www.telegramstg.com Open in urlscan Pro
2606:4700:3035::6815:168d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://telegramstg.com/
Effective URL:
https://www.telegramstg.com/
Submission: On January 11 via automatic, source certstream-suspicious (January 11th 2025, 4:17:32 am UTC) — Scanned from DE

Summary HTTP 26 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3035::6815:168d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.telegramstg.com.
TLS certificate: Issued by WE1 on December 31st 2024. Valid for: 3 months.

This is the only time www.telegramstg.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:303... 2606:4700:3035::6815:168d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	90.84.161.16 90.84.161.16	2285 (OCB_HONEY...) (OCB_HONEY_CDN_ASN Orange S.A.)
16	2606:4700:303... 2606:4700:3030::ac43:c130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	3

9 2606:4700:3035::6815:168d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

telegramstg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.telegramstg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 90.84.161.16 (France)

ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3030::ac43:c130 (United States)

ASN13335 (CLOUDFLARENET, US)

image.sanxiang-sh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	sanxiang-sh.com image.sanxiang-sh.com	22 MB
9	telegramstg.com 1 redirects telegramstg.com www.telegramstg.com	58 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 73455 collect-v6.51.la — Cisco Umbrella Rank: 78995	36 KB
26	3

	Domain	Requested by
16	image.sanxiang-sh.com	www.telegramstg.com
8	www.telegramstg.com	www.telegramstg.com
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	www.telegramstg.com
1	telegramstg.com	1 redirects
26	5

This site contains links to these domains. Also see Links.

Domain
00-25-1333705940.cos.ap-hongkong.myqcloud.com
www.sanxiang-sh.com
apps.apple.com
beian.miit.gov.cn

Subject Issuer	Validity	Valid
telegramstg.com WE1	`2024-12-31` - `2025-03-31`	3 months	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh
bb91c0aa.sni.cloudflaressl.com WE1	`2025-01-10` - `2025-04-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.telegramstg.com/
Frame ID: 43EE9819537BA546B3990E1E0F20D40F
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

纸飞机下载_TG纸飞机中文版_Telegram官网

Page URL History Show full URLs

https://telegramstg.com/ HTTP 301
https://www.telegramstg.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

22158 kB
Transfer

22211 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://00-25-1333705940.cos.ap-hongkong.myqcloud.com/shater.zip
Title: 下载Telegram for 中文电脑版

Search URL Search Domain Scan URL

URL: https://www.sanxiang-sh.com/upload/Telegram.apk
Title: 下载Telegram for Android安卓版

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/telegram-messenger/id686449807
Title: 下载Telegram for iPhone/iPad

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://telegramstg.com/ HTTP 301
https://www.telegramstg.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response www.telegramstg.com/ Redirect Chain https://telegramstg.com/ https://www.telegramstg.com/	6 KB 3 KB	1011ms 924ms	Document text/html	2606:4700:3035::6815:168d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegramstg.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:168d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3e5f5d0432553f9b7547be69ebb12c68d18b500648b11e92dc609c77a4d23a63` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 900218d1b89dbb56-FRA content-encoding zstd content-type text/html; charset=utf-8 date Sat, 11 Jan 2025 04:17:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CzDeB%2F5si7eGEYOyvAfCqsI31dwbxOGV9%2FSHiBX6rmAK%2BqRuUM9m0vb24hGxqcvM22UgAjtq3H0mbZQkEEp4hCvQVMljSHW5yLkSolYVQZV7D9O7l87vUoPXGecD4af2DUAPG8VNqZ3yxi1P%2Bdu%2Fa%2Br8"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=8843&min_rtt=5984&rtt_var=6309&sent=16&recv=13&lost=0&retrans=0&sent_bytes=5119&recv_bytes=4901&delivery_rate=151059&cwnd=12000&unsent_bytes=0&cid=a1c15288d82f6664&ts=1792&x=1" cfExtPri cfHdrFlush;dur=0 vary accept-encoding Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 900218cc5eeebb56-FRA content-type text/html date Sat, 11 Jan 2025 04:17:24 GMT location https://www.telegramstg.com/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KwhgpXYD0yRznsUcHXg0jt%2F1Bjsgg04LG%2B7wYedJflr1hkIe4Z1XlfOSq%2BO5r9rl10O1SJa%2Fr8y9kEyv18HXEZGa4T4C%2FZYYyfHmUPBrD8escsm3kkWICdJSGGShQdDV%2Fpb8PO31SBnPYubDfhI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=9251&min_rtt=6000&rtt_var=7324&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4168&recv_bytes=4426&delivery_rate=907&cwnd=12000&unsent_bytes=0&cid=a1c15288d82f6664&ts=782&x=1" cfExtPri cfHdrFlush;dur=0
GET H3	200	style.min.css www.telegramstg.com/static/css/	19 KB 5 KB	1025ms 1025ms	Stylesheet text/css	2606:4700:3035::6815:168d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegramstg.com/static/css/style.min.css Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:168d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b6f3fdddca5176eca858671b765b738da0126b8b177df83f5fa2f62ef43cb777` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q6ljz5Z88gXz0nLIrRKqpfR7uT7OX96V04cqkRjGOdAbY%2FpHaQ6C31Wj0Dtwir2MFzUN%2FYu4l4bKGhpbYnT%2Bqb%2FcCUHcHGRiHE6wIdAtuxVX5Sjxzqs%2FRJnEN2XiSf3n27cGjSHjXOsyOpchbO%2BVGhO4"}],"group":"cf-nel","max_age":604800} cf-ray 900218d78a53bb56-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8180&min_rtt=5984&rtt_var=4696&sent=22&recv=17&lost=0&retrans=0&sent_bytes=8187&recv_bytes=5870&delivery_rate=2948&cwnd=12000&unsent_bytes=0&cid=a1c15288d82f6664&ts=2823&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 04:17:26 GMT content-type text/css; charset=utf-8 last-modified Wed, 11 Dec 2024 07:34:51 GMT vary Accept-Encoding priority u=0,i=?0
GET H2	200	js-sdk-pro.min.js Show response sdk.51.la/	35 KB 35 KB	1166ms 152ms	Script text/plain	90.84.161.16 OCB_HONEY_CDN_ASN...
General Check archive.org Show headers Download Go to Full URL https://sdk.51.la/js-sdk-pro.min.js?id=3KK9Zot37TeXAqY2&ck=3KK9Zot37TeXAqY2 Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 90.84.161.16 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR), Reverse DNS Software openresty / Resource Hash `ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cache-control no-store access-control-allow-credentials true via EU-GER-frankfurt-EDGE5-CACHE3[145],EU-GER-frankfurt-EDGE5-CACHE3[ovl,143],CHN-HElangfang-GLOBAL6-CACHE111[ovl,17] access-control-allow-origin * x-ccdn-req-id-46b1 a4ebfba3d3a12202c2c6e1a4a6404467 date Sat, 11 Jan 2025 04:17:26 GMT content-type text/plain; charset=utf-8 server openresty
GET H2	200	telegram-logo.png image.sanxiang-sh.com/	10 KB 10 KB	64ms 31ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/telegram-logo.png Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93be4e2a9b593ac4d78b29c43d2b8e7cda4ba12299eb1517853e19e5ea9057c2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "e94e30d49b2c58c8ce7bf1a96be1458a" age 1950 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lH5w8VRfiUVISxf3BAgHC86ZsdQlR21gNhmpclGroMnlkmcQ2NsxbCUzSjUnOwNqwXqyn1XY4Q7D6q9FqaoSxdTBRJZzlxUWgKDzZgoy%2FtLkBalvguHi%2BB3Z2HWTjG72%2BwMV7hNTB1hsUd88RXnEFOeSPAU%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=5890&min_rtt=5830&rtt_var=1034&sent=68&recv=13&lost=0&retrans=0&sent_bytes=68152&recv_bytes=2405&delivery_rate=678012&cwnd=254&unsent_bytes=31872&cid=1925895b471f6a01&ts=24&x=0" date Sat, 11 Jan 2025 04:17:25 GMT content-type image/jpeg last-modified Tue, 17 Dec 2024 06:25:16 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218d7bb32d22f-FRA accept-ranges bytes content-length 9739 server cloudflare
GET H2	200	td_laptop.png image.sanxiang-sh.com/tg-08/	185 KB 186 KB	52ms 19ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/td_laptop.png Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a1d4890b3e91a01c20c65b75f1ae028e3c445cad1fd2d249dd0868876dfe4b4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "40d4266e5aadc87cceec1ab420dc2692" age 6238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajJBBlL9d97ifoo2MhEzHieNTigKrkQ1GYFPTXaWBUyAtCalHlDE12S12cvmFqpRfJMsXaepO02V9rBO6YYiasjNJpgBoClSGKnuWN%2Btc1dwg5ijPfk89vfsXTvwYGGzTGfItX6XWzpDFjs0fKEwIdqJY2Q%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=5890&min_rtt=5830&rtt_var=1034&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4024&recv_bytes=2405&delivery_rate=678012&cwnd=254&unsent_bytes=0&cid=1925895b471f6a01&ts=23&x=0" date Sat, 11 Jan 2025 04:17:25 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:53 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218d7bb2ed22f-FRA accept-ranges bytes content-length 189734 server cloudflare
GET H2	200	SiteAndroid.jpg image.sanxiang-sh.com/tg-08/	21 KB 21 KB	17ms 16ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/SiteAndroid.jpg Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "f5eb8dcf9b18f19053034101e920574e" age 6238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ipGyI5U9gJira%2BhmdmaW%2F8L8TaF5mYbfZsAzt3qntYG52WuwUbzo9ppWFpjBXj9uTgkdIhfpDPXMIaBD0x8JtbiI%2FTRYt95zTc2SWFa0%2F%2B39%2FPaFBaaa23FgCjeu%2FENQ0EENgFPi11VzWWFI6xc3N3xZ4ZQ%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=6908&min_rtt=5822&rtt_var=1161&sent=178&recv=76&lost=0&retrans=0&sent_bytes=206620&recv_bytes=2535&delivery_rate=11074049&cwnd=318&unsent_bytes=0&cid=1925895b471f6a01&ts=55&x=0" date Sat, 11 Jan 2025 04:17:25 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:52 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218d7fb70d22f-FRA accept-ranges bytes content-length 21090 server cloudflare
GET H2	200	SiteiOS.jpg image.sanxiang-sh.com/tg-08/	31 KB 31 KB	668ms 668ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/SiteiOS.jpg Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "89486a05599a1cfd549f8fb2d70e7d73" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z1ZqgUoR80qvtExw38go1lrEFZaLEPgeYtyXdoXFPmngGYTt84DDiWR1XdpMUDaDv6w%2BHxRUdh8viH5sJG34Hw8gpWTmsmBJyoKyNPNL20Wrm%2BgEyaOMrxfrqa8Uc8m0F1sgSUOHaVzSdefoO0RqrMvo2wU%3D"}],"group":"cf-nel","max_age":604800} cf-ray 900218d80b7cd22f-FRA accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=32332&min_rtt=5822&rtt_var=10866&sent=2029&recv=960&lost=0&retrans=0&sent_bytes=2651911&recv_bytes=2595&delivery_rate=42455884&cwnd=765&unsent_bytes=0&cid=1925895b471f6a01&ts=715&x=0" content-length 31305 date Sat, 11 Jan 2025 04:17:26 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:52 GMT vary Accept-Encoding server cloudflare
GET H2	200	d1.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	15ms 15ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d1.gif Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "cbd2d6af702cab22fb23c7d159abc428" age 6238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fa1C%2B75lceF4ihRuKdCCe9MjlpF3JfKebtkrQoEMCS1jS9FbOvtSKi4QgLtumCD%2FIoK1CBfWr2nUdNxSdgikN06PXfDd9IPJT5PLTpW7%2FBMe2Cafde9i9YDA%2FGS2LcgSuibXlmV%2F78OjLpK5d81upuBl23g%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=6265&min_rtt=5822&rtt_var=453&sent=196&recv=86&lost=0&retrans=0&sent_bytes=228318&recv_bytes=2595&delivery_rate=11074049&cwnd=318&unsent_bytes=0&cid=1925895b471f6a01&ts=73&x=0" date Sat, 11 Jan 2025 04:17:25 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:47 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218d81b91d22f-FRA accept-ranges bytes content-length 2415534 server cloudflare
GET H2	200	d2.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	15ms 14ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d2.gif Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8acbaebd980880be300562b4721fda46636837c7ca7e174edfe0dc8f9248d97b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "3ddffc96032b4b586b63950436e1b19f" age 6239 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kB8%2Bj28AvD6%2Bm6FX0p7%2Fedtb059f0trIrz1C0cAbr412uE09fTBvn9tUHEKOqgkSGqJMg%2Fa1VdVjTqY7TfGWMjWbBMuCYyyZWTVIp%2BK27R%2F7ubMmd61h6RE%2FeNWBgt5X%2BoejSSaE%2FgoE14ATsErTywx4HQ%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7040&min_rtt=5822&rtt_var=1337&sent=2058&recv=997&lost=0&retrans=0&sent_bytes=2683830&recv_bytes=3205&delivery_rate=42455884&cwnd=765&unsent_bytes=0&cid=1925895b471f6a01&ts=1215&x=0" date Sat, 11 Jan 2025 04:17:26 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:46 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218df3bc1d22f-FRA accept-ranges bytes content-length 1867995 server cloudflare
GET H2	200	d3.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	757ms 756ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d3.gif Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4461cfec85ed4d48b6aa70f9feb464520862cf001dd3b36ce84401112ebdc5f1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "b66ccb48aae5492d0043602a8809739d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZ4X2UWuF7QEki06KsSYZzlORP3k3FWLktpRWk%2FkDyM9IAhse9VbHquBJx%2BAF9as%2Bf7KnQ4xlLo4TsBwyZcdOvtH7Uq9gLkWXSrn2MJ%2F%2F39zJj4r5Boglee1KazMB6o2DLhRc%2FchHAMtEbGTmSBXc7L4cIg%3D"}],"group":"cf-nel","max_age":604800} cf-ray 900218df3bc4d22f-FRA accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=25224&min_rtt=5822&rtt_var=198&sent=15482&recv=6578&lost=0&retrans=0&sent_bytes=20478424&recv_bytes=3312&delivery_rate=65545743&cwnd=1246&unsent_bytes=0&cid=1925895b471f6a01&ts=1957&x=0" content-length 2146221 date Sat, 11 Jan 2025 04:17:27 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:48 GMT vary Accept-Encoding server cloudflare
GET H2	200	d4.gif image.sanxiang-sh.com/tg-08/	3 MB 3 MB	26ms 25ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d4.gif Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1ada80884d0ad4df743330129d9fbdcf0ca1603ef669276d3772b84697daff16` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "28746cea3fa3fe45e9a77eac83cc83eb" age 6239 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbuQLXhNT3bmQde7SCyd4yTVU%2BnFkfErUtS7iDarICXJbW4j0gn9H4AVoYtZMRTgpurAN1zEdhqdmNW9aaKcg5JIs7eZ4ys4ushh4viqHLh5U3%2BUsW%2FuqsfVU%2FG8tJYmFAiZ9pXDG%2BjpoyxIgUO8C%2F26k24%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7040&min_rtt=5822&rtt_var=1337&sent=2333&recv=997&lost=0&retrans=0&sent_bytes=3043841&recv_bytes=3205&delivery_rate=42455884&cwnd=765&unsent_bytes=65072&cid=1925895b471f6a01&ts=1216&x=0" date Sat, 11 Jan 2025 04:17:26 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:49 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218df3bc5d22f-FRA accept-ranges bytes content-length 3373417 server cloudflare
GET H2	200	d5.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	20ms 18ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d5.gif Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `424f0701dcb8542900712d39693b91db8758a1ddb0a33c21cfb502a8a71cdad8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "6ae9949dd516f905186883c3dc5f082b" age 6238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQ8WB949uXbfsPjv%2B9CjBzvxl7wg0nnmFGi0OtNaP7xQAiDsQOULZaxeBJ46%2FE9qXuolcdThiWIxJYrzUNmdTGSeAyQVkm0Pblqa1HsHrMGG1dAmzmy7VB7aNy7zshTOp4LqurZUbasr%2B7p0BD6M2EusgM0%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7040&min_rtt=5822&rtt_var=1337&sent=2284&recv=997&lost=0&retrans=0&sent_bytes=2978769&recv_bytes=3205&delivery_rate=42455884&cwnd=765&unsent_bytes=65072&cid=1925895b471f6a01&ts=1216&x=0" date Sat, 11 Jan 2025 04:17:26 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:47 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218df3bc8d22f-FRA accept-ranges bytes content-length 1696890 server cloudflare
GET H2	200	d6.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	27ms 26ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d6.gif Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `de5ccab1886506b6c45b16b5037a80f20e1ba53b3e5fda65e174a784559e8e30` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "443b2a218ba5a3010b778986488af448" age 6238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXQTOlNYV%2Bk5TEv2jW9LTYVv1eTD5V5TfbZWTHs%2FEAZ3Q%2F9JfB6VqggqQEP2hSb%2Bc1NXd%2B0cA69Syii6NYUicYarLimmKJQXttYo7lIeix9tydbZXbptWqJXGOExt1hmS370JgDJTKaIdjYxYqM5tZITFbk%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7040&min_rtt=5822&rtt_var=1337&sent=2382&recv=997&lost=0&retrans=0&sent_bytes=3108913&recv_bytes=3205&delivery_rate=42455884&cwnd=765&unsent_bytes=0&cid=1925895b471f6a01&ts=1217&x=0" date Sat, 11 Jan 2025 04:17:26 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:47 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218df3bc9d22f-FRA accept-ranges bytes content-length 1999661 server cloudflare
GET H2	200	d7.gif image.sanxiang-sh.com/tg-08/	3 MB 3 MB	27ms 26ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d7.gif Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d6037e1cea2e2ec907c6315e6fcff8cf5ab39a6857408ab5800504b7f28897d7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "1a1a1e97120c2dd2b6b3c8c0f77ca236" age 6238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGurABwqUYVFtXHyEY8j96wySmEZd3e5%2FI2eFGUIBcXDHyZYvo5SUqovx6gjAIY6aOvyAc1%2BOc0uCG9rLuo0%2FWSn4eNnpafLzeBOLWDqLCExJff31MbufAoi9xOAVFqAAAwzupQg6AwMHeOEWhmIVR7iPZg%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7040&min_rtt=5822&rtt_var=1337&sent=2431&recv=997&lost=0&retrans=0&sent_bytes=3173985&recv_bytes=3205&delivery_rate=42455884&cwnd=765&unsent_bytes=0&cid=1925895b471f6a01&ts=1217&x=0" date Sat, 11 Jan 2025 04:17:26 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:51 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218df3bcad22f-FRA accept-ranges bytes content-length 3222729 server cloudflare
GET H2	200	d8.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	274ms 273ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d8.gif Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d362fd03c23bf20a038ed5b9e3169ef8cb07df1f7d17ea3b03c6752641cf523` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "80515db845d4fc2b936127d4324ff322" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n55UZW4UTsuQBbaBS%2BhF%2FL43o3hWe5TkQD%2FO71YmArFDZeRvm49t%2F%2BCqXfjegJZ9PH%2BT3OGyW8aySrQXBDLOYdAvL2IcroEMxSCQtTgCevUa5ebKwTBydpYTpUyXt6QlWvxkIIJqPik1prGgSqcbGCzWRO8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 900218df3bcbd22f-FRA accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=21899&min_rtt=5822&rtt_var=220&sent=11939&recv=5099&lost=0&retrans=0&sent_bytes=15782644&recv_bytes=3277&delivery_rate=71669841&cwnd=1057&unsent_bytes=0&cid=1925895b471f6a01&ts=1475&x=0" content-length 2603040 date Sat, 11 Jan 2025 04:17:27 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:51 GMT vary Accept-Encoding server cloudflare
GET H2	200	d9.gif image.sanxiang-sh.com/tg-08/	3 MB 3 MB	29ms 28ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d9.gif Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e76ed8bc1cf9d0a09c8b6407af9bc59dad845b5b4aa220ee89037035f35abbf8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "5d09f9927641c16d5b62da8f2f877f50" age 6238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyfQSsti1Vsz0VAtfyInS0VAPFm%2Bs%2FEw7RBTfzvSIBA40obxL8nAhkQJ310XxPr5MyeMn15G2TWsMvwXhXUW0dSd1DaCsgWQ4n6OGlm9y88NxKwxgX%2BAqd5dJTirDqAfJj0C3CnZ6%2BBAsgonPqfy%2B2yNsaU%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7040&min_rtt=5822&rtt_var=1337&sent=2530&recv=999&lost=0&retrans=0&sent_bytes=3304129&recv_bytes=3277&delivery_rate=42455884&cwnd=765&unsent_bytes=65072&cid=1925895b471f6a01&ts=1218&x=0" date Sat, 11 Jan 2025 04:17:26 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:52 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218df3bccd22f-FRA accept-ranges bytes content-length 2968347 server cloudflare
GET H2	200	top.png image.sanxiang-sh.com/tg-06/	4 KB 4 KB	29ms 28ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-06/top.png Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `392fe825f8a5d2e48dac56dade8b94019358407fed2d409f77e07568fad8752b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "cb9ef85f4d42970c9544eb64a5622451" age 1950 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sFzb5RpuLBN%2Btv%2FuT4H8OPaBCCkHVQW69mdmXCugbTsgrtl6dLT3%2FBk%2FRsvJ3grilh%2Bf55vDIyygrSqHPz1gO7j4TbUco4pbzznTUiExWbVWRAhtcGWSZcC7hwWFdvSZvYRpegPqCyj2ay0B7OiHyj72wCE%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7040&min_rtt=5822&rtt_var=1337&sent=2628&recv=999&lost=0&retrans=0&sent_bytes=3434273&recv_bytes=3277&delivery_rate=42455884&cwnd=765&unsent_bytes=0&cid=1925895b471f6a01&ts=1219&x=0" date Sat, 11 Jan 2025 04:17:26 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:03 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218df3bced22f-FRA accept-ranges bytes content-length 4117 server cloudflare
GET H2	200	Telegram%20150.png image.sanxiang-sh.com/tg-06/	7 KB 7 KB	28ms 27ms	Image image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-06/Telegram%20150.png Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ffd84ba091349d7b20eed4e9114569df107d646157746fe0c01aded2b2e156bf` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "0b51d2a6328d9284bc3e3d156d047d30" age 5001 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1CNFje7AkdW92qZg2V%2B9khA6yMnNZfMtAVgZsLKtD6xMcf0MkDVgAn3WSfBJIVb04w2zWGZqR%2BHPMPVXsGEDmy71FZFM%2FTHukX4WOG23uE83Q0yKVax2YDtTogRrWK3ZykAeElh3wfHD%2BJmvY5DlsMyApyA%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7040&min_rtt=5822&rtt_var=1337&sent=2481&recv=999&lost=0&retrans=0&sent_bytes=3239057&recv_bytes=3277&delivery_rate=42455884&cwnd=765&unsent_bytes=65072&cid=1925895b471f6a01&ts=1218&x=0" date Sat, 11 Jan 2025 04:17:26 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:03 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218df3bd0d22f-FRA accept-ranges bytes content-length 6676 server cloudflare
GET H3	200	jquery.js Show response www.telegramstg.com/static/js/	85 KB 32 KB	1118ms 1117ms	Script text/javascript	2606:4700:3035::6815:168d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegramstg.com/static/js/jquery.js Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:168d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f1a9c17b50d6278a694406d9e5dce160f81afd7a2683dfdf07f0651c38bdaa8e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVCHE3BDVGcixYcuSEFU%2F26HIqIr6KkHm4vs2HXcz6Xu4Njx0Rzp10YSQz4QqnLCOqJunbocGFDKoEkBlc0V7pj8bAAEXrYopipiu%2FgQktsqZyuDEm4UXkBFOHHYxSEuq4TzzPZNLy7qx4SV%2BRyw5RTy"}],"group":"cf-nel","max_age":604800} cf-ray 900218d9cae7bb56-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7493&min_rtt=5984&rtt_var=3002&sent=28&recv=24&lost=0&retrans=0&sent_bytes=13249&recv_bytes=8559&delivery_rate=4921&cwnd=12000&unsent_bytes=0&cid=a1c15288d82f6664&ts=3274&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 04:17:27 GMT content-type text/javascript; charset=utf-8 last-modified Wed, 11 Dec 2024 07:34:51 GMT vary Accept-Encoding priority u=2,i=?0
GET H3	200	public.js Show response www.telegramstg.com/static/js/	1 KB 1 KB	858ms 858ms	Script text/javascript	2606:4700:3035::6815:168d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegramstg.com/static/js/public.js Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:168d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `67d2b41879f250526ea34e3678b48365d679021f50045a970aa2857c9e43b051` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4GqT%2FkGc6%2BWRi9WTbu1s1d2KcddXe%2FG6D%2FQU2TSABStGbJrwg%2FGH%2BOwYjLtBY0gQdX0FgdjJVfSOtYlOBwgo2Txnf2Ip8a4AHdtfrZomoO9mZWBFdMDwBEjtgUnfp5s9ADlplCwBTDTMt1XXIVUm4%2Fb"}],"group":"cf-nel","max_age":604800} cf-ray 900218dc3bb0bb56-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6735&min_rtt=5978&rtt_var=403&sent=57&recv=39&lost=0&retrans=0&sent_bytes=46803&recv_bytes=9205&delivery_rate=3188903&cwnd=24000&unsent_bytes=0&cid=a1c15288d82f6664&ts=3406&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 04:17:27 GMT content-type text/javascript; charset=utf-8 last-modified Wed, 11 Dec 2024 07:34:51 GMT vary Accept-Encoding priority u=2,i=?0
POST H2	200	collect Show response collect-v6.51.la/v6/	0 282 B	2053ms 217ms	XHR text/plain	90.84.161.16 OCB_HONEY_CDN_ASN...
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js?id=3KK9Zot37TeXAqY2&ck=3KK9Zot37TeXAqY2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 90.84.161.16 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers via EU-GER-frankfurt-EDGE5-CACHE3[211],EU-GER-frankfurt-EDGE5-CACHE3[ovl,210] access-control-allow-origin https://www.telegramstg.com x-ccdn-req-id-46b1 9823c8a9a497252a8d4b33b1dd09737f content-length 0 date Sat, 11 Jan 2025 04:17:28 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials true
GET H3	200	t_logo_sprite.svg www.telegramstg.com/static/image/	23 KB 7 KB	940ms 940ms	Image image/svg+xml	2606:4700:3035::6815:168d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telegramstg.com/static/image/t_logo_sprite.svg Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:168d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `832fbefd7a4fe8f651058597d9f1910883d1cbd56d0ceb343e7d6170aeecf982` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RizN7MaZBhJb%2BjgXxR%2Fa42kKINDHHrlXALGkh%2B%2FcujWP16QSs7qlhWcjN2OTn%2FwZ3REun%2BpS5tjQvkEulray%2B%2FMQWbDGLdnbSbAMTZIIB5QeRoeoG84q8kLLtf9M%2F%2FfRuD9u4umwnTGDc7cgeRjkEOxG"}],"group":"cf-nel","max_age":604800} cf-ray 900218df3cbbbb56-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7095&min_rtt=5915&rtt_var=1663&sent=67&recv=44&lost=0&retrans=0&sent_bytes=54961&recv_bytes=9426&delivery_rate=374175&cwnd=24000&unsent_bytes=0&cid=a1c15288d82f6664&ts=3967&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 04:17:27 GMT content-type image/svg+xml last-modified Wed, 11 Dec 2024 07:34:51 GMT vary Accept-Encoding priority u=3,i
GET H3	200	app_icon_desktop.svg www.telegramstg.com/static/image/	3 KB 3 KB	696ms 695ms	Image text/html	2606:4700:3035::6815:168d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telegramstg.com/static/image/app_icon_desktop.svg Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:168d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HbbUDFheOGJJmK87wHk4h2vdkDK7Q4UuDAdh21nEmXRX8SkFlaMErohPJipjzPqsqDuukIyFQcjFuhZZLus3hkez6FHRN6dZgXht4TDPX1ABy2oL9XthnaNAeUTuXbVuyopLqxVQKWr9EqUiLjbJy%2Bo"}],"group":"cf-nel","max_age":604800} cf-ray 900218df3cbfbb56-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6632&min_rtt=5915&rtt_var=507&sent=59&recv=40&lost=0&retrans=0&sent_bytes=48157&recv_bytes=9248&delivery_rate=228900&cwnd=24000&unsent_bytes=0&cid=a1c15288d82f6664&ts=3724&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 04:17:27 GMT content-type text/html; charset=utf-8 last-modified Sat, 11 Jan 2025 04:17:27 GMT vary Accept-Encoding priority u=3,i
GET H3	200	SiteIconAndroid.svg www.telegramstg.com/static/image/	3 KB 3 KB	794ms 794ms	Image text/html	2606:4700:3035::6815:168d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telegramstg.com/static/image/SiteIconAndroid.svg Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:168d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fNfSXrjTOCIQpLnkXqHtqn%2BrOv6q6idjLOev%2BHWOCAgaviDZGdbIJvFmLyHgFwHVvZoZQkDmECFTg2c8LqnCpTgTjX%2FHcK%2FeZDiK6wqo%2BGWt%2BlZv83ft71InmTdCIzz0zJYzU5CYIciFumVjo75%2BxmuX"}],"group":"cf-nel","max_age":604800} cf-ray 900218df3cc1bb56-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6520&min_rtt=5915&rtt_var=465&sent=62&recv=42&lost=0&retrans=0&sent_bytes=50429&recv_bytes=9335&delivery_rate=384034&cwnd=24000&unsent_bytes=0&cid=a1c15288d82f6664&ts=3815&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 04:17:27 GMT content-type text/html; charset=utf-8 last-modified Sat, 11 Jan 2025 04:17:27 GMT vary Accept-Encoding priority u=3,i
GET H3	200	SiteIconApple.svg www.telegramstg.com/static/image/	3 KB 3 KB	806ms 805ms	Image text/html	2606:4700:3035::6815:168d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telegramstg.com/static/image/SiteIconApple.svg Requested by Host: www.telegramstg.com URL: https://www.telegramstg.com/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:168d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6lBTox8y4u2WgxJTq6UI6rDgV785xBIceXpIozSjKUHuk%2B%2Fwvkm1vIfKnt7nVa5am2LT8uR2oKKhM1TWU0nYCL1Vfci7%2BNtjry9ViZcEbJHvyxvfqqxpOLvrOO2LDHxCtBJisJhTtBwheXG8Z1DdJy7"}],"group":"cf-nel","max_age":604800} cf-ray 900218df3cc4bb56-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7249&min_rtt=5915&rtt_var=1807&sent=64&recv=43&lost=0&retrans=0&sent_bytes=52687&recv_bytes=9378&delivery_rate=182792&cwnd=24000&unsent_bytes=0&cid=a1c15288d82f6664&ts=3833&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 04:17:27 GMT content-type text/html; charset=utf-8 last-modified Sat, 11 Jan 2025 04:17:27 GMT vary Accept-Encoding priority u=3,i
GET H2	200	telegram-favicon.ico image.sanxiang-sh.com/	4 KB 5 KB	16ms 16ms	Other image/jpeg	2606:4700:3030::ac43:c130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://image.sanxiang-sh.com/telegram-favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `181349b08b8da309823b3b6a670ce13581ff82af7b03db71ba60c705d0620261` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.telegramstg.com/ Response headers cf-cache-status HIT etag "975b4112a366cca6b9bf2c84e268268c" age 3499 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgVE4cn3gi%2BI6%2Bi1as8aCdq%2BqWHYGQxtZu2d1GAA9Q7z0QxM6gYu2zaJO83FuTb0BYJEsZjgm%2BclFL7N%2FKe5IAf%2BRfd5oej13YY2AB3Vs4NUC06d2WYVEiT14bN5QjDRFySXDyaO820sV4aXMkkeT7HNjFY%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=6293&min_rtt=5000&rtt_var=578&sent=17179&recv=7258&lost=0&retrans=32&sent_bytes=22673399&recv_bytes=3418&delivery_rate=6699176&cwnd=1246&unsent_bytes=0&cid=1925895b471f6a01&ts=3298&x=0" date Sat, 11 Jan 2025 04:17:29 GMT content-type image/jpeg last-modified Fri, 06 Dec 2024 07:06:32 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 900218ec3b70d22f-FRA accept-ranges bytes content-length 4286 server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.telegramstg.com/	1969-12-31 23:59:59	Name: __vtins__3KK9Zot37TeXAqY2 Value: %7B%22sid%22%3A%20%2269f31962-8ba9-52e2-9d05-d098401c88fb%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201736570846904%2C%20%22ct%22%3A%201736569046904%7D
www.telegramstg.com/	1970-01-21 11:58:49	Name: __51uvsct__3KK9Zot37TeXAqY2 Value: 1
www.telegramstg.com/	1970-01-21 11:58:49	Name: __51vcke__3KK9Zot37TeXAqY2 Value: 29d1c9aa-0bc0-5dda-9de1-d77834fbd3a1
www.telegramstg.com/	1970-01-21 11:58:49	Name: __51vuft__3KK9Zot37TeXAqY2 Value: 1736569046906

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
image.sanxiang-sh.com
sdk.51.la
telegramstg.com
www.telegramstg.com
2606:4700:3030::ac43:c130
2606:4700:3035::6815:168d
90.84.161.16
15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365
181349b08b8da309823b3b6a670ce13581ff82af7b03db71ba60c705d0620261
1ada80884d0ad4df743330129d9fbdcf0ca1603ef669276d3772b84697daff16
392fe825f8a5d2e48dac56dade8b94019358407fed2d409f77e07568fad8752b
3a1d4890b3e91a01c20c65b75f1ae028e3c445cad1fd2d249dd0868876dfe4b4
3e5f5d0432553f9b7547be69ebb12c68d18b500648b11e92dc609c77a4d23a63
424f0701dcb8542900712d39693b91db8758a1ddb0a33c21cfb502a8a71cdad8
4461cfec85ed4d48b6aa70f9feb464520862cf001dd3b36ce84401112ebdc5f1
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc
5d362fd03c23bf20a038ed5b9e3169ef8cb07df1f7d17ea3b03c6752641cf523
67d2b41879f250526ea34e3678b48365d679021f50045a970aa2857c9e43b051
832fbefd7a4fe8f651058597d9f1910883d1cbd56d0ceb343e7d6170aeecf982
8acbaebd980880be300562b4721fda46636837c7ca7e174edfe0dc8f9248d97b
93be4e2a9b593ac4d78b29c43d2b8e7cda4ba12299eb1517853e19e5ea9057c2
ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153
b6f3fdddca5176eca858671b765b738da0126b8b177df83f5fa2f62ef43cb777
d6037e1cea2e2ec907c6315e6fcff8cf5ab39a6857408ab5800504b7f28897d7
de5ccab1886506b6c45b16b5037a80f20e1ba53b3e5fda65e174a784559e8e30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76ed8bc1cf9d0a09c8b6407af9bc59dad845b5b4aa220ee89037035f35abbf8
f1a9c17b50d6278a694406d9e5dce160f81afd7a2683dfdf07f0651c38bdaa8e
ffd84ba091349d7b20eed4e9114569df107d646157746fe0c01aded2b2e156bf

www.telegramstg.com Open in urlscan Pro 2606:4700:3035::6815:168d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

67 %IPv6

3 Domains

5 Subdomains

3 IPs

2 Countries

22158 kBTransfer

22211 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

www.telegramstg.com Open in urlscan Pro
2606:4700:3035::6815:168d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

22158 kB
Transfer

22211 kB
Size

4
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!