tg.6af403a09ca3.com Open in urlscan Pro
2606:4700:3036::6815:12c4  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response tg.6af403a09ca3.com/	21 KB 5 KB	235ms 105ms	Document text/html	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78b18957e2ae3c0b6ca099e12a4f80b8dbefc8e2e22cd94a273b778fff624a7a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * age 0 alt-svc h3=":443"; ma=86400 cache-control max-age=600 cf-cache-status DYNAMIC cf-ray 853d8a751a9f5c5f-MIA content-encoding br content-type text/html; charset=utf-8 date Sun, 11 Feb 2024 15:14:19 GMT expires Sun, 11 Feb 2024 15:24:19 GMT last-modified Sun, 11 Feb 2024 03:03:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahrzlIobeluNvhtYeFxHw5hkVFLTSddiQbH9h3Yq5wlogk8wVBlXOfaDxpj0PIBp9vzlmgArU8a6RypPWmsS6LWImIJKPc2SYjET7cefVnGLvu7NGh4K%2BIsdnXPvWXiKfskNIDnwSF%2Bu%2BuxaaLwB1z62"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-content-type-options nosniff x-fastly-request-id 9e21c5d707813a2cbdd82fdfdaeea0c3a38f063f x-github-request-id BFFC:2715:20AAF2F:2C899B3:65C8E449 x-proxy-cache MISS x-served-by cache-mia-kmia1760067-MIA x-timer S1707664459.082250,VS0,VE39
GET H2	200	bootstrap.min.css tg.6af403a09ca3.com/index_files/	54 KB 10 KB	683ms 677ms	Stylesheet text/css	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg.6af403a09ca3.com/index_files/bootstrap.min.css Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c70e78498b2cb4df42175a51a7e44fd6355a3a272926305bef5fb19eb8447f19 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id 92cad2ced9230a4fcae66e568de800c37a25fd79 date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:19 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br x-cache MISS x-proxy-cache MISS alt-svc h3=":443"; ma=86400 x-served-by cache-ams21049-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id F5F6:40327:5068B3A:522BD11:65C83966 x-timer S1707620711.397453,VS0,VE118 etag W/"65c838f2-d74e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZ2zCxS8zFXWgb7trQsh6xAjyOZxZ%2BtLtEQ6m2C7Jf%2FTtJzEVcTprf8241nr%2Fpzc4DcWYJhcdW%2FtKjCx1o4Kfa1S8%2FeSdrKuSeQ84W1cDJPs0vKoe%2B1NIwqCgwHzSysEutFJyjCwhKgb2qo0HmzMejaq"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 x-origin-cache HIT cf-ray 853d8a75cbab5c5f-MIA x-cache-hits 0
GET H2	200	telegram.css tg.6af403a09ca3.com/index_files/	98 KB 23 KB	325ms 319ms	Stylesheet text/css	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg.6af403a09ca3.com/index_files/telegram.css Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9b070c84766545ca795ef54e06ed6f8b54ed8915ab464a46135bfd0fb09d7a6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id a2fbdf1c4bc2c765370ea381b9583e5575cb2148 date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload expires Sun, 11 Feb 2024 15:24:19 GMT cf-polished origSize=125560 content-encoding br x-cache MISS x-cache-hits 0 alt-svc h3=":443"; ma=86400 x-served-by cache-ams21081-AMS cf-bgj minify last-modified Sun, 11 Feb 2024 03:03:14 GMT x-github-request-id AACC:6B52F:511E82F:52E1AA5:65C83966 x-timer S1707620711.969416,VS0,VE123 server cloudflare etag W/"65c838f2-1ea78" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FCO6NAQvyRPZJgyEf%2F6iMKJlayhoGnG5%2B5aPpNTpehAjls0CSz6R6dqpES6b8GUxJf2VPt7UjKKwXFKgO%2FU5y6OIrvpXrho349xjttGJ7yWwzVR4ZKCnUOIX%2FHnU53mBkXH0l0X5m8yWpNwjzR39lPv"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 853d8a75cbad5c5f-MIA x-proxy-cache MISS
GET		styles.ef46db3751d8e999.css tg.6af403a09ca3.com/index_files/	0 0
GET H2	200	d_why_1.gif tg.6af403a09ca3.com/index_files/	2 MB 2 MB	428ms 422ms	Image image/gif	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/index_files/d_why_1.gif Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id e2420bcbbe602895fb29d33e95c854caa1274e1a date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:19 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 2415534 x-served-by cache-ams21028-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id 5A3A:3FB870:52EA340:54AC9E9:65C83966 x-timer S1707620711.398224,VS0,VE289 etag "65c838f2-24dbae" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeC4njBwlAEWkhGwotknRyI2jxsERZP7UZMgAHsDsZ0qXvYumkeuXgDndFtI%2BqYuLMwyMX4kkJ8%2FqS%2BYb210WcHwkzGHCVJAZQDF7638nTAalxABsAUvKx%2FOhGoLtU8sml1yrcKBMpQADysTnpmfQLDB"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-origin-cache HIT cf-ray 853d8a75cbb05c5f-MIA x-cache-hits 0
GET H2	200	d_why_2.gif tg.6af403a09ca3.com/index_files/	2 MB 2 MB	367ms 361ms	Image image/gif	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/index_files/d_why_2.gif Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8250de71d10600c25e46fcd67c0d144434ed460d98a236773eddc3bd81043b3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id 06317499e6e9b797a49697ba32f493a314bdedd1 date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:19 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 2129829 x-served-by cache-ams21025-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id A5E2:6B52F:511E834:52E1AA8:65C83966 x-timer S1707620711.976320,VS0,VE165 etag "65c838f2-207fa5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6hLipDbdbwzM7yiy1BZngAWRBYmgn2Q3sQmfoUCbKAoS0cYROCkYZQDKGpi%2FLpgcvA2feqeo3JjGU2W%2BljofKKx4t19RBh%2F5oiBDM0Y6X%2BBfJXBlqXHJ81GkID3gS9w%2FXvptf8pEhWhXlD796gktCkM"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 853d8a75cbb15c5f-MIA x-cache-hits 0
GET H2	200	d_why_3.gif tg.6af403a09ca3.com/index_files/	2 MB 2 MB	367ms 361ms	Image image/gif	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/index_files/d_why_3.gif Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id 50febbcf013442281fcb67ee0b97dfafc7ec20f5 date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:19 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 2254846 x-served-by cache-ams21043-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id C842:3773CA:2DD0645:2ECFF1A:65C83966 x-timer S1707620711.974209,VS0,VE152 etag "65c838f2-2267fe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1v9nI90eyJBOQd3kGXpMWknUNiPqBRYkUGJrgtkoGH4lh5J%2BiP53BygFvfW8OW9QWCBWCyhVN0BAXsyWGXfrq7dG%2F0jRVUA7iTrnBhVcNpicdkAXkhvhjBLOmbtAOanMyOUeQdRBGfyGR5fETe9Afr6"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 853d8a75dbb55c5f-MIA x-cache-hits 0
GET H2	200	d_why_4.gif tg.6af403a09ca3.com/index_files/	3 MB 3 MB	425ms 420ms	Image image/gif	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/index_files/d_why_4.gif Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id 569b53edf81fd9e5666e779698f98a56e8a8ec92 date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:19 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 3422486 x-served-by cache-ams21051-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id E7A2:6B52F:511E834:52E1AA9:65C83966 x-timer S1707620711.979838,VS0,VE319 etag "65c838f2-343916" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ihpzZH9pgVSc3PvT8DivyMQFPJc6t8GYYPUvcbV244%2BBZDEq5ZocnmpYWVrsy1ZfxcdkM%2BH1xQiRzQNyHkuR5DafjtL99rx3DZfLWgjy3L4vGiYXdMahnd%2BsPEbBB9zfKHDnSDnxcMHX%2FIkP4hYoAD8"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 853d8a75dbb75c5f-MIA x-cache-hits 0
GET H2	200	d_why_5.gif tg.6af403a09ca3.com/index_files/	2 MB 2 MB	332ms 327ms	Image image/gif	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/index_files/d_why_5.gif Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id b5fb7dbfa728b0b183b9b76416e2ba29ce597db4 date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:19 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 2002471 x-served-by cache-ams21051-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id ED90:2A24A8:4F74BB8:512F7E1:65C83966 x-timer S1707620711.979705,VS0,VE681 etag "65c838f2-1e8e27" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqWxSiBKJPoR%2BIfP7iCQnX2kUHH7Icx6wg7qwa8d42e5lxFgzbGWYNmCEMHREArSeMRTf2rDJF2zWzv0jk7r%2FIjpMNz1N3oN5alQxrxeKOzlvG5htchOntChYCvxieonMaU%2BuMrWEtL4X4oLErDlydfc"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 853d8a75dbbb5c5f-MIA x-cache-hits 0
GET H2	200	d_why_6.gif tg.6af403a09ca3.com/index_files/	2 MB 2 MB	984ms 979ms	Image image/gif	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/index_files/d_why_6.gif Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id e1f981ffbfac7e682304e4bfe544f75f24981d17 date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:19 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 2424803 x-served-by cache-ams21056-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id 457C:35A12D:37EF0C9:391DCC3:65C83962 x-timer S1707620711.976046,VS0,VE223 etag "65c838f2-24ffe3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FU6OYyXpH5Sbwri4jkKIwnTLmN6QJlMF9zsbkBaozupQFgkXU%2BbWC52FiQzKamLGT%2F97xOYRPo0sZc3e9cuPnFVLwT591axHB%2BiTkOZ7yWU2gg%2BKjWNJAn3uGWepWZRrEPpMXCTiF5N%2BUhiCsmoShaP"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-origin-cache HIT cf-ray 853d8a75dbbd5c5f-MIA x-cache-hits 0
GET H2	200	d_why_7.gif tg.6af403a09ca3.com/index_files/	3 MB 3 MB	445ms 441ms	Image image/gif	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/index_files/d_why_7.gif Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id e17d7c292cb46b38526ca2082fbbfebb051f6e5d date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:19 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 3327196 x-served-by cache-ams21045-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id 428C:0E80:2D8D939:2E8659E:65C83966 x-timer S1707620711.973512,VS0,VE399 etag "65c838f2-32c4dc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJXzQvdC7PU7jDP0aPEXHxCx6L6ppSlf50LnBTTAbD3mdF0nVBhJIt%2BBxLsl9xpLitR%2FiBEip0%2BYFPLlRKnGZFwR4zoS2Ce7wEhOjtIkuBf%2B0gNawtR4%2BbOGvcqrzoUnu2tCenXcr4Am8xEfZ2DV6d%2F%2F"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 853d8a75dbbe5c5f-MIA x-cache-hits 0
GET H2	200	d_why_8.gif tg.6af403a09ca3.com/index_files/	3 MB 3 MB	425ms 421ms	Image image/gif	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/index_files/d_why_8.gif Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id fdd156fbd79bcd79d19d2d23626f3f85f99acfd8 date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:19 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 2700330 x-served-by cache-ams21036-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id 84F0:0E80:2D8D93C:2E8659F:65C83966 x-timer S1707620711.000072,VS0,VE487 etag "65c838f2-29342a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlIZTZroFOcGdtKb5%2BI%2F7a4tMBuBSymn0sINO2lQO3zJjMATf9SZxyGC5C69yLLabqPQZKxBaQEtCBLS%2Bmjfrp7oimJQDrPOjHL%2FODN39A83omvl%2Fpfv4DI6uVbY6rCzZTZ5N%2Fb5I5lKwLvsdoR1%2FnjB"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-origin-cache HIT cf-ray 853d8a760bf75c5f-MIA x-cache-hits 0
GET H2	200	d_why_9.gif tg.6af403a09ca3.com/index_files/	3 MB 3 MB	980ms 975ms	Image image/gif	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/index_files/d_why_9.gif Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id beb1d14754ced483a7c9680cf8a63445b38b8636 date Sun, 11 Feb 2024 15:14:19 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:19 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 3145277 x-served-by cache-ams21026-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id 1B46:40327:5068AFA:522BCDE:65C83964 x-timer S1707620711.008005,VS0,VE217 etag "65c838f2-2ffe3d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIcoQUpruG3eZeXU6rve9sFTRzn7IUUo5odQdomaB7%2B6y8k1mW6VJ8shjzdHbhij%2Fhcig02bNQFA61ghniOMDzsDVMUyYopp8fZshNlg%2FIAEW4Rc7AyQOnhq%2BCYiX%2Ff3cqKp%2BevfUIbKzBw3ivLIJ3VH"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-origin-cache HIT cf-ray 853d8a760bfd5c5f-MIA x-cache-hits 0
GET H2	200	rocket-loader.min.js Show response tg.6af403a09ca3.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	69ms 65ms	Script application/javascript	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg.6af403a09ca3.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 15:14:19 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff last-modified Wed, 07 Feb 2024 16:52:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding gzip etag W/"65c3b54b-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbq%2FL7Ltt6SI3SrJ6Q1IazMe8%2BmXesrmdD9F%2BO3sBFRdF2rxyef4Xore0Ob7k5Ie7kZvnA3Bg3flRYigVaR%2BGqR8eDGIHFzAjMx141WaUId8%2B3biFNhoPNplwPW0GG4KHf58cj7FIDkTpgj300n%2FWgeu"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 853d8a760c005c5f-MIA expires Tue, 13 Feb 2024 15:14:19 GMT
GET H3	200	twitter.png tg.6af403a09ca3.com/img/	1 KB 2 KB	296ms 296ms	Image image/png	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/img/twitter.png Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/index_files/telegram.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/index_files/telegram.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id 3aeb34aca3b9f1f27653e33f74d83dc948bf31bf date Sun, 11 Feb 2024 15:14:20 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:20 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 1272 x-served-by cache-ams21060-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id 7D2C:FE42:545D121:561FEE7:65C8396B x-timer S1707620716.589996,VS0,VE115 etag "65c838f2-4f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxQ7xUJqeIofYRRh%2FhRFbvN1hk5LDrGr7Lm1z5Mn4SZXFDt4PcUxwzu4i0MBRDoBvTav%2B4co%2BuOJGznvHcTYmMoCLXZvKT%2FUHVvAbiZt%2BMhRFpB8bTImMnFCg7uHqeupGwV15NhdRXrj87SYHBGzpkRn"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-origin-cache HIT cf-ray 853d8a7a2d0eda57-MIA x-cache-hits 0
GET H2	200	t_logo.png telegram.org/img/	11 KB 11 KB	687ms 143ms	Image image/png	2001:67c:4e8:f004::9 TELEGRAM
General Check archive.org Show headers Download Go to Show image Full URL https://telegram.org/img/t_logo.png Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash 88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9 Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 15:14:20 GMT last-modified Sat, 09 May 2020 18:58:54 GMT server nginx/1.18.0 etag "5eb6fd6e-2cb9" content-type image/png access-control-allow-origin * cache-control max-age=345600 accept-ranges bytes content-length 11449 expires Thu, 15 Feb 2024 15:14:20 GMT
GET H3	200	SiteDesktop.jpg tg.6af403a09ca3.com/img/	95 KB 96 KB	312ms 311ms	Image image/jpeg	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tg.6af403a09ca3.com/img/SiteDesktop.jpg?2 Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/index_files/telegram.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d47030d555e1765171c05b57ed755744d6051364674efbd99a98df9ec7fa9cd Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/index_files/telegram.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id baea20f49f11fe20605ae2eafdeabdac45003fb7 date Sun, 11 Feb 2024 15:14:20 GMT via 1.1 varnish x-content-type-options nosniff expires Sun, 11 Feb 2024 15:24:20 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 97628 x-served-by cache-ams21058-AMS last-modified Sun, 11 Feb 2024 03:03:14 GMT server cloudflare x-github-request-id EAFE:2A24A8:4F74EE8:512FB30:65C8396A x-timer S1707620716.609374,VS0,VE118 etag "65c838f2-17d5c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFeKpJKqUdtsKPgrl7QAasmG5aMCe%2BeipZ%2F8W9OvNR6XtHKrvMBTBQq4g6QH7XkF5jtJnYf%2F6LGhPdhoLbuxRUYV2pqZNeIM3%2B3jnJK267ZmzNqwyM%2Bd%2FHVWUjfc4wrEXdRBasFLY2zm1dvJaqX9nE8J"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 853d8a7a2d13da57-MIA x-cache-hits 0
GET H3	200	main.js Show response tg.6af403a09ca3.com/index_files/	16 KB 6 KB	661ms 660ms	Script application/javascript	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg.6af403a09ca3.com/index_files/main.js Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b11f43faae98bfe765a46885db582fa0e3d56ef21e294107f809578cf93307 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id cca5f8b8b6ff66af1bfde6990b1d7c9a3accfa83 date Sun, 11 Feb 2024 15:14:20 GMT via 1.1 varnish x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload expires Sun, 11 Feb 2024 15:24:20 GMT cf-polished origSize=25103 content-encoding br x-cache MISS x-cache-hits 0 alt-svc h3=":443"; ma=86400 x-served-by cache-ams21049-AMS cf-bgj minify last-modified Sun, 11 Feb 2024 03:03:14 GMT x-github-request-id C892:23FE6D:91FE38:9543B9:65C8396B x-timer S1707620716.592250,VS0,VE110 server cloudflare etag W/"65c838f2-620f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ey9JWhExJPm%2FArOG1k8U4pspIpt3QQho7xunnxsU1YtXtwcQRLhOg2tDtMeuPEUKBvV1NrQ4fxTXTaYguFHXrU4bsX3XKrsR0zSDEep9Mrn0qzGFSILebHyVTuJbeZHy%2B6la%2FSiOzZB0%2B2kDG%2Ba43Ey5"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 853d8a7aede5da57-MIA x-proxy-cache MISS
GET H3	200	filename.js Show response tg.6af403a09ca3.com/index_files/	85 B 874 B	316ms 316ms	Script application/javascript	2606:4700:3036::6815:12c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg.6af403a09ca3.com/index_files/filename.js Requested by Host: tg.6af403a09ca3.com URL: https://tg.6af403a09ca3.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:12c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b9b92619d9e767d0d71474a651eef4e6cc6f2e378b34d01c7c9d106c692b535 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tg.6af403a09ca3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-fastly-request-id 137f31f5ed8ad9a253c44a278a304ce66c5b9a1a date Sun, 11 Feb 2024 15:14:20 GMT via 1.1 varnish x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload x-proxy-cache MISS cf-polished origSize=96 content-encoding br x-cache MISS x-cache-hits 0 alt-svc h3=":443"; ma=86400 x-served-by cache-ams21034-AMS cf-bgj minify last-modified Sun, 11 Feb 2024 03:03:14 GMT x-github-request-id 1856:2B558A:50BB87F:527ECE2:65C8396B x-timer S1707620716.586214,VS0,VE107 server cloudflare etag W/"65c838f2-60" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dY3sAK3lnJobDznlL32Jx11K%2FNvhq1Yi7U2rK%2B6BE45NvFnyUPf65gXhWWNfe%2BNi8D7eDW8mpbl0CFAHjnOPp81gLoKE6rZH8VhhMwiXOh8o11CB%2Fhg4o51yLdp21MhjLVz6ohc1a6QbQDhs2J5WehO"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 x-origin-cache HIT cf-ray 853d8a7aede7da57-MIA expires Sun, 11 Feb 2024 15:24:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tg.6af403a09ca3.com

URL

https://tg.6af403a09ca3.com/index_files/styles.ef46db3751d8e999.css

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR string| filename number| startTime function| dT object| jsonpCallbacks function| twitterCustomShareInit function| blogRecentNewsInit function| blogSideImageUpdate function| blogSideImageInit function| cancelEvent function| trackDlClick undefined| toTopWrapEl undefined| toTopEl undefined| pageContentWrapEl undefined| curVisible boolean| curShown function| backToTopInit function| backToTopGo function| backToTopResize function| backToTopScroll function| removePreloadInit function| getXY undefined| onDdBodyClick undefined| currentDd function| dropdownClick function| dropdownHide function| dropdownPageClick function| escapeHTML function| videoTogglePlay function| getDevPageNav function| showTitleIfOverflows function| initDevPageNav function| updateDevPageNav function| updateMenuAffix function| initScrollVideos function| checkScrollVideos function| videoPreloadPosterDimensions function| isVisibleEnough function| getFullOffsetY function| redraw function| initRipple function| mainInitRetinaVideos function| mainInitDemoAutoplay function| mainDemoVideoHover function| mainDemoVideoDoHover function| mainInitLogo function| mainInitTgStickers function| setCookie function| getCookie function| mainScrollTo boolean| __cfRLUnblockHandlers

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://tg.6af403a09ca3.com/ Message: Refused to apply style from 'https://tg.6af403a09ca3.com/index_files/styles.ef46db3751d8e999.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

telegram.org
tg.6af403a09ca3.com
tg.6af403a09ca3.com
2001:67c:4e8:f004::9
2606:4700:3036::6815:12c4
116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471
15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d
321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6
3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
5b9b92619d9e767d0d71474a651eef4e6cc6f2e378b34d01c7c9d106c692b535
78b18957e2ae3c0b6ca099e12a4f80b8dbefc8e2e22cd94a273b778fff624a7a
88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
9d47030d555e1765171c05b57ed755744d6051364674efbd99a98df9ec7fa9cd
a8250de71d10600c25e46fcd67c0d144434ed460d98a236773eddc3bd81043b3
b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417
c70e78498b2cb4df42175a51a7e44fd6355a3a272926305bef5fb19eb8447f19
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d9b070c84766545ca795ef54e06ed6f8b54ed8915ab464a46135bfd0fb09d7a6
e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402
e3b11f43faae98bfe765a46885db582fa0e3d56ef21e294107f809578cf93307
e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2
f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b