telegramzhcn.org Open in urlscan Pro
104.21.63.199  Malicious Activity! Public Scan

25 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response telegramzhcn.org/	21 KB 5 KB	632ms 379ms	Document text/html	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 455ce6085db8365ffb667a39d2bc92560ba4edf0ad006905e0c8432714370e27 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 79348922da76fb84-AKL content-encoding br content-type text/html;charset=utf-8 date Thu, 02 Feb 2023 17:09:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBS1A5mMnEEanQyZH%2BSdbkf2QuK5vkm5VnDKD7wkP6cWJ50dgmyaBJUbs2xZfZSb94BIYEhXcWJ2S9c%2FCleepBWIlqb%2BUu4b6itdufJoEqa2lTuhKxAnXpgItTbLWD1DSUWW"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	bootstrap.min.css telegramzhcn.org/css/	42 KB 9 KB	126ms 125ms	Stylesheet text/css	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegramzhcn.org/css/bootstrap.min.css Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 06 Jan 2022 14:09:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 26782 etag W/"61d6f818-a61b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehYILvVoWfBQkfiAiZ5XdFmQxB8b3tOHkJYWX5W3IGeFKzuv7sj7LeSXoMixYRkgXoUmK2r2ktW09YqbQltLFYlaqgzBo62TsHhcfq%2By%2Bk2EbnzicRPc4%2Btp8Qe9IqI%2F%2F528"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 793489254bb2fb84-AKL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 02 Feb 2023 21:43:16 GMT
GET H2	200	telegram.css telegramzhcn.org/css/	108 KB 23 KB	134ms 134ms	Stylesheet text/css	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegramzhcn.org/css/telegram.css Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b160454bd8b304897e2d48ad25cd86f3b0eaebdc58518fc6c3ad5fafe3053507 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:38 GMT content-encoding br cf-cache-status HIT last-modified Sun, 09 Jan 2022 15:10:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 26782 etag W/"61dafaf0-1af38" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xt3oxWY7xhZPGnlLOf70OPa5f2bj8C4%2FMEbxvZB4TJIH2O7Pd1R2xVrmxXedHxdftMhOvcHyeFo%2FZk8pzRTTna3pYL6fBkGKxuhpRVol6x3oijbYyLB78D2b8owT4cbg2ySn"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 793489254bb3fb84-AKL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 02 Feb 2023 21:43:16 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	110 KB 43 KB	825ms 278ms	Script application/javascript	142.250.4.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-252982748-1 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f97.1e100.net Software Google Tag Manager / Resource Hash 17fcf18cf134d26fda7a483bb48578f331c983653da8fe8efdf613ce6063a33f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43941 x-xss-protection 0 last-modified Thu, 02 Feb 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 02 Feb 2023 17:09:39 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	229 KB 79 KB	1198ms 651ms	Script application/javascript	142.250.4.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-N44VLT4Z4E Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f97.1e100.net Software Google Tag Manager / Resource Hash 99896002e1f8f08b77399fa8d6b48be244ebfc40d1d72139663f8cd6e84a3f0e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80885 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 02 Feb 2023 17:09:39 GMT
GET H2	200	t_logo.png telegramzhcn.org/img/	11 KB 12 KB	173ms 170ms	Image image/png	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/t_logo.png Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26782 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11449 last-modified Thu, 06 Jan 2022 15:49:50 GMT server cloudflare etag "61d70f9e-2cb9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpZwcBN9rgIgqZfepDl59IRsc2tydEeb4XNOQz2DwGMRl010B6VFHWnVnuPxcYz5Oz1OgnAr2dt9RDiT8D%2BuH9YTyq8xLdBKyCuuKyJIdcCDP8S120UlbCXJOCWZ%2Bbvk%2FOqM"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 793489264c15fb84-AKL expires Sat, 04 Mar 2023 09:43:16 GMT
GET H2	200	99f5aa87b728abadf1 telegram.org/file/464001668/fd89/UBuBIo3AwaM.254718/	249 KB 171 KB	1562ms 778ms	Image image/jpeg	149.154.167.99 TELEGRAM
General Check archive.org Show headers Download Go to Show image Full URL https://telegram.org/file/464001668/fd89/UBuBIo3AwaM.254718/99f5aa87b728abadf1 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash 31a28c0d636bd66478b57390c5303e621a90fd8a8565d0aace1453227d3bb626 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:39 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload server nginx/1.18.0 etag "f6fd842a6d0333f4cf42a71d036ee6ea5b6778b9" content-type image/jpeg cache-control max-age=2592000, public content-length 174481 expires Sat, 04 Mar 2023 17:09:39 GMT
GET H2	200	cbc986292284a428e2 telegram.org/file/464001245/11728/VDo2rwNfZ8Y.264840/	259 KB 182 KB	2357ms 1573ms	Image image/jpeg	149.154.167.99 TELEGRAM
General Check archive.org Show headers Download Go to Show image Full URL https://telegram.org/file/464001245/11728/VDo2rwNfZ8Y.264840/cbc986292284a428e2 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash eb2f848566ce7b8bed640f1a8c754cdd02bf58b29de3d42e90bca36f20223532 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:39 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload server nginx/1.18.0 etag "b28d4199e5e7cfc53685a0a75fce897cdb4b11f9" content-type image/jpeg cache-control max-age=2592000, public content-length 186113 expires Sat, 04 Mar 2023 17:09:39 GMT
GET H2	200	dd4eeb46cc5efc0688.gif telegramzhcn.org/img/	2 MB 2 MB	151ms 149ms	Image image/gif	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/dd4eeb46cc5efc0688.gif Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26782 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2415534 last-modified Sat, 30 Apr 2022 17:41:52 GMT server cloudflare etag "626d74e0-24dbae" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LM5qxATKwWRZO%2FR1nzDsOfXDhSk1u6g%2BXQVeczxibhmdyo39lj9M%2FUqR0DhMnRBAQvzyrzfeKXOF5mG1ldva5K75IhXSafF8bYv2mmfesMPDKutVNEaxiKM2LcV1kk4yfWhl"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 793489264c16fb84-AKL expires Sat, 04 Mar 2023 09:43:16 GMT
GET H3	200	d4b936ecc2c939f4fa.gif telegramzhcn.org/img/	2 MB 2 MB	125ms 124ms	Image image/gif	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/d4b936ecc2c939f4fa.gif Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:39 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26781 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2202471 last-modified Sat, 30 Apr 2022 17:41:51 GMT server cloudflare etag "626d74df-219b67" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xvu%2BfARF7HmA20L2jUfXIETBIrIsVmal7OWhCm8NMhWNdHRTIDZMK6O17U3POWseIc7ZHaFgDRRMG8a3v%2Ff7Vyg9mL6pDW9XX%2FAIj8kiq%2FFQ4wskWgTiwKtAzF5q6GNqM0Et"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 79348929ef1b1c5d-AKL expires Sat, 04 Mar 2023 09:43:18 GMT
GET H3	200	7318c11715aa2ec45b.gif telegramzhcn.org/img/	2 MB 2 MB	832ms 832ms	Image image/gif	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/7318c11715aa2ec45b.gif Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:39 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26781 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2254846 last-modified Sat, 30 Apr 2022 17:41:49 GMT server cloudflare etag "626d74dd-2267fe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdFwkLEzFj48GJ4D6lY9czDH2m6sIVaZoyf4tKDc2UR6%2FHx1Rau1Na0qlJrw9p3m0oezhmumqbE0hM1sj9nCOWt761yDp8xQGCV0DBXqxJsDMTi5%2FaoeAritmpz0jhmqwOuD"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 79348929ef1c1c5d-AKL expires Sat, 04 Mar 2023 09:43:18 GMT
GET H3	200	7d57d7159cf4fbe9b2.gif telegramzhcn.org/img/	3 MB 3 MB	242ms 241ms	Image image/gif	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/7d57d7159cf4fbe9b2.gif Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:39 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26781 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3422486 last-modified Sat, 30 Apr 2022 17:41:47 GMT server cloudflare etag "626d74db-343916" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBKxtn0p9JFQPhXHNyOrsDnxJFqm75fZIfi2Md84IYYDm4d7nrwF6KssSxSvnn%2ByRbxZqrXuJfzLZRG8KMwIFYNrIDpfDj44GuYziJBh%2FTWYpXdphxXqt6HM6IjTdLn1v1Wo"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 79348929ef1e1c5d-AKL expires Sat, 04 Mar 2023 09:43:18 GMT
GET H3	200	911807f65dfb4f8f20.gif telegramzhcn.org/img/	2 MB 2 MB	252ms 251ms	Image image/gif	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/911807f65dfb4f8f20.gif Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26783 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2002471 last-modified Sat, 30 Apr 2022 17:41:50 GMT server cloudflare etag "626d74de-1e8e27" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6nYiaysmknQp8y9cH3nl9z%2BF5oCMNMBV8CJbvUbv%2Fzo2s79dOGJZFotGsj0VgWPYmXs8PiQuOzGo1a6qOxD2avMGpMT48l%2BMMeXbcXWTZTmdLiBd8Xrb5UWFlq1thF1ylId"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 7934893609fb1c5d-AKL expires Sat, 04 Mar 2023 09:43:18 GMT
GET H3	200	feb1e161b1d3608613.gif telegramzhcn.org/img/	2 MB 2 MB	243ms 242ms	Image image/gif	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/feb1e161b1d3608613.gif Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26783 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2424803 last-modified Sat, 30 Apr 2022 17:41:53 GMT server cloudflare etag "626d74e1-24ffe3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60iD%2Bf2jKjF1FnxXpjCKjq1FFcjUM8yDkefdQCTKWhlMaXqfhElgLfh9AYa5Yo5dzOgmE3wmooMEgQnzC9RBSBBSqGuBVhGPQCMMhYFyP0ZVfJzsl7yhVmnH66K5ZE1CjvUh"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 7934893609fc1c5d-AKL expires Sat, 04 Mar 2023 09:43:18 GMT
GET H3	200	9ce5fa5f3fb74460b4.gif telegramzhcn.org/img/	3 MB 3 MB	125ms 124ms	Image image/gif	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/9ce5fa5f3fb74460b4.gif Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26783 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3327196 last-modified Sat, 30 Apr 2022 17:41:48 GMT server cloudflare etag "626d74dc-32c4dc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEuMZUrK6CtZPTLWlzAlG5eEnv8FEp4UkhmZ17YvgEl4lrYN8x%2FVdH3Bn2XlxMpGHLBhnAYmX9EiOxUXmr%2BGWWBs9U17F8%2BgBOSc6ERyTNyA3%2BJUO2sikc%2FCo0%2B1BjGtqjJ9"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 7934893609fd1c5d-AKL expires Sat, 04 Mar 2023 09:43:18 GMT
GET H3	200	f3cec6c451d023c109.gif telegramzhcn.org/img/	3 MB 3 MB	133ms 132ms	Image image/gif	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/f3cec6c451d023c109.gif Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26781 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2700330 last-modified Sat, 30 Apr 2022 17:41:52 GMT server cloudflare etag "626d74e0-29342a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYLrA5dBR45uuFwoGQ0mKs9DiTlA5G0dRrC0Ns34OT8HHQpErIt88mDLd%2FI39ALqI6jKmrckh8DzM6jUBDJweWt5kNpdHl0cg8Jdkj8rNr%2Fv4JJNRcYiwcJNwqoFuVGNDMXX"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 7934893609ff1c5d-AKL expires Sat, 04 Mar 2023 09:43:20 GMT
GET H3	200	b6c5dbc0e4f6553805.gif telegramzhcn.org/img/	3 MB 3 MB	2128ms 2127ms	Image image/gif	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/b6c5dbc0e4f6553805.gif Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26781 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3145277 last-modified Sat, 30 Apr 2022 17:41:50 GMT server cloudflare etag "626d74de-2ffe3d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLt3zNPpdnzR57NcjIKBuD8CjFtpH801kdHDt5rbj%2Fg1zC0TFa%2FQUjlDU72hYdxmijptw8mqYMdt%2Fzn9WIDn2sjSLR0jAq9C1NiNsiKkC7%2BUBc7rSI%2B15hVqnSgBfi9xYPpT"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 793489360a001c5d-AKL expires Sat, 04 Mar 2023 09:43:20 GMT
GET H2	200	main.js Show response telegramzhcn.org/js/	21 KB 6 KB	134ms 133ms	Script application/javascript	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegramzhcn.org/js/main.js?211 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c977dd50958ef465c336f04a30f9682caa9ea9805280d93062ad9c6ff1ef14e Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:38 GMT content-encoding br cf-cache-status HIT last-modified Sun, 09 Jan 2022 19:14:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 26782 etag W/"61db342d-539c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAMbkeir7vjtBrLsQdnH7sA9QJ8qYe15lzeNsxAs0bgcdEVinpi06QWlJzyNkgDY9PX%2B0tVhwG17oBpdfu7UPkLtz2IRfEJYZQKm46GzgJjW72AC1dTuzVPu31bN47YWJAua"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 793489261bfffb84-AKL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 02 Feb 2023 21:43:16 GMT
GET H2	200	tgsticker.js Show response telegramzhcn.org/js/	76 KB 24 KB	128ms 128ms	Script application/javascript	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegramzhcn.org/js/tgsticker.js?v403 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4f186b720f2a547a36dae7dbdc269e507cc56e66756a75988854ba75fcac551 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:38 GMT content-encoding br cf-cache-status HIT last-modified Sun, 29 Jan 2023 06:12:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 26782 etag W/"63d60e62-12eee" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILJN0RjbA6s41cHSE3GxFBoyZpI%2BsfKaqn0MHwA1vBzfWSpqY2XjKfeqtKk%2Ftg3Q24o%2FfytJZRnWy6w%2Fmoy61C0mytMROEHZaebU%2BpuwHacTxqVbN0CgzrgVM3vYm2Cn25tW"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 793489264c0ffb84-AKL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 02 Feb 2023 21:43:16 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	122 KB 47 KB	278ms 277ms	Script application/javascript	142.250.4.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5X96JGP Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f97.1e100.net Software Google Tag Manager / Resource Hash cbe3446e0555af2665900ec59a0ba2528f4cf3060246c5e1bce24f70e178f433 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:41 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47972 x-xss-protection 0 last-modified Thu, 02 Feb 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 02 Feb 2023 17:09:41 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 20f4c7a3a145bb8bd7bbed583088379b30196e62437926bb0433042b81102e19 Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	twitter.png telegramzhcn.org/img/	1 KB 2 KB	159ms 159ms	Image image/png	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/twitter.png Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/css/telegram.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/css/telegram.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26782 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1272 last-modified Thu, 06 Jan 2022 16:06:08 GMT server cloudflare etag "61d71370-4f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NR8IK%2F5O3qLZOBoc5TKaEMQxRJxwyn3z3vGxjZC%2FSUTMB7qFDoHor5k40AEcfoiRi9lRK7IRr%2FQ1x3qy3Nc0nLWb22SCoJ1%2BHZaS3bwEzVT8VjMCzu6kK18XGuwXErHmNIic"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 793489266c26fb84-AKL expires Sat, 04 Mar 2023 09:43:16 GMT
GET H2	200	SiteLogos.png telegramzhcn.org/img/	2 KB 2 KB	224ms 224ms	Image image/png	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/SiteLogos.png Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/css/telegram.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 389eb664948dda8c5afdd43719ddfcee49d1332a1306dd717c8505755482cf51 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/css/telegram.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:39 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26782 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1959 last-modified Thu, 06 Jan 2022 16:09:18 GMT server cloudflare etag "61d7142e-7a7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7RO1WVpJ9BcSlAPvsTQ%2BUYog60wWazdunHADbcPdcAqTdSJkGENCxhUwxh4okrv4gCFbKKLohVN69ZYbOCDQlpFfca%2F6gNwyz8n%2FOVdgv0E1Jq2QnVgVdtB%2Fbonypi%2BLD8R"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 79348926ec4bfb84-AKL expires Sat, 04 Mar 2023 09:43:16 GMT
GET H2	200	SiteAndroid.jpg telegramzhcn.org/img/	21 KB 21 KB	195ms 195ms	Image image/jpeg	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/SiteAndroid.jpg?2 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/css/telegram.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/css/telegram.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26781 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 21090 last-modified Thu, 06 Jan 2022 15:56:23 GMT server cloudflare etag "61d71127-5262" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49ntuYkGM0Dx%2BQoEe3h4ac6rCupkPAlUHdYtIiV3Sz56cj80qioHDkwtc3kahNWEdpy8TsGiUyon7RKJJfnyHqKzX2dNTJYri9Tqh5mZhQNXB%2BqvizixERTRsFAjUFzn1pfv"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 79348926ac34fb84-AKL expires Sat, 04 Mar 2023 09:43:16 GMT
GET H2	200	SiteiOS.jpg telegramzhcn.org/img/	31 KB 31 KB	195ms 194ms	Image image/jpeg	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/SiteiOS.jpg?2 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/css/telegram.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/css/telegram.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26781 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 31305 last-modified Thu, 06 Jan 2022 16:29:05 GMT server cloudflare etag "61d718d1-7a49" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSMXgUEtgToljyF3c90cbtBt8YoKIMbTWq%2BhLOwaj0Yi5t7nFYbqF2gyAdENSe3ybvVf5wIoS%2FD%2BjV7q9LPC5VMCm4mBPqKqLGUyXnQWvr%2F5zY7Epv8u8XfR98ASkpGN6n1l"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 79348926ac33fb84-AKL expires Sat, 04 Mar 2023 09:43:16 GMT
GET H2	200	SiteDesktop.jpg telegramzhcn.org/img/	95 KB 96 KB	194ms 194ms	Image image/jpeg	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegramzhcn.org/img/SiteDesktop.jpg?2 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/css/telegram.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d47030d555e1765171c05b57ed755744d6051364674efbd99a98df9ec7fa9cd Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/css/telegram.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26781 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 97628 last-modified Thu, 06 Jan 2022 16:36:18 GMT server cloudflare etag "61d71a82-17d5c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3Sf47xklEWpwKTy28ipGTiFv5BU%2FI88mvh60CzIq3pqierg10LFhEr7kO8OTpwbPnBSUk0nzulfdJy%2Bxygq%2F%2BPkTzXAefa%2BevcRWBo27htjt7LUl1inY9g5GrA73t%2FiToMc"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 79348926ac32fb84-AKL expires Sat, 04 Mar 2023 09:43:16 GMT
GET H3	206	t_main_Android_demo.mp4 telegramzhcn.org/img/	245 KB 246 KB	2615ms 2614ms	Media video/mp4	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegramzhcn.org/img/t_main_Android_demo.mp4 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03b2ae439d25e00e297b01942883f4ef8a6a5c87e01dd0faec6f1eef24b92816 Request headers Referer https://telegramzhcn.org/ Accept-Encoding identity;q=1, *;q=0 accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Thu, 02 Feb 2023 17:09:41 GMT cf-cache-status HIT last-modified Thu, 06 Jan 2022 16:27:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1199 etag "61d7185e-3d3d6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olxAt2tEo5fT6Mcnv8IwkjNywQZL%2B6%2FarvrH2krpuu4TA76IBR0B0ie15PlGiu%2BD7EOPWaS3yWruXxx4rA%2BWGfZt5ct%2BoJjl4A9aPpPyBivlQsnQQkjx9tagD%2FjXRQAyIt3k"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 0-250837/250838 cache-control max-age=14400 cf-ray 793489360a021c5d-AKL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 250838
GET H3	206	t_main_iOS_demo.mp4 telegramzhcn.org/img/	239 KB 240 KB	1402ms 1398ms	Media video/mp4	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegramzhcn.org/img/t_main_iOS_demo.mp4 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eaf99fdddbab6953d53df2a7e81b5275e90e221e0a7ebd3d99f42cf4b6aba6d2 Request headers Referer https://telegramzhcn.org/ Accept-Encoding identity;q=1, *;q=0 accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Thu, 02 Feb 2023 17:09:42 GMT cf-cache-status HIT last-modified Thu, 06 Jan 2022 15:55:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1197 etag "61d710e5-3bc0c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsBvatHiUUv36A198JhVWNai2MGwgBkMn1VFgaGd4eWO65FmjcihkQTAcFqwIL57eBU5N8Ex%2F0kAJSlk%2FvRvqxv%2FkNlfei0xJUAsByT0tMwzlowL%2BokG9c8G6H%2B1xKzUcknm"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 0-244747/244748 cache-control max-age=14400 cf-ray 7934893dc99b1c5d-AKL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 244748
GET H3	200	tgsticker-worker.js telegramzhcn.org/js/	6 KB 3 KB	124ms 124ms	Other application/javascript	104.21.63.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegramzhcn.org/js/tgsticker-worker.js?12 Requested by Host: telegramzhcn.org URL: https://telegramzhcn.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.63.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1ebd3477160596f7328fe97ddaea4ed1ef63057d77259f265d5f0f924eef850 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:39 GMT content-encoding br cf-cache-status HIT last-modified Thu, 06 Jan 2022 16:27:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 26782 etag W/"61d7186e-16d0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bf6MBIGI3gbzebCRhyb24tUtn94r%2F%2BFBoS5IWaoxqUfUJkhOn0HEepswZnud3kgOp7yeQZFt4Z2q9bAM9Bhrtj8wwS%2B2FCrl9OgtPzGbzpZZXsMaqPHBATdV4N1I2llb%2BZA4"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 793489279cd01c5d-AKL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 02 Feb 2023 21:43:17 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	821ms 274ms	Script text/javascript	64.233.170.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-252982748-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f101.1e100.net Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 02 Feb 2023 16:44:18 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 1525 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Thu, 02 Feb 2023 18:44:18 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	226 KB 78 KB	283ms 281ms	Script application/javascript	142.250.4.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-N44VLT4Z4E&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-252982748-1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f97.1e100.net Software Google Tag Manager / Resource Hash 227e21a862d0edde2a269f744c4cb9c5cfa0f1ea644b41f7acb32c173550af3f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Feb 2023 17:09:43 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79896 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 02 Feb 2023 17:09:43 GMT
POST H2	204	collect www.google-analytics.com/g/	0 172 B	273ms 272ms	Ping text/plain	64.233.170.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-N44VLT4Z4E&gtm=2oe1u0&_p=325363516&cid=1081816718.1675357780&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675357780&sct=1&seg=0&dl=https%3A%2F%2Ftelegramzhcn.org%2F&dt=Telegram%E4%B8%AD%E6%96%87%E5%AE%98%E7%BD%91&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-N44VLT4Z4E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f101.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer https://telegramzhcn.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Feb 2023 17:09:44 GMT server Golfe2 content-type text/plain access-control-allow-origin https://telegramzhcn.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 92 B	273ms 273ms	XHR text/plain	64.233.170.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=325363516&t=pageview&_s=1&dl=https%3A%2F%2Ftelegramzhcn.org%2F&ul=en-us&de=UTF-8&dt=Telegram%E4%B8%AD%E6%96%87%E5%AE%98%E7%BD%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=989350933&gjid=2115567010&cid=1081816718.1675357780&tid=UA-252982748-1&_gid=352699269.1675357784&_r=1&_slc=1&gtm=2ou1u0&z=1424475722 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f101.1e100.net Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://telegramzhcn.org/ accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 02 Feb 2023 17:09:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://telegramzhcn.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| gtag object| dataLayer number| startTime function| dT undefined| elems undefined| elems1 undefined| elems2 object| jsonpCallbacks function| twitterCustomShareInit function| blogRecentNewsInit function| blogSideImageUpdate function| blogSideImageInit function| cancelEvent function| trackDlClick undefined| toTopWrapEl undefined| toTopEl object| pageContentWrapEl undefined| curVisible boolean| curShown function| backToTopInit function| backToTopGo function| backToTopResize function| backToTopScroll function| removePreloadInit function| getXY undefined| onDdBodyClick undefined| currentDd function| dropdownClick function| dropdownHide function| dropdownPageClick function| escapeHTML function| videoTogglePlay function| getDevPageNav function| showTitleIfOverflows function| initDevPageNav function| updateDevPageNav function| updateMenuAffix function| initScrollVideos function| checkScrollVideos function| isVisibleEnough function| getFullOffsetY function| redraw function| initRipple function| mainInitRetinaVideos function| mainInitDemoAutoplay function| mainDemoVideoHover function| mainDemoVideoDoHover function| mainInitTgStickers function| setCookie function| getCookie function| mainScrollTo object| RLottie function| QueryableWorker function| FrameQueue object| _0x23eb function| _0x4725 function| removeCookie function| dwHNf object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			telegramzhcn.org/	1970-01-20 09:32:42	Name: cks Value:
			.telegramzhcn.org/	1970-01-20 18:58:37	Name: _ga_N44VLT4Z4E Value: GS1.1.1675357780.1.0.1675357780.0.0.0
			telegram.org/	1970-01-20 09:23:17	Name: stel_ssid Value: 5d64392487ee94a94f_5130767463631122294
			.telegramzhcn.org/	1970-01-20 18:58:37	Name: _ga Value: GA1.2.1081816718.1675357780
			.telegramzhcn.org/	1970-01-20 09:24:04	Name: _gid Value: GA1.2.352699269.1675357784
			.telegramzhcn.org/	1970-01-20 09:22:37	Name: _gat_gtag_UA_252982748_1 Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	warning	URL: https://telegramzhcn.org/js/rlottie-wasm.js Message: wasm streaming compile failed: TypeError: Failed to execute 'compile' on 'WebAssembly': HTTP status code is not ok
worker	warning	URL: https://telegramzhcn.org/js/rlottie-wasm.js Message: falling back to ArrayBuffer instantiation
worker	warning	URL: https://telegramzhcn.org/js/rlottie-wasm.js Message: failed to asynchronously prepare wasm: CompileError: WebAssembly.instantiate(): expected magic word 00 61 73 6d, found 3c 21 44 4f @+0
worker	info	URL: https://telegramzhcn.org/js/rlottie-wasm.js Message: CompileError: WebAssembly.instantiate(): expected magic word 00 61 73 6d, found 3c 21 44 4f @+0
worker	warning	URL: https://telegramzhcn.org/js/rlottie-wasm.js Message: CompileError: WebAssembly.instantiate(): expected magic word 00 61 73 6d, found 3c 21 44 4f @+0
worker	error	URL: https://telegramzhcn.org/js/tgsticker-worker.js?12 Message: Uncaught (in promise) abort(CompileError: WebAssembly.instantiate(): expected magic word 00 61 73 6d, found 3c 21 44 4f @+0). Build with -s ASSERTIONS=1 for more info.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

telegram.org
telegramzhcn.org
www.google-analytics.com
www.googletagmanager.com
104.21.63.199
142.250.4.97
149.154.167.99
64.233.170.101
03b2ae439d25e00e297b01942883f4ef8a6a5c87e01dd0faec6f1eef24b92816
116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471
15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365
15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d
17fcf18cf134d26fda7a483bb48578f331c983653da8fe8efdf613ce6063a33f
20f4c7a3a145bb8bd7bbed583088379b30196e62437926bb0433042b81102e19
227e21a862d0edde2a269f744c4cb9c5cfa0f1ea644b41f7acb32c173550af3f
31a28c0d636bd66478b57390c5303e621a90fd8a8565d0aace1453227d3bb626
321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6
389eb664948dda8c5afdd43719ddfcee49d1332a1306dd717c8505755482cf51
3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48
455ce6085db8365ffb667a39d2bc92560ba4edf0ad006905e0c8432714370e27
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc
88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
99896002e1f8f08b77399fa8d6b48be244ebfc40d1d72139663f8cd6e84a3f0e
9c977dd50958ef465c336f04a30f9682caa9ea9805280d93062ad9c6ff1ef14e
9d47030d555e1765171c05b57ed755744d6051364674efbd99a98df9ec7fa9cd
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4f186b720f2a547a36dae7dbdc269e507cc56e66756a75988854ba75fcac551
abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45
b160454bd8b304897e2d48ad25cd86f3b0eaebdc58518fc6c3ad5fafe3053507
b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417
cbe3446e0555af2665900ec59a0ba2528f4cf3060246c5e1bce24f70e178f433
e1ebd3477160596f7328fe97ddaea4ed1ef63057d77259f265d5f0f924eef850
e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2
eaf99fdddbab6953d53df2a7e81b5275e90e221e0a7ebd3d99f42cf4b6aba6d2
eb2f848566ce7b8bed640f1a8c754cdd02bf58b29de3d42e90bca36f20223532
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b