Report - teiegarm.bond/en/

Report Overview

Submitted URL
teiegarm.bond/en/
IP
8.217.137.84
ASN
#45102 Alibaba US Technology Co., Ltd.
Submitted
2024-04-17 16:58:29
Access
public
Website Title
Telegram Web
Final URL
teiegarm.bond/en/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
114

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
teiegarm.bond	unknown	2024-02-21	2024-03-08	2024-03-11	9.9 kB	612 kB	8.217.137.84
img.icons8.com	28959	2011-10-04	2017-05-26	2024-04-16	443 B	2.8 kB	185.76.9.19
kws2.web.telegram.org	49675	2003-12-15	2021-06-23	2024-04-17	572 B	218 B	149.154.167.99
venus.web.telegram.org	47739	2003-12-15	2017-01-29	2024-04-16	397 B	478 B	149.154.167.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	teiegarm.bond/en/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram
2024-04-12	medium	teiegarm.bond/	Telegram

PhishTank

Scan Date	Severity	Indicator	Alert
2024-03-10	medium	teiegarm.bond/en/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed
2024-04-17	medium	teiegarm.bond	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	teiegarm.bond/en/langSign-lcKrqmwM.js	1.6 kB	2024-01-17	2024-04-30
Pretty URL teiegarm.bond/en/langSign-lcKrqmwM.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-17 06:06:06 Last Seen2024-04-30 16:59:41 Times Seen121 Hash 044169c42b6e355439c8fcc5fa4ecc57 5933a11ae125770fe2e3e2deb907af978ceff0e8 900f22723c45f67600638812021437a089daa7c2f0a559ebb85a0726183cee79 Loading...

	teiegarm.bond/en/lang-Y4EV1698.js	117 kB	2024-02-25	2024-04-28
Pretty URL teiegarm.bond/en/lang-Y4EV1698.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 08:14:26 Last Seen2024-04-28 06:04:05 Times Seen16 Hash ea77aa894390102e8d24f9dc4f41a162 3706e0a834025e92cb0f211623a6bb3795c6505f b16cfc78065c0a3848ca1fd44831e2792d5371dd614cbeb4aacfed1440963eae Loading...

	teiegarm.bond/en/countries-lRU-UavE.js	24 kB	2024-01-17	2024-04-30
Pretty URL teiegarm.bond/en/countries-lRU-UavE.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-17 06:06:06 Last Seen2024-04-30 16:59:41 Times Seen218 Hash 8629decc51355f74113da86fd8068fe8 d15ccf55d00895dc5d608570afc32348f92904d4 8528a55ba5d25bb2b6463f369b7a2046c08ced5f20256978a06119c0d50d08a2 Loading...

	teiegarm.bond/en/page-eb81Un_i.js	10 kB	2024-02-25	2024-04-28
Pretty URL teiegarm.bond/en/page-eb81Un_i.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by importedModule Embedded in HTML false Observations First Seen2024-02-25 08:14:26 Last Seen2024-04-28 06:04:05 Times Seen27 Hash 429ec8771d7c33eb6394edaf927f3d35 aa9d30b9efb6e00d00367e401e0774c5ab6b3df9 48cde64efcc80711b88bae30629af7a00b6c2d34ec4425c4b7d7a9b83628db84 Loading...

	teiegarm.bond/en/button-aS2SE0kp.js	8.8 kB	2024-02-25	2024-04-28
Pretty URL teiegarm.bond/en/button-aS2SE0kp.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by importedModule Embedded in HTML false Observations First Seen2024-02-25 08:14:26 Last Seen2024-04-28 06:04:05 Times Seen21 Hash c4bad91a7928e316ee9b43882737ed78 867ac7e4dfa7047f7c3f08d35aacd34e5fb39186 ad7184835ad021d3015b04b08acc989f05818f9178dbf0226155524e9842871a Loading...

	teiegarm.bond/en/qr-code-styling-ogpV7fl-.js	66 kB	2024-01-17	2024-04-30
Pretty URL teiegarm.bond/en/qr-code-styling-ogpV7fl-.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-17 06:06:07 Last Seen2024-04-30 15:22:08 Times Seen194 Hash 692f467d3bba699553f0dbf68094d72f 67582d4bc87b34a61c43ae8f7f3862562d65efa8 6c4900d40f3335423817340edddd7655d96e707156923fcf3cbf5a6520008d6e Loading...

	teiegarm.bond/login_k.js	4.8 kB	2024-04-01	2024-04-28
Pretty URL teiegarm.bond/login_k.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-01 08:22:28 Last Seen2024-04-28 06:04:05 Times Seen6 Hash f12830573ce6e9f7fef7eb421628f87d 58055772b5ec0f8049c4c94469d712ff8c781ffd 04d09115692fa22ce21cbf474c5c833fc85afdffa2e5496137da228873703c32 Loading...

	teiegarm.bond/en/index-XZA1-3MU.js	131 kB	2024-02-25	2024-04-28
Pretty URL teiegarm.bond/en/index-XZA1-3MU.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 08:14:26 Last Seen2024-04-28 06:04:05 Times Seen16 Hash 516e9c138a2363f35bbbd8d3abe2e827 3947fdcb131eeb4f662301506f0672cf02f8475a 17e0c86d87c90055aa9a393a20a431bb89cb58a3fd0003046bbfd8f7c22e6c3b Loading...

	teiegarm.bond/en/putPreloader--f-Xu9AG.js	699 B	2024-02-25	2024-04-28
Pretty URL teiegarm.bond/en/putPreloader--f-Xu9AG.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by importedModule Embedded in HTML false Observations First Seen2024-02-25 08:14:26 Last Seen2024-04-28 06:04:05 Times Seen28 Hash c198588f758074782a84c012a9850e88 9a4ce429729b2bdbeae10511c7273a92bc534104 f12e62f05d48be6be0d36b76dbda5d0f723cd94de6f7851bbc4ed0191994b4dd Loading...

	teiegarm.bond/en/textToSvgURL-Z4O-nL1S.js	357 B	2024-01-17	2024-04-30
Pretty URL teiegarm.bond/en/textToSvgURL-Z4O-nL1S.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by importedModule Embedded in HTML false Observations First Seen2024-01-17 06:06:07 Last Seen2024-04-30 16:59:41 Times Seen328 Hash cca1508d96dbfce74dcbaed756d04955 c539ff84caf27c4b22e498662644c07e6893c19a 36cb02e59322028c02c5365bd56cbd129b3eb2fb4aaec625160ca2dc9786a4bd Loading...

	teiegarm.bond/en/pageSignQR-bI2rYqWN.js	5.7 kB	2024-02-25	2024-04-28
Pretty URL teiegarm.bond/en/pageSignQR-bI2rYqWN.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 08:14:26 Last Seen2024-04-28 06:04:05 Times Seen21 Hash 0a01255bcf3e261cbed4d0f64c4391a9 630bc764cb640fd0ef34fe0381491f2e906bac9c 325f7766220ab8219abd6d0c7e04d5c6d99a491d0f9be6a15eca08f16b150fa5 Loading...

	teiegarm.bond/en/_commonjsHelpers-5-cIlDoe.js	290 B	2024-01-17	2024-04-30
Pretty URL teiegarm.bond/en/_commonjsHelpers-5-cIlDoe.js IP 8.217.137.84 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by importedModule Embedded in HTML false Observations First Seen2024-01-17 06:06:06 Last Seen2024-04-30 15:22:08 Times Seen254 Hash fbb884c7112ff8c4ddb8edc410daae6f 299a8b374572849f5028264e3a7f2e71273f1d06 a8df41d98a0fa3d1cb8c8661377ac1a572beb9cd0b68e968f92d69f7c8331483 Loading...

HTTP Transactions (31)

URL IP Response Size

teiegarm.bond/en/

8.217.137.84

5.6 kB

URL User Request GET
teiegarm.bond/en/
IP
8.217.137.84:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
HTML document, ASCII text, with very long lines (1757)
Size
5.6 kB (5550 bytes)
Hash
e0ec916bc8c7d38dd6c41bc44431760a
e62cd2248d20fe18962b6060b5ff880558238710
15c55c84955beac9c82ba82a2a194ce592ab3bcaa9f6f692f63bc52539ca8c89

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/ HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:05 GMT
Content-Type: text/html
Last-Modified: Wed, 13 Mar 2024 12:48:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65f1a0b2-359d"
Content-Encoding: gzip

teiegarm.bond/login_k.js

8.217.137.84

200 OK

1.7 kB

URL GET HTTP/1.1
teiegarm.bond/login_k.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
JavaScript source, Unicode text, UTF-8 text
Size
1.7 kB (1716 bytes)
Hash
f12830573ce6e9f7fef7eb421628f87d
58055772b5ec0f8049c4c94469d712ff8c781ffd
04d09115692fa22ce21cbf474c5c833fc85afdffa2e5496137da228873703c32

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login_k.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Mar 2024 11:21:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65f42f42-12e7"
Expires: Thu, 18 Apr 2024 04:58:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/index-XZA1-3MU.js

8.217.137.84

200 OK

52 kB

URL GET HTTP/1.1
teiegarm.bond/en/index-XZA1-3MU.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (63446), with no line terminators
Size
52 kB (51458 bytes)
Hash
516e9c138a2363f35bbbd8d3abe2e827
3947fdcb131eeb4f662301506f0672cf02f8475a
17e0c86d87c90055aa9a393a20a431bb89cb58a3fd0003046bbfd8f7c22e6c3b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/index-XZA1-3MU.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:05 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-1fedf"
Expires: Thu, 18 Apr 2024 04:58:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/index-pzR5gIOz.css

8.217.137.84

200 OK

97 kB

URL GET HTTP/1.1
teiegarm.bond/en/index-pzR5gIOz.css
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
97 kB (97369 bytes)
Hash
416f9ea67158b5b6d096e7ecfec3051e
7fa9c5a9b8ac72ad0ff2b44a84360e984a582523
6e8f2da9c344b748747fe5b0c3c3e6ff3fe08e1829f2a6aee736dd6697d9ea0c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/index-pzR5gIOz.css HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:05 GMT
Content-Type: text/css
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-6de14"
Expires: Thu, 18 Apr 2024 04:58:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

8.217.137.84

200 OK

11 kB

URL GET HTTP/1.1
teiegarm.bond/en/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
Web Open Font Format (Version 2), TrueType, length 11016, version 1.0
Size
11 kB (11016 bytes)
Hash
15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/index-pzR5gIOz.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:07 GMT
Content-Type: font/woff2
Content-Length: 11016
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Connection: keep-alive
ETag: "65da236b-2b08"
Accept-Ranges: bytes

teiegarm.bond/load.html

8.217.137.84

200 OK

809 B

URL GET HTTP/1.1
teiegarm.bond/load.html
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
HTML document, Unicode text, UTF-8 text
Size
809 B (809 bytes)
Hash
3850d88cc79b283b444be0cce3d2acbf
bdb6724e823288e425256ac60afe0e25561c14cd
716e7f1ae038828bc9e00fa972d6ef2da468bff4b07b2f8ffa796a29536b00b4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /load.html HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:07 GMT
Content-Type: text/html
Last-Modified: Wed, 06 Mar 2024 19:37:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65e8c602-6d0"
Content-Encoding: gzip

img.icons8.com/?size=100&id=lH4FKvmj0iIQ&format=png

185.76.9.19

200 OK

2.1 kB

URL GET HTTP/2
img.icons8.com/?size=100&id=lH4FKvmj0iIQ&format=png
IP
185.76.9.19:443
ASN
#60068 Datacamp Limited

Requested by
http://teiegarm.bond/load.html
Certificate
IssuerLet's Encrypt
Subject1004834818.rsc.cdn77.org
FingerprintFD:9B:CD:AE:45:20:20:EA:0C:27:58:F8:5D:B3:8E:9F:51:11:5D:F6
ValiditySun, 14 Apr 2024 18:33:15 GMT - Sat, 13 Jul 2024 18:33:14 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2067 bytes)
Hash
56593829b7819ac6d2e751f72e3fb190
6c531a60fe2841e27d63c51df7c434297a9d6794
c6569f9561d2c42ea7de49ef1e2331a658eb9801af9bce7de2101ca858ac1f2d

HTTP Headers

GET /?size=100&id=lH4FKvmj0iIQ&format=png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:58:07 GMT
content-type: image/png
content-length: 2067
vary: Origin
access-control-allow-origin: *
icon-id: lH4FKvmj0iIQ
icon-size: 100
icon-format: png
last-modified: Thu, 04 Apr 2024 06:00:53
version: 0.0.29
from-mongo-cache: true
from-redis-cache: false
not-found-platform: false
cache-control: public, max-age=302400
strict-transport-security: max-age=15724800; includeSubDomains
x-77-nzt: EwgBuUwJDQFBDAG5TAoJAfc/JgEADAElE8I0AfcSAAAA
x-77-nzt-ray: c0a4cc28097a8c449fff1f660b6bc213
x-accel-expires: @1713593531
x-accel-date: 1713297760
x-77-cache: HIT
x-77-age: 75345
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

teiegarm.bond/en/crypto.worker-T8uEdtAd.js

8.217.137.84

200 OK

26 kB

URL GET HTTP/1.1
teiegarm.bond/en/crypto.worker-T8uEdtAd.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (26318 bytes)
Hash
06026fa41e11ac29cae837d4171e000f
08d9171d8cf75e349d06fb3ca03bf80be68268de
19fb2e2b1a73081d0be43d40c28e85d6875138f1f0b89c8a1837c3e806d578b3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/crypto.worker-T8uEdtAd.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://teiegarm.bond/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-10d02"
Expires: Thu, 18 Apr 2024 04:58:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/lang-Y4EV1698.js

8.217.137.84

200 OK

38 kB

URL GET HTTP/1.1
teiegarm.bond/en/lang-Y4EV1698.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
Unicode text, UTF-8 text, with very long lines (14604)
Size
38 kB (37948 bytes)
Hash
ea77aa894390102e8d24f9dc4f41a162
3706e0a834025e92cb0f211623a6bb3795c6505f
b16cfc78065c0a3848ca1fd44831e2792d5371dd614cbeb4aacfed1440963eae

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/lang-Y4EV1698.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/index-XZA1-3MU.js
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-1c9cc"
Expires: Thu, 18 Apr 2024 04:58:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/langSign-lcKrqmwM.js

8.217.137.84

200 OK

831 B

URL GET HTTP/1.1
teiegarm.bond/en/langSign-lcKrqmwM.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text, with very long lines (895)
Size
831 B (831 bytes)
Hash
044169c42b6e355439c8fcc5fa4ecc57
5933a11ae125770fe2e3e2deb907af978ceff0e8
900f22723c45f67600638812021437a089daa7c2f0a559ebb85a0726183cee79

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/langSign-lcKrqmwM.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/index-XZA1-3MU.js
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:07 GMT
Content-Type: application/javascript
Last-Modified: Wed, 06 Mar 2024 19:24:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65e8c2e6-66e"
Expires: Thu, 18 Apr 2024 04:58:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/countries-lRU-UavE.js

8.217.137.84

200 OK

4.6 kB

URL GET HTTP/1.1
teiegarm.bond/en/countries-lRU-UavE.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
Unicode text, UTF-8 text, with very long lines (24043)
Size
4.6 kB (4591 bytes)
Hash
8629decc51355f74113da86fd8068fe8
d15ccf55d00895dc5d608570afc32348f92904d4
8528a55ba5d25bb2b6463f369b7a2046c08ced5f20256978a06119c0d50d08a2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/countries-lRU-UavE.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/index-XZA1-3MU.js
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-5e21"
Expires: Thu, 18 Apr 2024 04:58:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/assets/img/favicon-16x16.png?v=jw3mK7G9Ry

8.217.137.84

200 OK

1.0 kB

URL GET HTTP/1.1
teiegarm.bond/en/assets/img/favicon-16x16.png?v=jw3mK7G9Ry
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.0 kB (1012 bytes)
Hash
e3ce05eb00b3215df220efaf0fd06e21
d1533966f79dc2984c34317035f31cf3c91298c9
0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:07 GMT
Content-Type: image/png
Content-Length: 1012
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Connection: keep-alive
ETag: "65da236b-3f4"
Expires: Fri, 17 May 2024 16:58:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

teiegarm.bond/en/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry

8.217.137.84

200 OK

9.0 kB

URL GET HTTP/1.1
teiegarm.bond/en/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
9.0 kB (9024 bytes)
Hash
87fecdadac0beb95f9b7c87b3b3236f0
822f92446c0033a32462aa21208efaef1f0d8c3c
25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:07 GMT
Content-Type: image/png
Content-Length: 9024
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Connection: keep-alive
ETag: "65da236b-2340"
Expires: Fri, 17 May 2024 16:58:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

teiegarm.bond/en/pageSignQR-bI2rYqWN.js

8.217.137.84

200 OK

2.7 kB

URL GET HTTP/1.1
teiegarm.bond/en/pageSignQR-bI2rYqWN.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
Java source, ASCII text, with very long lines (5017)
Size
2.7 kB (2741 bytes)
Hash
0a01255bcf3e261cbed4d0f64c4391a9
630bc764cb640fd0ef34fe0381491f2e906bac9c
325f7766220ab8219abd6d0c7e04d5c6d99a491d0f9be6a15eca08f16b150fa5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/pageSignQR-bI2rYqWN.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/index-XZA1-3MU.js
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-162f"
Expires: Thu, 18 Apr 2024 04:58:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/mtproto.worker-ADXTIUZK.js

8.217.137.84

281 kB

URL
teiegarm.bond/en/mtproto.worker-ADXTIUZK.js
IP
8.217.137.84:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
data
Size
281 kB (280814 bytes)
Hash
25879bf7a53b25a4ba5bb084e8939742
43ef258166445e1f5685c02203602545bdf6aceb
5fbcacd7b368ca04a9b204d70122144f4e55ff2e775f9b885ca0354ca0a12b4a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/mtproto.worker-ADXTIUZK.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://teiegarm.bond/en/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-eaf49"
Expires: Thu, 18 Apr 2024 04:58:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/button-aS2SE0kp.js

8.217.137.84

200 OK

3.9 kB

URL GET HTTP/1.1
teiegarm.bond/en/button-aS2SE0kp.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text, with very long lines (8753)
Size
3.9 kB (3915 bytes)
Hash
c4bad91a7928e316ee9b43882737ed78
867ac7e4dfa7047f7c3f08d35aacd34e5fb39186
ad7184835ad021d3015b04b08acc989f05818f9178dbf0226155524e9842871a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/button-aS2SE0kp.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/pageSignQR-bI2rYqWN.js
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-225e"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/textToSvgURL-Z4O-nL1S.js

8.217.137.84

200 OK

357 B

URL GET HTTP/1.1
teiegarm.bond/en/textToSvgURL-Z4O-nL1S.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text, with very long lines (306)
Size
357 B (357 bytes)
Hash
cca1508d96dbfce74dcbaed756d04955
c539ff84caf27c4b22e498662644c07e6893c19a
36cb02e59322028c02c5365bd56cbd129b3eb2fb4aaec625160ca2dc9786a4bd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/pageSignQR-bI2rYqWN.js
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Content-Length: 357
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Connection: keep-alive
ETag: "65da236b-165"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

teiegarm.bond/en/page-eb81Un_i.js

8.217.137.84

200 OK

4.3 kB

URL GET HTTP/1.1
teiegarm.bond/en/page-eb81Un_i.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text, with very long lines (10301)
Size
4.3 kB (4309 bytes)
Hash
429ec8771d7c33eb6394edaf927f3d35
aa9d30b9efb6e00d00367e401e0774c5ab6b3df9
48cde64efcc80711b88bae30629af7a00b6c2d34ec4425c4b7d7a9b83628db84

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/page-eb81Un_i.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/pageSignQR-bI2rYqWN.js
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-2868"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/pageSignQR-bI2rYqWN.js

8.217.137.84

200 OK

2.7 kB

URL GET HTTP/1.1
teiegarm.bond/en/pageSignQR-bI2rYqWN.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
Java source, ASCII text, with very long lines (5017)
Size
2.7 kB (2741 bytes)
Hash
0a01255bcf3e261cbed4d0f64c4391a9
630bc764cb640fd0ef34fe0381491f2e906bac9c
325f7766220ab8219abd6d0c7e04d5c6d99a491d0f9be6a15eca08f16b150fa5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/pageSignQR-bI2rYqWN.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://teiegarm.bond/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-162f"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/button-aS2SE0kp.js

8.217.137.84

200 OK

3.9 kB

URL GET HTTP/1.1
teiegarm.bond/en/button-aS2SE0kp.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text, with very long lines (8753)
Size
3.9 kB (3915 bytes)
Hash
c4bad91a7928e316ee9b43882737ed78
867ac7e4dfa7047f7c3f08d35aacd34e5fb39186
ad7184835ad021d3015b04b08acc989f05818f9178dbf0226155524e9842871a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/button-aS2SE0kp.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://teiegarm.bond/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-225e"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/textToSvgURL-Z4O-nL1S.js

8.217.137.84

200 OK

357 B

URL GET HTTP/1.1
teiegarm.bond/en/textToSvgURL-Z4O-nL1S.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text, with very long lines (306)
Size
357 B (357 bytes)
Hash
cca1508d96dbfce74dcbaed756d04955
c539ff84caf27c4b22e498662644c07e6893c19a
36cb02e59322028c02c5365bd56cbd129b3eb2fb4aaec625160ca2dc9786a4bd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://teiegarm.bond/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Content-Length: 357
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Connection: keep-alive
ETag: "65da236b-165"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

teiegarm.bond/en/putPreloader--f-Xu9AG.js

8.217.137.84

200 OK

699 B

URL GET HTTP/1.1
teiegarm.bond/en/putPreloader--f-Xu9AG.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text, with very long lines (394)
Size
699 B (699 bytes)
Hash
c198588f758074782a84c012a9850e88
9a4ce429729b2bdbeae10511c7273a92bc534104
f12e62f05d48be6be0d36b76dbda5d0f723cd94de6f7851bbc4ed0191994b4dd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/putPreloader--f-Xu9AG.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/pageSignQR-bI2rYqWN.js
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Content-Length: 699
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Connection: keep-alive
ETag: "65da236b-2bb"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

teiegarm.bond/en/page-eb81Un_i.js

8.217.137.84

200 OK

4.3 kB

URL GET HTTP/1.1
teiegarm.bond/en/page-eb81Un_i.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text, with very long lines (10301)
Size
4.3 kB (4309 bytes)
Hash
429ec8771d7c33eb6394edaf927f3d35
aa9d30b9efb6e00d00367e401e0774c5ab6b3df9
48cde64efcc80711b88bae30629af7a00b6c2d34ec4425c4b7d7a9b83628db84

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/page-eb81Un_i.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://teiegarm.bond/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-2868"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/putPreloader--f-Xu9AG.js

8.217.137.84

200 OK

699 B

URL GET HTTP/1.1
teiegarm.bond/en/putPreloader--f-Xu9AG.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text, with very long lines (394)
Size
699 B (699 bytes)
Hash
c198588f758074782a84c012a9850e88
9a4ce429729b2bdbeae10511c7273a92bc534104
f12e62f05d48be6be0d36b76dbda5d0f723cd94de6f7851bbc4ed0191994b4dd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/putPreloader--f-Xu9AG.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://teiegarm.bond/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Content-Length: 699
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Connection: keep-alive
ETag: "65da236b-2bb"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

kws2.web.telegram.org/apiws

149.154.167.99

0 B

URL
kws2.web.telegram.org/apiws
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://teiegarm.bond
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RXowxnpjnpyWtRQLB7nkFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 16:58:08 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z1amI0BwSVpjnxtwgKWR9OTv2Pw=
Sec-WebSocket-Protocol: binary

teiegarm.bond/en/qr-code-styling-ogpV7fl-.js

8.217.137.84

200 OK

19 kB

URL GET HTTP/1.1
teiegarm.bond/en/qr-code-styling-ogpV7fl-.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (57414)
Size
19 kB (19246 bytes)
Hash
692f467d3bba699553f0dbf68094d72f
67582d4bc87b34a61c43ae8f7f3862562d65efa8
6c4900d40f3335423817340edddd7655d96e707156923fcf3cbf5a6520008d6e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/pageSignQR-bI2rYqWN.js
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-10254"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

teiegarm.bond/en/_commonjsHelpers-5-cIlDoe.js

8.217.137.84

200 OK

290 B

URL GET HTTP/1.1
teiegarm.bond/en/_commonjsHelpers-5-cIlDoe.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text
Size
290 B (290 bytes)
Hash
fbb884c7112ff8c4ddb8edc410daae6f
299a8b374572849f5028264e3a7f2e71273f1d06
a8df41d98a0fa3d1cb8c8661377ac1a572beb9cd0b68e968f92d69f7c8331483

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/_commonjsHelpers-5-cIlDoe.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://teiegarm.bond/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Content-Length: 290
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Connection: keep-alive
ETag: "65da236b-122"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

teiegarm.bond/en/_commonjsHelpers-5-cIlDoe.js

8.217.137.84

200 OK

290 B

URL GET HTTP/1.1
teiegarm.bond/en/_commonjsHelpers-5-cIlDoe.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
ASCII text
Size
290 B (290 bytes)
Hash
fbb884c7112ff8c4ddb8edc410daae6f
299a8b374572849f5028264e3a7f2e71273f1d06
a8df41d98a0fa3d1cb8c8661377ac1a572beb9cd0b68e968f92d69f7c8331483

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/_commonjsHelpers-5-cIlDoe.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/qr-code-styling-ogpV7fl-.js
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Content-Length: 290
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Connection: keep-alive
ETag: "65da236b-122"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

teiegarm.bond/en/qr-code-styling-ogpV7fl-.js

8.217.137.84

200 OK

19 kB

URL GET HTTP/1.1
teiegarm.bond/en/qr-code-styling-ogpV7fl-.js
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (57414)
Size
19 kB (19246 bytes)
Hash
692f467d3bba699553f0dbf68094d72f
67582d4bc87b34a61c43ae8f7f3862562d65efa8
6c4900d40f3335423817340edddd7655d96e707156923fcf3cbf5a6520008d6e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://teiegarm.bond/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:08 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65da236b-10254"
Expires: Thu, 18 Apr 2024 04:58:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

venus.web.telegram.org/apiw1

149.154.167.99

169 B

URL
venus.web.telegram.org/apiw1
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
c2a982d42f89274763eef2a44fe01030
86e6d53f6478cdd0c05611093d9c55a953454af7
d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a

HTTP Headers

POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://teiegarm.bond/
Content-Length: 0
Origin: http://teiegarm.bond
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: nginx/1.18.0
date: Wed, 17 Apr 2024 16:58:09 GMT
content-type: text/html
content-length: 169
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2

teiegarm.bond/en/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

8.217.137.84

200 OK

11 kB

URL GET HTTP/1.1
teiegarm.bond/en/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP
8.217.137.84:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://teiegarm.bond/en/

File type
Web Open Font Format (Version 2), TrueType, length 11056, version 1.0
Size
11 kB (11056 bytes)
Hash
07db243db21ed0a6b4ff05ff429686b7
5d62925fdd7ed8e80f206d095ed093994f13d276
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: teiegarm.bond
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://teiegarm.bond/en/index-pzR5gIOz.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 16:58:09 GMT
Content-Type: font/woff2
Content-Length: 11056
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Connection: keep-alive
ETag: "65da236b-2b30"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML