{"report_id":"1724f9fb-4b05-490c-88dc-caef53709cbc","version":6,"status":"done","tags":[],"date":"2026-01-25T00:04:19Z","url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"title":"TRON AIRDROP","dom":{"size":40489,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (30806)","md5":"301670f1b0fe7c2c390320a8a8bcf232","sha1":"34cb7721c42fbf8d3a70567419a7f1e39a0a0345","sha256":"894c0bfa8d8e89323c9105c1fb320cf515d9afe4fcfa24f939170c92f1a4febd","sha512":"a972a40f9cab096c80dce9685a5e79c738e957cf1f09f05e87b5af2850e53080208a79007b85c8136c10d0d63f1c75fe3dc90728e3299ec3f91f2dfdb541b729","ssdeep":"384:S9hRze8J0Ei7s2fIYfTMsElQzP+ExB6y80W7TtdrBIN2C33/nryU:rIYbVGn03/t","tlshash":"b4036591ad84d127b667822e66c1f7483aede507eef34868f01cd0508fc3e5e2e79295","dom_hash":"domhashf9c10fc184247eb0e73c78bbb8e34fde","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-01T00:04:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"service.telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"service.telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ipwho.is","ip":{"addr":"185.111.111.158","port":443,"asn":212238,"as":"Datacamp Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2022-01-29","domain_rank":18239,"first_seen":"2020-06-08T11:52:47Z","last_seen":"2026-01-23T07:01:04.314418Z","alert_count":0,"request_count":2,"received_data":1076,"sent_data":864,"comment":"","tags":null,"fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}]},{"fqdn":"service.telegram.financial","ip":{"addr":"104.21.20.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-12-02","domain_rank":0,"first_seen":"2026-01-24T15:25:36.888918Z","last_seen":"2026-01-24T15:25:36.888918Z","alert_count":4,"request_count":2,"received_data":1664,"sent_data":1148,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2026-01-18T23:20:15.877736Z","alert_count":0,"request_count":1,"received_data":26888,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-18T22:14:28.232245Z","alert_count":0,"request_count":1,"received_data":25671,"sent_data":538,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-18T22:17:29.309663Z","alert_count":0,"request_count":2,"received_data":11101,"sent_data":945,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"explorer-api.walletconnect.com","ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-12-19","domain_rank":466611,"first_seen":"2022-10-10T18:16:28Z","last_seen":"2026-01-21T13:15:58.07038Z","alert_count":0,"request_count":11,"received_data":452695,"sent_data":5968,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"telegram.financial","ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-12-02","domain_rank":0,"first_seen":"2022-12-05T08:33:12Z","last_seen":"2026-01-24T15:25:37.345311Z","alert_count":26,"request_count":13,"received_data":2155253,"sent_data":5891,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/module.js","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"005c421be4eb07d052b3cf71cc7a72fe","sha1":"4f8bd80fee7be86ddfdc04d110f4fcd50985b386","sha256":"de7f3553a054d843975fc2411647d8e73fe56aba2d4cd2d358680125afadc052","sha512":"f726d0d7b568191cd39808904c987eab5b0a01d247e75256d269344ffd02975c4949e49a58ad553aeeb126c04e1f03ab6a5d81c3e6e271be37da7d938f937cd4","ssdeep":"","tlshash":"bee026182ca4e07985a67c63b636c505f5d264276110f5487acdc8444f32fd09c40ca6","size":349,"data":"","first_seen":"2026-01-07T14:58:29.793893Z","last_seen":"2026-03-24T00:41:30.195059Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/tron/bundle.js","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"781ca812a96d28967968158b6750feaa","sha1":"9121d9cd0eea0e673304a3c62c0b89a8c8d8893c","sha256":"f0b589a06e84018a9c8633915cec31808502d24953495bcc08d44a50164b6bf5","sha512":"5db6370bb2c275ebd2806c7bcf03a133b290bd358e871db6148ba2b5b240bd8f7ca1be06a96acf47422606331332ff6b6211417742bb19be80329617f4cbe573","ssdeep":"24576:+Dkwb8Njm+b1XzM5gMn1T5vbDadI27FDATMZ3Qlbd4eYhr2iV15DjbTG8xm/8Ro+:yTMZAlbd4e6m/8RoP6BujZbtnaI817p3","tlshash":"8865d54577f720368223e0785e1fd845f228a40b258ecd5c7a9c92f45f89538cbf6ea9","size":1477600,"data":"","first_seen":"2026-01-24T15:25:39.670055Z","last_seen":"2026-02-07T08:12:38.937422Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-12T19:05:57.879067Z","times_seen":210753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-12T18:58:09.829183Z","times_seen":610344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:58.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:24 GMT","end":"Mon, 23 Mar 2026 19:52:23 GMT"},"fingerprint":{"sha1":"43:39:AF:0A:74:F9:2F:1B:C0:1E:4E:89:21:30:C2:28:EC:9F:6C:67","sha256":"EA:F1:0E:C7:36:18:F3:9D:D1:D5:34:23:44:7D:6F:9D:2F:61:C7:81:09:9E:E9:C8:02:C8:F2:2C:0A:83:B3:A5"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 25 Jan 2026 00:03:58 GMT\r\ndate: Sun, 25 Jan 2026 00:03:58 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7581,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"7575ffd6532e96f3830de7bc9efc8544","sha1":"348ab893b08a4854b7715fcabf3843a26e15ed9e","sha256":"a10e7cf1445dc2d00971db17adcd20ec035a11211c982265f321e6658501b15b","sha512":"1fa9e882de10d071f440582aa2594802d406d9e2c484e1e6971e6b8ac3f02f81aedbe6e09689412296c7bf0d461bafbf223b09bd00227d84e6c003c23aa8adc6","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlx:vXuM0pR","tlshash":"e0f17792002ba400ab971dc223cf7f3aaece50896085d1b95ffd0dc59ceed66436876d","first_seen":"2025-09-11T07:42:16.456799Z","last_seen":"2026-04-12T19:22:28.636655Z","times_seen":4621,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/3d7eb880-7654-431f-ed84-a25712b45200?projectId=ad88f600da3aecbc7f1ef98e992a65ec","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/3d7eb880-7654-431f-ed84-a25712b45200?projectId=ad88f600da3aecbc7f1ef98e992a65ec HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2176\r\ncf-ray: 9c3382b6ed370731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 9333\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfepCHWB1qkSi-cNd1o8wsvD9BfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept, Accept-Encoding\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=614+3 c=1+2 v=2026.1.2 l=2176 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2176,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7b91b6e5024dfdf6e8a4d61f0f74dd13","sha1":"1614f764ed7b516c7768fae0966abab152ac7d1b","sha256":"00e34844a07301274fc65fdbb65891aa95436b94c4c860d9edfcb96331c5487f","sha512":"c3948fdb40f0f4154fce632acb88cf9cf57ce39d2858e4934d8820c4d5729da238c569448b5bcb6d1780e37f005cb9f5ed60093005cfa451a92270c4c0034566","ssdeep":"","tlshash":"48413ab2c3378c72ce2cb5e3e9b2d5168b449a5a91859afc22413d33a4b145cc4b89e4","first_seen":"2025-01-28T05:59:32.007883Z","last_seen":"2026-04-12T14:18:15.837871Z","times_seen":2695,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/4e7d6f52-f663-4fc1-4b88-eebe7fc72800?projectId=ad88f600da3aecbc7f1ef98e992a65ec","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/4e7d6f52-f663-4fc1-4b88-eebe7fc72800?projectId=ad88f600da3aecbc7f1ef98e992a65ec HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1638\r\ncf-ray: 9c3382b6fd4e0731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 86076\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfwVowhypScApAcmoeznMTkZRzfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept, Accept-Encoding\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=1063+3 c=0+2 v=2026.1.2 l=1638 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1638,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0ccfb2325173637f538577b4cad23f43","sha1":"70060aadb98e9a950fb797ae0105460d184d7236","sha256":"b655ab554ceb7219eb8702f830dc7edd8492194e06eddcf2ccbea5fe180d2518","sha512":"ada7b30dcb5f784d6feb476033ccb6b435aa8c250bcf596b27372354594d7ffeeeb0d2dc9e5f2c322a4da07925dfee2c97239a9dcd0fc227145f8414e5794242","ssdeep":"","tlshash":"1e310a85ed51fd0e6fc02af8a8039d3500b5d802f51f05e9eea53891d7646f2107be98","first_seen":"2025-01-28T05:59:32.012212Z","last_seen":"2026-04-12T02:49:07.186745Z","times_seen":887,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/assets/img/header_mail.svg","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /assets/img/header_mail.svg HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"69406166-202\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jEaNaJKkw0v3LQSRadjO9oeT6bW0txRQpBBZ8pZHE0YOxhkJGLOVsF71iRQdZP3iSUmNiTR2x4EHyBiD6FxnfbdVS1LgtQLjA7Ds7eb246Q%3D\"}]}\r\ncf-ray: 9c3382ac9cde56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":514,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7f3ec7ebe9a1fa510704649333594835","sha1":"7994d93232b2fe74797edfd5239ae2deee46f28e","sha256":"a887843f2756a76b2de351ef8c9ad97f94ba7ace298a39a937efd38ae1790e0a","sha512":"b4837ec4908a1f4e0ab7422df831890986a4adfaa9ac14e548aef00b6e454b3e7e26eb6a0e9719847779a807b6f304571cf5fdb912c5f6e12134b5b20180bf52","ssdeep":"","tlshash":"eff005e9615df5d8f401ab18d2257835307e12cb6e2c4ce51bd0094ae10c6de2daa764","first_seen":"2026-01-07T14:58:29.819924Z","last_seen":"2026-01-25T00:04:22.722556Z","times_seen":5,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/tron/bundle.js","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /tron/bundle.js HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:58 GMT\r\ncontent-type: application/javascript\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FalYH8%2Fy4z%2FXvd%2Fxxgg1eEj3UZPh3CkT3UzoTto13qBcSEEYaG7lS265Atqi0pqElcTFvlU4YTuIFsrrB8H4U2QuXhN0O%2FilFj1O9i0FxGY%3D\"}]}\r\npriority: u=3,i=?0\r\nvary: Origin, accept-encoding\r\naccess-control-expose-headers: \r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nlast-modified: Sun, 25 Jan 2026 00:03:58 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c3382ae4cef56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1477600,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8654)","md5":"236226cd84e38a68e066a7849a8623e0","sha1":"9215248636d43beec53d053ea5af74ace5547bc3","sha256":"42befd9324d0a14caeb6414f8f68e405b072153ea44dc832bd979fee09e3e10e","sha512":"611feab2eccdc3a20564225873796c94876114b889505c83acf5c1dd5f0b8048801be26d6721bdbd8cf6db7b3ca8ece69bc6a9f636d5d3f97f2f345086b5be5a","ssdeep":"24576:+Dkwb8Njm+b1XzM5gMn1T5vbDadI27FDATMZ3Qlbd4eYhr2iV15DjbTG8xm/8RoA:yTMZAlbd4e6m/8RoP6BujZbtnaI81J","tlshash":"5425a40967f720368223f0795e1fd815b228a84b218ecd5d7a9c92f45f48538c7f6fa9","first_seen":"2026-01-24T15:25:39.65284Z","last_seen":"2026-02-07T08:12:38.890148Z","times_seen":3,"resource_available":false,"data":null}},"time_used":786,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":337,"receive":449,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getInjectedListings?projectId=ad88f600da3aecbc7f1ef98e992a65ec","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:58.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getInjectedListings?projectId=ad88f600da3aecbc7f1ef98e992a65ec HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://telegram.financial/\r\nOrigin: https://telegram.financial\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncf-ray: 9c3382b55a8f0731-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 31124\r\ncache-control: public, max-age=2592000, s-maxage=86400\r\nlast-modified: Sat, 24 Jan 2026 15:25:14 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":423458,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c27a94142a4852a4ed35a8db64823d6d","sha1":"635a6df7c14a43c443a59358f30949398d1d6c47","sha256":"2c2e2e46261978ea73ef13ec01ae0c9a4bd3e2fdb2bdf0af94d474351c989121","sha512":"9401e7192cfaeaa03a1515718f324374f6a0b01da44794a805570c63051c6c23d98a95519184d6acc80fded9462e19bb6e969b13be53de7a685de4d8b3f9e644","ssdeep":"3072:e2/eanBIVm7TZNZ25EUkxjtRlAbguBCWMZNxaamDFZHAzlQueE3f:lhBIVm79u0WSUHKXe+f","tlshash":"ec9444bb8f848f5b1b280bc9212d3d6c999e298bcbc55df6f1c0cf1844f4ab92315566","first_seen":"2026-01-22T01:09:14.605528Z","last_seen":"2026-01-25T06:14:20.526131Z","times_seen":26,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":54,"dns":34,"connect":1,"send":0,"wait":84,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/7c2cee4e-a5bd-4ebd-277d-f496c69fa000?projectId=ad88f600da3aecbc7f1ef98e992a65ec","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/7c2cee4e-a5bd-4ebd-277d-f496c69fa000?projectId=ad88f600da3aecbc7f1ef98e992a65ec HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1508\r\ncf-ray: 9c3382b6fd480731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2156\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cf9e6rjyr-bBkWoPuSw_vsUwKifmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept, Accept-Encoding\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=452+4 c=0+3 v=2025.9.5 l=1508 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1508,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9e8857769972441243d690548cf3e485","sha1":"38328c4d250c38d98763e7b89cfeca1b3b7bb2c2","sha256":"7e7be8edd769cd0ee13580176c51f034867846e592e3434e4b0f30f2cc8b709b","sha512":"121207c756badb363bc86cc8c09ab16965dd26c89d151bc25bdaf3cc106621ab5eed1ef14618394595d80309e2b322e853b20a0f55baada496a60aade841a670","ssdeep":"","tlshash":"7231b59e09441c24511aaaff2ccaa4ab32b5249268afd635c30b5ae6a65454d383f1c8","first_seen":"2025-10-02T02:13:48.566179Z","last_seen":"2026-04-12T02:49:07.171509Z","times_seen":446,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Manrope:wght@200..800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:24 GMT","end":"Mon, 23 Mar 2026 19:52:23 GMT"},"fingerprint":{"sha1":"43:39:AF:0A:74:F9:2F:1B:C0:1E:4E:89:21:30:C2:28:EC:9F:6C:67","sha256":"EA:F1:0E:C7:36:18:F3:9D:D1:D5:34:23:44:7D:6F:9D:2F:61:C7:81:09:9E:E9:C8:02:C8:F2:2C:0A:83:B3:A5"}}},"request":{"raw":"GET /css2?family=Manrope:wght@200..800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 25 Jan 2026 00:03:57 GMT\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2168,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"4b79112690d08319473f3c5a17e3cbaa","sha1":"873a7e371528566c389e1d6b7f30be465f996a53","sha256":"106ba53d25e19a66ef4e9139f0f22f7847b6f9dd9a41412cb293b706c5ba72c8","sha512":"f1de4d185a896f75b3d34c16c24a04ee96cbc93d6d34c8f6bc3943a2fa6cf8ca3139523c265da51f48dc856ae39d4990a05234d9c3894b989505275a5a21b4d7","ssdeep":"","tlshash":"d64188900017e804eb470cd577ce7e39ad4e61566441c9fa9ffe189caddbd222360b5e","first_seen":"2025-09-05T03:57:58.007394Z","last_seen":"2026-04-12T18:21:54.460628Z","times_seen":2011,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":104,"dns":0,"connect":20,"send":0,"wait":33,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipwho.is/","fqdn":"ipwho.is","domain":"ipwho.is","tld":"is"},"ip":{"addr":"185.111.111.158","port":443,"asn":212238,"as":"Datacamp Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://telegram.financial/","date":"2026-01-25T00:04:10.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipwho.is","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Mar 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A1:1B:17:6A:78:6C:D5:99:94:5A:7F:7C:C6:26:EF:8E:49:5C:8E:FF","sha256":"05:EE:0E:25:74:AA:B9:DA:0E:25:B7:DF:43:93:02:F2:C7:4F:DE:33:3A:75:61:9F:45:D9:B2:50:BD:76:DA:05"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ipwho.is\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://telegram.financial/\r\nOrigin: https://telegram.financial\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:04:10 GMT\r\ncontent-type: application/json\r\ncontent-length: 61\r\nserver: BunnyCDN-DE1-1332\r\ncdn-pullzone: 4617583\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-origin: *\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/25/2026 00:04:10\r\ncdn-edgestorageid: 1329\r\ncdn-requestid: 478652a3cd2ea95924e13b306bf5864b\r\ncdn-cache: BYPASS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":61,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0374b9c7489e1566df92d5293ea18838","sha1":"d8000ee3b7eae3865024834bbef1355f9c32425e","sha256":"0b706e911246dfe84656457dda126c112bb06f894df92c9dd5eb11907d48df8e","sha512":"70648c91f408ac1adada24f5dcf7d75f705e8dad57bbc24c039a1ec48188a59d2597ea7045c2ea2af730cfa74839d430a53c5bc5f488b60e774ad48ac1a76267","ssdeep":"","tlshash":"64a002d7a1891aba07d120c5646f9849b19984b18100151d916e500857c8c1c309e7e5","first_seen":"2025-09-06T11:42:58.635343Z","last_seen":"2026-02-05T20:27:16.297964Z","times_seen":314,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/assets/img/logo.svg","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /assets/img/logo.svg HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:37 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"69406165-ab4\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QzS0hEp9361YiwGqKWBAKGrgF3TkH9xRbulJR66jce5hhGp2nCh47rSBW13NjRVDi51ZPOxvKdne1f9aegkaqBE11B%2BfX3gyUUsk9N63epk%3D\"}]}\r\ncf-ray: 9c3382ac8cda56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2740,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cc26dbfe84c997d0a5f701539ed44d17","sha1":"55570d9ba8c3b10e869ac8ff0f474b2da84e1e41","sha256":"635bd5a1237b5d6da3ebb8336ae07c694ffcb459dd67cd0f644394706a32f492","sha512":"bca70b116b2a0069f9c5e62dd0942683da671397174ac010bfabed0839b7a7f35dfc4091ff3cada212b4e5e2401f18809a3fb2fb6ac8e71045ce6017b9977663","ssdeep":"","tlshash":"f55187c837e43170f001c7f4da1392383a1b24b615c5d3bcc6b8aebaa5069dd88e4953","first_seen":"2026-01-07T14:58:29.78673Z","last_seen":"2026-01-25T00:04:22.73009Z","times_seen":3,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getDesktopListings?projectId=ad88f600da3aecbc7f1ef98e992a65ec\u0026page=1\u0026entries=9\u0026version=2","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:58.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getDesktopListings?projectId=ad88f600da3aecbc7f1ef98e992a65ec\u0026page=1\u0026entries=9\u0026version=2 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://telegram.financial/\r\nOrigin: https://telegram.financial\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncf-ray: 9c3382b55a880731-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 31124\r\ncache-control: public, max-age=2592000, s-maxage=86400\r\nlast-modified: Sat, 24 Jan 2026 15:25:14 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7759,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2379ad8f90d91e45dd8ce24dd64375c7","sha1":"417c069327db7fbd99e0e6a68e8adc3871f3f1cf","sha256":"3d7bd09b4eb5a8bfbc2b2a545d733491647dc9bafc7c6eaf32eacb55f4f1c95c","sha512":"119d41568e59828b0971910983e0ff62a37b8dec68911683894e0076ad0342ab570b6a5b9911b38216f90f0e052072fd16dbccc0cb225a3c2977444955ffcad4","ssdeep":"96:nNSNbhWYiOlsDdS8/xleCjhfW3jls7UdVbqb+Oh+959Jwt2te72WDOZurozbqpqI:vOu4Kcfv9n6t4Tc","tlshash":"c9f143bb9f844a6f1f2447c8301c3d5c56af244bc6c46cd6f090cf2884e8afa27566a6","first_seen":"2026-01-23T21:03:52.193987Z","last_seen":"2026-01-30T19:49:12.248451Z","times_seen":112,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":54,"dns":34,"connect":1,"send":0,"wait":87,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/c20e1cec-05e8-4ac6-a086-7ce355092400?projectId=ad88f600da3aecbc7f1ef98e992a65ec","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/c20e1cec-05e8-4ac6-a086-7ce355092400?projectId=ad88f600da3aecbc7f1ef98e992a65ec HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1192\r\ncf-ray: 9c3382b6fd3e0731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 16654\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfs6eobn8WxmhFyQ_IbBrw7DUFfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept, Accept-Encoding\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=271+5 c=0+4 v=2026.1.2 l=1192 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1192,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4d40ea4af9c48c1d894bf5aabcbdcd8c","sha1":"4b82938b46b8d238553afe63c1f591ce24a562af","sha256":"54656b79cfe70edf0e291967e6aeeec12239fa8042d1d2281efa356889de134f","sha512":"16a8587b3aee0df3406f3464adf437b2e43aba4b87823a4dd3ee1e18f89c725c817f308d38f186e5a9ff12fd69757701ad3a827b36b0360d27c8e40a8cda751e","ssdeep":"","tlshash":"89210ae1123e045cc83bb3fe0f5433e35d9b4921d88228d1684489046dbc0c12301ed2","first_seen":"2024-12-05T15:42:26.551532Z","last_seen":"2026-04-12T02:49:07.223001Z","times_seen":884,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/8c575dec-0401-495f-d217-db965b48bf00?projectId=ad88f600da3aecbc7f1ef98e992a65ec","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/8c575dec-0401-495f-d217-db965b48bf00?projectId=ad88f600da3aecbc7f1ef98e992a65ec HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1960\r\ncf-ray: 9c3382b70d540731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2156\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfyNPWIB_wyzErH8Qn6ZOdcsg5fmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept, Accept-Encoding\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=709+5 c=0+4 v=2026.1.2 l=1960 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1960,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d3f563f9a322cc46f60b9434d82a1d8e","sha1":"ad782fde266bff24586cb6dc2de0bc116d22085d","sha256":"7cf14697487c9fb32e99c741c96ff04c3627403c9bc1ff37723445fc637594fc","sha512":"7c5240c89d88b4c306d37b7b411d8c7ac3b0b8e91912bf764f139ea26110eb137bcf29b3f1c3ba55ccf4e0191f93dd4b040ee067257ccf44339598a97a614812","ssdeep":"","tlshash":"59412ccaf1acc95dc649b432e518974d4538d8a1946b6408d13bd5e208dc77ff292e0d","first_seen":"2025-07-01T02:46:12.118652Z","last_seen":"2026-04-12T02:49:07.268562Z","times_seen":465,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/67336675-0daa-489b-6885-cb95234bc400?projectId=ad88f600da3aecbc7f1ef98e992a65ec","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/67336675-0daa-489b-6885-cb95234bc400?projectId=ad88f600da3aecbc7f1ef98e992a65ec HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1872\r\ncf-ray: 9c3382b70d5b0731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2156\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfzPe7jvSa4xP7D5TpKwzld3fWfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept, Accept-Encoding\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=650+9 c=0+8 v=2026.1.2 l=1872 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1872,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"22e9362b85988b530343c1d1dfbbb03e","sha1":"f13d35d31f007ebab931b4f83941696cf3ae4166","sha256":"62e371133a4d06e6eb548ff6d6a6a7bdedd5f17a1041da6cf90ea6e05032c187","sha512":"9ffac36e9eb91fc250d390572e701764e3c46e458223c7d256236c49b7b051ed5a580f3bc3f0c7a32a3ae933990b9632782343d54ba6eabdfd17c140b4a4353d","ssdeep":"","tlshash":"2a31192f439e05e6644b2cc8334a974ca4b03668f0966f1433755702c22e81ff577c43","first_seen":"2025-03-04T08:48:45.503749Z","last_seen":"2026-04-12T02:49:07.259811Z","times_seen":538,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/assets/img/header_twitter.svg","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /assets/img/header_twitter.svg HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"69406166-489\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ElqDzVUXg2ig4qbOc5%2FyPvFrHvbuOlIJMyk2us%2BaiK%2FLEDtZzFqGO%2FfHi1LOjex5YzNPCWQbKQOBzbu%2FMWZMnR6szwKm2zYRHqN%2Bs2mDy50%3D\"}]}\r\ncf-ray: 9c3382ac8cdb56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1161,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fb5d3dcfa54538d269a80106264b3e5b","sha1":"011dfe7b86a5519f004e3ebda05f301326c5da22","sha256":"9e0e01f6097d44b62351e1a342c422a0fa5917e3936f59ce8316ba293ea9bf89","sha512":"509fca4f6882300efa5cb841256ea3ad15c3cc8172147195d9d03be7c31b7907fdd6b18c6af1a8eac2e811f78c487489687e2cb053e528bdb8529d6f3b997144","ssdeep":"","tlshash":"512111eb53fab7d0e408d3a59561653a3adf20ff1712c3a882758de0955632e0d5c0d0","first_seen":"2026-01-07T14:58:29.799265Z","last_seen":"2026-01-25T00:04:22.736146Z","times_seen":5,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/favicon.ico","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:58.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:58 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\npriority: u=6,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"69406168-16b86\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kp2OyFKpLFly9LViiHCO6crpp5pXiQhIO5EbcVwhLOOAE94QdW6jdo0AvTn1MwhM2YJ4pHjDJbhB%2Bqdf8cGF10gsGI5iU5Nphdsgm94723k%3D\"}]}\r\ncf-ray: 9c3382b10d0756bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93062,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -106x-106, 32 bits/pixel","md5":"da7754425f7e1de67a3a359a2ae2d3a9","sha1":"af3be70d4b5565c1d9df2323d9df39b1796da5cb","sha256":"031b9cca7270c0080b232955a55d62dae2f9cd29dcbe684f76695d069d28df36","sha512":"b8a6186beaf4efd3c2a9474ca4a1a502a93710b6d784b3328bd9709efb3ee108b539a1f7aed4a2dbead1049b9961bdd881ba3f91262b69f6009a9241c1a5dfaf","ssdeep":"192:xZFrGBVh9rAfjWX7ZrNKbDRULZbGCdqdLhs4OZ96Lx3oIYNcuddarZSnyfi:xZFeZ8iBNKbNWUxhKiLxAddar4nF","tlshash":"e19374f23684d148d0e8da7c4ad5e4b49e5b3f7599e3a74a30a2b30d1a73221bf34652","first_seen":"2026-01-07T14:58:29.781453Z","last_seen":"2026-01-25T00:04:22.737066Z","times_seen":3,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/94e7efd8-001d-40c0-e490-61e6b85e1b00?projectId=ad88f600da3aecbc7f1ef98e992a65ec","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/94e7efd8-001d-40c0-e490-61e6b85e1b00?projectId=ad88f600da3aecbc7f1ef98e992a65ec HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1340\r\ncf-ray: 9c3382b6fd400731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 38276\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfnAuAS_2cJ-anve6VozLsLtuffmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept, Accept-Encoding\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=568+6 c=0+6 v=2026.1.2 l=1340 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1340,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1a4a1053ebbd4b9cd70fbc8e340becc6","sha1":"1f31ea2198dfd25dd93a836e7616c0eabef1efca","sha256":"36f412ec3b8745d97a9b17f5a24df43180dc8e36a090ab1d4899a419be90e100","sha512":"a34d2f9a77ce13d155e2ae9ba33040b4ff8d0ad36de0ba4051652c3a5e3b291fed693a1715a4acb70b8d41680145145fccff0106c3995c2ced37bcde9b839a90","ssdeep":"","tlshash":"ab21fb1b471430faa04b12236528e05d36b97eaddbd615c680c850ea7c8dd5c3ae1163","first_seen":"2025-07-01T02:46:12.111528Z","last_seen":"2026-04-12T02:49:07.262992Z","times_seen":492,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipwho.is/","fqdn":"ipwho.is","domain":"ipwho.is","tld":"is"},"ip":{"addr":"185.111.111.158","port":443,"asn":212238,"as":"Datacamp Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipwho.is","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Mar 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A1:1B:17:6A:78:6C:D5:99:94:5A:7F:7C:C6:26:EF:8E:49:5C:8E:FF","sha256":"05:EE:0E:25:74:AA:B9:DA:0E:25:B7:DF:43:93:02:F2:C7:4F:DE:33:3A:75:61:9F:45:D9:B2:50:BD:76:DA:05"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ipwho.is\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://telegram.financial/\r\nOrigin: https://telegram.financial\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: application/json\r\ncontent-length: 61\r\nserver: BunnyCDN-DE1-1332\r\ncdn-pullzone: 4617583\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-origin: *\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/25/2026 00:03:59\r\ncdn-edgestorageid: 1329\r\ncdn-requestid: 50b917ec02e2645d2b4ad2df1a7514f5\r\ncdn-cache: BYPASS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":61,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0374b9c7489e1566df92d5293ea18838","sha1":"d8000ee3b7eae3865024834bbef1355f9c32425e","sha256":"0b706e911246dfe84656457dda126c112bb06f894df92c9dd5eb11907d48df8e","sha512":"70648c91f408ac1adada24f5dcf7d75f705e8dad57bbc24c039a1ec48188a59d2597ea7045c2ea2af730cfa74839d430a53c5bc5f488b60e774ad48ac1a76267","ssdeep":"","tlshash":"64a002d7a1891aba07d120c5646f9849b19984b18100151d916e500857c8c1c309e7e5","first_seen":"2025-09-06T11:42:58.635343Z","last_seen":"2026-02-05T20:27:16.297964Z","times_seen":314,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":154,"dns":21,"connect":23,"send":0,"wait":27,"receive":0,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"service.telegram.financial/tron/ws","fqdn":"service.telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"104.21.20.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://telegram.financial/","date":"2026-01-25T00:04:10.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /tron/ws HTTP/1.1\r\nHost: service.telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://telegram.financial\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: +OD0JvP6dxw2bntLmVfdbQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Sun, 25 Jan 2026 00:04:10 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: w5t+UGP7tuf/FNtambMqHt7W04M=\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=mrTWTpod5XJ4tzR9vsvWg5JEGEnRFT1XQCo6VFDBQNIeJ4vrrdp0JrokD83b86ffUBVaUZ4qFfDykywGjxWM8v475vnWYyep%2B3DNbL2uoDXa89ZQuZSAfBPEAUSXInOWWAF2a%2FsH6U1J0dhOeQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9c3382fd3fec76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1412\u0026min_rtt=1317\u0026rtt_var=428\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3133\u0026recv_bytes=1177\u0026delivery_rate=2590339\u0026cwnd=252\u0026unsent_bytes=0\u0026cid=cb1da0c73b310f48\u0026ts=265\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T18:55:58.746745Z","times_seen":13673560,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":251,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"service.telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"service.telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/aos@2.3.1/dist/aos.css","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 07:56:49 GMT","end":"Sat, 21 Mar 2026 08:56:47 GMT"},"fingerprint":{"sha1":"26:50:C2:17:0A:FF:C4:D7:84:D7:E7:28:A7:58:4B:CD:0A:7B:2A:79","sha256":"93:15:E6:80:68:21:48:A6:B0:14:8D:F2:4E:A3:50:33:6C:01:5B:84:8D:F6:75:2E:09:A4:79:DD:37:13:FA:B0"}}},"request":{"raw":"GET /aos@2.3.1/dist/aos.css HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\ncf-ray: 9c3382acafe656cb-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 3084487\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 25 Jan 2027 00:03:57 GMT\r\nlast-modified: Sun, 26 Oct 2025 23:27:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-digest: sha256=:GqiEX9BuR1rv5zPU5Vs2qS/NSHl1BJyBcjQYJ6ycwD4=:\r\nfly-request-id: 01K8HDJRGH614A319Y1CPHT2M4-fra\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26053,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (26053), with no line terminators","md5":"847da8fca8060ca1a70f976aab1210b9","sha1":"0557d37454b67f42f2cb101e57e5070fb1193570","sha256":"1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e","sha512":"d5c2bbf1ad68fa1b7625c696ea0f0e5d8c2aa5ebfdfba1aa3a4cfdc6604df625148489dd2adc7020b19660e4a26ce2a32ec11d8f28d9bd80eafdc67035e6a4d3","ssdeep":"768:CMJihoCcZCOud8G8tKS65wqsZQ1G+dM2cl6iCRotsV84sxIKcv4g01UeEPEQEB4D:CMJihoCcZCOud8G8tKS65wqsZCG+dM25","tlshash":"f0c24b5a7a4cd100bf831b4762df2a0859347588e5301986be3f35ca2cd5ce6b973fa9","first_seen":"2023-04-05T07:18:45Z","last_seen":"2026-04-12T18:16:09.111574Z","times_seen":31764,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":6,"dns":0,"connect":1,"send":0,"wait":25,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/77c1d3dd-0213-400a-f9cc-bfd524c47f00?projectId=ad88f600da3aecbc7f1ef98e992a65ec","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/77c1d3dd-0213-400a-f9cc-bfd524c47f00?projectId=ad88f600da3aecbc7f1ef98e992a65ec HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1404\r\ncf-ray: 9c3382b6fd500731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2156\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfvWH7-l2WGZEJvxD_-cbyo5fufmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept, Accept-Encoding\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=44+3 c=0+2 v=2026.1.2 l=1404 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1404,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"434c7550a1a937d1e7e8bb8416691d9b","sha1":"d837654b42d1474560a5698cfac3514209cde2c2","sha256":"5f0f065528ec2543e34a03df1cd588b4c4ce7764d1ff62e67cec0677f638c549","sha512":"eefe6cf29ea82af55070456f2bf2cf1ab3c3328938ea092695f0a25370e6cef7ed1da43633a4548b22b46d7d7a87253ef01b2c01847ea84725cd4acc7be813fb","ssdeep":"","tlshash":"9f21e6a32c3914ddefa65f1485a00d8dff03c1a5983ee3d896e83548e5788da6ca00c2","first_seen":"2024-12-05T15:42:26.602777Z","last_seen":"2026-04-12T14:18:15.7912Z","times_seen":2450,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/e205b0fd-8e50-4589-c978-c5304844a100?projectId=ad88f600da3aecbc7f1ef98e992a65ec","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 08:35:13 GMT","end":"Sun, 08 Mar 2026 09:35:11 GMT"},"fingerprint":{"sha1":"9A:4E:F9:52:35:79:70:FD:85:E6:2D:13:85:19:6A:C7:D8:BA:02:CB","sha256":"2E:13:A5:10:27:76:B3:13:95:EC:3A:92:D4:36:FC:06:76:06:42:8C:3C:FF:F7:34:3B:92:46:11:09:BB:64:63"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/e205b0fd-8e50-4589-c978-c5304844a100?projectId=ad88f600da3aecbc7f1ef98e992a65ec HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1356\r\ncf-ray: 9c3382b70d570731-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2156\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfr40Ul7YUM1squ3IwHtSuzCg3fmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept, Accept-Encoding\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=16+6 c=1+5 v=2026.1.2 l=1356 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1356,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"89579128292d69dbd16b69c1674600d3","sha1":"c86467ef3f756459725684f31a9ba4afc0adeeec","sha256":"0177ff925ce5173576473379a21c32002e886089526224cfd2e6ed54d943a322","sha512":"ade4cbd56e15997c576e2d7760bdb30dcf1afad588dde29ce0418bdb1bfc1f492d07cd2c96aa4c564aa1eae16c06742896b038aded6230faeec9aceb89390de8","ssdeep":"","tlshash":"be212b6e5b24a0c1d68bd6c260731b016288ac43c1d9e3bc6914230301fdaa1d450574","first_seen":"2025-10-16T09:50:25.746791Z","last_seen":"2026-04-12T02:49:07.248387Z","times_seen":382,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/module.js","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /module.js HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:35 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"69406163-15d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dALQGxJltaS3K%2Bs0KXH%2FEX7Rvy8UYWjMSbvKMjVEiOjmSgrYP9nUcxVeahGLTdDb7K4y%2FkzhzIPIoOi5nxeQ%2FGTPb3P9J8Qn7oBO3aZaO7o%3D\"}]}\r\ncf-ray: 9c3382ac7cd756bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":349,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"005c421be4eb07d052b3cf71cc7a72fe","sha1":"4f8bd80fee7be86ddfdc04d110f4fcd50985b386","sha256":"de7f3553a054d843975fc2411647d8e73fe56aba2d4cd2d358680125afadc052","sha512":"f726d0d7b568191cd39808904c987eab5b0a01d247e75256d269344ffd02975c4949e49a58ad553aeeb126c04e1f03ab6a5d81c3e6e271be37da7d938f937cd4","ssdeep":"","tlshash":"bee026182ca4e07985a67c63b636c505f5d264276110f5487acdc8444f32fd09c40ca6","first_seen":"2026-01-07T14:58:29.793893Z","last_seen":"2026-03-24T00:41:30.195059Z","times_seen":11,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/assets/img/header_yt.svg","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /assets/img/header_yt.svg HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:37 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"69406165-302\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=APTbjn1gp1qYnKNMaV4tvonVbbDxdX5tGGkJSfJyRSX%2BqcOzJkSjqX%2BA6LfM0fibOikfNXJXKQPQ9JzcvYpi%2F5U40JyZA7s4gDgQRyki2IM%3D\"}]}\r\ncf-ray: 9c3382ac8cd956bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":770,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e13171cfa3eeafe43cb07ca264871851","sha1":"75aa2e9fd1fc00ef543aee002b10b2274363f812","sha256":"8606d6a60019c95a93ab166936d2919c40ef607e04d2ab826c9fe1805cb393cf","sha512":"d5e5ba313d57eb1b0dbaf951af14d98758d2159bcbd49957d351d05c472e176eac27fcfb79174f40abf41d437a0802eb4c48c6e0cb2bbec1a83c657ae5d80f73","ssdeep":"","tlshash":"e601d0c5b39cb1c154044b700a20543638fb2cf61e42db498ff29ca45297a1fce85d9d","first_seen":"2026-01-07T14:58:29.801431Z","last_seen":"2026-01-25T00:04:22.743746Z","times_seen":5,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/assets/img/header_tg.svg","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /assets/img/header_tg.svg HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"69406166-6d1\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0AnwRNNw8EBNWDD%2Ftwrk9S5Ak2rJ7fWUDjus3bYhLrVoCAKJURZBj3loK7MLjcj8CVAUXrjp2RyOLlKLEf8OHAA5wWxrZMT8ACloPixIVwU%3D\"}]}\r\ncf-ray: 9c3382ac9cdc56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1745,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"48fda6f13d3a18466be05f71e1c7cb51","sha1":"a408cad05704f23df2863f0e8a6924868051a2e9","sha256":"079a96e5af3a8fa27b4f58413e9527bd99ed4ce78138acf6b49472025236426d","sha512":"e10ea6a01055943127b6fc16e5ef8af2f93ff5fa55a0a9e69e76d108113bc587da1117aa7de39959ec7ea07bfb5d8ea471ab0a92ef0be501c13ec74e218f90f1","ssdeep":"","tlshash":"8a3112a823fdf5e0b906dff0d76a84716a1e11e12f67ce394b5abe70e10102e4468cd4","first_seen":"2026-01-07T14:58:29.814443Z","last_seen":"2026-01-25T00:04:22.744548Z","times_seen":5,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/assets/img/header_ds.svg","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /assets/img/header_ds.svg HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"69406166-548\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xoSt6LZNsRcxrg5uUu%2Fw0lhOtHCU7gPe2%2FXr%2FsPDsxi7bUND%2BoTI7k8QyATkec6IXwuvOUmpBu4fMEIMC37ffYLa%2BIHTStQ%2FQw%2FbrlLnSTo%3D\"}]}\r\ncf-ray: 9c3382ac9cdd56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1352,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"491a8dc6f2d254588b9bcb8f0e33f27b","sha1":"4b8b0b8fc1c7a4c0abb1c7bcd80fb1f4829c941d","sha256":"1bf9262bece8cb4796262e7c1d884887d089abad4ba0979b8690cb4a6a2652b6","sha512":"95672fea8d647c0414c346fae3ac4cf1f83801619789b38ec8e6905c9dc12d75da9723f8825490c42cf7cd7f6da733adadee6cbd02191c8ef1c342e620ec02c7","ssdeep":"","tlshash":"f02181d6839df6e0f388dbf443156875b57270e26d2185394fa66e51fa1407fc8cd481","first_seen":"2026-01-07T14:58:29.79609Z","last_seen":"2026-01-25T00:04:22.745402Z","times_seen":5,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/assets/img/header_arrow.svg","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /assets/img/header_arrow.svg HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"69406166-f5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f25qW3BjfC8LUJZ9d9FdEgbxgOyyD0BqaME%2Bkll1yuFCfcjlWvV0LYKxNDw7QOV%2F0vvELm6%2By8vjyxP1zNZfbWrPUlvxitxRi0IKdjyRvok%3D\"}]}\r\ncf-ray: 9c3382ac9ce056bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":245,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ff289fc9a61bcff3061fc6fe5a4a55ba","sha1":"627f2f0d0c31a20c97ee1f70e38e94c3a8ec0ab7","sha256":"7e9e7ed4c22a7a71bf47ba5fae2e4441e32f2a381e3c86423587f376748f84dd","sha512":"96f642c9ee66b3ec6b41ee477aaa311142a267624f8bd8ad29950e85fc4358289507eabc8537c04c6b3b414a3176447f4c26f4d3c717d2e94b243b292c637e1b","ssdeep":"","tlshash":"a9d09732010cc380c104931afa2b6072e522e0d3d7dc84d4aa1a322ab8804ebcce8bf8","first_seen":"2024-08-29T17:50:55.823466Z","last_seen":"2026-04-10T15:24:37.953733Z","times_seen":458,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/assets/img/background.jpg","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /assets/img/background.jpg HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/assets/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:58 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 555097\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:39 GMT\r\netag: \"69406167-87859\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QkhkQRzFgHdVxieQj5YeK1ZUqVG6nwKFXjqiAqvNbrHtNy5yeAF6FLBwEs8yW8bfZ4hGmJZ7WHMQRNx8fWqei09cpX2hIp7U%2FYVVdNMj%2BaI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c3382ae6cf356bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":555097,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"2faa50c9453fc1d68b9b15eb70151e92","sha1":"dbbe907b6ca7a2c99d21bd9916cc904701b632e1","sha256":"91e02f02039b56e1515ada6e9109c49deba2386961d2af3a4a35f0fe20f4c7b7","sha512":"fcf97ecac8f3f186476442ef7e48eccf8c2823825f8caaf8b7149b30bd3b029325e656caa42ec80f0790c09e7c3f1984448af174eb942e725423c8f7802ca8b1","ssdeep":"12288:3FMFgI18P8mDFMtSccfsvh3Co9DnJ3cmvbiMlnr7wVr+F5yCF:3GFPccX9Co9zJ33eci+F5yCF","tlshash":"1dc412f8fbe3e3459b071a1ea93d3d7b0b20aad454dda46760574c08a2c1f3a991393d","first_seen":"2026-01-07T14:58:29.82162Z","last_seen":"2026-01-25T00:04:22.747228Z","times_seen":3,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":276,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"service.telegram.financial/tron/ws","fqdn":"service.telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"104.21.20.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:59.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /tron/ws HTTP/1.1\r\nHost: service.telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://telegram.financial\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: Vrx00l1wepyXAUoU+ghYwg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Sun, 25 Jan 2026 00:03:59 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: T1SagPYPZEvk6glBe0+yCtWEb3M=\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=3HL%2FqZ3nqk0KNSDzLWtLdEy6XJNKk%2Fw333RjK1BOI4Irgtacl%2FOxgAdwDQSpH6D%2Fcwmb2OIpfdhTP74dxDE%2FeMuwk1LdE6MIwXZGkQ4CCTEJULCmn%2Buj%2FyD2f%2BSpN8Y85Ff7AB9X3GfSRaZkHw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9c3382b6785cb50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=541\u0026min_rtt=500\u0026rtt_var=169\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3132\u0026recv_bytes=1177\u0026delivery_rate=6884310\u0026cwnd=252\u0026unsent_bytes=0\u0026cid=74879f96ebb4718a\u0026ts=307\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T18:55:58.746745Z","times_seen":13673560,"resource_available":true,"data":null}},"time_used":347,"timings":{"blocked":0,"dns":17,"connect":17,"send":0,"wait":295,"receive":3,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"service.telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"service.telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-25T00:03:57.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 15 Dec 2025 19:28:35 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PRgdWnvTDCiqoDpfxDfEKuYq8G1%2BeMRqktIT9ZereXm0YApRYarRsgVkALIVuccxfIlvrVT2fhXXJ7Z%2FukOkxOqarsSH9n2wUJorZTDLhwJfUQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9c3382aa29bb1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4665,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"65b5b729e8510fca24f828cbaf403907","sha1":"c0c7352c00ffa837ee1a3b74ca7a35dd79001711","sha256":"2fbf28b516ff1e52d06218f7509f8977ca6ebc5103beabd7bd80ff0352daf701","sha512":"15f112c2f6b0eb6891a654a473d41a308b40b6592f83574b9230c5fd43b8193938d54f6c1168315730c43dca80772c288c47a8fc34e02880ad0b2c8598365bfc","ssdeep":"24:hY7ZvVyMwYtVN/2uN/r1CeRbiyB3/EpQx7vL6mD9EvRMPK4wafgieD5q2rdldnoi:GNNXNkop3x7vL6mDCfQeDDnn9/7Jt5d","tlshash":"24a17d2214e4617b2287b1d06f433e753ed18243e64b7924b1fc1acb5fd6e43c9235aa","first_seen":"2026-01-24T15:25:39.634445Z","last_seen":"2026-01-25T00:04:22.748142Z","times_seen":2,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":76,"dns":63,"connect":1,"send":0,"wait":247,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.financial/assets/css/style.css","fqdn":"telegram.financial","domain":"telegram.financial","tld":"financial"},"ip":{"addr":"172.67.194.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telegram.financial","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 20:55:22 GMT","end":"Fri, 10 Apr 2026 21:54:06 GMT"},"fingerprint":{"sha1":"3B:09:9D:E1:38:42:42:02:8B:61:83:5E:82:20:0D:0C:E7:E3:BE:AC","sha256":"9D:9B:65:39:7B:E9:7F:C0:3C:13:2D:26:AD:58:D9:5F:BB:84:9E:AE:39:D6:2A:0B:A4:77:A2:6F:4A:86:35:E9"}}},"request":{"raw":"GET /assets/css/style.css HTTP/1.1\r\nHost: telegram.financial\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://telegram.financial/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 25 Jan 2026 00:03:57 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Mon, 15 Dec 2025 19:28:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"69406168-1bd6\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MYk29umuUwuyUP3cTgnmm%2BspYpL28rnmq4mRS8g9bmuMlQCXpED%2F4hRUzllzxhNPyhO7Dd3xU1apTFLfrT6s02Vgg62DcjtfP0MHYM6L3is%3D\"}]}\r\ncf-ray: 9c3382ac7cd856bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7126,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1bd80545d65d6e40a4f5ab535ece9ad4","sha1":"310573bcf6abc3d44580857b61b7d1726c18c8b4","sha256":"bdfd316ce9f64a7fda9ec5636c36aaf33d185bd6b8121347da6e259b7e0819d9","sha512":"ce61b7c55a3fcf825e67a2f40048ad946f84ac961a012aab65b07ff1e52c669f4b5ec8e7356ddae8e7cd5504dbd94d337cd2914de2dac1941074615671fef556","ssdeep":"192:56aFJFj1vtyfztyqtPnsI6/fhgv+clsYyW:5dFJFjNyoojWG","tlshash":"f3e1bd8b7ab026157416b8687aa70f5133a9c003e24eed75bad4225ccec62d69e7334d","first_seen":"2026-01-07T14:58:29.790887Z","last_seen":"2026-01-25T00:04:22.75013Z","times_seen":3,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"telegram.financial","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://telegram.financial/","date":"2026-01-25T00:03:57.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:23 GMT","end":"Mon, 23 Mar 2026 19:52:22 GMT"},"fingerprint":{"sha1":"5A:74:FC:38:D2:7B:9B:E5:E5:0D:67:25:F4:73:BC:BA:2E:12:A7:FD","sha256":"3B:19:CD:BE:44:E6:EE:DC:8D:33:2B:A2:1C:E4:13:F8:6F:7E:2E:52:5D:0E:75:F3:1A:ED:21:1B:7A:B7:2E:BA"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://telegram.financial\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 23 Jan 2026 13:20:45 GMT\r\nexpires: Sat, 23 Jan 2027 13:20:45 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nage: 124992\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-04-12T18:58:09.785125Z","times_seen":17007,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":93,"dns":1,"connect":8,"send":0,"wait":9,"receive":6,"ssl":80},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}