urlscan.io logo urlscan.io
SecurityTrails logo

t.me Open in urlscan Pro
2001:67c:4e8:f004::9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bank.tito.finance.ibnux.com/
Effective URL: https://t.me/iBNuX_Apps/11
Submission: On September 19 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2001:67c:4e8:f004::9, located in Amsterdam, Netherlands and belongs to TELEGRAM, VG. The main domain is t.me. The Cisco Umbrella rank of the primary domain is 15779.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 6th 2023. Valid for: a year.
This is the only time t.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 103.25.195.242 132652 (IDNIC-UNI...)
17 2001:67c:4e8:... 62041 (TELEGRAM)
1 34.111.108.175 396982 (GOOGLE-CL...)
1 149.154.167.99 62041 (TELEGRAM)
22 5
Apex Domain
Subdomains		 Transfer
14 telegram.org
telegram.org — Cisco Umbrella Rank: 10128
207 KB
3 t.me
t.me — Cisco Umbrella Rank: 15779
12 KB
2 ibnux.com
bank.tito.finance.ibnux.com
977 B
1 tg.dev
oauth.tg.dev — Cisco Umbrella Rank: 105283
6 KB
1 cdn-telegram.org
cdn5.cdn-telegram.org — Cisco Umbrella Rank: 50166
6 KB
0 Failed
function sub() { [native code] }. Failed
22 6
Domain Requested by
14 telegram.org t.me
telegram.org
3 t.me telegram.org
t.me
2 bank.tito.finance.ibnux.com
1 oauth.tg.dev t.me
1 cdn5.cdn-telegram.org t.me
0 resolve Failed t.me
22 6

This site contains links to these domains. Also see Links.

Domain
telegram.org
Subject Issuer Validity Valid
bank.tito.finance.ibnux.com
R11		 2024-07-21 -
2024-10-19		 3 months crt.sh
*.t.me
Go Daddy Secure Certificate Authority - G2		 2023-10-06 -
2024-11-06		 a year crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2024-08-10 -
2025-09-11		 a year crt.sh
cdn1.cdn-telegram.org
WR3		 2024-08-21 -
2024-11-19		 3 months crt.sh
*.tg.dev
Go Daddy Secure Certificate Authority - G2		 2024-04-06 -
2025-05-08		 a year crt.sh

This page contains 2 frames:

Frame: tg://resolve?domain=iBNuX_Apps&post=11
Frame ID: BDDD330621D8822212094B7C0F902559
Requests: 12 HTTP requests in this frame

Frame: https://t.me/iBNuX_Apps/11?embed=1&mode=tme
Frame ID: 8EFE55494B46ACDD36C9EC408D762B3F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telegram: Contact @iBNuX_Apps

Page URL History Show full URLs

  1. http://bank.tito.finance.ibnux.com/ HTTP 307
    https://bank.tito.finance.ibnux.com/ Page URL
  2. https://t.me/iBNuX_Apps/11 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

22
Requests

95 %
HTTPS

25 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

233 kB
Transfer

715 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bank.tito.finance.ibnux.com/ HTTP 307
    https://bank.tito.finance.ibnux.com/ Page URL
  2. https://t.me/iBNuX_Apps/11 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bank.tito.finance.ibnux.com/ HTTP 307
  • https://bank.tito.finance.ibnux.com/

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bank.tito.finance.ibnux.com/
Redirect Chain
  • http://bank.tito.finance.ibnux.com/
  • https://bank.tito.finance.ibnux.com/
159 B
502 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bank.tito.finance.ibnux.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.25.195.242 Karawang, Indonesia, ASN132652 (IDNIC-UNINA-AS-ID PT. Cahaya Buana Raksa, ID),
Reverse DNS
ipv4-195.25.as132652.cbr.net.id
Software
Apache /
Resource Hash
59765fdac1a385f200a64d2939ce76c617d58277622d0df3a4ec072ad64f2290

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
137
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 Sep 2024 03:05:10 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding

Redirect headers

Location
https://bank.tito.finance.ibnux.com/
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
bank.tito.finance.ibnux.com/ 		159 B
475 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bank.tito.finance.ibnux.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.25.195.242 Karawang, Indonesia, ASN132652 (IDNIC-UNINA-AS-ID PT. Cahaya Buana Raksa, ID),
Reverse DNS
ipv4-195.25.as132652.cbr.net.id
Software
Apache /
Resource Hash
59765fdac1a385f200a64d2939ce76c617d58277622d0df3a4ec072ad64f2290

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.tito.finance.ibnux.com/

Response headers

Access-Control-Max-Age
86400
Content-Encoding
gzip
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
137
Keep-Alive
timeout=5, max=99
Date
Thu, 19 Sep 2024 03:05:10 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Server
Apache
Primary Request 11
t.me/iBNuX_Apps/ 		36 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.me/iBNuX_Apps/11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
07cdb23e1c9d3a230f533eec9069a3183b0a18e7692dfd76c4cd3c536d01bc3f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://web.telegram.org
Strict-Transport-Security max-age=35768000
X-Frame-Options ALLOW-FROM https://web.telegram.org

Request headers

Referer
https://bank.tito.finance.ibnux.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-encoding
gzip
content-length
8900
content-security-policy
frame-ancestors https://web.telegram.org
content-type
text/html; charset=utf-8
date
Thu, 19 Sep 2024 03:05:13 GMT
pragma
no-cache
server
nginx/1.18.0
strict-transport-security
max-age=35768000
x-frame-options
ALLOW-FROM https://web.telegram.org
font-roboto.css
telegram.org/css/ 		6 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/font-roboto.css?1
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.me/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"63512b7d-1816"
expires
Mon, 23 Sep 2024 03:05:13 GMT
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
text/css
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
bootstrap.min.css
telegram.org/css/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/bootstrap.min.css?3
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.me/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"5a05e7c6-a61b"
expires
Mon, 23 Sep 2024 03:05:13 GMT
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
text/css
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
telegram.css
telegram.org/css/ 		112 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/telegram.css?240
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
83b8f4380fd44f4f399db9be9b3dffec7957bd250fd26855eb4975f26df93946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.me/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"66ac2aa6-1c1e5"
expires
Mon, 23 Sep 2024 03:05:13 GMT
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
text/css
last-modified
Fri, 02 Aug 2024 00:39:02 GMT
server
nginx/1.18.0
telegram-widget.js
telegram.org/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-widget.js?22
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.me/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"642abc84-4ff5"
expires
Mon, 23 Sep 2024 03:05:13 GMT
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
application/javascript
last-modified
Mon, 03 Apr 2023 11:46:12 GMT
server
nginx/1.18.0
tgwallpaper.min.js
telegram.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/tgwallpaper.min.js?3
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.me/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"62211da5-ba3"
expires
Mon, 23 Sep 2024 03:05:13 GMT
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
application/javascript
last-modified
Thu, 03 Mar 2022 19:57:25 GMT
server
nginx/1.18.0
pattern.svg
telegram.org/img/tgme/ 		226 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/tgme/pattern.svg?1
Requested by
Host: telegram.org
URL: https://telegram.org/css/telegram.css?240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://telegram.org/css/telegram.css?240

Response headers

cache-control
max-age=345600
content-encoding
gzip
etag
W/"63b70e44-3891a"
expires
Mon, 23 Sep 2024 03:05:13 GMT
access-control-allow-origin
*
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
image/svg+xml
last-modified
Thu, 05 Jan 2023 17:52:04 GMT
server
nginx/1.18.0
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.me
Referer
https://telegram.org/css/font-roboto.css?1

Response headers

cache-control
max-age=345600
etag
"63512b7d-2b20"
expires
Mon, 23 Sep 2024 03:05:13 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11040
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
application/octet-stream
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.me
Referer
https://telegram.org/css/font-roboto.css?1

Response headers

cache-control
max-age=345600
etag
"63512b7d-2b14"
expires
Mon, 23 Sep 2024 03:05:13 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11028
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
application/octet-stream
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
11
t.me/iBNuX_Apps/ Frame 8EFE 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.me/iBNuX_Apps/11?embed=1&mode=tme
Requested by
Host: telegram.org
URL: https://telegram.org/js/telegram-widget.js?22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
40f3168729151fa30b2ebf918f3632e397c2fe6ae89d56fe9e8dcc2acc48bc1c
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://t.me/iBNuX_Apps/11
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-encoding
gzip
content-length
2974
content-type
text/html; charset=utf-8
date
Thu, 19 Sep 2024 03:05:13 GMT
pragma
no-cache
server
nginx/1.18.0
strict-transport-security
max-age=35768000
font-roboto.css
telegram.org/css/ Frame 8EFE 		6 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/font-roboto.css?1
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11?embed=1&mode=tme
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.me/

Response headers

cache-control
max-age=345600
content-encoding
gzip
etag
W/"63512b7d-1816"
expires
Mon, 23 Sep 2024 03:05:13 GMT
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
text/css
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
widget-frame.css
telegram.org/css/ Frame 8EFE 		81 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/widget-frame.css?67
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11?embed=1&mode=tme
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2a7e2558281ec152c1b9b5dfc36b93d173fe0de4ac2aa171499bf59e4d113977
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.me/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"660c36b3-145c6"
expires
Mon, 23 Sep 2024 03:05:13 GMT
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
text/css
last-modified
Tue, 02 Apr 2024 16:47:47 GMT
server
nginx/1.18.0
jNeHwF4tFfW3--fDTohaIZqXonHjquUUzNo6QoHxGIRMWlM14NW1vKuJCcOIk8WZlue519u-T9kQgR5quH9OE4QHNNxlsKwC2lZ89g3LJD0MCpXNyNfNXfosidkHvpKv0gkllaUgrWNeZfOqM-cmy0giOU7ADc-2Fn1CyoBMh6e8OfBt0J4tjII_nc1lHvsYI-DoM...
cdn5.cdn-telegram.org/file/ Frame 8EFE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.cdn-telegram.org/file/jNeHwF4tFfW3--fDTohaIZqXonHjquUUzNo6QoHxGIRMWlM14NW1vKuJCcOIk8WZlue519u-T9kQgR5quH9OE4QHNNxlsKwC2lZ89g3LJD0MCpXNyNfNXfosidkHvpKv0gkllaUgrWNeZfOqM-cmy0giOU7ADc-2Fn1CyoBMh6e8OfBt0J4tjII_nc1lHvsYI-DoMB4lDiuQXxqEcJYpp2UYDF1mPmuePLCUUdA__7KLbcijzCJs8I1vw4qiyp90fOuMrX3siakmMAZjzkLgTCVhddohoTLn2tImT89jJ90YnsbPljsBr4AZ393fqtFf2KrvMEW71oepMdCNGQ9P8w.jpg
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11?embed=1&mode=tme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.108.175 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.108.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
4239cc60db11a3b7139e88c82d43d0928b243a6ccc188559ef974cfa5bef69af
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.me/

Response headers

access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
etag
"b3a42368a25396a5cc704e7fa9e925e32f1e5363"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 03:05:14 GMT
content-type
image/jpeg
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; sandbox
cache-control
max-age=3600,public
via
1.1 google
accept-ranges
bytes, bytes
access-control-allow-origin
*
content-length
5646
x-xss-protection
1; mode=block
server
nginx/1.18.0
telegram-widget.js
oauth.tg.dev/js/ Frame 8EFE 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.tg.dev/js/telegram-widget.js?22
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11?embed=1&mode=tme
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.me/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"642abc84-4ff5"
expires
Mon, 23 Sep 2024 03:05:13 GMT
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
application/javascript
last-modified
Mon, 03 Apr 2023 11:46:12 GMT
server
nginx/1.18.0
widget-frame.js
telegram.org/js/ Frame 8EFE 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/widget-frame.js?62
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11?embed=1&mode=tme
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.me/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"6441889b-16f16"
expires
Mon, 23 Sep 2024 03:05:13 GMT
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
application/javascript
last-modified
Thu, 20 Apr 2023 18:46:51 GMT
server
nginx/1.18.0
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ Frame 8EFE 		11 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.me
Referer
https://telegram.org/css/font-roboto.css?1

Response headers

cache-control
max-age=345600
etag
"63512b7d-2b14"
expires
Mon, 23 Sep 2024 03:05:13 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11028
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
application/octet-stream
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ Frame 8EFE 		11 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.me
Referer
https://telegram.org/css/font-roboto.css?1

Response headers

cache-control
max-age=345600
etag
"63512b7d-2b20"
expires
Mon, 23 Sep 2024 03:05:13 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11040
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
application/octet-stream
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
truncated
/ Frame 8EFE 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b94f9f44f856214aef5e9577fa298f6bb106f74a0e9560f0e8a87adff0337200

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8EFE 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70e10811b989efbd48d9332087ea5f99a9b9ba63513aed3652a5b2293a552819

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8EFE 		683 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ Frame 8EFE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.me
Referer
https://telegram.org/css/font-roboto.css?1

Response headers

cache-control
max-age=345600
etag
"63512b7d-2b40"
expires
Mon, 23 Sep 2024 03:05:13 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11072
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
application/octet-stream
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
tg://resolve?domain=iBNuX_Apps&post=11
tg://resolve?domain=iBNuX_Apps&post=11 		0
0
11
t.me/iBNuX_Apps/ Frame 8EFE 		4 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.me/iBNuX_Apps/11?embed=1&mode=tme
Requested by
Host: t.me
URL: https://t.me/iBNuX_Apps/11?embed=1&mode=tme
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://t.me/iBNuX_Apps/11?embed=1&mode=tme

Response headers

strict-transport-security
max-age=35768000
cache-control
no-store
content-encoding
gzip
pragma
no-cache
content-length
24
date
Thu, 19 Sep 2024 03:05:13 GMT
content-type
application/json; charset=utf-8
server
nginx/1.18.0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
resolve
URL
tg://resolve?domain=iBNuX_Apps&post=11

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| __parseFunction object| Telegram object| TWallpaper string| protoUrl object| tme_bg function| toggleTheme object| darkMedia function| toggleEmbed function| selectEmbedCode function| copyEmbedCode function| pauseWallpaper function| checkActionsPosition function| postMessageHandler object| observer

3 Cookies

Domain/Path Name / Value
t.me/ Name: stel_ssid
Value: 61c24cb21975394363_16662738220486518128
t.me/ Name: stel_on
Value: 1
t.me/ Name: stel_dt
Value: -120

1 Console Messages

Source Level URL
Text
other error URL: https://t.me/iBNuX_Apps/11
Message:
Not allowed to launch 'tg://resolve?domain=iBNuX_Apps&post=11' because a user gesture is required.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.tito.finance.ibnux.com
cdn5.cdn-telegram.org
oauth.tg.dev
resolve
t.me
telegram.org
resolve
103.25.195.242
149.154.167.99
2001:67c:4e8:f004::9
34.111.108.175
07cdb23e1c9d3a230f533eec9069a3183b0a18e7692dfd76c4cd3c536d01bc3f
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
2a7e2558281ec152c1b9b5dfc36b93d173fe0de4ac2aa171499bf59e4d113977
40f3168729151fa30b2ebf918f3632e397c2fe6ae89d56fe9e8dcc2acc48bc1c
4239cc60db11a3b7139e88c82d43d0928b243a6ccc188559ef974cfa5bef69af
59765fdac1a385f200a64d2939ce76c617d58277622d0df3a4ec072ad64f2290
70e10811b989efbd48d9332087ea5f99a9b9ba63513aed3652a5b2293a552819
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
83b8f4380fd44f4f399db9be9b3dffec7957bd250fd26855eb4975f26df93946
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b94f9f44f856214aef5e9577fa298f6bb106f74a0e9560f0e8a87adff0337200
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3