tg-g.net.ru Open in urlscan Pro
2606:4700:3034::ac43:c8ef  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Page URL
2. https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	deaebe1169831164dc5c314e66302ba4 tg-g.net.ru/	13 KB 5 KB	1029ms 366ms	Document text/html	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8561e9253a105c44-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 16 Feb 2024 01:10:25 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sl88lJftA6CbtXYxhJKMUxQEwrpk%2BOOlTJu60%2BI9meKWw8yv7PJRxiURu9%2FkOixdSdpJ%2FLVKP9lMRBb2UUUOjlxvcOw2lFiHYoiIiaRB4LWKCzc%2Bj7IrBE7WbU76wXRblQHpR0DluAZDxg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	index-f4e30377.js tg-g.net.ru/auth/	101 KB 36 KB	35ms 34ms	Script application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/index-f4e30377.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Origin https://tg-g.net.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17178 etag W/"6514de00-194a9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFQFbODh%2BbA8a8GqXGHJFPjGsrhGH%2FwpdJ8Hu56eabPWr5CsybFmIIE3B44viHOPbWL13TtQbfE17w38RwHT7hxChgZCJ1%2BSuEy%2B9rc7LGRT35utqkXMX1rnO5zWMVCybDKZa4Bga0QxzA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e9278b4e5c44-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:07 GMT
GET H2	200	index-220aaf7e.css tg-g.net.ru/auth/	397 KB 72 KB	37ms 37ms	Stylesheet text/css	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/index-220aaf7e.css Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 53182 etag W/"6514de00-6346b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0xhNSpwYjm%2BCeKP%2FoyqLyPM3gR3BGQRbI2JDV18pqNnLDySWgr%2BXNVy5fu45dNPO2wAt9a0bJXaLgjiI9FHfWUKQXv%2B%2FYEADEXJjFr5CEBtvyw61OpLNw3egAxM3BIel0TNaTgLLNyBmA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 8561e9278b4c5c44-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 10:24:03 GMT
GET H2	200	Primary Request deaebe1169831164dc5c314e66302ba4 Show response tg-g.net.ru/	13 KB 5 KB	461ms 461ms	Document text/html	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a93ba6185363c7afa7225d8c447e2de682576f04c732a09929232e29a2569a32 Request headers Referer https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8561e927ab5a5c44-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 16 Feb 2024 01:10:25 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gm%2FpELuOI6zevlM03FjyqwSpT8%2B4gAOYpC9nVG3LHuALhGIatHuLgM%2BcGEn5JkSuBu1zqvr0%2BFqUdGvCo2nGzUO5%2BOXlLTD1ZVVmP394SjmoWZZkOABgfPsytQd3A8Qy5vxkLPyuWc5joQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	index-f4e30377.js Show response tg-g.net.ru/auth/	101 KB 36 KB	35ms 34ms	Script application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/index-f4e30377.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e2cae44aa0b417f66c4b6b0d03ee83ccfc40a9ed80667aebd28ee89849ad6f8 Request headers Referer https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Origin https://tg-g.net.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17178 etag W/"6514de00-194a9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8D5tn9eWFEL7OapFfyKU1FHFsrtCMspsN3D6XwWFLvQE3rqnc2xbzMNM32is77IIzS8k86IyI0k5SNOmqpcLiRvcZWxASeLQ8qAXQAAGvje8LeVxSHr9zM%2BBts37aUS5oXzggATTh%2FR%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e92a8e37694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:07 GMT
GET H3	200	index-220aaf7e.css tg-g.net.ru/auth/	397 KB 72 KB	84ms 84ms	Stylesheet text/css	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/index-220aaf7e.css Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 220aaf7ecb349275e87712148c3a60fe8bf438b430775494faf6f5d55c83c3ca Request headers accept-language de-DE,de;q=0.9 Referer https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 53182 etag W/"6514de00-6346b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8Ma4jFPxDIKbXRFpjg6nkqoztV3hLogqGgj0ILvUEeeZ3mWOphSyljR0U5IRvJmP1tEs5l%2FBXcZ3LooPu%2FoVhfQjRTv6QvIBKwI7OmvJskmKVqGBB7mlLiIlPzmj6dHTF2%2BL2gjKKzvQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 8561e92a8e38694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 10:24:03 GMT
GET		mtproto.worker-3c075898.js tg-g.net.ru/auth/	0 0
GET		crypto.worker-9d5beacd.js tg-g.net.ru/auth/	0 0
GET H3	200	crypto.worker-9d5beacd.js Show response tg-g.net.ru/auth/	67 KB 24 KB	33ms 32ms	Fetch application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/crypto.worker-9d5beacd.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/auth/index-f4e30377.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75b2b1645da9407793d922a19e00801b031593e54e1f9f8aa5644621daaeb495 Request headers accept-language de-DE,de;q=0.9 Referer https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17177 etag W/"6514de00-10b3e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cnfgWbuOELJ6Doih1LuRGr8V5D1twhWQBB7UZj2QMhHGc91a%2BjVEghqHDcVeV4nVCPDr%2Fftu8n3ha1pIojZ9LbB9hYPVqQ9PbFFYVX%2FJ1Uu02LcuVedDmN%2BW5sTxPNtk7vIkVonRS1sXg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e92b5e95694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:08 GMT
GET H3	200	lang-c1c2a466.js Show response tg-g.net.ru/auth/	76 KB 23 KB	56ms 55ms	Script application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/lang-c1c2a466.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/auth/index-f4e30377.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11ca618d8837ebe9691487335a53e7d3fd5edc7428a56e3b8ceb2e9c200b77bd Request headers Referer https://tg-g.net.ru/auth/index-f4e30377.js Origin https://tg-g.net.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17177 etag W/"6514de00-12f67" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N876Szynhb9hKROZD77rEbeqmcEXxsfi3Tcrm0tGpyY7eXU5cQ3rsCYa40YKQCOXQE9rbSDS9CbGmo%2BeddR7ycNVJ%2FyAQl9Lkut29IFDvRPo8OFtd%2F1A%2B9ZMEqn59R3YVADG4K%2BrS7hvQg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e92b7e9f694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:08 GMT
GET H3	200	langSign-f5a5610c.js Show response tg-g.net.ru/auth/	2 KB 1 KB	57ms 56ms	Script application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/langSign-f5a5610c.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/auth/index-f4e30377.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76070b61f4b1a734176b561671a3fe24d21d383fe568e0b45f3acad2c016a4a2 Request headers Referer https://tg-g.net.ru/auth/index-f4e30377.js Origin https://tg-g.net.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17177 etag W/"6514de00-669" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikEU8UhHpvLwJ%2FMAGmhm8fr6lFxFLufn4BBrh4bhDkyWmypi77tlbIkKaFv1pnD4E%2FgeIURwCuMj27Lh8gW3tvgiAoNrBHebGsXDl67ZIcSKjzLA8LmYUFi%2FeIN5Bvn%2F7I13NJdqsd8aiQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e92b7ea0694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:08 GMT
GET H3	200	countries-5301fc59.js Show response tg-g.net.ru/auth/	24 KB 4 KB	57ms 57ms	Script application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/countries-5301fc59.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/auth/index-f4e30377.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b4921656e143af35794b7fc9d4d23580fa232ffcf179bc8569317e424032d80 Request headers Referer https://tg-g.net.ru/auth/index-f4e30377.js Origin https://tg-g.net.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17177 etag W/"6514de00-5e21" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAX9m9UUvJto2SupvgF8NueGUZJsuQXmOPYEsLeVbi%2Fp0v%2F7Y%2FPNGU8pRglTFYa5iQLhb6zOqVcKNPZe1VXJrRPUgbC6hZTp%2BEvmfN1A8TGwuxgXN%2Fmmiro%2BQ%2FNsmyJWS8DqGu6BgmHcmQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e92b7ea1694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:08 GMT
GET H3	200	pageSignQR-a7512de5.js Show response tg-g.net.ru/auth/	5 KB 3 KB	30ms 29ms	Script application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/pageSignQR-a7512de5.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/auth/index-f4e30377.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c9845a3ba553f6e042a690214a12e7bcc596686b10f511c638c5d177cbc4f05 Request headers Referer Origin https://tg-g.net.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17177 etag W/"6514de00-14e7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLQwrN5%2BqbBHgyd8x1Yg9lH5CChyhC0gislhudIuYHdTjS%2F%2FvGCLUpBkpm%2FmT%2Bglt6k3SKzmEQI3OEaXfCncU9gfDbeGqihCGNjF5VPbv9EK53ZlGfd3FUG7PuGQ%2FVBgzuLI%2FiWocSiVAg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e92bfed6694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:08 GMT
GET H3	200	page-2bc02b7f.js Show response tg-g.net.ru/auth/	10 KB 4 KB	29ms 28ms	Script application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/page-2bc02b7f.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/auth/index-f4e30377.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f4dba2a9d17f76bd9ee4c45c574f7aeae643cf90b7736a6cd6bb8bb987a2ff4 Request headers Referer Origin https://tg-g.net.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17177 etag W/"6514de00-26c7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVFPOcoHe%2BxwbukX6ShtRVRv53SSnuxyfsQ6QmKADfos2ABD2EKZgXd%2BXObagIOjgdkhNMOkemREdLgfMvUDGs2UetsQe4kbN1ucO66NACqbVF6zXi%2B5Ix5%2Fpt8l7GGzHaHxku2mVy9yYg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e92bfed8694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:08 GMT
GET H3	200	bytesCmp-33849f4a.js Show response tg-g.net.ru/auth/	3 KB 2 KB	31ms 30ms	Script application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/bytesCmp-33849f4a.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/auth/index-f4e30377.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 619a25522f0cc792312457176406cd47fad0ad6659bf9606740d7ad50341ace7 Request headers Referer Origin https://tg-g.net.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17177 etag W/"6514de00-d57" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJbb%2B%2BLgZIdeFigAEHQbLA1oH5CisDGHzhre3m3MiAng8Nh%2FNeCRvS8gTut0vMdwl43orX0V%2FjEU1yAWMkeM%2BVvqrFZ6MswdN3lNfsqeCx0peSOcPcQOYKaZ0Rozt0CaakB6qL5Y1TOt2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e92bfed9694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:08 GMT
GET H3	200	putPreloader-f1aca9bc.js Show response tg-g.net.ru/auth/	697 B 901 B	30ms 30ms	Script application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/putPreloader-f1aca9bc.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/auth/index-f4e30377.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81c729b08b379474a1ef86ec52925b727ce8adf2d3c2155af09043fe143f0596 Request headers Referer Origin https://tg-g.net.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17177 etag W/"6514de00-2b9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yFoe12Oa2yJrtMXS30GveUNq9YWg1Cgr%2FgSUrMuyD1BlT7lS7h51G2Vgc8wPeS4xS1SWNlM7rnUCMUzrUj7hkuXbM4qwzAx5Eq4SNEldvVYtqYvlWKHebdDNaFOKQ8sG3fraqTrOjLp6Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e92bfeda694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:08 GMT
GET		89a1b4ba-84af-4086-8898-1da38773045e https://tg-g.net.ru/	0 0
GET		a8de9fc9-60fa-42dd-aea6-2c2023be67c3 https://tg-g.net.ru/	0 0
GET		1f25d455-b536-428e-ae26-ac52c346c726 https://tg-g.net.ru/	0 0
GET H3	200	qr-code-styling-c40cd486.js Show response tg-g.net.ru/auth/	65 KB 17 KB	31ms 30ms	Script application/javascript	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/qr-code-styling-c40cd486.js Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/auth/pageSignQR-a7512de5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48d812700c5555c6823724cb0ce93936e5067175e37a41b6f3edd1ceecea2bfc Request headers Referer https://tg-g.net.ru/auth/pageSignQR-a7512de5.js Origin https://tg-g.net.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:25 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Sep 2023 01:59:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17175 etag W/"6514de00-102e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sjDnmwG%2Fh9YudyZYm3jECSm7EZ%2ByJYDIuVJbiYpXPPXSI2M7t3EwE32MUSU8BZgqQ7baSYm4x6hQcFq2yj%2Br%2FglKlpKiHkanZRbwW0Omx077YVpKd6plBjCjQqoTTRf4tMlwyKuwLBNEQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 8561e92c2ef0694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:10 GMT
GET H3	200	logo_padded.svg Show response tg-g.net.ru/auth/assets/img/	1 KB 1 KB	29ms 29ms	Fetch image/svg+xml	2606:4700:3034::ac43:c8ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tg-g.net.ru/auth/assets/img/logo_padded.svg Requested by Host: tg-g.net.ru URL: https://tg-g.net.ru/auth/pageSignQR-a7512de5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:c8ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4 Request headers accept-language de-DE,de;q=0.9 Referer https://tg-g.net.ru/deaebe1169831164dc5c314e66302ba4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 01:10:27 GMT content-encoding br cf-cache-status HIT last-modified Sun, 09 Jul 2023 15:42:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17175 etag W/"64aad550-42d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v48Rk7Qca7%2BLcvJvgRZDdNYCTIxdFiu6MyK3dyRKBuGfWKqebc20jM5vBWBI7AMHzKYQQ2iDmN6mK8XOV4EKGuPoNbm66XbRBoVNUPxBN07Pk8ZkiJhVwxWmPVqDbG9y%2B%2FapnlBp3y6InA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=86400 cf-ray 8561e9378c70694f-FRA alt-svc h3=":443"; ma=86400 expires Fri, 16 Feb 2024 20:24:12 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tg-g.net.ru

URL

https://tg-g.net.ru/auth/mtproto.worker-3c075898.js

Domain

tg-g.net.ru

URL

https://tg-g.net.ru/auth/crypto.worker-9d5beacd.js

Domain

tg-g.net.ru

URL

blob:https://tg-g.net.ru/89a1b4ba-84af-4086-8898-1da38773045e

Domain

tg-g.net.ru

URL

blob:https://tg-g.net.ru/a8de9fc9-60fa-42dd-aea6-2c2023be67c3

Domain

tg-g.net.ru

URL

blob:https://tg-g.net.ru/1f25d455-b536-428e-ae26-ac52c346c726

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| rootScope function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes object| customProperties object| themeController function| formatDateAccordingToTodayNew function| fillTipDates function| dispatchHeavyAnimationEvent object| liteMode object| pagesManager object| sequentialDom function| putPreloader

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tg-g.net.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: aii8pd8og8nai1pofh0t0aj4l3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tg-g.net.ru
tg-g.net.ru
2606:4700:3034::ac43:c8ef
0e2cae44aa0b417f66c4b6b0d03ee83ccfc40a9ed80667aebd28ee89849ad6f8
11ca618d8837ebe9691487335a53e7d3fd5edc7428a56e3b8ceb2e9c200b77bd
220aaf7ecb349275e87712148c3a60fe8bf438b430775494faf6f5d55c83c3ca
48d812700c5555c6823724cb0ce93936e5067175e37a41b6f3edd1ceecea2bfc
619a25522f0cc792312457176406cd47fad0ad6659bf9606740d7ad50341ace7
6c9845a3ba553f6e042a690214a12e7bcc596686b10f511c638c5d177cbc4f05
75b2b1645da9407793d922a19e00801b031593e54e1f9f8aa5644621daaeb495
76070b61f4b1a734176b561671a3fe24d21d383fe568e0b45f3acad2c016a4a2
7b4921656e143af35794b7fc9d4d23580fa232ffcf179bc8569317e424032d80
81c729b08b379474a1ef86ec52925b727ce8adf2d3c2155af09043fe143f0596
9f4dba2a9d17f76bd9ee4c45c574f7aeae643cf90b7736a6cd6bb8bb987a2ff4
a93ba6185363c7afa7225d8c447e2de682576f04c732a09929232e29a2569a32
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4