madebybmr.dad Open in urlscan Pro
2606:4700:3034::6815:87b  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response madebybmr.dad/k/	24 KB 8 KB	428ms 263ms	Document text/html	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/?tgWebAppStartParam=7857930626 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash 3098de316b3ba57b17f0f30afc89e0ba01fdf182bbedec1eb55c6251ac2cd19e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control public, max-age=0 cf-cache-status DYNAMIC cf-ray 8e22c3a0ce680c8e-EWR content-encoding zstd content-type text/html; charset=UTF-8 date Thu, 14 Nov 2024 00:07:56 GMT last-modified Wed, 06 Nov 2024 22:05:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MyD2yruXlDDkC96t0I2kYmyRamxYAVrA0zD0zaZU3mvVIbMvH7ZZJqO51h6AQgl6GPs8uingGMgvR%2BJCaCgMFNu6hL11HGnQ13aOpDrbA6p5r6ZxjHks%2Fz58Q5uqhOM3aDJ7730RayUGcy8y"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=3526&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3908&recv_bytes=2313&delivery_rate=1696763&cwnd=253&unsent_bytes=0&cid=44300d85f31660a3&ts=274&x=0" x-powered-by Express
GET H2	200	telegram-web-app.js Show response telegram.org/js/	75 KB 18 KB	326ms 154ms	Script application/javascript	2001:67c:4e8:f004::9
General Check archive.org Show headers Download Go to Full URL https://telegram.org/js/telegram-web-app.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/?tgWebAppStartParam=7857930626 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN (), Reverse DNS Software nginx/1.18.0 / Resource Hash cc0ef11d935a100c3bf8145b2dd16ba91d6c9a88958be5e0e4fc4cac19230d5d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://madebybmr.dad/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=345600 content-encoding gzip etag W/"673247fe-12a37" expires Mon, 18 Nov 2024 00:07:56 GMT date Thu, 14 Nov 2024 00:07:56 GMT content-type application/javascript last-modified Mon, 11 Nov 2024 18:07:58 GMT server nginx/1.18.0
GET H3	200	index-CUunZKC8.js Show response madebybmr.dad/k/	133 KB 54 KB	394ms 393ms	Script application/javascript	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/index-CUunZKC8.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/?tgWebAppStartParam=7857930626 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash bab7882b18cbc816b7c8d4d3225ff40c8e57a8a8b99a09750310ed44fade0146 Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer https://madebybmr.dad/k/?tgWebAppStartParam=7857930626 Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"666b22fa-21255" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFOGKtMGf3OLDZ9Rux8e2CjNVXmQP9BI3RsHAutWXtr73XQzKigwk9hUi1uWTQ3onpKGjfMaiuCPqt6V8N8pptRyxP6U27z2O6%2F8TMJ4g3%2Flgt9yJ4VByOJHieBuz8%2Fmdc4RpoDwzK9fyZNz"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:56 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=4635&sent=15&recv=14&lost=0&retrans=0&sent_bytes=4326&recv_bytes=7236&delivery_rate=915&cwnd=12000&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=780&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type application/javascript vary Accept-Encoding last-modified Thu, 13 Jun 2024 16:48:58 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a32dc44205-EWR x-powered-by Express server cloudflare
GET H3	200	index-jdz_mo9Z.css madebybmr.dad/k/	471 KB 109 KB	416ms 415ms	Stylesheet text/css	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/index-jdz_mo9Z.css Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/?tgWebAppStartParam=7857930626 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash 63c8295829e813ca39b841ff1e8660061c51cbeaa866dc1a3770d8b7ae98ce5a Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer https://madebybmr.dad/k/?tgWebAppStartParam=7857930626 Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"666ac83c-75dd5" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9skKSB14ZVtwGNrmtipRXX7Bh8quqOh5sUFVSskEmqUpaYlv610VIX3mrNtf5bZ9ZdsSe4%2B3NLid831ua8CbpYD2LcasZv070W19EkicVHc90q1sxoOb982K30MnxmkUxJZEHnxvz6geuwh8"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:56 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3747&sent=64&recv=38&lost=0&retrans=0&sent_bytes=61207&recv_bytes=8273&delivery_rate=7233671&cwnd=43200&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=803&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type text/css vary Accept-Encoding last-modified Thu, 13 Jun 2024 10:21:48 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a32dc64205-EWR x-powered-by Express server cloudflare
GET		mtproto.worker-BC5Qgnym.js madebybmr.dad/k/	0 0
GET		crypto.worker-CfCshcpI.js madebybmr.dad/k/	0 0
GET DATA	200 OK	truncated /	369 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	crypto.worker-CfCshcpI.js Show response madebybmr.dad/k/	67 KB 27 KB	423ms 423ms	Fetch application/javascript	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/crypto.worker-CfCshcpI.js?tgWebAppStartParam=7857930626 Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071 Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://madebybmr.dad/k/?tgWebAppStartParam=7857930626 Response headers content-encoding gzip cf-cache-status MISS etag W/"6715c9c0-10d02" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dROP5Tm6NGlrecgDnVJIgJ7VYLFLVgTGJ0sY9IwBzUmCwnTbu6r%2F7MqErQaTe41vLnLLxf9IrYl71SqXjDbV15JUS7B9UtEMoWvS%2Beit03yQ3KEk5Gj21CtuTFpYhabKgWWRuIvKSYNoZtlZ"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3662&sent=526&recv=112&lost=44&retrans=44&sent_bytes=603692&recv_bytes=13409&delivery_rate=9780141&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1297&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type application/javascript vary Accept-Encoding last-modified Mon, 21 Oct 2024 03:25:52 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a63ac04205-EWR x-powered-by Express server cloudflare
GET DATA	200 OK	truncated /	59 B 59 B		Image image/jxl
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jxl
GET DATA	200 OK	truncated /	311 B 0		Image image/avif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/avif
GET H3	200	favicon.ico madebybmr.dad/k/assets/img/	15 KB 4 KB	368ms 367ms	Other image/x-icon	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/assets/img/favicon.ico?v=jw3mK7G9Ry Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash 7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523 Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://madebybmr.dad/k/?tgWebAppStartParam=7857930626 Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"6715c9c0-3aee" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXjx%2FsKiYJKcb7ghzvsrS0mZfmbXdnBlqLDtYbANlH09AJmyQhBATEvDvHGBl13%2BvnZb%2F0O2yL3KDse%2Fv1GqtPrvHPnckdmPuREUfN%2Fd%2Fpb0qd25rrmVPYlIgP198ASmB4ebK6mDsepImKCn"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3905&sent=474&recv=105&lost=44&retrans=44&sent_bytes=545788&recv_bytes=13086&delivery_rate=32322788&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1270&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type image/x-icon vary Accept-Encoding last-modified Mon, 21 Oct 2024 03:25:52 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a65ae94205-EWR x-powered-by Express server cloudflare
GET H3	200	lang-BpEKa8Us.js Show response madebybmr.dad/k/	129 KB 44 KB	381ms 380ms	Script application/javascript	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/lang-BpEKa8Us.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash 384413ba3804a6c0660d0a4607d9812775b806cc1ca386b22dba0bf7595e68ce Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer https://madebybmr.dad/k/index-CUunZKC8.js Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"666ababc-203dd" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42e%2BEroECeAwOlUV%2BIDVzNl738DFjOvJ%2FGnMdtTAiRecR8OSeKnorjtK2bBx0j%2BGx1Y0DSHFFRT53WU9hHhYw%2F6YDQtZ84uMm71Z%2FigFaxxInqq9UILSGPmrohfjh580MhL4N7GO%2FNY5iiBL"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3933&sent=481&recv=107&lost=44&retrans=44&sent_bytes=551821&recv_bytes=13177&delivery_rate=1004289&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1284&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type application/javascript vary Accept-Encoding last-modified Thu, 13 Jun 2024 09:24:12 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a65aee4205-EWR x-powered-by Express server cloudflare
GET H3	200	langSign-CN-ja8rh.js Show response madebybmr.dad/k/	2 KB 1 KB	377ms 376ms	Script application/javascript	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/langSign-CN-ja8rh.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash 2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4 Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer https://madebybmr.dad/k/index-CUunZKC8.js Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"6715c9c0-66e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BSzrrJnBIUF1BnmfNEKTLqit5wWVA7PEnYGkOtG2ls9S79TJC0FXh8ZjGNfMdh5B6lXIQy8rYmy8DH26HpoAbiQSd0j560HWcMPOFtux%2B1SK0cO6RRFnLE01Dhc%2FAdFd5ZCUzCSXOxX0EwI"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3933&sent=479&recv=107&lost=44&retrans=44&sent_bytes=550245&recv_bytes=13177&delivery_rate=1004289&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1281&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type application/javascript vary Accept-Encoding last-modified Mon, 21 Oct 2024 03:25:52 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a65aef4205-EWR x-powered-by Express server cloudflare
GET H3	200	countries-CzeCvYH8.js Show response madebybmr.dad/k/	24 KB 5 KB	389ms 389ms	Script application/javascript	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/countries-CzeCvYH8.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash 6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer https://madebybmr.dad/k/index-CUunZKC8.js Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"6715c9c0-5e21" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNYvKKeKtUW%2BzsJ7L45iqRZOA6ty2t1RQ2lJXwGgGVqqdXBjVuS4CcqaTI4F29kjUtI2u%2BA38oK1aClDIkrOICwAqW0xYcx%2FxWAI%2FOWOJYN6fXfISP%2FQ4Gozj7TOJGZGeDwNakIWJWmgRwn9"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3662&sent=521&recv=112&lost=44&retrans=44&sent_bytes=598178&recv_bytes=13409&delivery_rate=9780141&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1292&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type application/javascript vary Accept-Encoding last-modified Mon, 21 Oct 2024 03:25:52 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a65af24205-EWR x-powered-by Express server cloudflare
GET		5b783f31-ccf7-46b8-8685-0161a1824539 https://madebybmr.dad/	0 0
GET		e3bf42d4-4da1-4149-963e-a4497dfaf870 https://madebybmr.dad/	0 0
GET		30e90063-e38c-42b5-a1b3-a4fc1f8c7b6e https://madebybmr.dad/	0 0
GET H3	200	pageSignQR-Cm4CWvFV.js Show response madebybmr.dad/k/	5 KB 3 KB	238ms 237ms	Script application/javascript	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/pageSignQR-Cm4CWvFV.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash 121abedb8bfb5dc8b38cfbd02d77fcd6c99d8f6a8daf5eaedc8736c7405674e0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"15d0-192da54ade3" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77tp3jLEMvhMpWH%2F7%2FltoZjySGzFM%2BMD8HJzPwbR47isRKdrcy%2B6aBr11WPcqJGwoNJdtEj2jrXlbQsuwowqmFJr1bGd1psqJQnhNJS%2Fhtw9YfXWFwVDc02qmDElanSfvNhV3yFxceFOoYir"}],"group":"cf-nel","max_age":604800} cf-ray 8e22c3a92f374205-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=4035&sent=551&recv=121&lost=44&retrans=44&sent_bytes=631904&recv_bytes=15061&delivery_rate=4059880&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1590&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Tue, 29 Oct 2024 22:10:35 GMT
GET H3	200	page-BA7ayRgp.js Show response madebybmr.dad/k/	10 KB 5 KB	294ms 293ms	Script application/javascript	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/page-BA7ayRgp.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash 3c196730859a0697dddf181d1a9032adbbe3142198e14eeb3adc3f37912d2fef Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"666b22fa-290c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owI7jpAUHAoeLryTHdbVRtCH6PuEvbdh36qxVSmcVxawQK6jZvkssRszdh8EmrZr0U85u8b8hnGd94GSHvfkpO1QFnJfTO%2BC4Wve5E4S40KPeM%2FXXMLxMmZqVRHmj0NdaOa9ZnRS2mwTcwXh"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3758&sent=562&recv=124&lost=44&retrans=44&sent_bytes=641377&recv_bytes=15196&delivery_rate=233721&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1645&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type application/javascript vary Accept-Encoding last-modified Thu, 13 Jun 2024 16:48:58 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a92f3a4205-EWR x-powered-by Express server cloudflare
GET H3	200	button-BNhNvqrV.js Show response madebybmr.dad/k/	9 KB 5 KB	277ms 276ms	Script application/javascript	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/button-BNhNvqrV.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash 68ca75afdb969072fc8ac3bb2aa5f074900217f33ec9c8899d1138236243f282 Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"666b22fa-23c6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Drte1QvyUZYwOn3riVOJGtLmDqbZ2JYRPeSw%2FlBLVst%2FcH5LAiG%2BbNexnR29pEXdfIo6zWmyjZ7dSq1YOKAgZS7sG0aAybGRCQJdbi9K02w%2BePRpEMElSyRD8OGAknKRoRZZ3VcteHv3ayGG"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3869&sent=555&recv=122&lost=44&retrans=44&sent_bytes=635463&recv_bytes=15106&delivery_rate=15244&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1629&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type application/javascript vary Accept-Encoding last-modified Thu, 13 Jun 2024 16:48:58 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a92f3d4205-EWR x-powered-by Express server cloudflare
GET H3	200	putPreloader-Ta328mJ6.js Show response madebybmr.dad/k/	699 B 1 KB	315ms 314ms	Script application/javascript	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/putPreloader-Ta328mJ6.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash c9ed72c74273f0126b7951198d470e60b252c74c455448df207bdc7c1903f95b Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"666b22fa-2bb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUx92OXp7qp18ekdnb%2F%2BZWZGGSqeXypuTiO9VDYaSB9ESl%2Fu7067H9ELn7ECJ3zCYXdPrPaWheCT6mvZuOoK0Qzaw%2BSAZvTdpMfAhpb%2FvskCgETFtdcXBIveWMKfMqn8%2FtvEXEIdTzqQuYZZ"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3868&sent=567&recv=125&lost=44&retrans=44&sent_bytes=646623&recv_bytes=15241&delivery_rate=826309&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1668&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type application/javascript vary Accept-Encoding last-modified Thu, 13 Jun 2024 16:48:58 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a92f3e4205-EWR x-powered-by Express server cloudflare
GET H3	200	textToSvgURL-Cnw_Q8Rw.js Show response madebybmr.dad/k/	357 B 975 B	282ms 281ms	Script application/javascript	2606:4700:3034::6815:87b
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/textToSvgURL-Cnw_Q8Rw.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:87b , United States, ASN (), Reverse DNS Software cloudflare / Express Resource Hash 88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998 Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"6715c9c0-165" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wN0yr7VVFG%2BR0FCR57NObPTbEyaW6deHlNQdjXOO0NiIdgGwqxdIxYXol65YdF4hoO%2FIdQgqn3EKzmXD5Bu4It%2BziV6MNEBMubdFUSLUy9NaeHlPoranU9tu91W1Ril2f3TOEqd7DcENhJCw"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3728&sent=560&recv=123&lost=44&retrans=44&sent_bytes=640355&recv_bytes=15151&delivery_rate=1068513&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1635&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:57 GMT content-type application/javascript vary Accept-Encoding last-modified Mon, 21 Oct 2024 03:25:52 GMT x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3a92f404205-EWR x-powered-by Express server cloudflare
GET H3	200	qr-code-styling-CvBVNv73.js Show response madebybmr.dad/k/	65 KB 0	314ms 314ms	Script application/javascript
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/qr-code-styling-CvBVNv73.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Express Resource Hash 4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896 Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"6715c9c0-10251" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3KKyv%2FOCPx99iH6GCVuY9TaFkAZCKB6dFHijyATrbsmGO1ZkAMAfNGiOZOHVe%2FvzWDlY2G0NC%2BY9ZLjg%2FLch%2FByu7Q8NeCfSrGK4X70kXJOb07htK8xrnMFowN36pZR03NHbITDIuciuPCe"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3589&sent=571&recv=129&lost=44&retrans=44&sent_bytes=648817&recv_bytes=15981&delivery_rate=3245&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1985&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:58 GMT content-type application/javascript last-modified Mon, 21 Oct 2024 03:25:52 GMT vary Accept-Encoding x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3ab2a394205-EWR x-powered-by Express server cloudflare
GET H3	200	_commonjsHelpers-Cpj98o6Y.js Show response madebybmr.dad/k/	290 B 0	297ms 297ms	Script application/javascript
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/_commonjsHelpers-Cpj98o6Y.js Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/index-CUunZKC8.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Express Resource Hash 7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48 Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://madebybmr.dad Referer Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"6715c9bf-122" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7c7t%2FeybgSZoGTpbx1i%2FJxU0uAJvUEznhQeFxZiMpt2h%2BC0oj%2BbHVhV58RFOdF5LPf%2BoI%2BJZMig1zTjxz8Q3kbYpN4RpAJToSMkxSp%2BtrVOO2h49H38e0U1Yz%2Fm9IQ1QBefHMk90GQRZUwM"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:07:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3714&sent=570&recv=128&lost=44&retrans=44&sent_bytes=647873&recv_bytes=15936&delivery_rate=259193&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=1968&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:07:58 GMT content-type application/javascript last-modified Mon, 21 Oct 2024 03:25:51 GMT vary Accept-Encoding x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3ab2a3e4205-EWR x-powered-by Express server cloudflare
GET H3	200	logo_padded.svg Show response madebybmr.dad/k/assets/img/	1 KB 0	310ms 310ms	Fetch image/svg+xml
General Check archive.org Show headers Download Go to Full URL https://madebybmr.dad/k/assets/img/logo_padded.svg Requested by Host: madebybmr.dad URL: https://madebybmr.dad/k/pageSignQR-Cm4CWvFV.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Express Resource Hash eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4 Security Headers Name Value X-Frame-Options deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://madebybmr.dad/k/?tgWebAppStartParam=7857930626 Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"6715c9c0-42d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oHJ3puepdUWaAKMhJCO4E6NBZjN2T7ADYdFoWRBzzadZ%2BZEpsq9LGs0hS%2F%2B4ZOlBDgZfAmqtjeCzUumGgK1uyYcBdJO%2B3mPcMMN39xHLgffP9r0xT3M3pPVcDu5zpP0rvk0e44nUr%2F5cDbTN"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 01:08:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3402&sent=590&recv=132&lost=44&retrans=44&sent_bytes=669713&recv_bytes=16393&delivery_rate=7237165&cwnd=146160&unsent_bytes=0&cid=9924e14c5fc6dd33&ts=4273&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 00:08:00 GMT content-type image/svg+xml last-modified Mon, 21 Oct 2024 03:25:52 GMT vary Accept-Encoding x-frame-options deny cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e22c3b9898a4205-EWR x-powered-by Express server cloudflare
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

madebybmr.dad

URL

https://madebybmr.dad/k/mtproto.worker-BC5Qgnym.js?tgWebAppStartParam=7857930626

Domain

madebybmr.dad

URL

https://madebybmr.dad/k/crypto.worker-CfCshcpI.js?tgWebAppStartParam=7857930626

Domain

madebybmr.dad

URL

blob:https://madebybmr.dad/5b783f31-ccf7-46b8-8685-0161a1824539

Domain

madebybmr.dad

URL

blob:https://madebybmr.dad/e3bf42d4-4da1-4149-963e-a4497dfaf870

Domain

madebybmr.dad

URL

blob:https://madebybmr.dad/30e90063-e38c-42b5-a1b3-a4fc1f8c7b6e

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Telegram function| TelegramGameProxy_receiveEvent object| TelegramGameProxy function| getUrlParameter function| un object| rootScope function| deferredPromise function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| appNavigationController object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes object| customProperties object| windowSize object| liteMode object| themeController object| overlayCounter function| formatDateAccordingToTodayNew function| fillTipDates function| dispatchHeavyAnimationEvent object| pagesManager object| sequentialDom function| putPreloader

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://madebybmr.dad/k/?tgWebAppStartParam=7857930626 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0901D000C110000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

madebybmr.dad
telegram.org
madebybmr.dad
2001:67c:4e8:f004::9
2606:4700:3034::6815:87b
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
121abedb8bfb5dc8b38cfbd02d77fcd6c99d8f6a8daf5eaedc8736c7405674e0
2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4
3098de316b3ba57b17f0f30afc89e0ba01fdf182bbedec1eb55c6251ac2cd19e
384413ba3804a6c0660d0a4607d9812775b806cc1ca386b22dba0bf7595e68ce
3c196730859a0697dddf181d1a9032adbbe3142198e14eeb3adc3f37912d2fef
4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896
63c8295829e813ca39b841ff1e8660061c51cbeaa866dc1a3770d8b7ae98ce5a
6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae
68ca75afdb969072fc8ac3bb2aa5f074900217f33ec9c8899d1138236243f282
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48
88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998
bab7882b18cbc816b7c8d4d3225ff40c8e57a8a8b99a09750310ed44fade0146
c9ed72c74273f0126b7951198d470e60b252c74c455448df207bdc7c1903f95b
cc0ef11d935a100c3bf8145b2dd16ba91d6c9a88958be5e0e4fc4cac19230d5d
db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4