4eae48eb3889019224c3e3bda22263d650079458ef1faeb023ab5acd5d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43639
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Dec 2022 05:08:21 GMT
js
www.googletagmanager.com/gtag/
213 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X96JGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1270afe5873e3065ebf44eed5f8ef592fef13fafd3778394ee4ca64bef98ffd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 10 Dec 2022 05:08:21 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-212845866-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 10 Dec 2022 03:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6221
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 10 Dec 2022 05:24:40 GMT
collect
region1.google-analytics.com/g/
0
349 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VE3X12E1EV&gtm=2oebu0&_p=2050997878&cid=62590073.1670648902&ul=en-us&sr=1600x1200&_s=1&sid=1670648901&sct=1&seg=0&dl=https%3A%2F%2Fwww.telegram.lgbt%2FTG_ZH%2Fdesktop.html&dt=Telegram%E4%B8%AD%E6%96%87%E6%A1%8C%E9%9D%A2%E7%89%88&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 05:08:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegram.lgbt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2050997878&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telegram.lgbt%2FTG_ZH%2Fdesktop.html&ul=en-us&de=UTF-8&dt=Telegram%E4%B8%AD%E6%96%87%E6%A1%8C%E9%9D%A2%E7%89%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=680110899&gjid=707959612&cid=62590073.1670648902&tid=UA-212845866-1&_gid=534535972.1670648902&_r=1&gtm=2oubu0&z=1178197716
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegram.lgbt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 05:08:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegram.lgbt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
dev.js
www.telegram.lgbt/js/downloadlist/
598 B
687 B
Script
General
Full URL
https://www.telegram.lgbt/js/downloadlist/dev.js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/js/download.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
855c42dd1bb790aca2aa2ea1ca29171bf1a07530324717ddc1c1408ee20f484c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 29 Nov 2022 08:43:17 GMT
server
NgxFence
etag
"4e3195a0ce3d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
427
t101.js
www.telegram.lgbt/js/downloadlist/
4 KB
777 B
Script
General
Full URL
https://www.telegram.lgbt/js/downloadlist/t101.js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/js/download.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
01f12f08f9631cb9465459c174f01587dcbf0cb3af391f7b15d9a967e8ea881c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 29 Nov 2022 10:34:59 GMT
server
NgxFence
etag
"98f463bde3d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
517
t108.js
www.telegram.lgbt/js/downloadlist/
2 KB
781 B
Script
General
Full URL
https://www.telegram.lgbt/js/downloadlist/t108.js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/js/download.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
359a7563b2f0a8b267b67399cf27223921c2e32da80a3f1ee0e6cfa82ebfca9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Mon, 05 Dec 2022 11:19:47 GMT
server
NgxFence
etag
"c7568e7b9b8d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
520
t112.js
www.telegram.lgbt/js/downloadlist/
481 B
617 B
Script
General
Full URL
https://www.telegram.lgbt/js/downloadlist/t112.js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/js/download.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
9d66856e33b22f79296d4615a74b43cef08bcb1fc0e1b70ae02ab7433761cf51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 29 Nov 2022 08:43:17 GMT
server
NgxFence
etag
"4e3195a0ce3d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
357
t158.js
www.telegram.lgbt/js/downloadlist/
6 KB
998 B
Script
General
Full URL
https://www.telegram.lgbt/js/downloadlist/t158.js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/js/download.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
4fb138a3cdcc7da148092e84031bb22a896dd10476c56b75507dcf9644cc7530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Sat, 03 Dec 2022 06:07:21 GMT
server
NgxFence
etag
"c57a9f81dd6d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
738
t109.js
www.telegram.lgbt/js/downloadlist/
1 KB
693 B
Script
General
Full URL
https://www.telegram.lgbt/js/downloadlist/t109.js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/js/download.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
5d1a91efc17dd970435a8f6dc699d8e1220d62b78c022107b36054b41ba66972
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 29 Nov 2022 08:43:17 GMT
server
NgxFence
etag
"4e3195a0ce3d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
433
t115.js
www.telegram.lgbt/js/downloadlist/
1 KB
674 B
Script
General
Full URL
https://www.telegram.lgbt/js/downloadlist/t115.js
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/js/download.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
69c4ad70fa66d36d5782532b7e007cf7a38b959a4824ceaf9ea0540046cf3794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 05:08:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 29 Nov 2022 08:43:17 GMT
server
NgxFence
etag
"4e3195a0ce3d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
414
rum
www.telegram.lgbt/cdn-cgi/
1 KB
676 B
XHR
General
Full URL
https://www.telegram.lgbt/cdn-cgi/rum?
Requested by
Host: www.telegram.lgbt
URL: https://www.telegram.lgbt/TG_ZH/desktop_files/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.194 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
2162b591ebe2b8db3fa5cf15a50922fcd6ca6232d05140cf0a15b9512e3ccd45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://www.telegram.lgbt/TG_ZH/desktop.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
content-type
application/json

Response headers

date
Sat, 10 Dec 2022 05:08:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
server
NgxFence
x-powered-by
ASP.NET
content-type
text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| gtag object| dataLayer number| startTime function| dT object| jsonpCallbacks function| twitterCustomShareInit function| blogRecentNewsInit function| blogSideImageUpdate function| blogSideImageInit function| cancelEvent function| trackDlClick undefined| toTopWrapEl undefined| toTopEl object| pageContentWrapEl undefined| curVisible boolean| curShown function| backToTopInit function| backToTopGo function| backToTopResize function| backToTopScroll function| removePreloadInit function| getXY undefined| onDdBodyClick undefined| currentDd function| dropdownClick function| dropdownHide function| dropdownPageClick function| escapeHTML function| videoTogglePlay function| getDevPageNav function| showTitleIfOverflows function| initDevPageNav function| updateDevPageNav function| updateMenuAffix function| initScrollVideos function| checkScrollVideos function| videoPreloadPosterDimensions function| isVisibleEnough function| getFullOffsetY function| redraw function| initRipple function| mainInitRetinaVideos function| mainInitDemoAutoplay function| mainDemoVideoHover function| mainDemoVideoDoHover function| mainInitLogo function| mainInitTgStickers function| setCookie function| getCookie function| mainScrollTo object| RLottie function| QueryableWorker function| FrameQueue object| _0x3201 function| _0x4264 function| removeCookie function| EWExa object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| __cfBeacon object| gaplugins object| gaData object| urlConfigMap function| addDownloadConfig object| domains object| channal_1 object| channal_2 object| channal_3 object| channal_4 object| channal_5 object| channal_6 object| channal_1A object| channal_1B object| channal_3A object| channal_3B object| channal_3C object| channal_3D

5 Cookies

Domain/Path Name / Value
www.telegram.lgbt/TG_ZH Name: cks
Value:
.telegram.lgbt/ Name: _ga_VE3X12E1EV
Value: GS1.1.1670648901.1.0.1670648901.0.0.0
.telegram.lgbt/ Name: _ga
Value: GA1.2.62590073.1670648902
.telegram.lgbt/ Name: _gid
Value: GA1.2.534535972.1670648902
.telegram.lgbt/ Name: _gat_gtag_UA_212845866_1
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://www.telegram.lgbt/cdn-cgi/rum?
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www.telegram.lgbt
154.82.100.194
2001:4860:4802:34::36
2a00:1450:4001:812::200e
2a00:1450:4001:829::2008
01f12f08f9631cb9465459c174f01587dcbf0cb3af391f7b15d9a967e8ea881c
0ffd186bca837a9cc259bf4b8570c247e14f33d6f4ef0527f930229ad0b6d2ba
20f4c7a3a145bb8bd7bbed583088379b30196e62437926bb0433042b81102e19
2162b591ebe2b8db3fa5cf15a50922fcd6ca6232d05140cf0a15b9512e3ccd45
359a7563b2f0a8b267b67399cf27223921c2e32da80a3f1ee0e6cfa82ebfca9b
377a867c84d7622e8505d60ab3f2cd91c2bee74035d45971e9fd11f904cc3da6
39a10a24888c4e0898d8c9c9ed332d88d0203c08d0f5cfbbf82c84cd9eee584f
3a1d4890b3e91a01c20c65b75f1ae028e3c445cad1fd2d249dd0868876dfe4b4
4fb138a3cdcc7da148092e84031bb22a896dd10476c56b75507dcf9644cc7530
57a8a84f533afbc33b3ca9e3bc6a896f1b9a6793817b4952ad3acb5bf7b85b03
5a93b0bce4a0f9e2c5fe4117885c4d1adec6b2ab688ebfe5a32d492ea5e75ba9
5d1a91efc17dd970435a8f6dc699d8e1220d62b78c022107b36054b41ba66972
69c4ad70fa66d36d5782532b7e007cf7a38b959a4824ceaf9ea0540046cf3794
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cee77ef142c982054236b281b015e0cc32ea3bd1754deb11d1cca80793fb5b8
855c42dd1bb790aca2aa2ea1ca29171bf1a07530324717ddc1c1408ee20f484c
8cbaae5ea817ea19555ba3c88649f6db86533c6a0fb945042ac060b0c446199c
9d66856e33b22f79296d4615a74b43cef08bcb1fc0e1b70ae02ab7433761cf51
9e7a2740a591d2bc7d8d68ce3cd194e6e8f608704e48c6c6895ded87088b802b
a291e8c86066f8f1f2d02a1541e2969f7218297466d290cb825a6078193e2e3f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
d21c4eae48eb3889019224c3e3bda22263d650079458ef1faeb023ab5acd5d50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2
e9885f72beec80104d584000fea488790bd8c910793bfb3879dc85c2fc54d98b
f1270afe5873e3065ebf44eed5f8ef592fef13fafd3778394ee4ca64bef98ffd
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505