Submitted URL: https://web2.tlgrm.eu/
Effective URL: https://web.tlgrm.app/
Submission: On April 17 via api from BY — Scanned from NL

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 23 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is web.tlgrm.app.
TLS certificate: Issued by E1 on April 16th 2024. Valid for: 3 months.
This is the only time web.tlgrm.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.96.3 13335 (CLOUDFLAR...)
17 188.114.97.3 13335 (CLOUDFLAR...)
1 2 2a02:6b8::1:119 13238 (YANDEX)
2 2001:67c:4e8:... 62041 (TELEGRAM)
23 4
Apex Domain
Subdomains
Transfer
17 tlgrm.app
web.tlgrm.app
530 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4409
1 KB
1 telegram.me
telegram.me — Cisco Umbrella Rank: 41616
359 B
1 t.me
t.me — Cisco Umbrella Rank: 18314
359 B
1 tlgrm.eu
web2.tlgrm.eu
462 B
23 5
Domain Requested by
17 web.tlgrm.app web.tlgrm.app
2 mc.yandex.ru 1 redirects web.tlgrm.app
1 telegram.me web.tlgrm.app
1 t.me web.tlgrm.app
1 web2.tlgrm.eu 1 redirects
23 5

This site contains no links.

Subject Issuer Validity Valid
web.tlgrm.app
E1
2024-04-16 -
2024-07-15
3 months crt.sh
*.t.me
Go Daddy Secure Certificate Authority - G2
2023-10-06 -
2024-11-06
a year crt.sh
*.telegram.me
Go Daddy Secure Certificate Authority - G2
2023-09-20 -
2024-10-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://web.tlgrm.app/
Frame ID: B0F8775499269683643A6C0686EF5F32
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

Telegram

Page URL History Show full URLs

  1. https://web2.tlgrm.eu/ HTTP 301
    https://web.tlgrm.app/ Page URL

Page Statistics

23
Requests

83 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

531 kB
Transfer

1129 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://web2.tlgrm.eu/ HTTP 301
    https://web.tlgrm.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://mc.yandex.ru/watch/50921747 HTTP 302
  • https://mc.yandex.ru/watch/50921747/1?redirnss=1

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
web.tlgrm.app/
Redirect Chain
  • https://web2.tlgrm.eu/
  • https://web.tlgrm.app/
3 KB
2 KB
Document
General
Full URL
https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c1ef9cd9fdb434037819e232b667c7d68a52ca118f05777ebaa1241b0511db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
875839505fc19f78-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 00:16:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4ilA%2BxF5Xvo%2FL4LJpSRCudzuJSY6bo27YI1k6r1lHxszIgcTENWtsec9ROtHy9T72YAG0BZoNDgQnJ83SOJoHOYwwMMIlg6P8BJScmUFY%2Biu6LKIP1OKr2jVw6na9SO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8758394ffa2fb966-AMS
date
Wed, 17 Apr 2024 00:15:59 GMT
expires
Wed, 17 Apr 2024 01:15:59 GMT
location
https://web.tlgrm.app
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CabWcz7fD9bFC9fvbu7AAXjC%2FbUQbSpqJJDbzJ5h5fJ7GVEG249JHqmCtoQhbDRDBs2OJ5BcdYKlvfOrF1gEGIjDQYPUgd0riY1pto4VR25XdsPtuTk2SZkWbNevvPx%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
redirect.js
web.tlgrm.app/
325 B
677 B
Script
General
Full URL
https://web.tlgrm.app/redirect.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5321
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"5290fd99debbfcd7ffac7bafdfc4fcc4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2S8OVZ6Q9%2BpHTqF4GsxdDwBi%2FrOCAjS2ME7ndemIm7LoJY0n6hqilSnI3sZnG3H6fYyycwHM73BJ4pNKFxm7%2BLHaE9LB%2FjlRoEQYSmOuOxRkCyOnfLKuT%2BE3N39k%2FbI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87583950d80e9f78-AMS
main.d9ab5788a4b75c69716d.js
web.tlgrm.app/
378 KB
126 KB
Script
General
Full URL
https://web.tlgrm.app/main.d9ab5788a4b75c69716d.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfcf00e1e44b7b609f21dfc4e50f7c2d0046ef7222e8d7b1d7daede6cfc2be9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"12083a653c603869f664de99401fdd4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aF5jr2fs0E1D9kHLTZGJ0NUXsJDnu9f1sGjVtyi1gFAocjPMlYH3rihtA%2BITgxW9V5spE7hOm2Et3YNjLD0DGJgWFjtE7yx9opm9uMY03H2gxz49HyDOy7kHn%2Fv1QylR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8758395108289f78-AMS
main.5e926e53b804308de57b.css
web.tlgrm.app/
107 KB
22 KB
Stylesheet
General
Full URL
https://web.tlgrm.app/main.5e926e53b804308de57b.css
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa33cc81ea838c2ceeb56b8c468958a65bba68579310ea7971d8f021bac397f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3868
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2d29fbfacc0126dfde31517469da2e21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ue9L4WOZ%2BTraWRVziVnBYA3u6K4USLrgxplMBVqT8d5rvgobPsVqGOQ9jM2i2JxEiYJW6aYpb%2BUsPrwGzAUgJgXc1IKhBKAiP1FXK5zoKr9hOZqASJsNLM00FzST6vFL"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8758395108299f78-AMS
compatTest.js
web.tlgrm.app/
2 KB
1 KB
Script
General
Full URL
https://web.tlgrm.app/compatTest.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c6b05f0b138dddb5711fdb998be90abf8093e271085bda6448bd6bc72c95d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4579
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7c48263eed82897ab4fcf6ded4f63318"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ipd3G%2FSxMDGpMlQV1Dl8gBTP716qYoTxAshfh5eBiqYB7YTworgF7UO9gTFBo%2BNjLExfYDVAviMRIUCMo6AoGAO6Twph3mOp8iyi9X7nEv%2BAR3a6H1n6jjo6EEskQwlJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87583951082a9f78-AMS
1
mc.yandex.ru/watch/50921747/
Redirect Chain
  • https://mc.yandex.ru/watch/50921747
  • https://mc.yandex.ru/watch/50921747/1?redirnss=1
43 B
93 B
Image
General
Full URL
https://mc.yandex.ru/watch/50921747/1?redirnss=1
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://web.tlgrm.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 00:16:00 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 17-Apr-2024 00:16:00 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 17-Apr-2024 00:16:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Apr 2024 00:16:00 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 17-Apr-2024 00:16:00 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/50921747/1?redirnss=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Wed, 17-Apr-2024 00:16:00 GMT
1915.44f46b9209d4c21e2dae.js
web.tlgrm.app/
18 KB
7 KB
Script
General
Full URL
https://web.tlgrm.app/1915.44f46b9209d4c21e2dae.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/main.d9ab5788a4b75c69716d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
166b9c140da17864486aaa8e6d53ad4169ffaac1b2101c73680550f9331c926f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e3f8b7d4b627a2a6d6b26f1ff82c07d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPeCuCMJjuHIE%2BElLidKKWhOMZVJauOoEgSmxihagd4632lmbfaEeooPtHgFMj5xvxgppHZPb6X9iOei31IrDrDQ8WD1Vsl%2BT%2Fb5qDhz6HJBbBqARDsqhxN6phIn8vNj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87583951c8929f78-AMS
chat-bg-br.f34cc96fbfb048812820.png
web.tlgrm.app/
2 KB
2 KB
Image
General
Full URL
https://web.tlgrm.app/chat-bg-br.f34cc96fbfb048812820.png
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/main.5e926e53b804308de57b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3151f7930d821bccf4a76cbbe4a3533e2b56bdff696f260c864ab639ac7526ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/main.5e926e53b804308de57b.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5948
alt-svc
h3=":443"; ma=86400
content-length
1920
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"b44cd1d1a18ff5f302ca64f29cca3b27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAcx80gTPy3AegHg%2BNA9nCtYwOR%2BzJSXKabl0rYf2sOrbliGVjZMPGOl56H4ZcVz2wMx0BkMYHHxuAtmTPWwb4lMWKsJmTr9t84ovu0EitpA9Xw%2BTO6tF%2Bk39M75pNTG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87583951c8949f78-AMS
chat-bg-pattern-light.ee148af944f6580293ae.png
web.tlgrm.app/
266 KB
267 KB
Image
General
Full URL
https://web.tlgrm.app/chat-bg-pattern-light.ee148af944f6580293ae.png
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/main.5e926e53b804308de57b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00745db819d91c37bf0f59bee00ab2efe9766fddcb726ff1bcb6847748b2bbc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/main.5e926e53b804308de57b.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5948
alt-svc
h3=":443"; ma=86400
content-length
272875
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"7ecd785f0675960e25e3acfe969d5e78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICBmOK9B8qpjCWOzANuyCGDJz2QUK7VxVtNSCRaBa8qOxNuCFO6NuLuuHI0xQDrYXNcl%2BPbEzwSx%2Bjrvh2hmqGmaTD0F8tn%2B3h4Vq7LfwGvLXJrwawaXx4StDrp5CuSn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87583951c8969f78-AMS
truncated
/
307 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e253d3f513bbf831c7e7da3e513cf8d4177f7f398c1fad87809d393a58c1697

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
notification.mp3
web.tlgrm.app/
11 KB
11 KB
Media
General
Full URL
https://web.tlgrm.app/notification.mp3
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://web.tlgrm.app/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5947
Content-Range
bytes 0-10879/10880
alt-svc
h3=":443"; ma=86400
Content-Length
10880
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"0a92cb1fe03590e956b4e206001f1a3b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MaGi6w6%2FxefvM5S5qQwqLc8cQEB7Bvq7gRcsqUd5WgJ%2F1zwo%2FgnmuT0uAcSY8usJBrsJHCku%2FT8b35dkN%2FuK2%2Btx%2BA%2Bzq1%2B4HczhvD9yi2Wpx%2FDoVKKnzSDK0OCfGvj3"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87583951d89c9f78-AMS
_websync_
t.me/
4 B
359 B
Script
General
Full URL
https://t.me/_websync_?authed=0&version=10.9.2+A
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/main.d9ab5788a4b75c69716d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
application/json; charset=utf-8
cache-control
no-store
content-length
24
_websync_
telegram.me/
4 B
359 B
Script
General
Full URL
https://telegram.me/_websync_?authed=0&version=10.9.2+A
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/main.d9ab5788a4b75c69716d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
application/json; charset=utf-8
cache-control
no-store
content-length
24
6839.01a53cbedf5d86d252ec.js
web.tlgrm.app/
45 KB
14 KB
Script
General
Full URL
https://web.tlgrm.app/6839.01a53cbedf5d86d252ec.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/main.d9ab5788a4b75c69716d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f693fccbb0f64594079d492db05d3bced69a6c6cab7514d4b78733570fd592a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6447
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f9d559c9090621ddd9f396e9b47b31d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jdGLGL%2BRlDt0YtQhxJwgpzP0u3jJoXfckPDcKZ1FvFEyntWBAxSv2N0cT2NrD%2FqD87OheCznAjPXK0zT6yAUjgn31bJLnbDPP4wztf8WDKEygpqq%2Bxu5LjU4SUBgNaV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87583951d89e9f78-AMS
3748.9a383b0e9475cf32f44c.js
web.tlgrm.app/
10 KB
4 KB
Script
General
Full URL
https://web.tlgrm.app/3748.9a383b0e9475cf32f44c.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/main.d9ab5788a4b75c69716d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6c86a1141d40dab302db38ed85bec50cafd6e0d01b96d7d29688132f5bca051
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
109
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e254c7743e1f6bf89b9afc65a9c3d504"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybStsAkN9%2FrRx0VHUF%2BFOKYijFMD7v6ypa7mydZusfTdMBcyWMxEONG3Fd%2FrLgbzLahvyNYrqZr1PEwOV3Q7kNa4FxGP38CFwcxGdEZOp34jXwOjbzqt9FiOjTd6FWP%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87583951d89f9f78-AMS
4680.576825f543555dd2467c.js
web.tlgrm.app/
10 KB
5 KB
Other
General
Full URL
https://web.tlgrm.app/4680.576825f543555dd2467c.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64fe7500375590eb939625390955f9add6a8a0405db5976cb2b3bcbdb513b7b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
109
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"df0d291e2ecd442eb139be9d8cfd7700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfvDxiqBzv1Ax6gRFIXOQCfzhJVJdViDMShtYdeEKT33CkiDtGre%2BBJDGq8FcXFiCWYDEHWaM%2FczrsOk4JDuJb%2FMdnsXAueaoEcp9B8eX5E%2B6UkQQuhZzHG%2ByqTiP4bT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8758395238d39f78-AMS
4680.576825f543555dd2467c.js
web.tlgrm.app/
10 KB
0
Other
General
Full URL
https://web.tlgrm.app/4680.576825f543555dd2467c.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64fe7500375590eb939625390955f9add6a8a0405db5976cb2b3bcbdb513b7b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
109
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"df0d291e2ecd442eb139be9d8cfd7700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfvDxiqBzv1Ax6gRFIXOQCfzhJVJdViDMShtYdeEKT33CkiDtGre%2BBJDGq8FcXFiCWYDEHWaM%2FczrsOk4JDuJb%2FMdnsXAueaoEcp9B8eX5E%2B6UkQQuhZzHG%2ByqTiP4bT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8758395238d39f78-AMS
4680.576825f543555dd2467c.js
web.tlgrm.app/
10 KB
0
Other
General
Full URL
https://web.tlgrm.app/4680.576825f543555dd2467c.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64fe7500375590eb939625390955f9add6a8a0405db5976cb2b3bcbdb513b7b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
109
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"df0d291e2ecd442eb139be9d8cfd7700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfvDxiqBzv1Ax6gRFIXOQCfzhJVJdViDMShtYdeEKT33CkiDtGre%2BBJDGq8FcXFiCWYDEHWaM%2FczrsOk4JDuJb%2FMdnsXAueaoEcp9B8eX5E%2B6UkQQuhZzHG%2ByqTiP4bT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8758395238d39f78-AMS
4680.576825f543555dd2467c.js
web.tlgrm.app/
10 KB
0
Other
General
Full URL
https://web.tlgrm.app/4680.576825f543555dd2467c.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64fe7500375590eb939625390955f9add6a8a0405db5976cb2b3bcbdb513b7b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
109
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"df0d291e2ecd442eb139be9d8cfd7700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfvDxiqBzv1Ax6gRFIXOQCfzhJVJdViDMShtYdeEKT33CkiDtGre%2BBJDGq8FcXFiCWYDEHWaM%2FczrsOk4JDuJb%2FMdnsXAueaoEcp9B8eX5E%2B6UkQQuhZzHG%2ByqTiP4bT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8758395238d39f78-AMS
2385.6f0f83ec9f68bc8de538.js
web.tlgrm.app/
244 KB
66 KB
Other
General
Full URL
https://web.tlgrm.app/2385.6f0f83ec9f68bc8de538.js
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26002839ead2c635db49680c1899ecffbb53edc20ed340da5b0f7887461bcdd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4359
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7aaab73d27503c7e51f6ba0e782f840d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RO3KU%2FfLARl8%2BFbYgM9HP%2Fksv8sNTMYfqdgpzd8YnjyIpS1M7ja9tCh6pawJyAF5xptIZSYqDVHczsR2%2BpQtrwELE1D0kOtnvtaIwFFzMk2nQTkAK3pduzAWZt52HRZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8758395258e79f78-AMS
favicon.ico
web.tlgrm.app/
2 KB
3 KB
Other
General
Full URL
https://web.tlgrm.app/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1febffd3eff2163fb038f9778c06f6def451560adabff5ee04de2a269269e9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
778
alt-svc
h3=":443"; ma=86400
content-length
2409
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"20ebfb2705e6f750b7159941e85a426f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9KvKUAE6ilH2HGe6pR%2BbpFYgrH90AiaMDqZBrUmFnNjJ%2BRQC3YQTGyXGZfSK%2FvVAP%2BTYAKOWlTtI3m%2FcJrg7jE5gvYSYbTjN3xkgOoiTTHaeqqa3CI609pg3xSmEAQp"}],"group":"cf-nel","max_age":604800}
content-type
null
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8758395359a59f78-AMS
blank.8dd283bceccca95a48d8.png
web.tlgrm.app/
68 B
0
Image
General
Full URL
https://web.tlgrm.app/blank.8dd283bceccca95a48d8.png
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111
alt-svc
h3=":443"; ma=86400
content-length
68
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"ef2020b9b3ec6bc4c4c60d36848b22cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU4CHLZh%2BO45t4IuS9woJVHsxwZTSN21PgbNVt%2Fs5d5%2FpAmY98WuHcrkjzKDyGjNqiAhFqlCVVjSd6aAZSvrbgQIzcPKtecIJEUnKSkMrPqOXc76sfjw2CkWbJQDdzat"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8758395e78699f78-AMS
blank.8dd283bceccca95a48d8.png
web.tlgrm.app/
0
0
Fetch
General
Full URL
https://web.tlgrm.app/blank.8dd283bceccca95a48d8.png
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/6839.01a53cbedf5d86d252ec.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111
alt-svc
h3=":443"; ma=86400
content-length
68
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"ef2020b9b3ec6bc4c4c60d36848b22cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU4CHLZh%2BO45t4IuS9woJVHsxwZTSN21PgbNVt%2Fs5d5%2FpAmY98WuHcrkjzKDyGjNqiAhFqlCVVjSd6aAZSvrbgQIzcPKtecIJEUnKSkMrPqOXc76sfjw2CkWbJQDdzat"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8758395e78699f78-AMS
blank.8dd283bceccca95a48d8.png
web.tlgrm.app/
0
0
Fetch
General
Full URL
https://web.tlgrm.app/blank.8dd283bceccca95a48d8.png
Requested by
Host: web.tlgrm.app
URL: https://web.tlgrm.app/6839.01a53cbedf5d86d252ec.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://web.tlgrm.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:16:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111
alt-svc
h3=":443"; ma=86400
content-length
68
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"ef2020b9b3ec6bc4c4c60d36848b22cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU4CHLZh%2BO45t4IuS9woJVHsxwZTSN21PgbNVt%2Fs5d5%2FpAmY98WuHcrkjzKDyGjNqiAhFqlCVVjSd6aAZSvrbgQIzcPKtecIJEUnKSkMrPqOXc76sfjw2CkWbJQDdzat"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8758395e78699f78-AMS
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| compatTest boolean| isCompatTestPassed object| webpackChunktelegram_t

8 Cookies

Domain/Path Name / Value
mc.yandex.ru/ Name: yabs-sid
Value: 1575142211713312960
.yandex.ru/ Name: i
Value: cJ5YZZIXdhvjDGS4zR6+cMiOvvs7PaSMCtHJQan9qDVUYwzRyKp13ov+2lvjveqg6KCDMn2VPDwNEy+EQJMblsKkbr0=
.yandex.ru/ Name: yandexuid
Value: 5959882181713312960
.yandex.ru/ Name: yuidss
Value: 5959882181713312960
.yandex.ru/ Name: ymex
Value: 1744848960.yrts.1713312960#1744848960.yrtsi.1713312960
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
mc.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==

18 Console Messages

Source Level URL
Text
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://web.tlgrm.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mc.yandex.ru
t.me
telegram.me
web.tlgrm.app
web2.tlgrm.eu
188.114.96.3
188.114.97.3
2001:67c:4e8:f004::9
2a02:6b8::1:119
00745db819d91c37bf0f59bee00ab2efe9766fddcb726ff1bcb6847748b2bbc7
0aa33cc81ea838c2ceeb56b8c468958a65bba68579310ea7971d8f021bac397f
15c1ef9cd9fdb434037819e232b667c7d68a52ca118f05777ebaa1241b0511db
166b9c140da17864486aaa8e6d53ad4169ffaac1b2101c73680550f9331c926f
1e253d3f513bbf831c7e7da3e513cf8d4177f7f398c1fad87809d393a58c1697
22c6b05f0b138dddb5711fdb998be90abf8093e271085bda6448bd6bc72c95d2
26002839ead2c635db49680c1899ecffbb53edc20ed340da5b0f7887461bcdd1
3151f7930d821bccf4a76cbbe4a3533e2b56bdff696f260c864ab639ac7526ea
375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6c86a1141d40dab302db38ed85bec50cafd6e0d01b96d7d29688132f5bca051
bfcf00e1e44b7b609f21dfc4e50f7c2d0046ef7222e8d7b1d7daede6cfc2be9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64fe7500375590eb939625390955f9add6a8a0405db5976cb2b3bcbdb513b7b
f1febffd3eff2163fb038f9778c06f6def451560adabff5ee04de2a269269e9e
f693fccbb0f64594079d492db05d3bced69a6c6cab7514d4b78733570fd592a1