urlscan.io logo urlscan.io
SecurityTrails logo

t.me Open in urlscan Pro
2001:67c:4e8:f004::9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mgames.ru/tmd/flow/16125?lpcontext=clickt2&keyid=1vntb781dddd54956pk9&sub_id_4=2111081546716a6c6cf33f48179...
Effective URL: https://t.me/voip2021?result_code=456
Submission: On December 24 via manual from RU — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 16 HTTP transactions. The main IP is 2001:67c:4e8:f004::9, located in Motala, Sweden and belongs to TELEGRAM, VG. The main domain is t.me. The Cisco Umbrella rank of the primary domain is 11603.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 8th 2022. Valid for: a year.
This is the only time t.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 93.158.192.30 200044 (STACKGROUP)
3 194.176.96.130 13116 (TELE2RU)
1 62.212.87.243 60781 (LEASEWEB-...)
1 62.212.87.244 60781 (LEASEWEB-...)
1 1 85.119.146.30 49505 (SELECTEL)
1 1 93.158.192.224 200044 (STACKGROUP)
1 10 2001:67c:4e8:... 62041 (TELEGRAM)
1 34.111.35.152 396982 (GOOGLE-CL...)
16 6
1    93.158.192.30 (Russian Federation)

ASN200044 (STACKGROUP, RU)
mgames.ru
3    194.176.96.130 (Russian Federation)

ASN13116 (TELE2RU, SE)
lpage1.tele2.ru
lp.tele2.ru
1    62.212.87.243 (United States)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: opticksconversions.com
track.enkidusystems.com
1    62.212.87.244 (United States)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: opticksconversions.com
track.enkidusystems.com
1    85.119.146.30 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
85.119.146.30
1    93.158.192.224 (Russian Federation)

ASN200044 (STACKGROUP, RU)
tmd.interakt.ru
10    2001:67c:4e8:f004::9 (Motala, Sweden)

ASN62041 (TELEGRAM, VG)
voip2021.t.me
t.me
telegram.org
1    34.111.35.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.35.111.34.bc.googleusercontent.com
cdn4.telegram-cdn.org
Apex Domain
Subdomains		 Transfer
8 telegram.org
telegram.org — Cisco Umbrella Rank: 11149
151 KB
3 tele2.ru
lpage1.tele2.ru
lp.tele2.ru
98 KB
2 t.me
voip2021.t.me
t.me — Cisco Umbrella Rank: 11603
5 KB
2 enkidusystems.com
track.enkidusystems.com
60 KB
1 telegram-cdn.org
cdn4.telegram-cdn.org — Cisco Umbrella Rank: 39568
13 KB
1 interakt.ru
tmd.interakt.ru
214 B
1 mgames.ru
mgames.ru
239 B
0 Failed
function sub() { [native code] }. Failed
16 8
Domain Requested by
8 telegram.org t.me
telegram.org
2 track.enkidusystems.com lp.tele2.ru
track.enkidusystems.com
2 lp.tele2.ru lpage1.tele2.ru
1 cdn4.telegram-cdn.org t.me
1 t.me track.enkidusystems.com
1 voip2021.t.me 1 redirects
1 tmd.interakt.ru 1 redirects
1 lpage1.tele2.ru
1 mgames.ru 1 redirects
0 resolve Failed t.me
16 10

This site contains links to these domains. Also see Links.

Domain
telegram.org
Subject Issuer Validity Valid
track.opticks.io
R3		 2022-10-31 -
2023-01-29		 3 months crt.sh
*.t.me
Go Daddy Secure Certificate Authority - G2		 2022-10-08 -
2023-11-09		 a year crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2022-08-10 -
2023-09-11		 a year crt.sh
cdn4.telegram-cdn.org
GTS CA 1D4		 2022-12-15 -
2023-03-15		 3 months crt.sh

This page contains 1 frames:

Frame: tg://resolve?domain=voip2021
Frame ID: F83BB95942AD30C38F459A75A13B07AF
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telegram: Contact @voip2021

Page URL History Show full URLs

  1. http://mgames.ru/tmd/flow/16125?lpcontext=clickt2&keyid=1vntb781dddd54956pk9&sub_id_4=2111081... HTTP 302
    http://lpage1.tele2.ru/?serviceId=134776705&subId=8691272732 Page URL
  2. http://85.119.146.30:45080/47e884afa2a255affe4e87ea3564e589/space/mt/redirect?status=trafback&service=h... HTTP 302
    http://tmd.interakt.ru/backurl?status=trafback&service_id=16125&wb_subscription_id=8691272732&order... HTTP 302
    https://voip2021.t.me/?result_code=456 HTTP 302
    https://t.me/voip2021?result_code=456 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

16
Requests

69 %
HTTPS

13 %
IPv6

8
Domains

10
Subdomains

6
IPs

3
Countries

326 kB
Transfer

849 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mgames.ru/tmd/flow/16125?lpcontext=clickt2&keyid=1vntb781dddd54956pk9&sub_id_4=2111081546716a6c6cf33f481799d05c0c96&backurl=https://Voip2021.t.me HTTP 302
    http://lpage1.tele2.ru/?serviceId=134776705&subId=8691272732 Page URL
  2. http://85.119.146.30:45080/47e884afa2a255affe4e87ea3564e589/space/mt/redirect?status=trafback&service=hustler-private.com&ext_id=98a4f4c85f5d2b7cc7c5f8032fda760b&hash=25138b7be74266de6e46d71219676f19&blr=0&resultCode=456&serviceId=134776705 HTTP 302
    http://tmd.interakt.ru/backurl?status=trafback&service_id=16125&wb_subscription_id=8691272732&order_id=700000727-4b77aa21-c635-454c-866a-6b5a73afba01&abonent=N%2FA&result_code=456&resultCode=456&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F108.0.5359.124%20Safari%2F537.36&ip=89.238.178.75&redirect_ip=89.238.178.75 HTTP 302
    https://voip2021.t.me/?result_code=456 HTTP 302
    https://t.me/voip2021?result_code=456 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mgames.ru/tmd/flow/16125?lpcontext=clickt2&keyid=1vntb781dddd54956pk9&sub_id_4=2111081546716a6c6cf33f481799d05c0c96&backurl=https://Voip2021.t.me HTTP 302
  • http://lpage1.tele2.ru/?serviceId=134776705&subId=8691272732

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
lpage1.tele2.ru/
Redirect Chain
  • http://mgames.ru/tmd/flow/16125?lpcontext=clickt2&keyid=1vntb781dddd54956pk9&sub_id_4=2111081546716a6c6cf33f481799d05c0c96&backurl=https://Voip2021.t.me
  • http://lpage1.tele2.ru/?serviceId=134776705&subId=8691272732
198 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://lpage1.tele2.ru/?serviceId=134776705&subId=8691272732
Protocol
HTTP/1.0
Server
194.176.96.130 , Russian Federation, ASN13116 (TELE2RU, SE),
Reverse DNS
Software
/
Resource Hash
411de3749c7e96d31b46b56a7cff1a1be9784ff1480b6f5b1ba46d88b553e181
Security Headers
Name Value
Content-Security-Policy frame-options 'self'
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Cteonnt-Length
202697
MIME-Version
1.0
content-security-policy
frame-options 'self'
date
Sat, 24 Dec 2022 10:07:29 GMT
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
89
Content-Type
text/html; charset=utf-8
Date
Sat, 24 Dec 2022 10:07:29 GMT
Location
http://lpage1.tele2.ru:80?serviceId=134776705&subId=8691272732
Server
nginx/1.10.2
file-1.js
lp.tele2.ru/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://lp.tele2.ru:8060/js/file-1.js?service_id=18302&service_name=Hustler&region_id=null&error_URL=http%3a%2f%2f85.119.146.30%3a45080%2f47e884afa2a255affe4e87ea3564e589%2fspace%2fmt%2fredirect%3fstatus%3dtrafback%26service%3dhustler-private.com%26ext_id%3d98a4f4c85f5d2b7cc7c5f8032fda760b%26hash%3d25138b7be74266de6e46d71219676f19%26blr%3d0%26resultCode%3d456%26serviceId%3d134776705null
Requested by
Host: lpage1.tele2.ru
URL: http://lpage1.tele2.ru/?serviceId=134776705&subId=8691272732
Protocol
HTTP/1.1
Server
194.176.96.130 , Russian Federation, ASN13116 (TELE2RU, SE),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
59df3c296edaaf3ff5b7eb50d6660f73e975e8594b82a9bacfe379c0d9a4691c

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://lpage1.tele2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Thu, 05 Mar 2020 05:38:47 GMT
Server
nginx/1.13.5
ETag
"5e609067-51f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1311
script_main.js
lp.tele2.ru/js/ 		835 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://lp.tele2.ru:8060/js/script_main.js
Requested by
Host: lpage1.tele2.ru
URL: http://lpage1.tele2.ru/?serviceId=134776705&subId=8691272732
Protocol
HTTP/1.1
Server
194.176.96.130 , Russian Federation, ASN13116 (TELE2RU, SE),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
95ce825cc1533182193baba580bea9ba60a37db6f994aafe97b9d79b58af055c

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://lpage1.tele2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Mon, 02 Mar 2020 16:30:26 GMT
Server
nginx/1.13.5
ETag
"5e5d34a2-343"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
835
2916609606b0c16e46
track.enkidusystems.com/j/ 		160 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.enkidusystems.com/j/2916609606b0c16e46
Requested by
Host: lp.tele2.ru
URL: http://lp.tele2.ru:8060/js/file-1.js?service_id=18302&service_name=Hustler&region_id=null&error_URL=http%3a%2f%2f85.119.146.30%3a45080%2f47e884afa2a255affe4e87ea3564e589%2fspace%2fmt%2fredirect%3fstatus%3dtrafback%26service%3dhustler-private.com%26ext_id%3d98a4f4c85f5d2b7cc7c5f8032fda760b%26hash%3d25138b7be74266de6e46d71219676f19%26blr%3d0%26resultCode%3d456%26serviceId%3d134776705null
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.243 , United States, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
opticksconversions.com
Software
/
Resource Hash
7e27fe2da4f26834802a73f551cf3d8a3561f25d9b4b2c1f864cfd2c327c79b8

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://lpage1.tele2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
Accept-CH
Width, Viewport-Width, Viewport-Height, Device-Memory, Content-DPR, DPR, Save-Data, Downlink, ECT, RTT, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
ETag
7ef8e7aa63a6cf62aa8fb20cf950f33d--gzip
Vary
Accept-Encoding, User-Agent
Content-Type
text/javascript;charset=utf-8
Cache-Control
private, max-age=0, no-cache, must-revalidate
Connection
close
truncated
/ 		46 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
429e02d0cf19281b581c2c22ea1f2046864d55446c4ee5c40fcb6983d2d9e188

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://lpage1.tele2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a93511f23d9eb1b5c868b1d07aa530c122ff100f5b8001882be1f1282ded75a7

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://lpage1.tele2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

Referer
http://lpage1.tele2.ru/
Origin
http://lpage1.tele2.ru
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1806c5b24cf5737715f48b9ccc43380702981e1abfb2ac4ce74c30d26b74cf8a

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://lpage1.tele2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/avif
truncated
/ 		331 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://lpage1.tele2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jp2
2916609606b0c16e46
track.enkidusystems.com/h/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://track.enkidusystems.com/h/2916609606b0c16e46?opticks-url=http%3A%2F%2Flpage1.tele2.ru%2F%3FserviceId%3D134776705%26subId%3D8691272732&response-opticks-version=v3&_t0=1671876450922&_t1=1671876451082&_t2=1671876451082&_opth8JonEmwP38x=b742be94&_m=1uc&serviceId=134776705&subId=8691272732&version=v3&var1=18302&var2=Hustler&fallback_url=http%3a%2f%2f85.119.146.30%3a45080%2f47e884afa2a255affe4e87ea3564e589%2fspace%2fmt%2fredirect%3fstatus%3dtrafback%26service%3dhustler-private.com%26ext_id%3d98a4f4c85f5d2b7cc7c5f8032fda760b%26hash%3d25138b7be74266de6e46d71219676f19%26blr%3d0%26resultCode%3d456%26serviceId%3d134776705null&b=c2VydmljZV9pZD0xODMwMiZzZXJ2aWNlX25hbWU9SHVzdGxlciZyZWdpb25faWQ9bnVsbCZlcnJvcl9VUkw9aHR0cCUzYSUyZiUyZjg1LjExOS4xNDYuMzAlM2E0NTA4MCUyZjQ3ZTg4NGFmYTJhMjU1YWZmZTRlODdlYTM1NjRlNTg5JTJmc3BhY2UlMmZtdCUyZnJlZGlyZWN0JTNmc3RhdHVzJTNkdHJhZmJhY2slMjZzZXJ2aWNlJTNkaHVzdGxlci1wcml2YXRlLmNvbSUyNmV4dF9pZCUzZDk4YTRmNGM4NWY1ZDJiN2NjN2M1ZjgwMzJmZGE3NjBiJTI2aGFzaCUzZDI1MTM4YjdiZTc0MjY2ZGU2ZTQ2ZDcxMjE5Njc2ZjE5JTI2YmxyJTNkMCUyNnJlc3VsdENvZGUlM2Q0NTYlMjZzZXJ2aWNlSWQlM2QxMzQ3NzY3MDVudWxs
Requested by
Host: track.enkidusystems.com
URL: https://track.enkidusystems.com/j/2916609606b0c16e46
Protocol
HTTP/1.1
Server
62.212.87.244 , United States, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
opticksconversions.com
Software
/
Resource Hash

Request headers

Referer
http://lpage1.tele2.ru/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Content-Length
1305
Primary Request voip2021
t.me/
Redirect Chain
  • http://85.119.146.30:45080/47e884afa2a255affe4e87ea3564e589/space/mt/redirect?status=trafback&service=hustler-private.com&ext_id=98a4f4c85f5d2b7cc7c5f8032fda760b&hash=25138b7be74266de6e46d71219676f...
  • http://tmd.interakt.ru/backurl?status=trafback&service_id=16125&wb_subscription_id=8691272732&order_id=700000727-4b77aa21-c635-454c-866a-6b5a73afba01&abonent=N%2FA&result_code=456&resultCode=456&ua...
  • https://voip2021.t.me/?result_code=456
  • https://t.me/voip2021?result_code=456
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.me/voip2021?result_code=456
Requested by
Host: track.enkidusystems.com
URL: https://track.enkidusystems.com/j/2916609606b0c16e46
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Motala, Sweden, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1b1aaf0bf1e7219cfc44b70c70c777ac152fea64bd964a1d61ccc3adad53968c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://web.telegram.org
Strict-Transport-Security max-age=35768000
X-Frame-Options ALLOW-FROM https://web.telegram.org

Request headers

Referer
http://lpage1.tele2.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-length
4299
content-security-policy
frame-ancestors https://web.telegram.org
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 10:07:32 GMT
pragma
no-cache
server
nginx/1.18.0
strict-transport-security
max-age=35768000
x-frame-options
ALLOW-FROM https://web.telegram.org

Redirect headers

cache-control
no-store
content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:32 GMT
location
https://t.me/voip2021?result_code=456
pragma
no-cache
server
nginx/1.18.0
strict-transport-security
max-age=35768000
x-redirect-host
voip2021.t.me
font-roboto.css
telegram.org/css/ 		6 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/font-roboto.css?1
Requested by
Host: t.me
URL: https://t.me/voip2021?result_code=456
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Motala, Sweden, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
W/"63512b7d-1816"
content-type
text/css
cache-control
max-age=345600
expires
Wed, 28 Dec 2022 10:07:32 GMT
bootstrap.min.css
telegram.org/css/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/bootstrap.min.css?3
Requested by
Host: t.me
URL: https://t.me/voip2021?result_code=456
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Motala, Sweden, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-a61b"
content-type
text/css
cache-control
max-age=345600
expires
Wed, 28 Dec 2022 10:07:32 GMT
telegram.css
telegram.org/css/ 		112 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/telegram.css?233
Requested by
Host: t.me
URL: https://t.me/voip2021?result_code=456
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Motala, Sweden, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
48f03e2042aed020d16c82113580135e61418ed8729380e7362f0eedb60572cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 12:06:59 GMT
server
nginx/1.18.0
etag
W/"637b69e3-1c08c"
content-type
text/css
cache-control
max-age=345600
expires
Wed, 28 Dec 2022 10:07:32 GMT
PskpwOvoIkgKcbXJfPltdYJVeROTL4Et2VtsWMYWBKwtPzcszEoXDz7-FM15R0BbtQ-mk1XoiqPvJRxIVwvVdQecLQHS6KZYe2Pb2Bjo6Ap8m4Ks7MTH9Ri8CNJH8dNvS9VCv337-laUOhoHoXYntAp5b1X35xIs3oKcnGUlDHMTxN9CnDNqU8I03WsPzPbqFuLCm...
cdn4.telegram-cdn.org/file/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/PskpwOvoIkgKcbXJfPltdYJVeROTL4Et2VtsWMYWBKwtPzcszEoXDz7-FM15R0BbtQ-mk1XoiqPvJRxIVwvVdQecLQHS6KZYe2Pb2Bjo6Ap8m4Ks7MTH9Ri8CNJH8dNvS9VCv337-laUOhoHoXYntAp5b1X35xIs3oKcnGUlDHMTxN9CnDNqU8I03WsPzPbqFuLCmxOLwaVQzZLHHPFBHoGqx8AEFvvIOvEND1clPdbNs2lMjIB1C66h-rS2n7bPNSf9XCvoHxWu1xYcDbeVWOSWMo9oCcA-SRTT0KOTZ2MN8SjRuOD0pCO_h0l4kP0DqsDV7wYavmTZxA3Xxb5lRg.jpg
Requested by
Host: t.me
URL: https://t.me/voip2021?result_code=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
643c06b770fd0173adcab1484ed057537d7a0aa1e60ba30b4523d74a4f6101c7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:32 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12769
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"b40f88900dd45b34fdcf308298d7a488c8738b8d"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
tgwallpaper.min.js
telegram.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/tgwallpaper.min.js?3
Requested by
Host: t.me
URL: https://t.me/voip2021?result_code=456
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Motala, Sweden, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 19:57:25 GMT
server
nginx/1.18.0
etag
W/"62211da5-ba3"
content-type
application/javascript
cache-control
max-age=345600
expires
Wed, 28 Dec 2022 10:07:32 GMT
pattern.svg
telegram.org/img/tgme/ 		225 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/tgme/pattern.svg
Requested by
Host: telegram.org
URL: https://telegram.org/css/telegram.css?233
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Motala, Sweden, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://telegram.org/css/telegram.css?233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:32 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 09:45:08 GMT
server
nginx/1.18.0
etag
W/"62208e24-385d7"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=345600
expires
Wed, 28 Dec 2022 10:07:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Motala, Sweden, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://t.me
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:33 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b20"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11040
expires
Wed, 28 Dec 2022 10:07:33 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Motala, Sweden, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://t.me
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:33 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b14"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11028
expires
Wed, 28 Dec 2022 10:07:33 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
telegram.org/fonts/Roboto/ 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Motala, Sweden, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
41b5c3b25f4258190937deb900fa57a6db6d450ce7dd2af2259af760119a1c41

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://t.me
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:33 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-193c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
6460
expires
Wed, 28 Dec 2022 10:07:33 GMT
tg://resolve?domain=voip2021
tg://resolve?domain=voip2021 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
resolve
URL
tg://resolve?domain=voip2021

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| TWallpaper string| protoUrl undefined| iframeContEl undefined| iframeEl undefined| pageHidden object| tme_bg function| toggleTheme object| darkMedia

2 Cookies

Domain/Path Name / Value
lpage1.tele2.ru/ Name: JSESSIONID
Value: 57093EBDDB83DB83B08D781D722DA435
t.me/ Name: stel_ssid
Value: 74791090f0d824d182_9558524124430291939

3 Console Messages

Source Level URL
Text
security error URL: http://lpage1.tele2.ru/?serviceId=134776705&subId=8691272732
Message:
Unrecognized Content-Security-Policy directive 'frame-options'.
security error URL: https://track.enkidusystems.com/j/2916609606b0c16e46
Message:
Unrecognized Content-Security-Policy directive 'frame-options'.
security error URL: https://track.enkidusystems.com/j/2916609606b0c16e46
Message:
Unrecognized Content-Security-Policy directive 'frame-options'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-options 'self'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn4.telegram-cdn.org
lp.tele2.ru
lpage1.tele2.ru
mgames.ru
resolve
t.me
telegram.org
tmd.interakt.ru
track.enkidusystems.com
voip2021.t.me
resolve
194.176.96.130
2001:67c:4e8:f004::9
34.111.35.152
62.212.87.243
62.212.87.244
85.119.146.30
93.158.192.224
93.158.192.30
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1806c5b24cf5737715f48b9ccc43380702981e1abfb2ac4ce74c30d26b74cf8a
1b1aaf0bf1e7219cfc44b70c70c777ac152fea64bd964a1d61ccc3adad53968c
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
411de3749c7e96d31b46b56a7cff1a1be9784ff1480b6f5b1ba46d88b553e181
41b5c3b25f4258190937deb900fa57a6db6d450ce7dd2af2259af760119a1c41
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
429e02d0cf19281b581c2c22ea1f2046864d55446c4ee5c40fcb6983d2d9e188
48f03e2042aed020d16c82113580135e61418ed8729380e7362f0eedb60572cf
59df3c296edaaf3ff5b7eb50d6660f73e975e8594b82a9bacfe379c0d9a4691c
643c06b770fd0173adcab1484ed057537d7a0aa1e60ba30b4523d74a4f6101c7
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7e27fe2da4f26834802a73f551cf3d8a3561f25d9b4b2c1f864cfd2c327c79b8
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
95ce825cc1533182193baba580bea9ba60a37db6f994aafe97b9d79b58af055c
a93511f23d9eb1b5c868b1d07aa530c122ff100f5b8001882be1f1282ded75a7
daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3