www.telegramhcn.com Open in urlscan Pro
172.67.130.15 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.telegramhcn.com/
Effective URL:
https://www.telegramhcn.com/
Submission: On July 01 via api (July 1st 2024, 8:52:26 am UTC) from US — Scanned from DE

Summary HTTP 31 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 31 HTTP transactions. The main IP is 172.67.130.15, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.telegramhcn.com.
TLS certificate: Issued by WE1 on June 20th 2024. Valid for: 3 months.

This is the only time www.telegramhcn.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
1 30	172.67.130.15 172.67.130.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.156.2 172.67.156.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2

30 172.67.130.15 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.telegramhcn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.156.2 (United States)

ASN13335 (CLOUDFLARENET, US)

web.dcobxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	telegramhcn.com 1 redirects www.telegramhcn.com	337 KB
2	dcobxs.com web.dcobxs.com	23 KB
31	2

	Domain	Requested by
30	www.telegramhcn.com	1 redirects www.telegramhcn.com
2	web.dcobxs.com	www.telegramhcn.com web.dcobxs.com
31	2

This site contains links to these domains. Also see Links.

Domain
twitter.com
apps.apple.com
web.telegram.org
core.telegram.org

Subject Issuer	Validity	Valid
telegramhcn.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
dcobxs.com WE1	`2024-06-25` - `2024-09-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.telegramhcn.com/
Frame ID: 210A6635EDA31CCDECB501E7108DC26E
Requests: 29 HTTP requests in this frame

Frame: https://www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Frame ID: 2306F6525A7CBD90456C959916264D3D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram-Telegram中文版

Page URL History Show full URLs

http://www.telegramhcn.com/ HTTP 307
https://www.telegramhcn.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

97 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

359 kB
Transfer

7990 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/telegram
Title: Twitter

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/telegram-messenger/id686449807
Title: Telegram iPhone/iPad

Search URL Search Domain Scan URL

URL: https://web.telegram.org/
Title: 网页版

Search URL Search Domain Scan URL

URL: https://core.telegram.org/
Title: 开发平台

Search URL Search Domain Scan URL

URL: https://core.telegram.org/api
Title: API

Search URL Search Domain Scan URL

URL: https://core.telegram.org/mtproto
Title: 通讯协议

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.telegramhcn.com/ HTTP 307
https://www.telegramhcn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.telegramhcn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.telegramhcn.com/
Redirect Chain

http://www.telegramhcn.com/
https://www.telegramhcn.com/

10 KB
4 KB

822ms
590ms

Document
text/html

172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PbootCMS
Resource Hash: a511b7c40a9fc94845eeb06c5cba9874f9cf55a72b650e47729537d538f62f45

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c5282bee5c362d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 01 Jul 2024 08:51:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IoHTbNCKKOWAvb7ZgKvITzrilW7%2FSOcl7ORCG%2F%2B6ekXKzM2iBgJjReiehrXGuMi%2BBBuyUHNb4KW46zmjofnLK4oDl2LiBPFoNBzJoclLfqdZsILau9hjWiDwbP6hMZ48wza2pfZh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PbootCMS
x-ua-compatible: IE=edge,chrome=1

Redirect headers

Location: https://www.telegramhcn.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.css
www.telegramhcn.com/skin/css/ 44 KB
11 KB 56ms
55ms Stylesheet
text/css 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegramhcn.com/skin/css/style.css
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fdff231d46f09b29510ef4adc80a4dbae646c9d3da770dfe3c7a9672f48269a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5517
cf-polished: origSize=57198
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Dec 2023 21:00:24 GMT
server: cloudflare
etag: W/"658c9068-df6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2wGsEVpFyB1E0ldfWZ%2FatXEgiUYUHK5GlzC8g8Cz0mDTUyKA%2BZqdgJnOE2x0dwoFkoyPNZSMBSFd916JxqzjF5X%2BsI92Dtvs8yoAibFRZsurcxrbxRcgNRFgqCwjcjezvYNZLSm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 89c5282fabbe362d-FRA
expires: Mon, 01 Jul 2024 19:19:57 GMT

GET
H3 200 jquery-2.2.4.min.js Show response
www.telegramhcn.com/skin/js/ 84 KB
35 KB 81ms
81ms Script
application/javascript 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegramhcn.com/skin/js/jquery-2.2.4.min.js
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 27 Dec 2023 21:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5518
etag: W/"658c9066-14e4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6rQMH1B3Z8bpjiioas8ySF0lL5n%2FpAaNHKP7d6VbE7051Wh%2Ft7GYcT9fgyVvszx9C8ihGz1naXuUqVia0qZXaHdJ7IITUqVF604NbsUe9TxGi%2ButAiFl0lFD6SJZUs%2FshFLcHsG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 89c5282fabc0362d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jul 2024 19:19:57 GMT

GET
H3 200 navright1.png
www.telegramhcn.com/static/images/ 3 KB
3 KB 676ms
675ms Image
image/png 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/navright1.png
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33d6be96b9ceed78dc9b32bb3fcdf2814836635d2d376d746f42728c35538f9e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:56 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:31:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c97c6-a75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PNXryFrTcBf2mx5mjbvLZDunvgoruqRYx6T3j1h1QeKbIpuUSfMpQeDce6g1k%2F4QsU9GI9cUrAIwj8D9L4yh9Py4FHCyfBv6eZrUbLgaXu%2BM00hb7DgP6HP9ohnNtAAX0zYzuNjS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c5282fabc2362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2677
expires: Wed, 31 Jul 2024 08:51:55 GMT

GET
H3 200 navright.png
www.telegramhcn.com/static/images/ 1 KB
2 KB 565ms
565ms Image
image/png 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/navright.png
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:55 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:38:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c9940-4f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8sJMOPJ3BCN%2BKAuFCgtyGiRF0sVUonymc7WdusYvgED4bnCCcx%2B3r%2F5s4HVayFQW7PJruPhX6X9b2wZtv%2BuVQMHGR8yuyHbjMprDN2N2drv1OUuIu9l7jKQw3MINeTBq%2B9QH1oEs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c5282fabc5362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1272
expires: Wed, 31 Jul 2024 08:51:55 GMT

GET
H3 200 logo.png
www.telegramhcn.com/static/images/ 11 KB
12 KB 678ms
677ms Image
image/png 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/logo.png
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:56 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c9930-2cb9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=clr7YO02vxK7oxUjJ2NBocVeTZ%2BGFk%2FgGm0RY4U8zWZp1tFeEy0I1GNViTw%2BKbmBcEF12dFKUn4vgCOm8%2F2xHxOPdiBh1YIAPDWvMpas%2BtEnyuc9zhi0IZIP9EaplUB4iN22gKwn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528333834362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11449
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 session2left.jpg
www.telegramhcn.com/static/images/ 145 KB
145 KB 1294ms
1293ms Image
image/jpeg 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/session2left.jpg
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d0c4939a51a164a3067d43c5071f3b9b468c4b73fa9d27c811fdbcac2ca431e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:37:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c992e-2434a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzrHSofo%2FU00Uk%2FDb7%2Ft8e1iLyI7IkaqAqilNHsPdaQNxThoEb6q1lSjqRbEeWtxOGWF3rJf6Auchykic%2FNdifBXmmhQvuJ0%2BVXzswGeJJ1Kl2wnLXQi9l7czxGQmO0rgYF4KjwW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c52833e933362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 148298
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 session2right.jpg
www.telegramhcn.com/static/images/ 31 KB
31 KB 997ms
993ms Image
image/jpeg 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/session2right.jpg
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:35:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c98ae-7a49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KVTRK54Oq4H7hUdKvh3W6HCtvLIPr%2BUHGBLqF4cquNTAasUN6eDGEIpLqggn6eQOT6aGh8yNepQqc17weXbSY8fI%2BpEtdpG%2Ffhwqa5Zk%2By%2B9sf%2FIjNmAFUvlGlw%2FVe0tAWckeE07"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c5283479fc362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31305
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 session3.jpg
www.telegramhcn.com/static/images/ 27 KB
28 KB 1020ms
1015ms Image
image/jpeg 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/session3.jpg
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f123a86b52bc881b75b0afe9201a8cf1ed563c59e44b84c2c21f58e80ce3b44b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:36:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c98f2-6c4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FGQNxMdLztHSQiUsyGQr6Eh9oNawroMnekU05z9wtdkbuFLIq7vjj91kRV3uZ1p82S0hvF1DZB1tI9TK9rXhwOQIPhYxMvH2%2Fi8g7vGCxQeSkp0hUUng6EFcCcEjCN3ctstBsy4d"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a07362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27725
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 window.jpg
www.telegramhcn.com/static/images/ 31 KB
31 KB 844ms
839ms Image
image/jpeg 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/window.jpg
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c443c78239489b2ee75618b26460dae55a87a132b74807780ceab30130eb7a68

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:38:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c9944-7a9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kXVFqceIMU5R823PIj%2FE4L%2FTeN75KaVoehsgiuBrsOEpgdIye7n5xCZUaoESWQ08XCvhcAWAZrLm9GNK82%2BX7yNw9JJzWIRGGP1OhmFcytIPD5B3PMSOG1qfigItkgr3gLKmhyN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a08362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31391
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 section4i9.gif
www.telegramhcn.com/static/images/ 574 KB
0 1957ms
1952ms Image
image/gif 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/section4i9.gif
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:58 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:37:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c9916-2ffe3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2EFQE835f4gvLMCuuFjyxjFvBgl5c5DTHhehyrUwQAQYUP8WJ%2BKb8U63JEAzRFmjwSsRl5GbEvrVIJmyq8eNIkN22DG1bsDtD3o6QemfXUPaDozTViUwGlcoW9yfml2H24f4%2BE58"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a09362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3145277
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 section4i8.gif
www.telegramhcn.com/static/images/ 1 MB
0 2177ms
2168ms Image
image/gif 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/section4i8.gif
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:58 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:38:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c9954-29342a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=En6BoSWApmdnAZFsuwBvahA%2FuclnJeoYKufZbxOaM0wXDcNlYJxgW7HwCIFs21HgGO0CMEb2KuDgP7GALVQ3due%2BtQKb5fiJ3GxHzw5KhWeJG0cL%2FcCPKLIYxRiKTvsJjv%2FoOFLI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a0c362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2700330
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 section4i7.gif
www.telegramhcn.com/static/images/ 1006 KB
0 1074ms
1064ms Image
image/gif 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/section4i7.gif
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:38:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c9944-32c4dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEEth46jGX2Mn8SGNKfQpX7i5lOlpwI1sgRVglOLT3OSVBo3j2XOX1GHzNfx5r%2Bu73LdAeLIMUyLPwkH1eu8E5Zlq0Yrpgy1lIa%2FtxD0fVMYQ54G6S1MV57nJlLHIGURT943y0HG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a0f362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3327196
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 section4i6.gif
www.telegramhcn.com/static/images/ 1022 KB
0 1078ms
1068ms Image
image/gif 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/section4i6.gif
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:38:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c995c-24ffe3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rdbCEJ6ZAS42I3aXseYTeSqc3IJ795XIBVFltWk3WCtsk%2BUF9Ral%2B3FrANrFTALdbRegmoi88ucNhSVw9n7UP3GT3%2FBK6mTAlgFiwWxugJKwvuVPY7ddRkkMexBH%2FDZxChEnO%2Fq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a11362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2424803
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 section4i5.gif
www.telegramhcn.com/static/images/ 638 KB
0 1366ms
1356ms Image
image/gif 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/section4i5.gif
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:32:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c97d6-1e8e27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuXAIKAtkqIeiWbTcq484Y3RK05rBpx81VzvibGPhX6Q7pWw%2BqkVdDYEyKD%2FgViZCliCxJsm%2Fg9GYO2EPklsRvEUwX9i6bAtE86v0w6pnLwrMwmtN%2FuquKMh7JoPV2OHDjomTYhA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a13362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2002471
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 section4i4.gif
www.telegramhcn.com/static/images/ 878 KB
0 1931ms
1921ms Image
image/gif 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/section4i4.gif
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:58 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:37:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c992e-343916"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IwdoSN575Bi0f%2FdWmKqA3QiStzCN3KG8ht1A5dBqyw5WTDiyk24cnd1KfDwurRHcyiYRCNxRCdPBIE7uvO%2FaUcZiNyN1UpoF4HM6F5I3yKY39RnhpOnReU6GgT%2BW%2BaMGaqdIA53c"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a15362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3422486
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 section4i3.gif
www.telegramhcn.com/static/images/ 846 KB
0 1301ms
1290ms Image
image/gif 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/section4i3.gif
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:36:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c98d4-2267fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEJQqtVx4aU3QKKWQVYvjONJyXjJC8fgf9zpL87q6AdGSCchwaeV28zuy8of3GmsLODTPuZXbxBW0MZbzvrW3%2F5rL8O7eaa%2FZX2n5JHsN%2BzDRvtAH1lnKx7EeVDs3mu34Tn%2B97HB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a16362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2254846
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 section4i2.gif
www.telegramhcn.com/static/images/ 878 KB
0 3531ms
3520ms Image
image/gif 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/section4i2.gif
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:59 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:34:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c9850-219b67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mW5qI1JLQl6jiS7hmBcIw%2BGxooC%2BydpETMWKAfLh4vG4GLtg9QTaJaXoS3z0NpKiYM8KK%2FF92EmLONBDdQFIFbgIpqFSQ0dzitfZX%2FuIK9Ac%2B6QvnX26zLRhYoD1sCGYKN0t6CtX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a17362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2202471
expires: Wed, 31 Jul 2024 08:51:57 GMT

GET
H3 200 section4i1.gif
www.telegramhcn.com/static/images/ 510 KB
0 5623ms
5611ms Image
image/gif 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/section4i1.gif
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:52:01 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:36:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c98f6-24dbae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCroXnmMMgCVTLjrJ71No5xvDK93jfHJRcSK8CiKzUmfuk2i92s9xFqDaxaQKYUSupH8z9JPHlRVPV0Zqk2KzJt5dRSPE7cHKvdwlpvMGDGgc7NWBHdC0Zmlp1DozldWsVTiJGo2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a18362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2415534
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 1712857917188837.jpg
www.telegramhcn.com/static/upload/image/20240412/ 11 KB
11 KB 402ms
391ms Image
image/jpeg 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/upload/image/20240412/1712857917188837.jpg
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 602b040f55434b5d450a22cf7fe0a3606b47d5d730f1abce67211c55f3601cb4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:56 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 17:51:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6618233d-2b50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iRXnVE744XjfK6g9vA5jnk7T2iuyfQq%2FUwfu47eLqWfYUuM0ci2hp0D10uqH2US7kt89ICMq%2FsdCNziq5QJODeko%2FzMlQAIaBZ%2BWhwrNQGghl8XpdtZnccI8NRdGKfU3C5ndv%2BpX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a1a362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11088
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 1712857691304410.jpg
www.telegramhcn.com/static/upload/image/20240412/ 6 KB
7 KB 670ms
659ms Image
image/jpeg 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/upload/image/20240412/1712857691304410.jpg
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 759e0076e4eabe5d904a07298963aa8fcb709d07618aa14c61d853430e0b3b73

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:56 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 17:48:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6618225b-1933"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jjuo%2BLT8hkgmFkUashm44y8IIqGnwsA2PXkApgwVuxnahJOLjlQa058nnwrkhmZJkYtK7T6NrexZHJf7ObjP%2B4cb5%2B8sP8Untth1yLT%2F15fyoBJHH4Izq39X%2BMJsDS3EUHk8braV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c528347a1b362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6451
expires: Wed, 31 Jul 2024 08:51:56 GMT

GET
H3 200 custom.js Show response
www.telegramhcn.com/skin/js/ 3 KB
2 KB 681ms
677ms Script
application/javascript 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegramhcn.com/skin/js/custom.js
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0124d2d9ac5be5a7f5201467923786211749eda73a948b7a5691d4eb197198c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658c9066-cfe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wj7nRJGMpPbIfNidkYG7n9i42ikd3iVhSlDIMHC9UXKqprDMKnfKr92NGbnyl4IzNNsZhccvrx%2B72LS5FpI1poaAm7Fic5gJZLgSYDGrkdRXC%2BNwE%2F4i%2FX2to2kzENJ4p1xu%2BsgQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 89c5283479fd362d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jul 2024 20:51:56 GMT

GET
H3 200 side.js Show response
www.telegramhcn.com/skin/js/ 12 KB
5 KB 1303ms
1299ms Script
application/javascript 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegramhcn.com/skin/js/side.js
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d04da8f67dd05731b0d944e1109ba0859dac96ecce7365396dc7dbc08afc6eda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658c9066-30be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W34ilSGgiNYcSGfKHaIgdNGaFRSvn16Np1r7xOsakSiX8nqZCq9gKwBrWNjuEMH1mwbSoXnX6kyslPZ8SAyeadYrCTJzgwiOdSB4Ppqda2MdO1xNiLd%2BuBWK8fwbGVnOFj6Kgn5C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 89c528347a00362d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jul 2024 20:51:57 GMT

GET
H3 200 hc-sticky.js Show response
www.telegramhcn.com/skin/js/ 6 KB
2 KB 698ms
694ms Script
application/javascript 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegramhcn.com/skin/js/hc-sticky.js
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb3fdae01e5edfb32565c5f7b592bc7ca850cba92565ff12f020df68570481e8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:56 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 27 Dec 2023 21:00:22 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"658c9066-17cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=62CajNWB6bJgo1T%2Bxn8HzBw%2FjScKwcUrC3z2E3EGf%2FEpaOZz2ji1afYvDi4edyltGDlZhBGakruEPwTof9t8Ho1fp1YYq7o4y9xWsLjvsPxAW2%2B3OsnsgoEz%2BuQIBzPaZMJhFh3X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 89c528347a02362d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jul 2024 20:51:56 GMT

GET
H3 200 / Show response
www.telegramhcn.com/Spider/ 0
428 B 325ms
313ms Script
text/html 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegramhcn.com/Spider/?url=/
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PbootCMS
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PbootCMS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jS8MNdgXn8Pag9axZKq1jrRHl9C27aooMC27PpBfgxzg4jdj0jMIz5sXJa0vXTzBIc0lAgUd3P03pWIt8Lfum9RcVLBIvqKmm5rslwX1v%2F%2FUaNhS8nAoyUYHEqUDayaIx75enF4V"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 89c528347a1d362d-FRA
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1

GET
H3 200 skin.css
www.telegramhcn.com/skin/css/ 3 KB
1 KB 693ms
692ms Stylesheet
text/css 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegramhcn.com/skin/css/skin.css
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/skin/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97b9d0e9507908e15635de9319606f2e09e76e73e43ef0913a0d1e93d6ebb475

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/skin/css/style.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658c9066-c7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LhjTkKxaKRJaCoeLU%2BB86g%2BIcLXkCN6Wz5p4zVKXaL%2BNG9TYy2r%2FJkSKQlOljurhy7prv8Q%2FMVbvsmGyrQIqBnT5%2BEm03nOYw%2BN9IqF4DUINgLChTyeHLK7YN%2B1ml3uq2Atn42hB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 89c528300c24362d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jul 2024 20:51:56 GMT

GET
H3 200 matomo.js Show response
web.dcobxs.com/ 66 KB
22 KB 157ms
60ms Script
application/javascript 172.67.156.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.dcobxs.com/matomo.js
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.156.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be0d7af2971baf50358dd1560c353cf6795d0d4e6b85388023a5719b12c9ee35

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5842
cf-polished: origSize=67460
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 Jun 2024 21:19:36 GMT
server: cloudflare
etag: W/"66676de8-10784"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P6Xo9LrSwkXgV4E6EZ7givQ%2FN8l%2B7kv2CJkeOQ7Eg7ogcknwH4tZJOzCTvcACYUUOrTP0vjUOE1Ymrwm8FNQSmKYPQPl2MSIW16HJUN68neZPiAxnNxCbKBliEjo2wIVbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 89c528350c78920b-FRA
expires: Mon, 01 Jul 2024 19:14:34 GMT

POST
H3 204 matomo.php
web.dcobxs.com/ 0
427 B 921ms
920ms Ping
text/html 172.67.156.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.dcobxs.com/matomo.php?action_name=Telegram-Telegram%E4%B8%AD%E6%96%87%E7%89%88&idsite=19&rec=1&r=446963&h=10&m=51&s=56&url=https%3A%2F%2Fwww.telegramhcn.com%2F&_id=9e2b4878f88daeec&_idn=1&send_image=0&_refts=0&pv_id=8TGuMS&pf_net=234&pf_srv=589&pf_tfr=2&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Not%2FA)Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126.0.6478.126%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126.0.6478.126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: web.dcobxs.com
URL: https://web.dcobxs.com/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.156.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.telegramhcn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4%2Fa8ds6rxsO7jPAr5oHj19KMua41pjUVhUiAwZBWKUB6vZKZoJnt3uIYCNcO55tGrQZim%2BO8PcdIZUUdstXFEQ5zAkQleGOtpEJ5nHFEQAPA%2FRzbWJE65Pu0sp%2Fl5lEXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.telegramhcn.com
access-control-allow-credentials: true
cf-ray: 89c52835cd2b920b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 session2i.png
www.telegramhcn.com/static/images/ 2 KB
2 KB 696ms
676ms Image
image/png 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegramhcn.com/static/images/session2i.png
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/skin/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 389eb664948dda8c5afdd43719ddfcee49d1332a1306dd717c8505755482cf51

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.telegramhcn.com/skin/css/style.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:51:58 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 21:38:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658c9944-7a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9D0xv9E5jE8sVy1vIDk3UdXKyJf51J7%2BjKrImMUkSEVZAtvgG1NMBNNSt0FGF02zXK8r7ZRc1dYEohnkVqRtVhFHXbV0Gzq6YNIVHGUZiOZpm2%2FWdx18sXuvxdouwIUc5iQr%2B0bi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 89c5283d1ddb362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1959
expires: Wed, 31 Jul 2024 08:51:58 GMT

GET
H3

200

main.js Show response
www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame 2306
Redirect Chain

https://www.telegramhcn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

8 KB
4 KB

50ms
49ms

Script
application/javascript

172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

Requested by

Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/

Protocol

Server

172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8132006658a384133b299a23e236f5b9f410be226e64a6e50cf4a6ca851cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6NnxlbC0x51ir5%2FYqxlaFkrbNveYejQmnXjlZph7iZ06Ctmvf71%2F9fThHS7YGHjvXxK0xGEDiaN24Gtu8vEo5%2BE%2B3IRIXxFWhhOJ0ZCnmxHAj5YfcyjZaSPxVmawn0RUEPZAhvHc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 89c5283dff1e362d-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 01 Jul 2024 08:51:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HJu4tjvWcbsyA0xewGigMyVTVG0%2FScJiFHMRUu9xv9tIwtju0gnGPj1QAjJfgJfZZEUHsn3GPRIAhjN5KJmMA8hh5di77AzhcnodW8UQvCSdfC5h3Ghb0q0IBOvp7STN8C79lZ6"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 89c5283daea2362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 89c5282bee5c362d Show response
www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2306 0
684 B 67ms
65ms XHR
text/plain 172.67.130.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/jsd/r/89c5282bee5c362d
Requested by: Host: www.telegramhcn.com
URL: https://www.telegramhcn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 01 Jul 2024 08:51:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aQJVwDLBUTDxAG%2Fjb93rZPcdP5fCYZta8aEoSH2FLha9mhCDCmU5Nr5S1p9AQaqh9yEf5ithy1JsbxyXr16MA6r%2BfYuYae%2FCOgEtugFD7GytoGhGybSr92%2FVsiW7gXMBtv3C%2Fwg"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 89c5283f4907362d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.telegramhcn.com/	1969-12-31 23:59:59	Name: lg Value: cn
www.telegramhcn.com/	1970-01-21 07:09:39	Name: _pk_id.19.0c0d Value: 9e2b4878f88daeec.1719823916.
www.telegramhcn.com/	1970-01-20 21:43:45	Name: _pk_ses.19.0c0d Value: 1
.telegramhcn.com/	1970-01-21 06:29:19	Name: cf_clearance Value: WOL8FPEN4Kpifr77LCZoS4UpGhggef2j66kdVg4XYpU-1719823917-1.0.1.1-ZuLUKZyCj5ECzGvec9tws.K3FbTtE4KlVd1XCnz2Y2QaFSlI4TTleQbhoE.iSG7VmN90mHHC8OunZCcvBbKHDQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

web.dcobxs.com
www.telegramhcn.com
172.67.130.15
172.67.156.2
0124d2d9ac5be5a7f5201467923786211749eda73a948b7a5691d4eb197198c3
33d6be96b9ceed78dc9b32bb3fcdf2814836635d2d376d746f42728c35538f9e
389eb664948dda8c5afdd43719ddfcee49d1332a1306dd717c8505755482cf51
5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc
5d0c4939a51a164a3067d43c5071f3b9b468c4b73fa9d27c811fdbcac2ca431e
602b040f55434b5d450a22cf7fe0a3606b47d5d730f1abce67211c55f3601cb4
759e0076e4eabe5d904a07298963aa8fcb709d07618aa14c61d853430e0b3b73
88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
97b9d0e9507908e15635de9319606f2e09e76e73e43ef0913a0d1e93d6ebb475
9fdff231d46f09b29510ef4adc80a4dbae646c9d3da770dfe3c7a9672f48269a
a511b7c40a9fc94845eeb06c5cba9874f9cf55a72b650e47729537d538f62f45
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
be0d7af2971baf50358dd1560c353cf6795d0d4e6b85388023a5719b12c9ee35
c443c78239489b2ee75618b26460dae55a87a132b74807780ceab30130eb7a68
cb3fdae01e5edfb32565c5f7b592bc7ca850cba92565ff12f020df68570481e8
d04da8f67dd05731b0d944e1109ba0859dac96ecce7365396dc7dbc08afc6eda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2
ec8132006658a384133b299a23e236f5b9f410be226e64a6e50cf4a6ca851cbd
f123a86b52bc881b75b0afe9201a8cf1ed563c59e44b84c2c21f58e80ce3b44b

www.telegramhcn.com Open in urlscan Pro 172.67.130.15 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

359 kBTransfer

7990 kBSize

4 Cookies

6 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.telegramhcn.com Open in urlscan Pro
172.67.130.15 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

359 kB
Transfer

7990 kB
Size

4
Cookies

31 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!