ref.telegram.cc Open in urlscan Pro
104.26.6.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ok.me/8xQF1
Effective URL:
https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
Submission: On February 02 via manual (February 2nd 2024, 8:56:07 am UTC) from GE — Scanned from GE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 104.26.6.209, located in and belongs to CLOUDFLARENET, US. The main domain is ref.telegram.cc.
TLS certificate: Issued by GTS CA 1P5 on January 12th 2024. Valid for: 3 months.

This is the only time ref.telegram.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.61.23.4 5.61.23.4	47764 (VK-AS) (VK-AS)
15	104.26.6.209 104.26.6.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
17	3

1 5.61.23.4 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: ip4.23.odnoklassniki.ru

ok.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.26.6.209 (None, )

ASN13335 (CLOUDFLARENET, US)

ref.telegram.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	telegram.cc ref.telegram.cc	269 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	ok.me 1 redirects ok.me — Cisco Umbrella Rank: 832756	211 B
0	Failed function sub() { [native code] }. Failed
17	4

	Domain	Requested by
15	ref.telegram.cc	ref.telegram.cc
1	www.google.com	ref.telegram.cc
1	ok.me	1 redirects
0	resolve Failed	ref.telegram.cc
17	4

This site contains no links.

Subject Issuer	Validity	Valid
telegram.cc GTS CA 1P5	`2024-01-12` - `2024-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 1 frames:

Frame: tg://resolve?domain=odv9knxyt_bot&start=1385244490
Frame ID: 9E11F9929CC6E4CC6A3B9A20A4581BC3
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Доступ к информационной системе «LeakedInfoBot»

Page URL History Show full URLs

https://ok.me/8xQF1 HTTP 301
https://ref.telegram.cc/odv9knxyt_bot?start=1385244490 Page URL

Detected technologies

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

270 kB
Transfer

785 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ok.me/8xQF1 HTTP 301
https://ref.telegram.cc/odv9knxyt_bot?start=1385244490 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request odv9knxyt_bot Show response
ref.telegram.cc/
Redirect Chain

https://ok.me/8xQF1
https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

25 KB
8 KB

1511ms
1318ms

Document
text/html

104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aede1fd268890efa772882514d888949a74db5fcda9c1f93aff1b2cd2215eda9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84f137eebea52dc7-TBS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 02 Feb 2024 08:56:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HB9A3N%2BGztmw5qWVef%2BzmaXf2Y94GyIgyrpcZNa9tX%2Bq7261Vpjb%2FUyuUSnzFxEX6B35ETlIeRnQn1MTCHSjaApCUvY0NyeVT99HubT4eUuSK0prxS6aMpnHsdPYugPcgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 02 Feb 2024 08:56:00 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
server: apache

GET
H2 200 normalize.css
ref.telegram.cc/html/www/bot/assets/css/ 6 KB
2 KB 206ms
204ms Stylesheet
text/css 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/html/www/bot/assets/css/normalize.css?1

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 23:27:46 GMT
server: cloudflare
etag: W/"17fa-5d5f7bbbd2409"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbExvrB5YGPue842qfTOqAEvybEucEbU6%2F8Qsqn4h5w2wls8W%2BSwJCEh3ISgqCgvbMZCC0Ev6C1m0%2BCvByMvDsjFHKPLMz8ex9cqfNu%2Bq%2FDvcGV9Lh6oonB8EwQ4ksunVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137f79e132dc7-TBS

GET
H2 200 main.css
ref.telegram.cc/html/www/bot/assets/css/ 45 KB
8 KB 770ms
769ms Stylesheet
text/css 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/html/www/bot/assets/css/main.css?2

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319c458b3c251bdd268f4ee219cea25a016cc8dddd7ca5743014962ce695a497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 23:27:47 GMT
server: cloudflare
etag: W/"b5b8-5d5f7bbc5ea23"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fXR5yHxZWOBqk8nfkL5y9Ot9K8Csqj%2BtSXkbXb7NHS%2FcvrTPjhZsFb2vXTnipsbi6t%2Fer8ngUTunAwZI4UGgWyjkH3EI1adk1ZLlteOOrKZGp%2FpF8UPbGOotYewBVB3lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137f79e172dc7-TBS

GET
H2 200 enter--icon--1.svg
ref.telegram.cc/html/www/bot/assets/img/ 524 B
621 B 494ms
493ms Image
image/svg+xml 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ref.telegram.cc/html/www/bot/assets/img/enter--icon--1.svg

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0a9dcb65a1c6c6544e20f661bd67253665d0c3bc3cf8a3875c2d101d15bcdfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 20:57:25 GMT
server: cloudflare
etag: W/"20c-5d5f5a203c67d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rz5%2FB8gy8nDOJzNWWip28aW3Yvto%2BbBT%2F%2BGE%2B1GrS1qI2iAnhdSDxeVF1hrsqE%2BOy8dR0dmd4wg3BuyJxkcD9GlbiRJWKmhgkXxLhBY2dMRq4IFQFx8eHa%2FtEpO9ywSqwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137f79e192dc7-TBS

GET
H2 200 enter--icon--2.svg
ref.telegram.cc/html/www/bot/assets/img/ 812 B
863 B 530ms
528ms Image
image/svg+xml 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ref.telegram.cc/html/www/bot/assets/img/enter--icon--2.svg

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b895f12526cf6a5a5c51018f996efb46bd85a2057a2c7370a5e82835e809ae9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 20:57:25 GMT
server: cloudflare
etag: W/"32c-5d5f5a207317e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpOb34gY4JoimQbjDpe5i3ilEEbBa7J9mbCxuGn%2F5fVpgUzhS1K3QfwCCThgJ%2BClZwD0I8zPXKU2mB9HEZDyDzK%2FYujqFDEmRMf0BDN15oNLWdFL4xusBhNaH8bAY19b8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137f79e1a2dc7-TBS

GET
H2 200 no_avatar.jpg
ref.telegram.cc/html/www/bot/assets/img/ 12 KB
13 KB 501ms
501ms Image
image/jpeg 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ref.telegram.cc/html/www/bot/assets/img/no_avatar.jpg

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933a203f95e22b5b8db5df0a97e4b49f9f8f6a27510b8041261c98bc64c94c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
content-length: 12536
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Jan 2022 06:45:43 GMT
server: cloudflare
etag: "30f8-5d62615a109d3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kzofIf%2Bv38uBg0MtHEAnzjrsxpbvN%2BbHi7vpw6%2FwSzimhPczkGidhdNFeEw%2B9LvuRI6vJ8%2B%2B0THdE8EmzGyZla82mlNbpYB0U62S4J7SlU%2BhNHMtrONDQ9%2FsiB%2FqGUImg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84f137f79e1c2dc7-TBS

GET
H2 200 plug--icon.svg
ref.telegram.cc/html/www/bot/assets/img/ 475 B
562 B 496ms
495ms Image
image/svg+xml 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ref.telegram.cc/html/www/bot/assets/img/plug--icon.svg

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e24b772aba4974ac70e4a114e8a5f89f70adcf27071d91423f8ea116b4303ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 20:57:25 GMT
server: cloudflare
etag: W/"1db-5d5f5a200d494"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpcvsfSGxEre1r9KW30%2BrmMFePHGSAmEXZc6y4DggKySJ7qaff0tIBuNgmaAynfi%2BEbR8Z2j%2Bq37j2zFL%2BS8mSA9y6mPlFwRd0GN2yn2ubYhwXHUFnt8xL5KQrsRCEDPZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137f79e1e2dc7-TBS

GET
H2 200 email-decode.min.js Show response
ref.telegram.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 91ms
90ms Script
application/javascript 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 18:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b94449-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNj9CDzwENoKYfYI%2BzNfjmtfELkjO0Qf1V5xo%2BKgdPC9JEgCgWmuR05rW9uGAbv7ixwrfl5cyF%2BT2tAgW569vWTEvaV1csPWuixEIfEXppp7yH6XMcdHMEZGB%2FLljfAsFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84f137f79e202dc7-TBS
expires: Sun, 04 Feb 2024 08:56:02 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
ref.telegram.cc/html/www/bot/assets/js/vendor/ 86 KB
31 KB 695ms
692ms Script
application/javascript 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/html/www/bot/assets/js/vendor/jquery-3.4.1.min.js

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 20:57:29 GMT
server: cloudflare
etag: W/"15851-5d5f5a242a451"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsmMgTqNJalPInQ08WvviXkl%2FnKJBNYEMnJZmHcQItDJ%2FkV%2BpRWcp4O2mQddvTG8FQnpHJeBqY4gLyHDhdEBbz62pvUFGN3KuiS%2FjOE3ZoZeqZYoZqMQHU4%2BAeBYlAd%2FDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137f7be5d2dc7-TBS

GET
H2 200 modernizr-3.11.2.min.js Show response
ref.telegram.cc/html/www/bot/assets/js/vendor/ 8 KB
4 KB 508ms
506ms Script
application/javascript 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/html/www/bot/assets/js/vendor/modernizr-3.11.2.min.js

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c52fd09c046eb1c50d8c10ed30e5ee15aa1f46c3ba26ee4019b1509277ffc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 20:57:29 GMT
server: cloudflare
etag: W/"219e-5d5f5a24772cb"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0DKUzmR9jBSGsKikW5vAHPTaH3KTeP3oO0z%2B6Ics7JE9JhupMGI55DY8PVALbnB07UIb1g0msUB5jgcHo99%2BdHMoPSA2jHa9meEBCfZJvyBIiFZEpArPGWiCMi5ZxShuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137f7be602dc7-TBS

GET
H2 200 plugins.js Show response
ref.telegram.cc/html/www/bot/assets/js/ 706 B
734 B 595ms
593ms Script
application/javascript 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/html/www/bot/assets/js/plugins.js

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba48d440c79456c03c9bd51bc75d3367d8b4b12c8c5dd889b11c33c651561d11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 20:57:28 GMT
server: cloudflare
etag: W/"2c2-5d5f5a22c2a62"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjDUZQ3Fdc78i7YW4cXTAQRcOvsCfRHph6xp8GGWLxJmCl6Tb1seZTGD7JqMKlmxyS%2BW85cs11v9GIyz86uIzhngdd%2FcWqLcAgg7evkpt7nPN5suIpg7Mc2769YfAw9ZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137f81f142dc7-TBS

GET
H2 200 main.js Show response
ref.telegram.cc/html/www/bot/assets/js/ 14 B
313 B 760ms
759ms Script
application/javascript 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/html/www/bot/assets/js/main.js

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e65f3cca9a4637c34593c5b4dc5698d6368b91ce43f6d26273a70c430a66b71f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
content-length: 14
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 20:57:28 GMT
server: cloudflare
etag: "e-5d5f5a22f89ab"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnKMpcx%2ByLdW8QsURxTFxSSAHS4%2B7GfTEK5mzvI9gIboZDKywaI%2B1Wwn%2FvvqQUAwpiAa9Izxgq9%2Fwp7vnTGMKopNR6dc1JESXsamPEkDAuDhCNEa1xmna%2Fo6z7t%2BKT2ULA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84f137f81f152dc7-TBS

GET
H2 200 sweetalert2.all.js Show response
ref.telegram.cc/html/www/bot/assets/js/sweetalert/ 140 KB
31 KB 1028ms
1027ms Script
application/javascript 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/html/www/bot/assets/js/sweetalert/sweetalert2.all.js?2

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

350a2761cf57f2801f1d4e72c8124a86640c47735343e02915dbf52556467edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Jul 2022 11:55:04 GMT
server: cloudflare
etag: W/"22e7f-5e3721b270f52"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHzB7EjRyAx8jqH%2BG%2FaKPv%2FsBARM1OJoXeP2xUyUelwQGifwbUGmYYP7X66LQBuyuF8jdLDT%2BNaWC3YkBXLYQufaAmoqIi1CP0EnX1%2B1zpWoFIHaK0M1PMXNl9KVCrFqsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137f81f172dc7-TBS

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 467ms
159ms Script
text/javascript 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=ru

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

f8eef670b41f6010722c608013634e8e2486768b93e83e71f08538ef79729e5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ref.telegram.cc/odv9knxyt_bot?start=1385244490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 02 Feb 2024 08:56:02 GMT

GET
H2 200 Font-Semibold.ttf
ref.telegram.cc/html/www/bot/assets/fonts/Font-Semibold/ 282 KB
100 KB 399ms
399ms Font
application/font-sfnt 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/html/www/bot/assets/fonts/Font-Semibold/Font-Semibold.ttf

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/html/www/bot/assets/css/main.css?2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ed3491e29ff1358986ff83ac6698efde97432e62d3f49b50cffaf3c6877590e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ref.telegram.cc/html/www/bot/assets/css/main.css?2
Origin: https://ref.telegram.cc
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 20:57:16 GMT
server: cloudflare
etag: W/"4688c-5d5f5a1807cf4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XTPpL1e3tj%2BT7ZOJ5zMenC4RNF%2Fn0hxD4%2FgYmhxXFplA4PgOvVKPUR5gMI7GFgqpHhwMllPZNO1VfSqPq5I84gcos3hNgPy9TGTTVeDEl6Bdlel%2FXp4sbY2LVICFjULYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137fc7e0e2dc7-TBS

GET
H2 200 Font-Medium.ttf
ref.telegram.cc/html/www/bot/assets/fonts/Font-Medium/ 176 KB
69 KB 870ms
870ms Font
application/font-sfnt 104.26.6.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.telegram.cc/html/www/bot/assets/fonts/Font-Medium/Font-Medium.ttf

Requested by

Host: ref.telegram.cc
URL: https://ref.telegram.cc/html/www/bot/assets/css/main.css?2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21052940c63a871e75c93afadddf20b842524ebb651c189f8483bec05263188e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ref.telegram.cc/html/www/bot/assets/css/main.css?2
Origin: https://ref.telegram.cc
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 20:57:21 GMT
server: cloudflare
etag: W/"2be58-5d5f5a1cde18c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ct1OKGXWad2xnMrTkg1tgkT2LYDRjuUUq30ZQ4gwhBE9YHRdROXYkAJRNVJusj4waNOWFvv%2BGGDS2yseduqX6eKUj6aoW2EtUnzkbpZgAAZ7IM1wMX6itETg%2BUEllWvxUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 84f137fc7e0f2dc7-TBS

GET tg://resolve?domain=odv9knxyt_bot&start=1385244490
tg://resolve?domain=odv9knxyt_bot&start=1385244490 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: resolve
URL: tg://resolve?domain=odv9knxyt_bot&start=1385244490

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ok.me/	1970-01-21 02:53:20	Name: uid Value: cc6bf8c4-df03-4140-9ef8-f0c0196286f4
			ref.telegram.cc/	1969-12-31 23:59:59	Name: PHPSESSID Value: 68d7f13984c8d7a6b5dd91572be2b102

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ok.me
ref.telegram.cc
resolve
www.google.com
resolve
104.26.6.209
142.250.186.164
5.61.23.4
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e24b772aba4974ac70e4a114e8a5f89f70adcf27071d91423f8ea116b4303ff
21052940c63a871e75c93afadddf20b842524ebb651c189f8483bec05263188e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
319c458b3c251bdd268f4ee219cea25a016cc8dddd7ca5743014962ce695a497
350a2761cf57f2801f1d4e72c8124a86640c47735343e02915dbf52556467edb
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
8c52fd09c046eb1c50d8c10ed30e5ee15aa1f46c3ba26ee4019b1509277ffc2d
933a203f95e22b5b8db5df0a97e4b49f9f8f6a27510b8041261c98bc64c94c0f
9ed3491e29ff1358986ff83ac6698efde97432e62d3f49b50cffaf3c6877590e
aede1fd268890efa772882514d888949a74db5fcda9c1f93aff1b2cd2215eda9
b895f12526cf6a5a5c51018f996efb46bd85a2057a2c7370a5e82835e809ae9a
ba48d440c79456c03c9bd51bc75d3367d8b4b12c8c5dd889b11c33c651561d11
e0a9dcb65a1c6c6544e20f661bd67253665d0c3bc3cf8a3875c2d101d15bcdfa
e65f3cca9a4637c34593c5b4dc5698d6368b91ce43f6d26273a70c430a66b71f
f8eef670b41f6010722c608013634e8e2486768b93e83e71f08538ef79729e5b

ref.telegram.cc Open in urlscan Pro 104.26.6.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

270 kBTransfer

785 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

ref.telegram.cc Open in urlscan Pro
104.26.6.209 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

270 kB
Transfer

785 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions