| | 154.82.100.199 | 200 OK | 476 B |
URL User Request GET HTTP/2IP154.82.100.199:443
CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeHTML document, ASCII text Hash6558055141a3d97f9cca7af47ec0e453 d13ab44e7508a71c1e4e35e788b45ae7488168ce 7cbf9f187f8d0ada6bae23489672fd84fd044b935c62099ff80ba28fa7b6565f
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:03 GMT
content-type: text/html
content-length: 476
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 07:53:50 GMT
etag: "ee366c29367d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/config.js | 154.82.100.199 | 200 OK | 316 B |
URL GET HTTP/2telegreyt.com/js/config.js IP154.82.100.199:443
CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash0f473dc8cb0eed8e543f26b9043a3fb6 56069d0c86850c8bcdef6495d213405e4a8b3f6d e9885f72beec80104d584000fea488790bd8c910793bfb3879dc85c2fc54d98b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/config.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: application/javascript
content-length: 316
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:32:07 GMT
etag: "eef157667fad81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index.html | 154.82.100.199 | 200 OK | 6.6 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/index.html IP154.82.100.199:443
CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (430) Hash1cd80beb10e9c6a2b4fe22531b4ee94a 4d26f4436c260a6b671804361c0a83d17b34d45d 02a01d88474a06d372dc3412584bf7c252e03125166c241ebe684ec6a4e81e66
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index.html HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: text/html
content-length: 6629
content-encoding: gzip
last-modified: Sun, 18 Dec 2022 07:15:04 GMT
etag: "973c5c73b012d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/bootstrap.min.css | 154.82.100.199 | 200 OK | 11 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/bootstrap.min.css IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeASCII text, with very long lines (42164) Hashc2656e265ef58a9cc9f4b70b15da5fb9 85c5ebdb89d4574d72688c2650d4b84b9b09770a f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/bootstrap.min.css HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: text/css
content-length: 10876
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "cc2bb44fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/t_logo.png | 154.82.100.199 | 200 OK | 11 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/t_logo.png IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hash2c84be4c4dec401d09a64498cbbd382d 1c7053b083d5e59ed5cb4912c5500f39beaf765e 88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/t_logo.png HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: image/png
content-length: 11449
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "c78ec444fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/telegram.css | 154.82.100.199 | 200 OK | 31 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/telegram.css IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeASCII text, with very long lines (1267) Hash081310a3179c096b57d01c1a7ef8f7c9 552a38700f9f99d7a060cd7739c75f4441595f08 8ddab33bd2921e0a99c5f9919ca4a9c22a11916db184f15b9501c0dd6a99947a
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/telegram.css HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: text/css
content-length: 31412
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "c8f1c644fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-5X96JGP | 142.250.74.168 | 404 Not Found | 1.6 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-5X96JGP IP142.250.74.168:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1136) Hashdec4e08a670adfda39c1786023575d93 b79c6430e9ae40bb406e82414e4dc16823e52dac 086d3cd81ad84e789f4c63f17d69b3b9e3c21e5e16c60969a9921dcaa6a6bc0e
GET /gtm.js?id=GTM-5X96JGP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: text/html; charset=UTF-8
server: Google Tag Manager
content-length: 1582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| telegreyt.com/file/66eebb00fd46acb1ce.jpg | 154.82.100.199 | 200 OK | 171 kB |
URL GET HTTP/2telegreyt.com/file/66eebb00fd46acb1ce.jpg IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x374, components 3 Size171 kB (171309 bytes) Hash98e1ad4f472359ad088f4a937ac00c32 55c5d6480be58cccc9f42456654cdd2a57489c32 adbb4d0a389cd244a73b98167b6ee4ce19f18a1c9a31e25628a618609ef0352c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /file/66eebb00fd46acb1ce.jpg HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: image/jpeg
content-length: 171309
last-modified: Wed, 16 Nov 2022 05:52:12 GMT
etag: "c7d8ef927ff9d81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/v652eace1692a40cfa3763df669d7439c1639079717194 | 154.82.100.199 | 200 OK | 6.2 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/v652eace1692a40cfa3763df669d7439c1639079717194 IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeJavaScript source, ASCII text, with very long lines (13970), with no line terminators Hash19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: text/plain
content-length: 6247
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:19 GMT
etag: "a554c944fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/download.js | 154.82.100.199 | 200 OK | 1.2 kB |
URL GET HTTP/2telegreyt.com/js/download.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash9b3fba1b3c1f07ebaa4cc0d8c627ce46 353ce9ff4ad2cf0dbddf1645425d6f6c6aa8e434 a01cfd51880bb90e4396b1df541b893dcd761de237e5409bba626c165244b2aa
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/download.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: application/javascript
content-length: 1223
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 11:30:20 GMT
etag: "8cc4de921b3d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/redirect.js | 154.82.100.199 | 200 OK | 7.7 kB |
URL GET HTTP/2telegreyt.com/js/redirect.js IP154.82.100.199:443
CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash2490e6600fce98123314f7170bb81756 e8fc4723f93c2f5527558c159998d4f864322a48 c3948e7959d9652e15a5b4ced6f078edfef982e4a37f73f2fac6d7e763d5f9ad
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/redirect.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: application/javascript
last-modified: Wed, 05 Apr 2023 07:53:50 GMT
etag: W/"ee366c29367d91:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2
|
|
| telegreyt.com/img/t_main_Android_demo.mp4 | 154.82.100.199 | 404 Not Found | 1.2 kB |
URL GET HTTP/2telegreyt.com/img/t_main_Android_demo.mp4 IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeHTML document, ISO-8859 text, with CRLF line terminators Hashd60fe6e305f836d5b942b32278a7b1a7 072d98fd864ad203e2164af8fa5942b6c623bdc8 217997338677cb4c6028849c2c69b11146e515f0bc49c01fa18a3e5f66201204
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WhatsApp | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /img/t_main_Android_demo.mp4 HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: text/html
content-length: 1231
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2
|
|
| telegreyt.com/img/t_main_iOS_demo.mp4 | 154.82.100.199 | 404 Not Found | 1.2 kB |
URL GET HTTP/2telegreyt.com/img/t_main_iOS_demo.mp4 IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeHTML document, ISO-8859 text, with CRLF line terminators Hashd60fe6e305f836d5b942b32278a7b1a7 072d98fd864ad203e2164af8fa5942b6c623bdc8 217997338677cb4c6028849c2c69b11146e515f0bc49c01fa18a3e5f66201204
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WhatsApp | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /img/t_main_iOS_demo.mp4 HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: text/html
content-length: 1231
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/img/twitter.png | 154.82.100.199 | 200 OK | 1.3 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/img/twitter.png IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typePNG image data, 21 x 17, 8-bit/color RGBA, non-interlaced Hash1ed9bf7633f4f449c8d2df94ea0eb35f 2902ba9c2b127c74c2550298a0578d7d8da941c2 e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/img/twitter.png HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index_files/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/png
content-length: 1272
last-modified: Sat, 24 Sep 2022 10:13:13 GMT
etag: "351e4441fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/img/SiteiOS.jpg?2 | 154.82.100.199 | 200 OK | 31 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/img/SiteiOS.jpg?2 IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 442x270, components 3 Hash89486a05599a1cfd549f8fb2d70e7d73 24867697525df19b88e79d75ff32384eba57b321 5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/img/SiteiOS.jpg?2 HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index_files/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/jpeg
content-length: 31305
last-modified: Sat, 24 Sep 2022 10:13:13 GMT
etag: "622d3d41fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/img/SiteAndroid.jpg?2 | 154.82.100.199 | 200 OK | 21 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/img/SiteAndroid.jpg?2 IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 290x270, components 3 Hashf5eb8dcf9b18f19053034101e920574e 9513c6c5e39669ad27132d470008955dbaae61f0 15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/img/SiteAndroid.jpg?2 HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index_files/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/jpeg
content-length: 21090
last-modified: Sat, 24 Sep 2022 10:13:13 GMT
etag: "57903a41fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/favicon.ico | 154.82.100.199 | 404 Not Found | 57 kB |
URL GET HTTP/2telegreyt.com/favicon.ico IP154.82.100.199:443
CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeHTML document, ISO-8859 text, with CRLF line terminators Hashd60fe6e305f836d5b942b32278a7b1a7 072d98fd864ad203e2164af8fa5942b6c623bdc8 217997338677cb4c6028849c2c69b11146e515f0bc49c01fa18a3e5f66201204
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WhatsApp | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: text/html
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/js | 154.82.100.199 | 200 OK | 51 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeJavaScript source, ASCII text, with very long lines (1615) Hashd28613ff9ab6c4f187868ad0543de0f3 9be8b9973f87458167e984bf5ca3ea11651d4c98 377a867c84d7622e8505d60ab3f2cd91c2bee74035d45971e9fd11f904cc3da6
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: text/plain
content-length: 50938
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "a92bc244fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/img/SiteDesktop.jpg?2 | 154.82.100.199 | 200 OK | 98 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/img/SiteDesktop.jpg?2 IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1246x260, components 3 Hashfa44f18971e0750249cbcf34f66ae11a 0b4017cad011b2ef346094e1c37abb912fa9b7d7 9d47030d555e1765171c05b57ed755744d6051364674efbd99a98df9ec7fa9cd
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/img/SiteDesktop.jpg?2 HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index_files/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/jpeg
content-length: 97628
last-modified: Sat, 24 Sep 2022 10:13:13 GMT
etag: "36f33c41fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 92 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3034) Hash3c7c05d1cc939b8821bad7ff54c95c89 59a711a0fc159b178668c3b6230115ff66d2f28b a747bdd38b807f8a72fe667b3b5ac53dcdf1dd3172d37953bfa6b97c37d1d39b
GET /gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 19:14:06 GMT
expires: Thu, 18 Apr 2024 19:14:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92429
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| telegreyt.com/file/cbc986292284a428e2.jpg | 154.82.100.199 | 200 OK | 147 kB |
URL GET HTTP/2telegreyt.com/file/cbc986292284a428e2.jpg IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x357, components 3 Size147 kB (147023 bytes) Hashcee9bffa334b7617b4c695e6e00408f4 3967a9583b519497bcad6432bb5ef7ee9897b324 1a2b102a55c9f22ec06063eb2be4ee54f6ca0e21391c8b096ee9e0c08fe92d89
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /file/cbc986292284a428e2.jpg HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: image/jpeg
content-length: 147023
last-modified: Wed, 16 Nov 2022 05:52:12 GMT
etag: "7c3bf2927ff9d81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/config.js | 154.82.100.199 | 200 OK | 316 B |
URL GET HTTP/2telegreyt.com/js/config.js IP154.82.100.199:443
CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash0f473dc8cb0eed8e543f26b9043a3fb6 56069d0c86850c8bcdef6495d213405e4a8b3f6d e9885f72beec80104d584000fea488790bd8c910793bfb3879dc85c2fc54d98b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/config.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 316
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:32:07 GMT
etag: "eef157667fad81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/dev.js | 154.82.100.199 | 200 OK | 332 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/dev.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash2971dd9c134ddb1e5ebfc17421409bce 80a8b5467c565d06bf1d4c9528449fd3e9e3f751 df9ef32fe813a92221dd511a3e0b42326c2fb5a2eb108e45287ae016c1019365
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/dev.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 332
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:37:33 GMT
etag: "c7bfbc83cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t101.js | 154.82.100.199 | 200 OK | 526 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t101.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash02087d80b01987cf992aa6c24d73020d 3359c89c9acab6ce06325fe63fb2c6b7fe9511ee 817240a7fd481deb0186a2a108cf98235d66be207c5f3ec85bb1f918257f422c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t101.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 526
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "9d33e463cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t108.js | 154.82.100.199 | 200 OK | 608 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t108.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash19610ffffb5f8db346ac477b61881b9a 6c67ec85150a99971ebc6154d93abc63e68e6f3f 25cb46b283e4f73d90fa61138ad36987d098d83abfd2a4e2c0cce04b0352b106
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t108.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 608
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 11:49:04 GMT
etag: "2a514673a26bd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t168.js | 154.82.100.199 | 200 OK | 1.0 kB |
URL GET HTTP/2telegreyt.com/js/downloadlist/t168.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash34b8fd5e497198a6d70f87efb668ee35 bcfbe419a14aa108eddca6c96fe208f6cd544a16 3408cd96b5a919c1a85cc41d0dc11c59e86ff5e2b5cfc5cb910eee9609f5e1e0
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t168.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 1015
content-encoding: gzip
last-modified: Mon, 09 Oct 2023 04:04:54 GMT
etag: "722968c265fad91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/js(1) | 154.82.100.199 | 200 OK | 94 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/js(1) IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeJavaScript source, ASCII text, with very long lines (15517) Hash5306e3cd870bb1186a59a10fbf7c0047 3be17e9b69b65b4589a9f3b53e2bef4ec05e4398 47dcdbc8d23aedd787bda53b150d8429b0da9d729fbea82f3e6bd1333d37c0b6
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/js(1) HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: text/plain
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "a92bc244fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t888.js | 154.82.100.199 | 200 OK | 673 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t888.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hashf5f4169266f561dc31defb576f011271 0081b577b30cebb75724f3132e04cfa6b61be037 a9621c2d617dc70b2e069a909f47485f3725937352047a33ce2c906e31b3e52a
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t888.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 673
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 05:51:57 GMT
etag: "17e1bb8f706bd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t110.js | 154.82.100.199 | 200 OK | 1.0 kB |
URL GET HTTP/2telegreyt.com/js/downloadlist/t110.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash9e8ac54dce89effadb3cc715caa5f92c 21ae925f6f9309e51ddeac494be72586a21e0aa5 111f892c1cec5412194f8475b9da3baf3d0f35433931e67d0f83426223f943c0
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t110.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 1018
content-encoding: gzip
last-modified: Fri, 22 Sep 2023 04:34:36 GMT
etag: "c598217eedd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t111.js | 154.82.100.199 | 200 OK | 616 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t111.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash4a7a58d9f7c286949dd871855413b756 dd9c3c33b71480f00b1b73f579812b394f3afad6 dd7f775b17c0076260d598464b4182bb20c8c4b4e72129a803fa2368007b7561
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t111.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 616
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "9d33e463cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t112.js | 154.82.100.199 | 200 OK | 344 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t112.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hashf7a63afa6ec355ce766deed8ffa0c022 e3c6dd5b44208981a6b8de67c6cf3c8b47192090 51e6c343b8bfdaed3a028ec35d8ef7b1ae3005b29626ee5a56824fc9100cba83
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t112.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 344
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "9d33e463cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t117.js | 154.82.100.199 | 200 OK | 608 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t117.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash19f2305e9d91046dbb0a0aa18b8d423b 2d2cbe5a3b89a2688624a2abe17ede9e2892b918 e241fbfff68e33667c7a1b8f9a5b594f45510c5893a55a51e6c1ff291c78ba2f
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t117.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 608
content-encoding: gzip
last-modified: Mon, 11 Sep 2023 07:02:24 GMT
etag: "ad6286ea7de4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t123.js | 154.82.100.199 | 200 OK | 456 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t123.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeASCII text, with CRLF line terminators Hash0fb9e618fd33a073988476434552f926 2cc2360494bebcc34e4b63da0a0b6cac8946084a 7eea03bda30f9e9ffa2b4bfc96af1b9cb2dc706d509d036610c5043edaa64163
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t123.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:07 GMT
content-type: application/javascript
content-length: 456
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "ed96e663cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/img/SiteLogos.png | 154.82.100.199 | 404 Not Found | 1.0 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/img/SiteLogos.png IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeHTML document, ISO-8859 text, with CRLF line terminators Hashd60fe6e305f836d5b942b32278a7b1a7 072d98fd864ad203e2164af8fa5942b6c623bdc8 217997338677cb4c6028849c2c69b11146e515f0bc49c01fa18a3e5f66201204
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WhatsApp | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/img/SiteLogos.png HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index_files/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: text/html
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t109.js | 154.82.100.199 | 200 OK | 418 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t109.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash08237d27309671227c0fdae0778aa361 97bf37ed683c6768f2c2ad30054610c2e0707259 a0fe39acb33ef027a796a95991f0851513cb40c76a05da7bccfe0b5b62acf723
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t109.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:07 GMT
content-type: application/javascript
content-length: 418
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "9d33e463cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t158.js | 154.82.100.199 | 200 OK | 446 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t158.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash5471b90409fa565e42ba12eb5407f47e 98861c71ccf9271dbd11522c1f9cc9a07a52b193 4d8cb1071eb9746ac339793c644c5bb7b471607c9e10ddc52cefbef55199b155
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t158.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:07 GMT
content-type: application/javascript
content-length: 446
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "ed96e663cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t121.js | 154.82.100.199 | 200 OK | 396 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t121.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeASCII text, with CRLF line terminators Hash48e1282d8f6a96f296d445c641c06d00 9d3072dd2e38c03b2fc911983da0799c1926565d ad7049fae9e9cf23c1146381b5d33f88f317b03a9d83037df5b680155182076c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t121.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:07 GMT
content-type: application/javascript
content-length: 396
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "ed96e663cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t115.js | 154.82.100.199 | 200 OK | 399 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t115.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash743d05427df4e95ab2247b2ab7ee5305 6bad00a45e8dcbb6ef587c893960085e3713492d 23c81fcc5ff70876037f4ae9ef436c0aaaf0702cc879b6c6d63b10653c30906e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t115.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:07 GMT
content-type: application/javascript
content-length: 399
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "9d33e463cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t126.js | 154.82.100.199 | 200 OK | 368 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t126.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash1d18f93402ead068f68caa3fa3d9d6f4 2f2dda71b403f2d4b926371de49720de8c6c3ac6 9e3d0e5c2f70c6a337c99df23ca98b53093175d9f562d42d46009c3abb6ca4bd
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t126.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:07 GMT
content-type: application/javascript
content-length: 368
content-encoding: gzip
last-modified: Fri, 29 Sep 2023 08:59:51 GMT
etag: "8a2bcb4eb3f2d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t127.js | 154.82.100.199 | 200 OK | 411 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t127.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
Hash7afa3d13ec1a7b1522b970b82cee5f3c af4fca474478a297e7beb224279b2c8e9f8906de 57e1ddd475399fe142ab60a79f8d803e1155db1e5842e11e974bfc848f73a2f1
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t127.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:07 GMT
content-type: application/javascript
content-length: 411
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:43:57 GMT
etag: "eb76ef6c4d4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t125.js | 154.82.100.199 | 200 OK | 1.1 kB |
URL GET HTTP/2telegreyt.com/js/downloadlist/t125.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeASCII text, with CRLF line terminators Hashea48da5f8eb8db6ee3432ed5eef6f379 6c51506f7299b97c54522f27d716a390f185782b 96c3c0c0e62036edd61da5e0627a4066ff06843ab64742611bfba8cf11a1f258
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t125.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:07 GMT
content-type: application/javascript
content-length: 1143
content-encoding: gzip
last-modified: Fri, 01 Dec 2023 10:23:08 GMT
etag: "25e82c614024da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/911807f65dfb4f8f20.gif | 154.82.100.199 | 200 OK | 2.0 MB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/911807f65dfb4f8f20.gif IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeGIF image data, version 89a, 512 x 512 Size2.0 MB (2002471 bytes) Hash6a88bbd5858b7d9234fb7d0c6c5059a6 c3412d69dfa2ce6b208d52e6842ea7807cff42d3 f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/911807f65dfb4f8f20.gif HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/gif
content-length: 2002471
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "d4fb644fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/d4b936ecc2c939f4fa.gif | 154.82.100.199 | 200 OK | 2.2 MB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/d4b936ecc2c939f4fa.gif IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeGIF image data, version 89a, 512 x 512 Size2.2 MB (2202471 bytes) Hash9f6cb1e0d2a29541764755e05b484de7 d443f92ed7059a30db98857f6c5c290589ebfe24 abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/d4b936ecc2c939f4fa.gif HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: image/gif
content-length: 2202471
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "9565bd44fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/dd4eeb46cc5efc0688.gif | 154.82.100.199 | 200 OK | 2.4 MB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/dd4eeb46cc5efc0688.gif IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeGIF image data, version 89a, 512 x 512 Size2.4 MB (2415534 bytes) Hashcbd2d6af702cab22fb23c7d159abc428 c0b6c9da2c8da897c00df0a6569d2fd2540dbc1f 58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/dd4eeb46cc5efc0688.gif HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: image/gif
content-length: 2415534
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "9565bd44fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/7318c11715aa2ec45b.gif | 154.82.100.199 | 200 OK | 2.3 MB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/7318c11715aa2ec45b.gif IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeGIF image data, version 89a, 512 x 512 Size2.3 MB (2254846 bytes) Hash999ccb074c15d6377f97302832038c14 c08b94482ad5540f68a896f30cc890474c058e1d 15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/7318c11715aa2ec45b.gif HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/gif
content-length: 2254846
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "e5feb344fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/feb1e161b1d3608613.gif | 154.82.100.199 | 200 OK | 2.4 MB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/feb1e161b1d3608613.gif IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeGIF image data, version 89a, 512 x 512 Size2.4 MB (2424803 bytes) Hash14c0a01070573bc00e0f462023e8162f 8d8725f9bdbe99060b86e0a03434bb5c4e3be8af 116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/feb1e161b1d3608613.gif HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/gif
content-length: 2424803
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "a92bc244fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/f3cec6c451d023c109.gif | 154.82.100.199 | 200 OK | 2.7 MB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/f3cec6c451d023c109.gif IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeGIF image data, version 89a, 512 x 512 Size2.7 MB (2700330 bytes) Hash21528f532493017ca7a8cdfa73ba1f09 798073fd3b30c0688787edac94667d6025b027ae 3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/f3cec6c451d023c109.gif HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/gif
content-length: 2700330
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "e5c8bf44fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/b6c5dbc0e4f6553805.gif | 154.82.100.199 | 200 OK | 3.1 MB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/b6c5dbc0e4f6553805.gif IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeGIF image data, version 89a, 512 x 512 Size3.1 MB (3145277 bytes) Hash5433cf6cf6daa107f38cc2f2b221adc5 84156830cc0e51264342c37f2043c441562b137f 321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/b6c5dbc0e4f6553805.gif HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/gif
content-length: 3145277
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "cc2bb44fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/9ce5fa5f3fb74460b4.gif | 154.82.100.199 | 200 OK | 3.3 MB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/9ce5fa5f3fb74460b4.gif IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeGIF image data, version 89a, 512 x 512 Size3.3 MB (3327196 bytes) Hash3ca4222d4871d2c299e44dbbd14ebb46 19ee2e1c0d6da440c08076dc1a657c8e58aa0662 e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/9ce5fa5f3fb74460b4.gif HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/gif
content-length: 3327196
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "549fb844fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/7d57d7159cf4fbe9b2.gif | 154.82.100.199 | 200 OK | 3.4 MB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/7d57d7159cf4fbe9b2.gif IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeGIF image data, version 89a, 512 x 512 Size3.4 MB (3422486 bytes) Hashe60746b12f4e6cca778727472f415218 4e3b517a1911d891d018bc63b66e1b69837a3e15 b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/7d57d7159cf4fbe9b2.gif HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: image/gif
content-length: 3422486
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "d4fb644fecfd81:0"
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/cdn-cgi/rum? | 154.82.100.199 | 404 Not Found | 9.4 kB |
URL POST HTTP/2telegreyt.com/cdn-cgi/rum? IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeHTML document, ISO-8859 text, with CRLF line terminators Hashd60fe6e305f836d5b942b32278a7b1a7 072d98fd864ad203e2164af8fa5942b6c623bdc8 217997338677cb4c6028849c2c69b11146e515f0bc49c01fa18a3e5f66201204
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WhatsApp | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1101
Origin: https://telegreyt.com
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: NgxFence
date: Thu, 18 Apr 2024 19:14:11 GMT
content-type: text/html
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/main.js | 154.82.100.199 | 200 OK | 21 kB |
IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeJavaScript source, ASCII text Hash401f247640476ab57f1562643278c690 88d3d9ce942bc4f83013a1f302fa57281c62dbd8 39a10a24888c4e0898d8c9c9ed332d88d0203c08d0f5cfbbf82c84cd9eee584f
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/main.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:05 GMT
content-type: application/javascript
content-length: 7229
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 10:14:52 GMT
etag: "436a714736f0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t118.js | 154.82.100.199 | 200 OK | 2.2 kB |
URL GET HTTP/2telegreyt.com/js/downloadlist/t118.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeASCII text, with very long lines (2386), with no line terminators Hashbfcd2bb6ac2c94a1ecfc20a88dd24a2c 0fc5d437c4c99d6f499aced5cc380a39cab6d39a ed5839b34a0e366c627a52e441cf97aa61ac596f01f48f8f62d9e62cb9721614
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t118.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:07 GMT
content-type: application/javascript
content-length: 501
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "ed96e663cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/js/downloadlist/t188.js | 154.82.100.199 | 200 OK | 782 B |
URL GET HTTP/2telegreyt.com/js/downloadlist/t188.js IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeASCII text, with very long lines (859), with no line terminators Hash0574d6f821bb0f4a1f3a7439bef417b6 7fcdb4a167d8be3901f1fcbef357556dfbe35068 bc18af68237a3e37c07ee3e2d6a7121510af6de7fe96585ed5ec4f3665ba6b25
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /js/downloadlist/t188.js HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:06 GMT
content-type: application/javascript
content-length: 407
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 06:18:40 GMT
etag: "3bda73ebaffda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: MISS
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegreyt.com/TG_ZH/index_files/gtm.js.download | 154.82.100.199 | 200 OK | 119 kB |
URL GET HTTP/2telegreyt.com/TG_ZH/index_files/gtm.js.download IP154.82.100.199:443
Requested byhttps://telegreyt.com/TG_ZH/index.html CertificateIssuerUnizeto Technologies S.A. Subjecttelegrewm.com FingerprintB3:C6:92:3B:4E:DF:F7:5D:E4:DA:FC:31:5A:C8:CF:5E:83:5A:6F:C5 ValidityWed, 07 Jun 2023 04:26:16 GMT - Sat, 06 Jul 2024 04:26:15 GMT
File typeJavaScript source, ASCII text, with very long lines (1615) Size119 kB (119137 bytes) Hashc2f5efa78f85a28c9dbc2b5adac56ec5 4ccee472dbdfc7919cdcbe02f09692ed69fa5b95 8cbaae5ea817ea19555ba3c88649f6db86533c6a0fb945042ac060b0c446199c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /TG_ZH/index_files/gtm.js.download HTTP/1.1
Host: telegreyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegreyt.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Thu, 18 Apr 2024 19:14:04 GMT
content-type: text/plain
content-length: 56040
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "a92bc244fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|