urlscan.io logo urlscan.io
SecurityTrails logo

www.telegrambcn.com Open in urlscan Pro
172.67.159.233  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.telegrambcn.com/download
Effective URL: https://www.telegrambcn.com/windows/
Submission: On July 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 172.67.159.233, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.telegrambcn.com.
TLS certificate: Issued by WE1 on June 23rd 2024. Valid for: 3 months.
This is the only time www.telegrambcn.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 20 172.67.159.233 13335 (CLOUDFLAR...)
2 172.67.156.2 13335 (CLOUDFLAR...)
21 3
Apex Domain
Subdomains		 Transfer
21 telegrambcn.com
www.telegrambcn.com
261 KB
2 dcobxs.com
web.dcobxs.com
23 KB
21 2
Domain Requested by
21 www.telegrambcn.com 2 redirects www.telegrambcn.com
2 web.dcobxs.com www.telegrambcn.com
web.dcobxs.com
21 2

This site contains links to these domains. Also see Links.

Domain
dowdow123.com
telegram.org
core.telegram.org
Subject Issuer Validity Valid
telegrambcn.com
WE1		 2024-06-23 -
2024-09-21		 3 months crt.sh
dcobxs.com
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.telegrambcn.com/windows/
Frame ID: F62952F5A64DAE6211B5047E910080AE
Requests: 18 HTTP requests in this frame

Frame: https://www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: D8A442DEDB06C497C73193CDC9400773
Requests: 1 HTTP requests in this frame

Frame: https://www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: 6100F70BC5D67399F6643172808922C5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telegram - Telegram中文电脑版下载

Page URL History Show full URLs

  1. http://www.telegrambcn.com/download HTTP 307
    https://www.telegrambcn.com/download Page URL
  2. https://www.telegrambcn.com/windows/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

90 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

283 kB
Transfer

425 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.telegrambcn.com/download HTTP 307
    https://www.telegrambcn.com/download Page URL
  2. https://www.telegrambcn.com/windows/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.telegrambcn.com/download HTTP 307
  • https://www.telegrambcn.com/download
Request Chain 3
  • https://www.telegrambcn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Request Chain 16
  • https://www.telegrambcn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
download
www.telegrambcn.com/
Redirect Chain
  • http://www.telegrambcn.com/download
  • https://www.telegrambcn.com/download
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:427d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PbootCMS
Resource Hash
7556c514d29c4d0aed67a262878788fde09f5094c61636773ddb89d0b3c6b8d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ac0935f8e3a4d5e-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 21:10:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uYw96z5ywleQjCoTC8f89OPrWwKUUIb9PV34qEjSw24cvTaoWma6ZXgOzBzJwieNzMlA7dMaf2TinuT1btbx0P%2FtcYXgCd3XfshoDwKYcpjeXgEnzWcJ8XuPAEe0pt0FfltVW34B5YAbteAtQhzXono4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, User-Agent
x-powered-by
PbootCMS
x-ua-compatible
IE=edge,chrome=1

Redirect headers

Location
https://www.telegrambcn.com/download
Non-Authoritative-Reason
HttpsUpgrades
/
www.telegrambcn.com/Spider/ 		0
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/Spider/?url=/download
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PbootCMS
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegrambcn.com/download
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PbootCMS
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfQkKaXsN73XbbakOXTm7J9ktXIIWBDzp5EvzKYSXm8M394ZZBSo9j3FiCbxD6qeX7xolXHVF5DJeB4Zif67AGPEZXPBBIaNLkRaXUkW4kAMimn1%2BJ3wQAh8tHaob21D2812BiFg"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
8ac093647aa40441-HKG
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=edge,chrome=1
/
www.telegrambcn.com/ 		7 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/?p=/Do/visits/id/190
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PbootCMS
Resource Hash
ef5574109434bb8cb99d9ab5af5e32a038c4d7c659387473641c799013e79e0a

Request headers

Referer
https://www.telegrambcn.com/download
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PbootCMS
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDCyFMn5ZU%2BIBJMQDGCPfyeUnRP46fsVaT0amAPibvGVpXekvX5vWblXuZCbrsyuivXnoLYbglkPyLFoPvm%2B4x5oUAYQJpb4i%2FH0aVai447%2Bljeom%2BitjkVU6ZFWE6hA8QjrqKkp"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
8ac093647aa50441-HKG
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=edge,chrome=1
main.js
www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame D8A4
Redirect Chain
  • https://www.telegrambcn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
Protocol
H3
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqlkrCSbF2Z7Bs8XABAzoUsIaQTQKEjV8fRh7GDKwwIh%2BU7cFVcULljzg1LXU8IvGFWSyL5SzgSDWzJWoHLnv%2BkGdgKs1EpiZh9PFW1Xd%2F7TwUUUEyPBt%2FPDsrLuDqHrDgqpcd%2Fz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8ac093665bfc0441-HKG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 31 Jul 2024 21:10:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cw6Z%2FCtH9pkei1MzaxFissbb9IEkG8YQOH2moheEkVO8YbWAdiw914gHGyYBBGiJ8sLaU311%2FZPWyWG25t9Ao5WoOH%2BCt3PWSEPLsLzRlF%2B6gOBBFtVVUxWLUEassno%2FbAWtJ%2FOZ"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8ac09364dae20441-HKG
alt-svc
h3=":443"; ma=86400
content-length
0
Primary Request /
www.telegrambcn.com/windows/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/windows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PbootCMS
Resource Hash
78ed783526f8e1b2af5f25f0810597210d40579da50badf0b2de955c79dfffa6

Request headers

Referer
https://www.telegrambcn.com/download
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ac093663beb0441-HKG
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 21:10:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIM5WztIq5HRcLY5lxAW1v0TAvTcPtXXB7OJdmN3pGpFU%2BiAeMzPhqxbwX1iT87LQAMFPf0RCu3ZzcYa0OZvfw6LRJBqyG5xDI1lvzAaiQPKKNe14qNnUh0J%2Fu5hgy6%2Bf2KWebXj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, User-Agent
x-powered-by
PbootCMS
x-ua-compatible
IE=edge,chrome=1
favicon.ico
www.telegrambcn.com/ 		12 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.telegrambcn.com/download
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 02 Mar 2024 16:00:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e34d28-306f"
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qebZL2tycS3Ss7l1BGFHLm%2F2ZqMUQ0X2W7CNVa4UW1FoT0vTnoJtQmKuYF374ipvjVjmto4F9PFGzlV99L4I72AeWEjT3qWEvlQHB2pXE%2Fc%2BNECS5rpyaavRGL59aGUPGAIajDbo"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=2678400
cf-ray
8ac093663bed0441-HKG
alt-svc
h3=":443"; ma=86400
global.css
www.telegrambcn.com/pc/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/pc/css/global.css
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/windows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
392533361ac63f936a3a772cb436661782c6d944df70a7cf90d019d5be87544c

Request headers

Referer
https://www.telegrambcn.com/windows/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20472
cf-polished
origSize=12753
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 02 Mar 2024 15:56:36 GMT
server
cloudflare
etag
W/"65e34c34-31d1"
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FRWmSX1QmfWZ5jRv%2BqO1aznd2DqF0b0LDpEH4WMi3kzCzQV6hisuT2F45%2FFJI0xqZvs%2FoWC6a51OfJl0UQlWjHV6XEIms0BIB8kCo7VFhUGWMD7PKWyYaa3xYvQLBp9bvyivz2U%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
8ac093694e220441-HKG
expires
Thu, 01 Aug 2024 03:29:21 GMT
logs.css
www.telegrambcn.com/pc/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/pc/css/logs.css
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/windows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07e1b10f40b0e247b3d5bf035207bb06dc3bb47788b418436607b40059a04e2a

Request headers

Referer
https://www.telegrambcn.com/windows/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4958
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 02 Mar 2024 15:56:36 GMT
server
cloudflare
etag
W/"65e34c34-135e"
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NbfJIc3BCT5ZRYe3IvdlH%2B6RGUACE0K2PbxV1nB%2BrtlHmQdkBLMDqta1mMxLAEgdZos8aFgaJ0HNMO5DTVwvFd8ffW9cPTyQ5XqY6Ew18BSV0JttYcUHNztqAFRcXv%2FH00ljO6DR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
8ac093694e250441-HKG
expires
Thu, 01 Aug 2024 09:10:33 GMT
nav.css
www.telegrambcn.com/pc/css/ 		16 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/pc/css/nav.css
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/windows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae6bfcd98c23748943bef9376401d1a6a7bd66acc36d5bef03c305f1f032f1fb

Request headers

Referer
https://www.telegrambcn.com/windows/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20472
cf-polished
origSize=17841
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 02 Mar 2024 15:56:36 GMT
server
cloudflare
etag
W/"65e34c34-45b1"
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p35oFihaaXNRQB%2F9OvwCuVgkHZ2dmE2ZUjR2M1rJGYCNWTqdARqoOivACRdOieCWXgVxWE1Ob0qD%2BCP5gUo2izYLcmNgWd21hnc1Bzix64SbyAaWqsLENjEs4lqxyzdv6bbe9DRK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
8ac093694e270441-HKG
expires
Thu, 01 Aug 2024 03:29:21 GMT
zh-tw.php
www.telegrambcn.com/ 		0
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/zh-tw.php
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/windows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegrambcn.com/windows/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2tC3kToDWoDYvzxmssGoK3VevsDpSzwBloP5NDtZigpD22Wu0EFlWw1oEpfxv5QG4BR4hxXS6Sb83jyiHS3hYIPAghWlJHpwX6T9qJgVMwdc0NnQhCxLwIJ7uGNmrVlxCvECgP4"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8ac093694e290441-HKG
alt-svc
h3=":443"; ma=86400
jquery.min.js
www.telegrambcn.com/pc/js/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/pc/js/jquery.min.js
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/windows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5509f510692a2c583d7c87670af0bbb474bed31b999dd7ccb16ee66a368180

Request headers

Referer
https://www.telegrambcn.com/windows/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 02 Mar 2024 15:56:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20472
etag
W/"65e34c38-16a7d"
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKVSuSoIRb0%2FNBesRGkIfkR9ZoGeaohS6gtQbiU9%2FKT9NQHRE25kdnN3APcef%2Bi%2Bro69saWbywSNjxLX0poF28Mgxo531MLIZgSduxWH6JE0KVOEhx7bptJVYReRDW%2BLhVnkTx23"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8ac093694e2b0441-HKG
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 03:29:21 GMT
tab.min.js
www.telegrambcn.com/pc/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/pc/js/tab.min.js
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/windows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8780e3208b3913d633d1c780e328dbe3ae414657212793f3f7f928d5fe29be39

Request headers

Referer
https://www.telegrambcn.com/windows/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 02 Mar 2024 15:56:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20472
etag
W/"65e34c38-804"
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fkIYy8n8HlSairpl9soVnQZAT%2B7xS2p7Bgefpxn3xzZpmztFw213mkxAUVgOyF%2Bp2OgCWkyD8FivhRwCN%2BUzXV7Z3y1TUZzXnKmKN7lY7fVWF7oH%2BjrHSjrWUXnSV%2FjRxQPnicqT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8ac093694e2c0441-HKG
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 03:29:21 GMT
/
www.telegrambcn.com/Spider/ 		0
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/Spider/?url=/windows/
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/windows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PbootCMS
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegrambcn.com/windows/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PbootCMS
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSAE43SFSpfzhDIUpMMIkkZHpvD0x1u0UF82MUnd6EcxtAIrKq%2FjmQeVIGdT9%2B1IyI9Okpqr6Ic%2Fw8v4XjtBYGTFaiHF7vHuy6Q79UL2DA28LMqRTjwqVYzC9RE%2BQ%2BnwOutUs9nC"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
8ac0936c38480441-HKG
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=edge,chrome=1
/
www.telegrambcn.com/ 		7 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/?p=/Do/visits/id/189
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/windows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PbootCMS
Resource Hash
ef5574109434bb8cb99d9ab5af5e32a038c4d7c659387473641c799013e79e0a

Request headers

Referer
https://www.telegrambcn.com/windows/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PbootCMS
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2fxXB6bkjt7azZNf%2Fj7CeKLz69bdoY9fzf7K8dWmEXKcO1Px%2FgOBIgPLSVGqWIEY6ClRkbSOiVIhxL%2Bk0xuwZwpY1TTIBW1JKzYa5KujIypUJhK3UZqqwXxoQLAAWcu02eebN3tX"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
8ac0936c384a0441-HKG
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=edge,chrome=1
matomo.js
web.dcobxs.com/ 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.dcobxs.com/matomo.js
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/windows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0d7af2971baf50358dd1560c353cf6795d0d4e6b85388023a5719b12c9ee35

Request headers

Referer
https://www.telegrambcn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3592
cf-polished
origSize=67460
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 10 Jun 2024 21:19:36 GMT
server
cloudflare
etag
W/"66676de8-10784"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1hE%2B7xUFmAiNCeF1p3rzZg2QEphZRfkXkF9n%2FuFT3KLIIRu8zHDiTl7QyqorgxF4HShKw1rYJVRLLU6Ln8Yn%2BvTqlxw4j7mrHRsfOiZriLpBG2ZUr6Ewyws4IaPxTTBog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8ac0936d7e9fa8f8-SIN
expires
Thu, 01 Aug 2024 08:10:41 GMT
td_laptop.png
www.telegrambcn.com/pc/img/ 		185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegrambcn.com/pc/img/td_laptop.png
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/pc/css/nav.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a1d4890b3e91a01c20c65b75f1ae028e3c445cad1fd2d249dd0868876dfe4b4

Request headers

Referer
https://www.telegrambcn.com/pc/css/nav.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
cf-cache-status
MISS
last-modified
Sat, 02 Mar 2024 15:56:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65e34c38-2e526"
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13AY1VXeyFAF%2BaMhO9Ei4v6vPge4GDWrVfo6rqRKPXthmY6TMkJrApTJIk7JZuNYfmyTMK7Ah%2F1M%2FWHumD%2FnUaPW8Rt3RklQU2ryfO0OD8W3e2gjsSWolOz%2FfLUPp8zmz9FX9vBv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8ac0936c585b0441-HKG
alt-svc
h3=":443"; ma=86400
content-length
189734
expires
Fri, 30 Aug 2024 21:10:33 GMT
telegram-an.png
www.telegrambcn.com/pc/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegrambcn.com/pc/img/telegram-an.png
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/pc/css/global.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a2ab891341105516321c1b4ae1fbe239c5d736c26f4350215cef4f2f56fcec

Request headers

Referer
https://www.telegrambcn.com/pc/css/global.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2025952
alt-svc
h3=":443"; ma=86400
content-length
3134
last-modified
Sat, 02 Mar 2024 15:56:40 GMT
server
cloudflare
etag
"65e34c38-c3e"
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XA6XzaJqbFL0y%2F%2FNH0JXvTo3O2F5St6vyFdrBEfLCe95ogPdtCVfRALVeqXbfFPMSzWnABJPwtvIbVZs59ek3VkJMaIYuate18aqTaX66GzohQkIIxXBIg3T4hcTEbyRQW34iZON"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8ac0936c585d0441-HKG
expires
Wed, 07 Aug 2024 10:24:41 GMT
main.js
www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame 6100
Redirect Chain
  • https://www.telegrambcn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/windows/
Protocol
H3
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0722a03dbf1ce379faee56e2fe79b9818e84a691a31994ecee5e76fa231b842
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqlkrCSbF2Z7Bs8XABAzoUsIaQTQKEjV8fRh7GDKwwIh%2BU7cFVcULljzg1LXU8IvGFWSyL5SzgSDWzJWoHLnv%2BkGdgKs1EpiZh9PFW1Xd%2F7TwUUUEyPBt%2FPDsrLuDqHrDgqpcd%2Fz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8ac093665bfc0441-HKG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 31 Jul 2024 21:10:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cw6Z%2FCtH9pkei1MzaxFissbb9IEkG8YQOH2moheEkVO8YbWAdiw914gHGyYBBGiJ8sLaU311%2FZPWyWG25t9Ao5WoOH%2BCt3PWSEPLsLzRlF%2B6gOBBFtVVUxWLUEassno%2FbAWtJ%2FOZ"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8ac09364dae20441-HKG
alt-svc
h3=":443"; ma=86400
content-length
0
8ac093663beb0441
www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6100 		0
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ac093663beb0441
Requested by
Host: www.telegrambcn.com
URL: https://www.telegrambcn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Jul 2024 21:10:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2FvwdvVW2Zoja36M7SoEo4CNb6qj5lvQHn4PCHw40uIFcVLGKP24F0u28lnoEnUOZPw3pB4%2FY5V%2BlH96YfwFYPgx%2FlX%2FEIKmhYvD9eU81UECA0l6l97iUU5nPPoy%2BppG4tcn8ENg"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8ac0936de9970441-HKG
alt-svc
h3=":443"; ma=86400
content-length
0
matomo.php
web.dcobxs.com/ 		0
426 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.dcobxs.com/matomo.php?action_name=Telegram%20-%20Telegram%E4%B8%AD%E6%96%87%E7%94%B5%E8%84%91%E7%89%88%E4%B8%8B%E8%BD%BD&idsite=2&rec=1&r=167182&h=23&m=10&s=34&url=https%3A%2F%2Fwww.telegrambcn.com%2Fwindows%2F&urlref=https%3A%2F%2Fwww.telegrambcn.com%2Fdownload&_id=1448c5e3097d3536&_idn=1&send_image=0&_refts=0&pv_id=sfbzVJ&pf_net=0&pf_srv=479&pf_tfr=3&pf_dm1=488&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: web.dcobxs.com
URL: https://web.dcobxs.com/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegrambcn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Wed, 31 Jul 2024 21:10:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4XI7lV4dFs%2FX1B3vcD%2FVnMp1dWHlzAinjeHBOy7Nm0vnDJynPdZSqlwJA8DF4XMfgNwlOadOG%2F1M7Lg8YfUwkWV5eoZ32t35gsFnmfcnBKd%2BsM3nMgmHGzHJfbMyYgAtzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.telegrambcn.com
access-control-allow-credentials
true
cf-ray
8ac0936ff8cba8f8-SIN
alt-svc
h3=":443"; ma=86400
favicon.ico
www.telegrambcn.com/ 		12 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.telegrambcn.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef4b2712e4f7d504a3c6e2c9adce922a0f2d855496333811433fcc1984332007

Request headers

Referer
https://www.telegrambcn.com/windows/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 21:10:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 02 Mar 2024 16:00:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e34d28-306f"
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qebZL2tycS3Ss7l1BGFHLm%2F2ZqMUQ0X2W7CNVa4UW1FoT0vTnoJtQmKuYF374ipvjVjmto4F9PFGzlV99L4I72AeWEjT3qWEvlQHB2pXE%2Fc%2BNECS5rpyaavRGL59aGUPGAIajDbo"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=2678400
cf-ray
8ac093663bed0441-HKG
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| jQuery18303727245197226643 object| YDUI object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

4 Cookies

Domain/Path Name / Value
www.telegrambcn.com/ Name: lg
Value: cn
www.telegrambcn.com/ Name: _pk_id.2.46bb
Value: 1448c5e3097d3536.1722460234.
www.telegrambcn.com/ Name: _pk_ses.2.46bb
Value: 1
.telegrambcn.com/ Name: cf_clearance
Value: ZtVNsPsH0ww_KdMOxqp8_AUl_vXsE4KfeEKzEsZ0g7o-1722460233-1.0.1.1-sYgJPJ7ctoiiAPvHWWz.sullGwXtSahgh7czEafK56PJyP2r47ZqeR.pA09mJExzFKf1LIsuUOqsIWOBGc90WA