telegram-vi.buzz Open in urlscan Pro
2606:4700:3037::6815:d3b  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response telegram-vi.buzz/	14 KB 6 KB	442ms 338ms	Document text/html	2606:4700:3037::6815:d3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:d3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2868e89cc7b5ffab3916205e51e299f50b394eece2211f8502828a64d93c7c30 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d77b084fc03db9d-FRA content-encoding br content-type text/html date Thu, 24 Oct 2024 05:50:28 GMT last-modified Sun, 13 Oct 2024 14:43:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8FoZ%2BhEPPlktfTeyQlO%2F7fAmeslSCxWtDHizFU7l7swb61MtZmzQPhlCUNMmGpPhKBvFmAbrzUrECaGmnrnsRWRw%2BsC0vbx8orPzbEO7bFeLs3DGVyoIVJu4jEQvjEqVbyvKKs5FGU20euUM99kF"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=40966&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3898&recv_bytes=2289&delivery_rate=104622&cwnd=253&unsent_bytes=0&cid=b4e92b6316a8e399&ts=342&x=0" vary Accept-Encoding
GET H3	200	index-CDYN_qeA.js Show response telegram-vi.buzz/	133 KB 53 KB	777ms 776ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/index-CDYN_qeA.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cb07b9406e48bc71907b87aa95f7e789708c1f19c77ace5be9ecec476eed020 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer https://telegram-vi.buzz/ Response headers content-encoding gzip cf-cache-status MISS etag W/"670bdc7e-212d9" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHtJDrDdPH31U6ybx46zksGOMzyJwzD%2F7INtm9oYCgjZpT72QzrOpP7r6Cw3d%2F0sZ5kDLnvRc6jOHmtPIJP9Swv7oHNoqnsJeU5VfHu4nRlrIMFeGh4NgxR0Okm%2BT2vm4gTY"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=145667&sent=22&recv=11&lost=0&retrans=0&sent_bytes=16166&recv_bytes=4751&delivery_rate=165&cwnd=12000&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=664&x=1", cfExtPri, cfHdrFlush;dur=117 date Thu, 24 Oct 2024 05:50:29 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b0878f94acc9-MSP server cloudflare
GET H3	200	index-vX_PR0Tt.css telegram-vi.buzz/	477 KB 104 KB	346ms 346ms	Stylesheet text/css	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/index-vX_PR0Tt.css Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer https://telegram-vi.buzz/ Response headers content-encoding gzip cf-cache-status MISS etag W/"670bdc7e-77466" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nilR0vlBCho4XQZ05FHvpSaZBbLRd4lHQUOcbuZXIIa%2Fw0241kZ9kWSTLmaOJT5ygzh3Cp8fx8gqvfZmyJWWLQHn6CwX%2Bl%2FVGFH8vXaCI%2B%2BO0AYfLKJ9%2FPitvmiZ7z2rnh7h"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=145667&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4166&recv_bytes=4751&delivery_rate=165&cwnd=12000&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=638&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:29 GMT content-type text/css last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b0878f96acc9-MSP server cloudflare
GET H3	200	script.js Show response ad.telegarams.info/	3 KB 2 KB	426ms 359ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad.telegarams.info/script.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 023d8e20a6dc800a6415a305418e11c27484c01ab373778d26d87e8b020961c4 Security Headers Name Value Content-Security-Policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-vi.buzz/ Response headers content-encoding gzip cf-cache-status EXPIRED etag W/"a11-19196e5b838" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNv%2BwMxW7c3yT%2B8ydbXQWe0%2BrRZwx3f60Kmr9%2BULZm0liX8fnQac630HzMoK1ateliB24kFuShe8nl7He2ErjffWKGMMv2JJvvTC8hDgEP%2FqHMi%2FDdrxPNDS7HfUxoaZj%2BIOOU4%3D"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 05:51:29 GMT alt-svc h3=":443"; ma=86400 x-cache MISS server-timing cfL4;desc="?proto=QUIC&rtt=40875&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4179&recv_bytes=4370&delivery_rate=448&cwnd=12000&unsent_bytes=0&cid=0fe02dad4f4571c3&ts=362&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:29 GMT content-type application/javascript; charset=UTF-8 last-modified Wed, 28 Aug 2024 02:52:03 GMT vary Accept-Encoding priority u=3,i=?0 content-security-policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined cache-control max-age=14400 x-dns-prefetch-control on nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b087be42d2ba-FRA server cloudflare
GET		mtproto.worker-C-lHe9Dk.js telegram-vi.buzz/	0 0
GET		crypto.worker-FJ6ARoFe.js telegram-vi.buzz/	0 0
GET DATA	200 OK	truncated /	369 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	crypto.worker-FJ6ARoFe.js Show response telegram-vi.buzz/	67 KB 26 KB	347ms 347ms	Fetch application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/crypto.worker-FJ6ARoFe.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6ade34bd434b340e9e58e27712a99422758523ce362ef00c596f8adeb33fe40 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-vi.buzz/ Response headers content-encoding gzip cf-cache-status MISS etag W/"670bdc7e-10d21" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1WNX0LuICcwlgrtySOb9sXqAelDReOpG2KU5iBgp5rAppFa9RX0KXEvEIloNcl%2FvAy2MVSgrBkWSt%2BLCjIic%2BHkwBelAO3FXwH6%2BnpuWlLmi4%2BI%2BepvVyhFm3mZtTXpiA%2BPa"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=144529&sent=219&recv=69&lost=0&retrans=0&sent_bytes=243692&recv_bytes=9009&delivery_rate=603376&cwnd=88800&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=1456&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b08cabe5acc9-MSP server cloudflare
GET DATA	200 OK	truncated /	59 B 59 B		Image image/jxl
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jxl
GET DATA	200 OK	truncated /	311 B 0		Image image/avif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/avif
OPTIONS H3	204	send ad.telegarams.info/api/	0 0	381ms 340ms	Preflight	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad.telegarams.info/api/send Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://telegram-vi.buzz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * access-control-max-age 86400 alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 8d77b08c9b22dc50-FRA content-length 0 content-security-policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined date Thu, 24 Oct 2024 05:50:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=1,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kIztXLMqiXJutLBEqX9NJuycLDg4oYZIzZj5D%2FN3nt%2F993aIgmPC%2BECpfdwOdbzTuTPTKeqdPnzSpMO9ziVguomXAjoSZoGDUS3om3ZJgTyjiZPCufZfaSCqrw5D1mdFDVqf6ew%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=40454&sent=10&recv=9&lost=0&retrans=0&sent_bytes=2185&recv_bytes=4205&delivery_rate=449&cwnd=12000&unsent_bytes=0&cid=029577e7e4266e65&ts=342&x=1" cfExtPri cfHdrFlush;dur=0 vary Access-Control-Request-Headers x-dns-prefetch-control on
POST H3	200	send Show response ad.telegarams.info/api/	599 B 1 KB	221ms 221ms	Fetch text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad.telegarams.info/api/send Requested by Host: ad.telegarams.info URL: https://ad.telegarams.info/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b332d462223ac419a21d342e5c7e4da5ab674be46ad5a5659b46d6ebd398ebb7 Security Headers Name Value Content-Security-Policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/json Referer https://telegram-vi.buzz/ Response headers content-encoding br cf-cache-status DYNAMIC etag W/"byj6tr7f9bgn" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppPRiYmw0v3MkNXyrPiF87R%2FDdXstq%2BPdwPBJ5P2Cw%2FIY2OZLRgYRimVIF%2FqrxC09xGgqlk1hLHBwVOxY8vUffNulkIxGelD%2FQ2bHEvWYcQxgkJ7yX96hbszvf%2BmdSyg82aLBX8%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40090&sent=12&recv=11&lost=0&retrans=0&sent_bytes=3099&recv_bytes=4755&delivery_rate=23304&cwnd=12000&unsent_bytes=0&cid=029577e7e4266e65&ts=563&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type text/plain vary Accept-Encoding priority u=1,i content-security-policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined cache-control no-cache x-dns-prefetch-control on nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b08ebf0adc50-FRA access-control-allow-origin * server cloudflare
GET H3	200	favicon.ico telegram-vi.buzz/assets/img/	15 KB 4 KB	319ms 319ms	Other image/x-icon	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/assets/img/favicon.ico?v=jw3mK7G9Ry Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-vi.buzz/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66f774ed-3aee" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNC6qneDKU8gvUhfjQVNiFcJou6pQ7npZrrWViU2FHjbtD6a471xCpsg%2FkGiaq8TvLXdpxjyzp8iPs%2BW0bk8qaTRPOsPJ12Z7HcrOWfT7IPXCayxaOE4y39hb%2FlALLo6BAqj"}],"group":"cf-nel","max_age":604800} cf-ray 8d77b08cbbefacc9-MSP alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=144529&sent=188&recv=69&lost=0&retrans=0&sent_bytes=207352&recv_bytes=9009&delivery_rate=603376&cwnd=88800&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=1435&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type image/x-icon last-modified Sat, 28 Sep 2024 03:15:57 GMT vary Accept-Encoding priority u=1,i
GET H3	200	lang-CNYDDQNH.js Show response telegram-vi.buzz/	137 KB 45 KB	318ms 318ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/lang-CNYDDQNH.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 084e02dc3f7facf0f9744705d2211e97633cc8127ce579a95fa50337e92df665 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer https://telegram-vi.buzz/index-CDYN_qeA.js Response headers content-encoding gzip cf-cache-status MISS etag W/"670bdc7e-2247a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1byzEzrUSpEI50wqlOvbm3CHdlA7Cy1CAKEIfuiM6Ef%2B6x0vnWaHfHYiV53mQap7BiFMkt8f%2BTbox91jOHJbqZjOPnWFqDkJOQcjvcOmQ5LnldF0hoI7Af4SITeJDSNPbsV"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=144529&sent=192&recv=69&lost=0&retrans=0&sent_bytes=211632&recv_bytes=9009&delivery_rate=603376&cwnd=88800&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=1450&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b08ccc05acc9-MSP server cloudflare
GET H3	200	langSign-CN-ja8rh.js Show response telegram-vi.buzz/	2 KB 1 KB	284ms 284ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/langSign-CN-ja8rh.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer https://telegram-vi.buzz/index-CDYN_qeA.js Response headers content-encoding gzip cf-cache-status MISS etag W/"670bdc7e-66e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vHBmjT8pecc9qTdOO3vkgnf1e5GAyAgTP1rqBOA8sZLNhVFIoOfAKmplmS2Fzxa4VhY5yo9dPdNpyrCwfTgwB2gYJI7X94NJzrDTqZkHODu1gX1WcgzjoxqYhkuwFRBeQHb6"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=144529&sent=154&recv=69&lost=0&retrans=0&sent_bytes=168352&recv_bytes=9009&delivery_rate=603376&cwnd=88800&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=1416&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b08ccc06acc9-MSP server cloudflare
GET H3	200	countries-CzeCvYH8.js Show response telegram-vi.buzz/	24 KB 5 KB	291ms 291ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/countries-CzeCvYH8.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer https://telegram-vi.buzz/index-CDYN_qeA.js Response headers content-encoding gzip cf-cache-status MISS etag W/"670bdc7e-5e21" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JeI2YW8KKFjJz%2BrOYlNW6IaqkJpg4RD%2F0mkepHn%2F%2FEUGc7RalVKNA6kRNp3GLIYDe5xtZ%2FHHUEmC4RG05NGXckJwaKqDbYaHpbu10qb%2FA4kOsQ8YhBhPteH%2BZ3xanmF8lQP4"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=144529&sent=156&recv=69&lost=0&retrans=0&sent_bytes=169906&recv_bytes=9009&delivery_rate=603376&cwnd=88800&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=1424&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b08ccc07acc9-MSP server cloudflare
GET H3	200	pageSignQR-DYBspEyR.js Show response telegram-vi.buzz/	7 KB 4 KB	263ms 263ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/pageSignQR-DYBspEyR.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4dfe2f6be0b3ba67a2d5ef39409b9e3057a30bcbababe9061eb853b39da296a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer Response headers content-encoding gzip cf-cache-status MISS etag W/"670bdc7e-1b5e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5NXR5AMf0IxEs%2B4mvi5HdWW4tW8ws8ChSGSrj408f%2BKmf0r2l79fdkocoT9NmKfsbF0rTmr%2B3%2BuOTIaKE0P2NhE0v2fZ7FbO1nBV4OtNwcF1OTN0n53avIZ22HKK1FaEoUh"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:30 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=146258&sent=494&recv=106&lost=0&retrans=0&sent_bytes=563722&recv_bytes=11945&delivery_rate=1549830&cwnd=247200&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=1876&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b08fced6acc9-MSP server cloudflare
GET H3	200	page-B8EFu7kT.js Show response telegram-vi.buzz/	10 KB 5 KB	266ms 266ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/page-B8EFu7kT.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88ed8a178fefa625230f6f24faa4b597d0e1572ace1e442c9b2e54dd0fb033c4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer Response headers content-encoding gzip cf-cache-status MISS etag W/"670bdc7e-290c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSDZgCzjVQkJ8HIC3a0VOw1saFx11icVed1ZUNFsqGUp974%2B%2BCxq1dR6vSxyMBSYZOsoZtBa0MqvWYyOeRDJxJ1woGNpaB6qo9XPuEyKI3cPGxnRgZDvf9pHn%2BDz5dfdRf%2Fa"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:30 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=146258&sent=499&recv=106&lost=0&retrans=0&sent_bytes=568829&recv_bytes=11945&delivery_rate=1549830&cwnd=247200&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=1878&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b08fced7acc9-MSP server cloudflare
GET H3	200	button-DymDsySt.js Show response telegram-vi.buzz/	9 KB 5 KB	267ms 267ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/button-DymDsySt.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a738fc8f560566090bdadea56ffd240e5952ded080c1d38c0791afb72d9be58 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer Response headers content-encoding gzip cf-cache-status MISS etag W/"670bdc7e-241a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoglUmeqIjwf5XNSZ4IRd7OgNnkKwUxdU%2B2hpLXH82jm3uthuuloSMy0xeIhUK3ugwF%2BT9BMU0ebfHVLkRP5XIAXLCNssKMpAsta3dxOtUtXrI8ABQZjOP3FXptdrOZ03yzb"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:30 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=146258&sent=504&recv=106&lost=0&retrans=0&sent_bytes=573993&recv_bytes=11945&delivery_rate=1549830&cwnd=247200&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=1879&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b08fced8acc9-MSP server cloudflare
GET H3	200	putPreloader-b2E17MJx.js Show response telegram-vi.buzz/	699 B 1 KB	283ms 283ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/putPreloader-b2E17MJx.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9cb15d65206c0c02cc223c6ff4e9bb2747089631de9887e3cdb32e13da7bdf3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer Response headers content-encoding br cf-cache-status MISS etag W/"670bdc7e-2bb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPf8vMaQOQ5d6FH%2FEvbKte2%2FhSYvww2eRFDaHFul4%2FcIEqiwH%2BI5aR7LyRWcAPEeubT4B%2Bvdcy4C8KjXCQWmtaQ73k2Zi2nn0tkx83p%2FmSaWeqAkCaKU9Xf0bQHZjg27moAE"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:30 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=146486&sent=509&recv=107&lost=0&retrans=0&sent_bytes=578880&recv_bytes=11990&delivery_rate=1527130&cwnd=247200&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=1897&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b08fced9acc9-MSP server cloudflare
GET H3	200	textToSvgURL-Cnw_Q8Rw.js Show response telegram-vi.buzz/	357 B 952 B	264ms 264ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/textToSvgURL-Cnw_Q8Rw.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer Response headers content-encoding br cf-cache-status MISS etag W/"670bdc7e-165" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kw%2BpMCrZa9kccweyx%2FCLyn3HBlIehIs4hpnX91nvRSFkLEZxH0APuLfTeFmqc50sb9MlzTCmEVjeqEkPLPJYm%2BCojcUuNYka2FwlCd2gM62qq1%2Bu%2FRF8kwFfr8NOIWaNo79J"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:30 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=146258&sent=498&recv=106&lost=0&retrans=0&sent_bytes=567854&recv_bytes=11945&delivery_rate=1549830&cwnd=247200&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=1877&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b08fcedaacc9-MSP server cloudflare
GET		686c5839-7785-472b-9453-3bb2b45b0d3e https://telegram-vi.buzz/	0 0
GET		1cb57362-9155-488e-96e2-faa25900c8a4 https://telegram-vi.buzz/	0 0
GET		b7683ecd-6f20-476f-a2f2-29d197996307 https://telegram-vi.buzz/	0 0
GET H3	200	qr-code-styling-CvBVNv73.js Show response telegram-vi.buzz/	65 KB 19 KB	319ms 318ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/qr-code-styling-CvBVNv73.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer Response headers content-encoding gzip cf-cache-status MISS etag W/"670bdc7e-10251" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mgsz7wipMhA5L8TUsGmEut3S6bvkTlDMWgfZ%2FSrNtknUQNyPuT%2BjrNnFhRsnRvo%2BwPn9RwqjqW2ODPl7jUatbF%2BxYbdazdENyXD83yNrlehR2H4kHMzDM6vZJiD9JBA9Llay"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:30 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=146103&sent=512&recv=112&lost=0&retrans=0&sent_bytes=580944&recv_bytes=12731&delivery_rate=161144&cwnd=247200&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=2222&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b091986dacc9-MSP server cloudflare
GET H3	200	_commonjsHelpers-Cpj98o6Y.js Show response telegram-vi.buzz/	290 B 878 B	286ms 286ms	Script application/javascript	172.67.154.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/_commonjsHelpers-Cpj98o6Y.js Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/index-CDYN_qeA.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://telegram-vi.buzz Referer Response headers content-encoding br cf-cache-status MISS etag W/"670bdc7e-122" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZrz0TYCzoLYDfsqEQe0fSbnm1vuh1cGbR7DtZyIwyqtYc5RLLqANEkfy89b46wWMdGYeBD4HBHggMj2aL3Qh3ojFU5rkNASE1eO4yMB0wLvW%2B83uOvPwNfbWHCmRm0dPT5S"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 17:50:30 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=146103&sent=511&recv=112&lost=0&retrans=0&sent_bytes=580043&recv_bytes=12731&delivery_rate=161144&cwnd=247200&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=2189&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:30 GMT content-type application/javascript last-modified Sun, 13 Oct 2024 14:43:10 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d77b091986eacc9-MSP server cloudflare
GET H3	200	logo_padded.svg Show response telegram-vi.buzz/assets/img/	1 KB 0	270ms 270ms	Fetch image/svg+xml
General Check archive.org Show headers Download Go to Full URL https://telegram-vi.buzz/assets/img/logo_padded.svg Requested by Host: telegram-vi.buzz URL: https://telegram-vi.buzz/pageSignQR-DYBspEyR.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Resource Hash eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-vi.buzz/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66f774ed-42d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpYR8FGaWPggS0U5f5sAGrWFYrXhBjKc3OYuUkaim0lgx9aI5gwvvh2N2pxbBP0BB7YoUoJcoYZTuJ%2FLmtKXAqHYcvWQV%2F%2F6kFlnRI1k3ieQp%2FGA2M18QGzsJf9Az5khQyhw"}],"group":"cf-nel","max_age":604800} cf-ray 8d77b09fcd04acc9-MSP alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=145332&sent=530&recv=116&lost=0&retrans=0&sent_bytes=601314&recv_bytes=13189&delivery_rate=68842&cwnd=247200&unsent_bytes=0&cid=84231b1ccaa8b00a&ts=4433&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 24 Oct 2024 05:50:33 GMT content-type image/svg+xml last-modified Sat, 28 Sep 2024 03:15:57 GMT server cloudflare priority u=1,i vary Accept-Encoding
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

telegram-vi.buzz

URL

https://telegram-vi.buzz/mtproto.worker-C-lHe9Dk.js

Domain

telegram-vi.buzz

URL

https://telegram-vi.buzz/crypto.worker-FJ6ARoFe.js

Domain

telegram-vi.buzz

URL

blob:https://telegram-vi.buzz/686c5839-7785-472b-9453-3bb2b45b0d3e

Domain

telegram-vi.buzz

URL

blob:https://telegram-vi.buzz/1cb57362-9155-488e-96e2-faa25900c8a4

Domain

telegram-vi.buzz

URL

blob:https://telegram-vi.buzz/b7683ecd-6f20-476f-a2f2-29d197996307

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| rootScope function| deferredPromise function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| appNavigationController object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes object| customProperties object| windowSize object| liteMode object| themeController object| overlayCounter function| formatDateAccordingToTodayNew function| fillTipDates object| umami function| dispatchHeavyAnimationEvent object| pagesManager object| sequentialDom function| putPreloader

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://telegram-vi.buzz/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0708013340F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.telegarams.info
telegram-vi.buzz
telegram-vi.buzz
172.67.154.229
188.114.96.3
2606:4700:3037::6815:d3b
023d8e20a6dc800a6415a305418e11c27484c01ab373778d26d87e8b020961c4
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
084e02dc3f7facf0f9744705d2211e97633cc8127ce579a95fa50337e92df665
1cb07b9406e48bc71907b87aa95f7e789708c1f19c77ace5be9ecec476eed020
2868e89cc7b5ffab3916205e51e299f50b394eece2211f8502828a64d93c7c30
2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4
4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896
55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a
5a738fc8f560566090bdadea56ffd240e5952ded080c1d38c0791afb72d9be58
6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48
88ed8a178fefa625230f6f24faa4b597d0e1572ace1e442c9b2e54dd0fb033c4
88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998
a6ade34bd434b340e9e58e27712a99422758523ce362ef00c596f8adeb33fe40
b332d462223ac419a21d342e5c7e4da5ab674be46ad5a5659b46d6ebd398ebb7
d4dfe2f6be0b3ba67a2d5ef39409b9e3057a30bcbababe9061eb853b39da296a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4
f9cb15d65206c0c02cc223c6ff4e9bb2747089631de9887e3cdb32e13da7bdf3