talergam.cloud Open in urlscan Pro
104.21.10.231 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://talergam.cloud/
Effective URL:
https://talergam.cloud/k/
Submission: On December 17 via api (December 17th 2024, 5:55:27 am UTC) from BE — Scanned from IL

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 104.21.10.231, located in and belongs to CLOUDFLARENET, US. The main domain is talergam.cloud.
TLS certificate: Issued by WE1 on December 14th 2024. Valid for: 3 months.

This is the only time talergam.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
1 16	104.21.10.231 104.21.10.231		13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2

16 104.21.10.231 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

talergam.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	talergam.cloud 1 redirects talergam.cloud	110 KB
0	bafanglaicai.app Failed tong.bafanglaicai.app Failed
18	2

	Domain	Requested by
16	talergam.cloud	1 redirects talergam.cloud
0	tong.bafanglaicai.app Failed	talergam.cloud
18	2

This site contains no links.

Subject Issuer	Validity	Valid
talergam.cloud WE1	`2024-12-14` - `2025-03-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://talergam.cloud/k/
Frame ID: 606020487551B95175595EC9539234DC
Requests: 15 HTTP requests in this frame

Frame: https://talergam.cloud/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: C8DAD5CB763D9417BF3A13E41CB734D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram

Page URL History Show full URLs

http://talergam.cloud/ HTTP 307
https://talergam.cloud/ Page URL
https://talergam.cloud/k/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

18
Requests

78 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

110 kB
Transfer

380 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://talergam.cloud/ HTTP 307
https://talergam.cloud/ Page URL
https://talergam.cloud/k/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://talergam.cloud/ HTTP 307
https://talergam.cloud/

Request Chain 9

https://talergam.cloud/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://talergam.cloud/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
talergam.cloud/
Redirect Chain

http://talergam.cloud/
https://talergam.cloud/

14 KB
5 KB

578ms
452ms

Document
text/html

104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7efac496365d290f067b6a1a68ac0aa7c79e005d0752c826b34938c34b23df6b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f34a9ccfecce1a8-MRS
content-encoding: zstd
content-type: text/html
date: Tue, 17 Dec 2024 05:55:16 GMT
last-modified: Mon, 16 Dec 2024 22:37:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BWTheKFFbwoCOkAQF%2BI4N7s5QDDa%2Fzli8HVN5UzbrMli%2BRdWrkB9OglpMKe0wsf9tXjJnOqmRfK84ZfW2kNk6DaLk6mJXOH1JeASVxHbvXZEFdJYX5qPacwhbgA5xqBcqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=108068&min_rtt=108024&rtt_var=17129&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4160&recv_bytes=4484&delivery_rate=210&cwnd=12000&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=462&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

Location: https://talergam.cloud/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 bootstrap.min.css
talergam.cloud/files/ 42 KB
10 KB 461ms
459ms Stylesheet
text/css 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/files/bootstrap.min.css
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"6760603a-a61b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J4Hx7wUXXudqfofRKPdAS0NughoA4jPKIoTg3g7elfgJsI%2FE8OC3lbN1GKfdOEotwJ3zLzIBTahGXU0Oj%2BQ0CWOIkfzhvsaoGOjK7iAs2cAxbt82%2B324VZsnsn9vFumEzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9d00f3fe1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=108591&min_rtt=108024&rtt_var=6226&sent=32&recv=20&lost=0&retrans=0&sent_bytes=20925&recv_bytes=6441&delivery_rate=50288&cwnd=12000&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=954&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:17 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 17:15:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 index.css
talergam.cloud/ 1 KB
1 KB 460ms
459ms Stylesheet
text/css 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/index.css
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c212d7f877e37e31e5f815aff89652da368f22981004a7e9d3cf867e9c96599

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"67607099-580"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6vKXP0nLeMRbm%2BAhepmLKxnAn0hm66S16rpB5m%2FH%2Bjr3xUyhyRVQD2uUrleA4Bi%2B%2FIA3WpwQObGaVDEr4DSI%2FHzYUmkdannwbUl5sKQs7mBqjAqdLUfTcxnF%2BJ15msz7uA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9d00f41e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=108591&min_rtt=108024&rtt_var=6226&sent=30&recv=20&lost=0&retrans=0&sent_bytes=19492&recv_bytes=6441&delivery_rate=50288&cwnd=12000&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=953&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:17 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:25:29 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 telegram.css
talergam.cloud/files/ 113 KB
28 KB 628ms
627ms Stylesheet
text/css 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/files/telegram.css
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fed69363a40e503cfcb65023e8bfdb9b98de62b1b7d938fcfb727fd16066580

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"67607633-1c21c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2d8Eo8OwUIi2if5Wzk5xUZeQkCRQSXroQA%2Fd%2B3PnQ4grsx5Xc7JNWTFVJQ%2FDT6aJdqw4ITeTJcL9QTvLETlA7PI99prUSjvzysKWCmrmCYmz%2BHoY1XD0cYe6uj6d1vGQvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9d00f44e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=110043&min_rtt=108024&rtt_var=2771&sent=49&recv=27&lost=0&retrans=0&sent_bytes=38842&recv_bytes=6743&delivery_rate=26556&cwnd=21600&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=1121&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:17 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:49:23 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 i18n.js Show response
talergam.cloud/js/ 3 KB
2 KB 455ms
454ms Script
application/javascript 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/js/i18n.js
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fad7e5604b38a58e74ebfcf5208551752c671234341958e3b1585bd7eea42e9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"6760abb2-d1c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=afUWtVTALItNWkHwMPEse3bWVhRJuMMhCMVTFt%2BtE5dGR3wrJel0UXddTRaJhIzZh2d%2FLU0pK%2FCE%2FupWxvzo1iTPomrB2Y7ZDuKqUrflWbnU0JdI5y%2FEhIWiO%2B0iH9RMCw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9d00f45e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=108591&min_rtt=108024&rtt_var=6226&sent=20&recv=20&lost=0&retrans=0&sent_bytes=9644&recv_bytes=6441&delivery_rate=50288&cwnd=12000&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=949&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:17 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 22:37:38 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 main.js Show response
talergam.cloud/files/ 21 KB
7 KB 563ms
562ms Script
application/javascript 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/files/main.js
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51c4d88fd78f3b8efb16f845e75be7f1bb288fdf2fd39d033868a0346db7fadb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"6760603a-53e6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bFInaUvvfBotr%2BOAfAW7wIGBl79LczCy3syyIbfYl2gVyRq9rGbEBZ2eutSTWvt8rPASmNoeQM%2F0g%2FmqcosOKGrjgbuuHnF8HRB27iM0YH7IKwApwvv3jKUqq8Qf6bAsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9d00f46e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=108591&min_rtt=108024&rtt_var=6226&sent=33&recv=20&lost=0&retrans=0&sent_bytes=21644&recv_bytes=6441&delivery_rate=50288&cwnd=12000&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=955&x=1", cfExtPri, cfHdrFlush;dur=102
date: Tue, 17 Dec 2024 05:55:17 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 17:15:38 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 tgsticker.js Show response
talergam.cloud/files/ 24 KB
7 KB 457ms
456ms Script
application/javascript 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/files/tgsticker.js
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f843ec50116b144b274c206d7fe25d70328ea6cf38bfcd349c1647f400c284b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"67606342-6019"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frg7oTqG7EhY%2FDO129Y40h%2FKb3fHTuCCVJ6iy6Ew0XzM6bVk5z4muC4eEuHWpYclBY6MFjGRzS7rCpfoU0%2BkHDaGW3DJdMTPW4B56yotw1tHLz4q3TyJhom1hh%2B6OJn4xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9d00f48e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=108591&min_rtt=108024&rtt_var=6226&sent=23&recv=20&lost=0&retrans=0&sent_bytes=12147&recv_bytes=6441&delivery_rate=50288&cwnd=12000&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=951&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:17 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 17:28:34 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET tgsticker-worker.js
talergam.cloud/js/ Frame 0
0

GET
H3 200 t_logo_sprite.svg
talergam.cloud/img/ 23 KB
7 KB 628ms
627ms Image
image/svg+xml 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://talergam.cloud/img/t_logo_sprite.svg
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832fbefd7a4fe8f651058597d9f1910883d1cbd56d0ceb343e7d6170aeecf982

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"625e99d1-5a4c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZMUYvpz88xhRYTEOIaR858yhxkRa8n4It3qclpRhnyysoZbNCl3ogliR2ZSiEYH81%2FrHVPI3nVR1%2FgO65jjn1Jg0Hm8%2FItxB2k7YNT3lUzND2tkablMo2Z3VacSGdVYZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9d449d7e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=116531&min_rtt=108019&rtt_var=9712&sent=94&recv=71&lost=0&retrans=0&sent_bytes=77889&recv_bytes=26447&delivery_rate=70111&cwnd=38400&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=1806&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:18 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 11:15:29 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3

200

main.js Show response
talergam.cloud/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame C8DA
Redirect Chain

https://talergam.cloud/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://talergam.cloud/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?

8 KB
5 KB

116ms
116ms

Script
application/javascript

104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://talergam.cloud/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?

Requested by

Host: talergam.cloud
URL: https://talergam.cloud/

Protocol

Server

104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc88acfadb8005218da86fb8f0e6691d9017b79c8170e6c9de4f9d640be712bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xRXS0dJY8PG7Tf8%2FDC3NbBSIQz%2F0W1OXZ6dORxG559YfmGtPOjDp8KsLLXbBmxn5KGu31vIQ2ALwVydOdPCQ3vyuqhILaxfdSmC%2Fkt92Iqc9Wv3MXkZyHfKobXfnT1HjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f34a9d54c71e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=110752&min_rtt=108019&rtt_var=1408&sent=80&recv=52&lost=0&retrans=0&sent_bytes=68582&recv_bytes=8855&delivery_rate=4216&cwnd=38400&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=1451&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLlL7uMK85Jgs2qoloDMucTn2kuMfVvfRs%2FZBJLk0jAmUsx2M%2FIbMTIAAOKWk3sg4Y5vyxkMRQWFHlegSvIJonZ6sbK0ly6Mc7Y8q1x0CoFU79mVhA81pR95BybpFUT18A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9d48a8be1a8-MRS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=110456&min_rtt=108019&rtt_var=1090&sent=78&recv=51&lost=0&retrans=0&sent_bytes=67834&recv_bytes=8567&delivery_rate=267631&cwnd=38400&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=1334&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:17 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 8f34a9ccfecce1a8 Show response
talergam.cloud/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C8DA 0
1 KB 126ms
116ms XHR
text/plain 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/cdn-cgi/challenge-platform/h/g/jsd/r/8f34a9ccfecce1a8
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SpZIx5wWxZE1LVs2hjQagiqcX9wTYxrQ5oNy2BK%2BYBhQajQF2dmeu2EJiE3JDiTXNx01y%2B2qGYq1lasKHdYPc9tFls%2F%2FaarSWH7FGi0vy%2BF8hB0dgg2VUOnoA9b1%2BxEp8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9d6c8f4e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=116531&min_rtt=108019&rtt_var=9712&sent=93&recv=71&lost=0&retrans=0&sent_bytes=76694&recv_bytes=26447&delivery_rate=70111&cwnd=38400&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=1704&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Tue, 17 Dec 2024 05:55:18 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 favicon.ico
talergam.cloud/files/img/ 15 KB
4 KB 623ms
622ms Other
image/x-icon 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/files/img/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"62616083-3aee"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExjEEaBIs%2BDvjrU3gh%2FJLRMqJ2ysqMN0telqIPU1hNx0H3a%2F13%2FKDFEatFnw8Z24sS%2BFKMteUxfNszHmz%2Fmfjwy5iNwI9f5zxMNtro4VlsIiAcO7%2BBV4jchlln20La4R1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9d83d27e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=111288&min_rtt=107948&rtt_var=4472&sent=130&recv=82&lost=0&retrans=0&sent_bytes=116988&recv_bytes=28905&delivery_rate=79661&cwnd=38400&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=2433&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:18 GMT
content-type: image/x-icon
last-modified: Thu, 21 Apr 2022 13:47:47 GMT
vary: Accept-Encoding
priority: u=1,i

GET
H3 200 Primary Request / Show response
talergam.cloud/k/ 3 KB
2 KB 454ms
453ms Document
text/html 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/k/
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: debdd9f6a06561d700cf9aa7ca3a222ea4782dd74ab1ebea79beb9690ae387b6

Request headers

Referer: https://talergam.cloud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f34a9ee3a86e1a8-MRS
content-encoding: zstd
content-type: text/html
date: Tue, 17 Dec 2024 05:55:22 GMT
last-modified: Mon, 16 Dec 2024 22:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhBmYf2Nt2fmraprk7sMm%2FcksqHFdNqCrGbBZhXQ3uErl16sWWhUwXo0pdoirRwZgiKO%2FmwunLij4wWNcNT%2BbqXk7Qgtuzz0Rx4orTq2g%2BiU5J%2BWq2FUQS0qsBJowIeuAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=112325&min_rtt=107948&rtt_var=4061&sent=167&recv=92&lost=0&retrans=0&sent_bytes=153701&recv_bytes=30076&delivery_rate=94464&cwnd=38400&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=5776&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 redirect.js Show response
talergam.cloud/k/ 325 B
879 B 466ms
466ms Script
application/javascript 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/k/redirect.js
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/k/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/k/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"6760ac96-145"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=faolckHzmqDDDA2TX1yeRAVRODlNHq2iLouX7NBekfPr%2FmTVA9bCbZ5qNfyG1EvCKXbDZf5cQqyRXs%2Bh4qly23pCHnKJcR1m1AoMhktVTBsqFMXrCccfGW7lnpkRMRkVyg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9f13a7ce1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=112461&min_rtt=107948&rtt_var=2627&sent=171&recv=95&lost=0&retrans=0&sent_bytes=155735&recv_bytes=30843&delivery_rate=239&cwnd=38400&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=6262&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:22 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 22:41:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET main.d54bfa037348b154a941.js
talergam.cloud/k/ 0
0

GET
H3 200 main.949acaf34f3882f511ff.css
talergam.cloud/k/ 111 KB
27 KB 3310ms
3307ms Stylesheet
text/css 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/k/main.949acaf34f3882f511ff.css
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/k/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e81ea05db27d47fa91e6bd4d675cc1c8eeec9341a4db7859359a7c5ee5fca3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/k/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"6760ac96-1ba95"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umMK9TTyz4lqqisXxN5VgiZjkCywn0mx5m1mDw6auu6jdDZ6jA4TRIpnMkEnK%2BtlF0rDJgLUy9XbVZoorP0xBLgsPAi6Smzfo6AIdJpnBU7VLa7jupNcRFqGnNn5%2Fwj%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9f429c4e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=130951&min_rtt=107948&rtt_var=30750&sent=191&recv=103&lost=0&retrans=2&sent_bytes=174985&recv_bytes=33078&delivery_rate=3549&cwnd=38400&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=9575&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:26 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 22:41:26 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 compatTest.js Show response
talergam.cloud/k/ 2 KB
2 KB 457ms
454ms Script
application/javascript 104.21.10.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://talergam.cloud/k/compatTest.js
Requested by: Host: talergam.cloud
URL: https://talergam.cloud/k/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15c24ec2b4cb94f24e66750f09e7071e5659e20a5ed926f69f565e20a81027cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://talergam.cloud/k/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"6760ac95-9f0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SGhsgK2fRPksL7rCHOz4Sv12TjTCXAfFq7M%2F94wIQ8wuhpK5rkoMmOJkTQwugUe7u6LQGEiYu%2BMuXMNbD%2Bqi8ahawJxfyQUVgVIV78OeUqxRKAHBQf%2BgzIpHTgQ6CsIvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34a9f429c6e1a8-MRS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=113406&min_rtt=107948&rtt_var=3860&sent=173&recv=98&lost=0&retrans=0&sent_bytes=156662&recv_bytes=32854&delivery_rate=7060&cwnd=38400&unsent_bytes=0&cid=81dac26cdd3cf75b&ts=6734&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 05:55:23 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 22:41:25 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET script.js
tong.bafanglaicai.app/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: talergam.cloud
URL: https://talergam.cloud/js/tgsticker-worker.js

Domain: talergam.cloud
URL: https://talergam.cloud/k/main.d54bfa037348b154a941.js

Domain: tong.bafanglaicai.app
URL: https://tong.bafanglaicai.app/script.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.talergam.cloud/	1970-01-21 10:32:30	Name: cf_clearance Value: x8x6.u.eP5OywQqknfvGwHyOoipVUO6RskkBnI_WDyw-1734414918-1.2.1.1-hpeWau1Z3MP0guD_9rHm7okdusdKFh3XKRrjLwDunEDjObF6sXHJU1SPj8pjuGXCWGqjOQNDOYXLewkJZqmJFR0j6hMRShS2Y4Vib_KgqO9F0NH6qhKqoB4RZQf1aM34AsKiEDa8mqX48RdyugMYnarKA1AiXjhAdXfLK8Ur32okKFPKDVfBXtSrNNLf4KRtQ6gf4YOmY7VcA_3cy5oojilBrZH44mDexV5iKTjGYbdVDpKHR4QajijmY7pRrjUHkKtL1n4qPKQRIxj9Ac9vBmNjYvaK_Lv.YQYa8Y_jEclVMFRv9ukevU8mm03lLVcKKOL.qohSmyGGUpY9h4yJWl9hz5R26DoPnebbB8k.lFmSd5VJkjloZnwZhTu0OsBJ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://talergam.cloud/k/ Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' https://t.me/_websync_ https://telegram.me/_websync_ https://*.bafanglaicai.app". Either the 'unsafe-inline' keyword, a hash ('sha256-zFgbRTBah9NzidMH78VEmHsofpBXbc5P29/QcmZff9k='), or a nonce ('nonce-...') is required to enable inline execution.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

talergam.cloud
tong.bafanglaicai.app
talergam.cloud
tong.bafanglaicai.app
104.21.10.231
0fed69363a40e503cfcb65023e8bfdb9b98de62b1b7d938fcfb727fd16066580
15c24ec2b4cb94f24e66750f09e7071e5659e20a5ed926f69f565e20a81027cf
1c212d7f877e37e31e5f815aff89652da368f22981004a7e9d3cf867e9c96599
375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f
4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78
51c4d88fd78f3b8efb16f845e75be7f1bb288fdf2fd39d033868a0346db7fadb
7efac496365d290f067b6a1a68ac0aa7c79e005d0752c826b34938c34b23df6b
832fbefd7a4fe8f651058597d9f1910883d1cbd56d0ceb343e7d6170aeecf982
d5e81ea05db27d47fa91e6bd4d675cc1c8eeec9341a4db7859359a7c5ee5fca3
dc88acfadb8005218da86fb8f0e6691d9017b79c8170e6c9de4f9d640be712bc
debdd9f6a06561d700cf9aa7ca3a222ea4782dd74ab1ebea79beb9690ae387b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
f843ec50116b144b274c206d7fe25d70328ea6cf38bfcd349c1647f400c284b2
fad7e5604b38a58e74ebfcf5208551752c671234341958e3b1585bd7eea42e9e

talergam.cloud Open in urlscan Pro 104.21.10.231 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

78 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

110 kBTransfer

380 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

talergam.cloud Open in urlscan Pro
104.21.10.231 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

78 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

110 kB
Transfer

380 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!