| tele-tw.com/crypto.worker-CfCshcpI.js | 172.67.217.111 | 200 OK | 263 kB |
URL GET HTTP/3tele-tw.com/crypto.worker-CfCshcpI.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size263 kB (263442 bytes) Hash0efdde008dca467f870e5a41e96006d5 ebadf267c3d3eb15b3ef6d7d0a07dec87b95d0f5 db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /crypto.worker-CfCshcpI.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tele-tw.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:36 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-10d02"
expires: Fri, 26 Apr 2024 00:02:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 12929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdWJMTVq80FTzVcmGqf4OGI2MZx4RrBXCb4RM6doQ0aqJGVN4U%2FemPzzlTzSogQGAFQy3j9H8AOFr6M6Ha8scB%2FXIIIGt4y9vTMG%2Bc7GYxe9eI1YchcP2kFVYtKbGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a527d5b56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://tele-tw.com
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: biu8xBaEdRmUKrPMUyuBfg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Thu, 25 Apr 2024 15:37:36 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Yc9Owq+JnXFBxxp1jF/8XFSce5U=
Sec-WebSocket-Protocol: binary
|
|
| tele-tw.com/login.js | 172.67.217.111 | 200 OK | 13 kB |
IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash6c9243a90c4bd7b5f3878e968b5504d3 eb18d9a78ca4154fa245628dc78ddf6ad5bd145e 7c6d1496719614da73816370bb01e06a5ff40e9fa0575711d97a72263964aaa4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /login.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:35 GMT
content-type: application/javascript
last-modified: Sun, 07 Apr 2024 21:03:04 GMT
vary: Accept-Encoding
etag: W/"66130a08-122b"
expires: Fri, 26 Apr 2024 03:37:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIr23EJmM1RPOfVpii6DH96vc2t%2Bcwbk5ChS2LxYeXy%2F4q0JD6wb2Sp9coYhE7QwOCSTCpVuA6BK%2Fyxfsm2vPo0EGNXxtegc0ZI541EVwDoJ%2FvIzlu%2F8VRoN8K%2BF4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a48699956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/assets/img/favicon-16x16.png?v=jw3mK7G9Ry | 172.67.217.111 | 200 OK | 1.0 kB |
URL GET HTTP/3tele-tw.com/assets/img/favicon-16x16.png?v=jw3mK7G9Ry IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe3ce05eb00b3215df220efaf0fd06e21 d1533966f79dc2984c34317035f31cf3c91298c9 0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:37 GMT
content-type: image/png
content-length: 1012
last-modified: Thu, 28 Mar 2024 16:43:30 GMT
etag: "66059e32-3f4"
expires: Sat, 25 May 2024 15:37:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQdk0HT43u1sSHMAhCWYi5BK6Yw76A%2BKeG49Bufhe%2BbdMWnTZB0%2Bz2le0ebEQVdYpgBbxPlhKtkI9XFx4LblyRdL7PdUx5k9y%2Be3TkIuMCA2K2KildFDF%2BF6ZJIVDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f6a5528c456a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry | 172.67.217.111 | 200 OK | 9.0 kB |
URL GET HTTP/3tele-tw.com/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash87fecdadac0beb95f9b7c87b3b3236f0 822f92446c0033a32462aa21208efaef1f0d8c3c 25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:37 GMT
content-type: image/png
content-length: 9024
last-modified: Thu, 28 Mar 2024 16:43:30 GMT
etag: "66059e32-2340"
expires: Sat, 25 May 2024 15:37:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzI6IeeSuOfLCct4748mXgL2MsfiPh3tbDlVKfoDHoreow6C0Nnk5jQokFNAcT5fyr%2B7ixsIA2iFiNIdbaL7EfWM5HXIy3yfkN7ntxsLda0%2Bkbdh%2FaS0LybLVHvU8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f6a5528c256a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/textToSvgURL-Cnw_Q8Rw.js | 172.67.217.111 | 200 OK | 436 B |
URL GET HTTP/3tele-tw.com/textToSvgURL-Cnw_Q8Rw.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (306) Hash3f6402acb182a218e34ebe26b03fcd23 2601dfbce5087a38142e34596e5b094c7760dc80 88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /textToSvgURL-Cnw_Q8Rw.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tele-tw.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
etag: W/"6606391f-165"
expires: Fri, 26 Apr 2024 03:37:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RJXWTbRbO7Yxv0Kyld%2B7Oo2ZDOAQKWksBMWD38TZERD0DQGxvQVuN0jqW5iYGvqOfHD1i05zXl%2FAKedxPKDy6%2F%2BVzRGqqULftSWxU83ZH84iwbwodfp7Qv0fSYWOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f6a5a6eb356a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://tele-tw.com
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LE9GEdBrNWxFUE4wURfrOw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Thu, 25 Apr 2024 15:37:38 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bZ2wnUULm/gdRRg1ZiWbSyVdO1A=
Sec-WebSocket-Protocol: binary
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://tele-tw.com
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VVcuGh3+qu8PyfXnjwJ+5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Thu, 25 Apr 2024 15:37:38 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cr4bBcuZEVgFQKnDwNdV9RKdAWw=
Sec-WebSocket-Protocol: binary
|
|
| tele-tw.com/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 172.67.217.111 | 200 OK | 11 kB |
URL GET HTTP/3tele-tw.com/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/index-BOAMyYaq.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:39 GMT
content-type: font/woff2
content-length: 11056
last-modified: Thu, 28 Mar 2024 16:43:30 GMT
etag: "66059e32-2b30"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uoPa8BqeFiivjjSOfHzfxuWFeGwBrSbbY7HQ6a7fEWB24j2jitXq2a93p6G8Pqk6E8ghUKqkkFy59Z7q%2BaBlReoondQrK0GrZcj2T9WdEErEbD7auSfG2%2FLMq85r1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f6a61982356a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/assets/img/logo_padded.svg | 172.67.217.111 | 200 OK | 7.8 kB |
URL GET HTTP/3tele-tw.com/assets/img/logo_padded.svg IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeSVG Scalable Vector Graphics image Hash256adedc8580ce9d3e5d41bb6467a8e2 b1dd7a21d38aeabac25762e7c0587f82fd40274a eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/logo_padded.svg HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tele-tw.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:41 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 16:43:30 GMT
etag: W/"66059e32-42d"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jCAaLUE2SHxvaQRA0Wb0TBQmL293PYPagyQ%2Bac9C%2F%2BnEoh%2BbL7LNGPqp1R2uTpz5ypw3Qf3j1XdSYzh7DIigTF010fi76oygzRLb4e5omCCcs4uoYfEOMbu%2FlE4ivA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f6a6bdd4256a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/index-BOAMyYaq.css | 172.67.217.111 | 200 OK | 100 kB |
URL GET HTTP/3tele-tw.com/index-BOAMyYaq.css IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeassembler source, ASCII text Hash76a96eb95e9a06a1806d0303f2eeb2ac 356af94c8b94893c508ca2323da43e42cf22c0ad 350052f7485a56b6f38b0374bbbdd89b585d528c7dc5ab7b7e419763608e4d15
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /index-BOAMyYaq.css HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:36 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2024 04:25:17 GMT
vary: Accept-Encoding
etag: W/"660642ad-7d1ac"
expires: Fri, 26 Apr 2024 03:37:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qXvdjhskaDIdZuwTIyNYITEp0K4oIxAHs0Vx01%2B7ME8yBxrrvXQKzvSegbNpBIYc6vidWnFlWI1tqonO%2FDz5AmxF17hUXRyDgSyf8cN%2BDB8ndVke3RuWzqdOrBJcVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a48699a56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/button-B3xQoZLZ.js | 172.67.217.111 | 200 OK | 31 kB |
URL GET HTTP/3tele-tw.com/button-B3xQoZLZ.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (8748) Hash4bcb39a4d50ae506798c5d162e3f59f1 1da55ba7a3886fc018129f9446c382239426f465 3337b82c7bcd2719f17e92190ffb2561a54bca4901a0ef9b7dd73054cf4f4e6e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /button-B3xQoZLZ.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/pageSignQR-BuEZqNkj.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-2259"
expires: Fri, 26 Apr 2024 03:37:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=arKkllL603avzAKbDtUbI0LqMISQ5wanj2zQwAt19yZYRu7OqG%2FNsyUbroNO45sJCN2J4L99i00ZcW9YF2YrEyQ0pIbLyRNaSg%2BGNE6TRmWPrgufvYFa6J10VwSY6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a611f6e56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 172.67.217.111 | 200 OK | 14 kB |
URL User Request GET HTTP/2IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeHTML document, ASCII text, with very long lines (1757) Hash4a61d6110b83a46c768c746701ecd05b bad8abdcda2e98cddd470c79a3f146afe8873699 72f97be78bbf79130737e066ec6cab2dfd32c9489ad56a07d37d9c514c3e9f14
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 15:37:34 GMT
content-type: text/html
last-modified: Fri, 05 Apr 2024 01:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1q1kdd6QjykA73NbyVxSw4ZqFPazwyiY3tRsY%2F4UhY5lSDHfXKKHmKyK%2Bn4p0xF3CooQHXTIWFRLuLASxlWI%2B6xt2HZBoboC6fSLikj6brn4h0RR2A4yvVI0KWdQgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a42789b56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tele-tw.com/_commonjsHelpers-Cpj98o6Y.js | 172.67.217.111 | 200 OK | 290 B |
URL GET HTTP/3tele-tw.com/_commonjsHelpers-Cpj98o6Y.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (302), with no line terminators Hash2f62150f51e1c96c4a1f8fa5d6c72c2a d9529066ad04e0b66323fa0e7f12133bbc6940a4 e306f66b5964b6d3477db797068e0a94b0ef6cf594018197576f4450d9645d5b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /_commonjsHelpers-Cpj98o6Y.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/qr-code-styling-BqER1AUU.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
etag: W/"6606391f-122"
expires: Fri, 26 Apr 2024 00:02:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 12929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIlyMJ%2BV1%2FWZokqe59qXly%2Fon6PoZHGiKgdoSiXMEQSLKIoSVbZA%2FvwbXZmiPCEJ%2B%2BTCWMMCyevTKdKYKSbFcH%2BISzbSZ3Xr66m7PGewAjqpF4SNrz%2FoCukAjO%2Fs%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f6a617ff256a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/index-zu6iQa6e.js | 172.67.217.111 | 200 OK | 135 kB |
URL GET HTTP/3tele-tw.com/index-zu6iQa6e.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
Size135 kB (134647 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /index-zu6iQa6e.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:35 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-20df7"
expires: Fri, 26 Apr 2024 03:37:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2%2F4PwZhyzFx8vbRn8Yok5ols5966BmcQvIvwxZWUWRO1JbAeF2w5HAS%2BRxVxeSxJD2mA6ZOyqRdetEEXxLOMmP4orMYWWZTL0loQxS4ig%2Fp9A8X8fnDao4rot%2FMpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a48699756a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/putPreloader-B4MN6Snw.js | 172.67.217.111 | 200 OK | 699 B |
URL GET HTTP/3tele-tw.com/putPreloader-B4MN6Snw.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (736), with no line terminators Hash7bd6d90b050585f83f816a092429a8cb f08c4031eb56b8c0f16906fb09e217a3e0bbb424 7f6574895bc12efd5b5d0ceb5be4667dbeead1b439fea437013773a056ea60ee
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /putPreloader-B4MN6Snw.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/pageSignQR-BuEZqNkj.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
etag: W/"6606391f-2bb"
expires: Fri, 26 Apr 2024 03:37:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHWOGpDTw%2Bm71%2Fa6Y18G84oEw7R966IzSUvQu%2FydOEKBcejLYq5C6mfCCP%2FNcCxK1RPhWETe%2FVDpqfJ3ROCuyE2xFQqmk3o1G8NE2l3LGE2e%2FvzVVnrtQNsnhOz7RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f6a611f7356a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/page-g1hbv_Nl.js | 172.67.217.111 | 200 OK | 10 kB |
URL GET HTTP/3tele-tw.com/page-g1hbv_Nl.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (10306) Hashd440faca4d406ba2c6b1d5a02e0c2300 5b6d6948eb17a1d8901f9c0ceb4618c3a722f373 00ba512d85fe78658603389ed0a9a401103ec3a0464eb30d057a07febd670279
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /page-g1hbv_Nl.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tele-tw.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-286d"
expires: Fri, 26 Apr 2024 03:37:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SF6WZjdUhT8H1lTDvI4uQP4TPgyAzTBe%2BywT7L7I87kPF5dyj7rs2AgWKiy9Cm36IKdhF7jDhx7uDhywRyQ2TUbUf%2FHRwsqI0poOGojabl1g560LUBwp%2FQleyJItEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a5a6eae56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/putPreloader-B4MN6Snw.js | 172.67.217.111 | 200 OK | 699 B |
URL GET HTTP/3tele-tw.com/putPreloader-B4MN6Snw.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (736), with no line terminators Hash7bd6d90b050585f83f816a092429a8cb f08c4031eb56b8c0f16906fb09e217a3e0bbb424 7f6574895bc12efd5b5d0ceb5be4667dbeead1b439fea437013773a056ea60ee
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /putPreloader-B4MN6Snw.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tele-tw.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
etag: W/"6606391f-2bb"
expires: Fri, 26 Apr 2024 03:37:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFmmt0pxBVdunjQUuGXJqIAs74j%2F6l9nRzQlgGgTuKwIEQ1s%2FuQ1l1k7MK2Oa3f4RrJh9BORNQsGXwmB1XfcCuY9BYS9HMsDen0L1hmYUkY5EkhG2DkF%2BOM9F68uqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f6a5a6eb256a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/page-g1hbv_Nl.js | 172.67.217.111 | 200 OK | 10 kB |
URL GET HTTP/3tele-tw.com/page-g1hbv_Nl.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (10306) Hashd440faca4d406ba2c6b1d5a02e0c2300 5b6d6948eb17a1d8901f9c0ceb4618c3a722f373 00ba512d85fe78658603389ed0a9a401103ec3a0464eb30d057a07febd670279
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /page-g1hbv_Nl.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/pageSignQR-BuEZqNkj.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-286d"
expires: Fri, 26 Apr 2024 03:37:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6c%2Fm2zRIlNfi0ZT1J5cj6%2BjUrDnCqreu2EcoBKWeOE%2BFRtYFKuWbFUblHrQE2VjDF9UA2wtra09vFIUtXSAltMPOYhC0RTbuGasEyx5mA4VK77fFHY9v%2BSWSAk2jeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a610f6956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/lang-CQhMF3zZ.js | 172.67.217.111 | 200 OK | 121 kB |
URL GET HTTP/3tele-tw.com/lang-CQhMF3zZ.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
Size121 kB (120864 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /lang-CQhMF3zZ.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/index-zu6iQa6e.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:37 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-1d820"
expires: Fri, 26 Apr 2024 03:37:37 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YVyGulUL3UO7mctmY61PJv3%2FnZ%2F8r6Uv%2FaR%2Br%2FYsL6bR0nk33gQEd4b6G6CgQ%2BHCwEvUeVr%2FI7Y25FSnIcbuDcfaqGYdU6ay5KYLW4OKzf3SxcOM6kXnbR4Vq9cssQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a52adac56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/countries-CzeCvYH8.js | 172.67.217.111 | 200 OK | 24 kB |
URL GET HTTP/3tele-tw.com/countries-CzeCvYH8.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /countries-CzeCvYH8.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/index-zu6iQa6e.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:37 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-5e21"
expires: Fri, 26 Apr 2024 03:37:37 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=begavJ67YIRfW3%2FYMyVnHBcf3%2B3wtv8iYqVQKVr%2BPRJMbkfo5UpJCBz0NodI%2FBn4VSqy%2FPdCvA%2FWsof8zssyEKaEDhHNgab%2BZzgeWbOxSD5u%2FAL2Bn2eJ9B%2F322bQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a52bdb156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 172.67.217.111 | 200 OK | 11 kB |
URL GET HTTP/3tele-tw.com/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/index-BOAMyYaq.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:37 GMT
content-type: font/woff2
content-length: 11016
last-modified: Thu, 28 Mar 2024 16:43:30 GMT
etag: "66059e32-2b08"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwbRzUI2at9pWPPME%2F2bNTGQRMXOA7LfJHSMFHWCTvq4gd6rys9mSGlutniCqy0EE%2FIPC5gSjzM7P%2Bo4JuZzlms9PxiSjU9du%2FUD7ncUt8CvZFcbi%2BrFkPNmPOKgVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f6a525d3f56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/pageSignQR-BuEZqNkj.js | 172.67.217.111 | 200 OK | 5.7 kB |
URL GET HTTP/3tele-tw.com/pageSignQR-BuEZqNkj.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (5845), with no line terminators Hash48e52eb9f64780058bd685e2a1e1b018 fe3467b3b670be0c648e20baf028e799bbf710b8 70ef65a5de591fd3f2e82a6f9e466ac9890c12b1ad67615d497a65de1b992033
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /pageSignQR-BuEZqNkj.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tele-tw.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-1630"
expires: Fri, 26 Apr 2024 03:37:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fwpxzqi1kzhZ%2Bc%2BtVB8I8M8%2BHKPy5YJw9Sy5YyvIJoayf4E7dYuBE0Ax0MyheBGSCb8XPzJ0tmrUSe0nhk%2FvOtxN11zr%2BdGqx0zqRj6MZswn%2BPxaM8DXM5eltiS4Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a5a6ead56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/langSign-CN-ja8rh.js | 172.67.217.111 | 200 OK | 1.8 kB |
URL GET HTTP/3tele-tw.com/langSign-CN-ja8rh.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (1930), with no line terminators Hash3eb4b75460039dd8bb5a35a881d65086 c976473a33457220fadca83956b846ec3da6423d d6a82edc505002cfe31c9cc06788cb0b3ea1c5c3fb93bfaef6d9fa6f1f69bee5
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /langSign-CN-ja8rh.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/index-zu6iQa6e.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:37 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 08:07:57 GMT
vary: Accept-Encoding
etag: W/"660fb15d-6d9"
expires: Fri, 26 Apr 2024 03:37:37 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BpdrYd97Hs6QPqzv8LBAxXMIc%2FUBw3atvOMEB1hqk%2BbhK5SOOuN9lC8xwbZwQYP02l05FiJeM%2BC5EFQ0UYNXjBvxP6zIaCIKH2zklXxPFSCF61JniryDEugqgPDZdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a52adae56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/pageSignQR-BuEZqNkj.js | 172.67.217.111 | 200 OK | 5.7 kB |
URL GET HTTP/3tele-tw.com/pageSignQR-BuEZqNkj.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (5845), with no line terminators Hash48e52eb9f64780058bd685e2a1e1b018 fe3467b3b670be0c648e20baf028e799bbf710b8 70ef65a5de591fd3f2e82a6f9e466ac9890c12b1ad67615d497a65de1b992033
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /pageSignQR-BuEZqNkj.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/index-zu6iQa6e.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-1630"
expires: Fri, 26 Apr 2024 03:37:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umUU%2FOxIRm52jh2tLXCdppQBQwuaw09cSAHnk8vOuor6e%2BtMbuYxkiZitK1ypcv6UTiQThH9snIgW4hfVCwudxhWazf%2BtgnI8SXtyFXYL3XTemlGLbC0MfGID2QnwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a5a7eb556a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/qr-code-styling-BqER1AUU.js | 172.67.217.111 | 200 OK | 66 kB |
URL GET HTTP/3tele-tw.com/qr-code-styling-BqER1AUU.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /qr-code-styling-BqER1AUU.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tele-tw.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-10254"
expires: Fri, 26 Apr 2024 00:02:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 12929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JLq%2BOxG6jmD3M9jdGjBxVr04kbOdE5kUfCa4Y4WsiF%2Fv0IjTkfvKSIWDVCKPa%2B8tCC3mVJXDwTOktDap2C8Id3EjzxX0vVzsaEO9LQVBKER7HvPVd8K%2FzgTG%2F7PGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a613faf56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/qr-code-styling-BqER1AUU.js | 172.67.217.111 | 200 OK | 66 kB |
URL GET HTTP/3tele-tw.com/qr-code-styling-BqER1AUU.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /qr-code-styling-BqER1AUU.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tele-tw.com/pageSignQR-BuEZqNkj.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
vary: Accept-Encoding
etag: W/"6606391f-10254"
expires: Fri, 26 Apr 2024 00:02:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 12929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ct3YVRokVMo9tyYRFU6TqJHY6uKAW1gqwLyDLCQDLwM%2B9B5554C84pP%2FIDiuXB8kCCMztRyznr1eB9qhrbrv2CThpDoG%2B0BalPR2zrpsctv06iKBybGc8an119BJFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f6a613fb956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tele-tw.com/_commonjsHelpers-Cpj98o6Y.js | 172.67.217.111 | 200 OK | 290 B |
URL GET HTTP/3tele-tw.com/_commonjsHelpers-Cpj98o6Y.js IP172.67.217.111:443
CertificateIssuerGoogle Trust Services LLC Subjecttele-tw.com Fingerprint14:8D:FA:F9:8A:29:1C:36:19:B7:2B:CC:70:C5:B6:84:C2:AA:90:0C ValidityTue, 09 Apr 2024 10:39:54 GMT - Mon, 08 Jul 2024 10:39:53 GMT
File typeASCII text, with very long lines (302), with no line terminators Hash2f62150f51e1c96c4a1f8fa5d6c72c2a d9529066ad04e0b66323fa0e7f12133bbc6940a4 e306f66b5964b6d3477db797068e0a94b0ef6cf594018197576f4450d9645d5b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /_commonjsHelpers-Cpj98o6Y.js HTTP/1.1
Host: tele-tw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tele-tw.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 15:37:38 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 03:44:31 GMT
etag: W/"6606391f-122"
expires: Fri, 26 Apr 2024 00:02:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 12929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvKZBfqD3apKOZCFXx3nEcLbNRqaFDDeIEmk3bSStNG%2FTFpnJ%2F1sZBom70Ej%2FmbWNN9eaynPk7Nr0EiR5dSJh3JGIcR0K1kzD%2BCgJK29soRxhOBi%2B4aKQ8JMscfTCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f6a613fb556a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|