on-meet.citzy7.xyz Open in urlscan Pro
2606:4700:3032::6815:2388 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://on-meet.citzy7.xyz/
Effective URL:
https://on-meet.citzy7.xyz/
Submission: On November 05 via automatic, source openphish (November 5th 2024, 1:31:04 am UTC) — Scanned from CA

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3032::6815:2388, located in United States and belongs to CLOUDFLARENET, US. The main domain is on-meet.citzy7.xyz.
TLS certificate: Issued by WE1 on November 3rd 2024. Valid for: 3 months.

This is the only time on-meet.citzy7.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3032::6815:2388	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c1d::8b	15169 (GOOGLE) (GOOGLE)
1	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
15	4

13 2606:4700:3032::6815:2388 (United States)

ASN13335 (CLOUDFLARENET, US)

on-meet.citzy7.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c1d::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	citzy7.xyz on-meet.citzy7.xyz	207 KB
1	telegram.org telegram.org — Cisco Umbrella Rank: 10577	15 KB
1	gstatic.com encrypted-tbn0.gstatic.com	10 KB
15	3

	Domain	Requested by
13	on-meet.citzy7.xyz	on-meet.citzy7.xyz
1	telegram.org
1	encrypted-tbn0.gstatic.com	on-meet.citzy7.xyz
15	3

This site contains links to these domains. Also see Links.

Domain
telegram.org

Subject Issuer	Validity	Valid
citzy7.xyz WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2024-08-10` - `2025-09-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://on-meet.citzy7.xyz/
Frame ID: E55218EB2D7CCCD4A41D94D3193283BF
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JOIN NOW

Page URL History Show full URLs

http://on-meet.citzy7.xyz/ HTTP 307
https://on-meet.citzy7.xyz/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

232 kB
Transfer

4191 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://telegram.org/dl?tme=dcb35ed3700eccc38f_6622701878519939188
Title: Download

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://on-meet.citzy7.xyz/ HTTP 307
https://on-meet.citzy7.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
on-meet.citzy7.xyz/
Redirect Chain

http://on-meet.citzy7.xyz/
https://on-meet.citzy7.xyz/

10 KB
4 KB

646ms
338ms

Document
text/html

2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5cb16bd8ac4641406c98feffc08a9f47b2a6dbbd9a7bf2abf81a75d5dfdd404

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8dd914e45b2819e7-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Nov 2024 01:30:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3q2pIsT9UfzmrI0s9euTwnmFiqwJbm3kWCkpoDQWQs4ic1jS4syxAQxR0tvwYG%2B%2FkCTBfwoYCKWNdBWiOUh9W0DCv%2BOeTs2nC28cLUwKVqjfmX1N3iY43RZ%2FwEyCbgbZ4xhE6D0WPA1NKBpMSlNxiHQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=74228&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4173&recv_bytes=4428&delivery_rate=365&cwnd=12000&unsent_bytes=0&cid=0a7baebeedd3434a&ts=360&x=1" cfHdrFlush;dur=0

Redirect headers

Location: https://on-meet.citzy7.xyz/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 404 main.html
on-meet.citzy7.xyz/ast/css/ 0
0 382ms
380ms Stylesheet
text/html 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/ast/css/main.html
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://on-meet.citzy7.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8NMWOFlCgWJS57vVDSPbmWZjx6EV%2Fyr6I%2FimPXM0sTx4vkngajklyHYTaCLbu6LAB1GD78zhdhte5Y5UxFmDqDk7LWbBJ%2BWaUJq7sO8l0k07CsFQe6O1mORU6axmbzpUSrn9cvApPOHBeq4rNO8wvM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd914e6ddf719e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63699&sent=215&recv=73&lost=0&retrans=0&sent_bytes=218836&recv_bytes=9160&delivery_rate=1300829&cwnd=105300&unsent_bytes=0&cid=0a7baebeedd3434a&ts=816&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: text/html; charset=iso-8859-1
server: cloudflare

GET
H3 200 jquery_3.5.1_jquery.min.js Show response
on-meet.citzy7.xyz/assets/js/ 164 KB
39 KB 120ms
118ms Script
text/javascript 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/assets/js/jquery_3.5.1_jquery.min.js
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 562892609732b7374aa3c5f488b555236db7a26a8f73c16624407fad46d946f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://on-meet.citzy7.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 4542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTJA7jsdjLRXxr5yx2bVNO0ExAXgFtkZDlyfdsiE%2FUx91lBlwCIYBnZyVvx1hFj76%2BL5Dcu%2F0zAQD6PumGklBWcaALSg%2FpdGL3IHHNlSbCh2ONMguWN7vBywsIzxmwtqKAFlwGzgm07Ge5RH4E6luHA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd914e6ddfc19e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=75695&sent=34&recv=19&lost=0&retrans=0&sent_bytes=20910&recv_bytes=6501&delivery_rate=59511&cwnd=12000&unsent_bytes=0&cid=0a7baebeedd3434a&ts=506&x=1", cfHdrFlush;dur=48
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: text/javascript
last-modified: Sat, 12 Aug 2023 04:47:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 font-robotoc4ca.css
on-meet.citzy7.xyz/assets/css/ 7 KB
1 KB 69ms
66ms Stylesheet
text/css 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/assets/css/font-robotoc4ca.css
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eafc4f27082fe239be807e36e02fb3c2ab6dd27518f4d5c158f0c4366287988

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://on-meet.citzy7.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 4543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56xWoqFF%2F6xrLuDLGdNBwe0z0W6P0f3BAVodvSnnTl%2B1ivXd%2Bp%2BFmxs%2B9XxUG3VsG0kwYERj5hZEZDB4JRjjiAVUbuTkFodLLNO51J7Ztr9YVBX%2FsgGiyzbdW%2BYS61XtdsEw02NG%2FEKaeBNxVffZwg8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd914e6ddfe19e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=75695&sent=22&recv=19&lost=0&retrans=0&sent_bytes=8910&recv_bytes=6501&delivery_rate=59511&cwnd=12000&unsent_bytes=0&cid=0a7baebeedd3434a&ts=501&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: text/css
last-modified: Sat, 12 Aug 2023 04:48:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap.mineccb.css
on-meet.citzy7.xyz/assets/css/ 53 KB
10 KB 71ms
68ms Stylesheet
text/css 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/assets/css/bootstrap.mineccb.css
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9655444fd44b531d581c56e5c187a7ceca9f07beff67618560bfcb64e45ce0e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://on-meet.citzy7.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 4542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xl7qRLItIuWSxxz6xElfVWbFFO9BYN4%2F2u8G9RYP29VA8EGsacGh75nRg%2BAp5dhzsRMyWnIzim55V%2FA8J%2B4%2FvFZuBJS8KdhuZ8MvqAzz1l1pM4Jm77vwNOoXXSO5m%2BF7cet%2BKceaJFxFZ1uGJmXtnI8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd914e6de0019e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=75695&sent=24&recv=19&lost=0&retrans=0&sent_bytes=10242&recv_bytes=6501&delivery_rate=59511&cwnd=12000&unsent_bytes=0&cid=0a7baebeedd3434a&ts=504&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: text/css
last-modified: Sat, 12 Aug 2023 04:48:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 telegram0116.css
on-meet.citzy7.xyz/assets/css/ 119 KB
24 KB 125ms
123ms Stylesheet
text/css 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/assets/css/telegram0116.css
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 310905cedf208dc0f7a7ff6625c763360811127f3f35af84d781b1bbd5cde5a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://on-meet.citzy7.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 4542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdAwW5FrgdiOjQzAVvbOFxZ30h3YWcssOD25YCJlSC1JxBTbTlo%2FtBdfYeIZejrynVdx9Cik0yjkbR2qXyso9A4WjN6c65LWjBec%2BjOfRovxd8GdIm9IU5FbnPmIk9LEK7RYDKk8PsgDAQFXrwxykg0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd914e6de0319e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=75695&sent=34&recv=19&lost=0&retrans=0&sent_bytes=20910&recv_bytes=6501&delivery_rate=59511&cwnd=12000&unsent_bytes=0&cid=0a7baebeedd3434a&ts=510&x=1", cfHdrFlush;dur=46
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: text/css
last-modified: Mon, 11 Sep 2023 10:08:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 2.png
on-meet.citzy7.xyz/assets/img/ 125 KB
126 KB 195ms
193ms Image
image/png 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on-meet.citzy7.xyz/assets/img/2.png
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7cbca5065b726f08cdf7fdc54623b2c007eefc3a0475d88566911188d119c63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://on-meet.citzy7.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 4541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BHEMhC%2Bzep9lZixF%2BEO4sfHToi3mbJ6ZL3CnwYObb49rrlmIWV4ZgHSLlSWBlFpzvcPBEecwUV%2B%2B%2FuRSLNe0KfwSe4t5zeg%2BS4PbbtMUASthFVggpbHIJxzIm%2F%2FXChdqqvnksXv8H7g0K5qrLTr5lc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd914e6de0719e7-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=75695&sent=33&recv=19&lost=0&retrans=0&sent_bytes=20369&recv_bytes=6501&delivery_rate=59511&cwnd=12000&unsent_bytes=0&cid=0a7baebeedd3434a&ts=504&x=1", cfHdrFlush;dur=0
content-length: 128055
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: image/png
last-modified: Sat, 12 Aug 2023 04:47:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 9 KB
10 KB 301ms
85ms Image
image/jpeg 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT96wXOvZWokUxmbwMS342syu_S3NdpSlTLAg&s

Requested by

Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65378ff697f2e3633f09860fe51fc0a14a623ee879a2a643f7f356b9423daea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://on-meet.citzy7.xyz/

Response headers

report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 01:30:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: image/jpeg
last-modified: Sun, 05 Jul 2020 14:18:47 GMT
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 9516
x-xss-protection: 0
server: sffe

GET
H3 200 tgwallpaper.mineccb.js Show response
on-meet.citzy7.xyz/assets/js/ 5 KB
2 KB 72ms
72ms Script
text/javascript 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/assets/js/tgwallpaper.mineccb.js
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e875d54947f843c227ed09ba24697e522b352ee6710f353497887556ab29efd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://on-meet.citzy7.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 4541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKrgQmDvGX76A9blRr7%2FVMHiEvQyew9Zg2FPtDfTfVFZYA6bShxxYrGO4NbyYG%2B%2FH1Q%2Bhv7elH49t3%2Bdlz47%2BgItAbT%2FTBSBYNgJpiMJUhd7J4njTcFqbTcfHhDu2eCvE72ImSzPcM00PZxjpheiV3Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd914e8c82419e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63699&sent=218&recv=73&lost=0&retrans=0&sent_bytes=219728&recv_bytes=9160&delivery_rate=1300829&cwnd=105300&unsent_bytes=0&cid=0a7baebeedd3434a&ts=821&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: text/javascript
last-modified: Sat, 12 Aug 2023 04:47:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 external.html
on-meet.citzy7.xyz/ 315 B
315 B 942ms
942ms Image
text/html 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on-meet.citzy7.xyz/external.html?link=http://telegram.org/img/tgme/pattern.svg?1
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/assets/css/telegram0116.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://on-meet.citzy7.xyz/assets/css/telegram0116.css

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yy12SroZ1loy4hU73MXQVYLj5QhfW2qaORAnp1bqhpxcHuKUwdWnkK98SGDnbWgpIoxNHF1FdT57xXWT9wVjWIvmKVlejBxaPAFHSuTlv2zMpE0f8mnAOb64zdPT2KVUmuj2OJUnUGJ%2BSPol8ADqxno%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd914e968bd19e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=185514&sent=1248&recv=154&lost=0&retrans=1&sent_bytes=1415071&recv_bytes=14108&delivery_rate=1576747&cwnd=430200&unsent_bytes=0&cid=0a7baebeedd3434a&ts=1612&x=1", cfHdrFlush;dur=41
date: Tue, 05 Nov 2024 01:31:00 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 404 external.html
on-meet.citzy7.xyz/ 0
0 330ms
330ms Font
text/html 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/external.html?link=http://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/assets/css/font-robotoc4ca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://on-meet.citzy7.xyz
Referer: https://on-meet.citzy7.xyz/assets/css/font-robotoc4ca.css

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mSM3Zh0pDoZMU2LoS%2Ftvl5iHRfR8fPCUjTeEIecaoSCZhMrQdGhznHuGtAkznzB4qKZeAcuUXHfHLg0OXkBhbcC9gPr4qnxk3oJwDPvyWiTVbfWJuKSBMnXsKAd3gXJVuf2m7fmSNJeV9DlVge43qB0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd914e978c319e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=140863&sent=444&recv=89&lost=0&retrans=1&sent_bytes=479971&recv_bytes=11156&delivery_rate=607065&cwnd=148800&unsent_bytes=0&cid=0a7baebeedd3434a&ts=1163&x=1", cfHdrFlush;dur=2
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare

GET
H3 404 external.html
on-meet.citzy7.xyz/ 0
0 937ms
937ms Font
text/html 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/external.html?link=http://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/assets/css/font-robotoc4ca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://on-meet.citzy7.xyz
Referer: https://on-meet.citzy7.xyz/assets/css/font-robotoc4ca.css

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YY3ZOWoD%2FN%2FkdMMOjkCCGKzXMSKu%2FYBdiqHKwx2VgV1t0P9XmtgXCJR2YLQ%2B71ghvOpWbDlgm%2Btgdf9m3lwb3F69T1ArmMXwjucq84eDX4UY6cOjtvdCF1J1b4H2xt24bI6fkewQFTHOzqRJ376cdfI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd914e978c519e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=185514&sent=1248&recv=154&lost=0&retrans=1&sent_bytes=1415071&recv_bytes=14108&delivery_rate=1576747&cwnd=430200&unsent_bytes=0&cid=0a7baebeedd3434a&ts=1610&x=1", cfHdrFlush;dur=43
date: Tue, 05 Nov 2024 01:31:00 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare

GET
H3 206 hmm.mp4
on-meet.citzy7.xyz/ 4 MB
0 140ms
140ms Media
video/mp4 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/hmm.mp4
Requested by: Host: on-meet.citzy7.xyz
URL: https://on-meet.citzy7.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://on-meet.citzy7.xyz/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 4540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3nLKDxHw1nCX4PfZlbVoXq5vazWTxBx6aZfyQFQ3hrmM2AAmVGkLaWnj%2BHaO98IkqvBheZe1CySsIpDvAonkZxqTo5e7L%2B4lTT5YXoxUWhU%2FdXUTYzhMwWv6t6RWkhe4Q8EHZTxccWXovp05RaDzwE%3D"}],"group":"cf-nel","max_age":604800}
Content-Range: bytes 0-19630075/19630076
cf-ray: 8dd914e988cb19e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63014&sent=224&recv=78&lost=0&retrans=0&sent_bytes=222271&recv_bytes=10665&delivery_rate=45178&cwnd=105300&unsent_bytes=0&cid=0a7baebeedd3434a&ts=930&x=1", cfHdrFlush;dur=0
Content-Length: 19630076
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: video/mp4
last-modified: Mon, 09 Sep 2024 07:57:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 favicon.ico
telegram.org/img/ 15 KB
15 KB 587ms
225ms Other
image/x-icon 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://on-meet.citzy7.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=604800
etag: "62616083-3aee"
expires: Tue, 12 Nov 2024 01:31:00 GMT
accept-ranges: bytes
content-length: 15086
date: Tue, 05 Nov 2024 01:31:00 GMT
content-type: image/x-icon
last-modified: Thu, 21 Apr 2022 13:47:47 GMT
server: nginx/1.18.0

GET
H3 206 hmm.mp4
on-meet.citzy7.xyz/ 64 KB
0 0ms
0ms Media
video/mp4 2606:4700:3032::6815:2388
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on-meet.citzy7.xyz/hmm.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2388 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://on-meet.citzy7.xyz/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=3703358-

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 4540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3nLKDxHw1nCX4PfZlbVoXq5vazWTxBx6aZfyQFQ3hrmM2AAmVGkLaWnj%2BHaO98IkqvBheZe1CySsIpDvAonkZxqTo5e7L%2B4lTT5YXoxUWhU%2FdXUTYzhMwWv6t6RWkhe4Q8EHZTxccWXovp05RaDzwE%3D"}],"group":"cf-nel","max_age":604800}
Content-Range: bytes 3703358-19630075/19630076
cf-ray: 8dd914e988cb19e7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63014&sent=224&recv=78&lost=0&retrans=0&sent_bytes=222271&recv_bytes=10665&delivery_rate=45178&cwnd=105300&unsent_bytes=0&cid=0a7baebeedd3434a&ts=930&x=1", cfHdrFlush;dur=0
Content-Length: 15926718
date: Tue, 05 Nov 2024 01:30:59 GMT
content-type: video/mp4
last-modified: Mon, 09 Sep 2024 07:57:02 GMT
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://on-meet.citzy7.xyz/ast/css/main.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://on-meet.citzy7.xyz/external.html?link=http://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://on-meet.citzy7.xyz/external.html?link=http://telegram.org/img/tgme/pattern.svg?1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://on-meet.citzy7.xyz/external.html?link=http://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

encrypted-tbn0.gstatic.com
on-meet.citzy7.xyz
telegram.org
2001:67c:4e8:f004::9
2606:4700:3032::6815:2388
2607:f8b0:400d:c1d::8b
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2eafc4f27082fe239be807e36e02fb3c2ab6dd27518f4d5c158f0c4366287988
310905cedf208dc0f7a7ff6625c763360811127f3f35af84d781b1bbd5cde5a1
4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78
562892609732b7374aa3c5f488b555236db7a26a8f73c16624407fad46d946f8
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
65378ff697f2e3633f09860fe51fc0a14a623ee879a2a643f7f356b9423daea8
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
9655444fd44b531d581c56e5c187a7ceca9f07beff67618560bfcb64e45ce0e6
9e875d54947f843c227ed09ba24697e522b352ee6710f353497887556ab29efd
b5cb16bd8ac4641406c98feffc08a9f47b2a6dbbd9a7bf2abf81a75d5dfdd404
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e7cbca5065b726f08cdf7fdc54623b2c007eefc3a0475d88566911188d119c63
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

on-meet.citzy7.xyz Open in urlscan Pro 2606:4700:3032::6815:2388 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

232 kBTransfer

4191 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

on-meet.citzy7.xyz Open in urlscan Pro
2606:4700:3032::6815:2388 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

232 kB
Transfer

4191 kB
Size

0
Cookies

15 HTTP transactions
7 data transactions