{"report_id":"1cc98ff4-a7de-4899-9000-c380e40dd0df","version":6,"status":"done","tags":[],"date":"2026-02-14T15:34:51Z","url":{"schema":"https","addr":"verifybot.click/","fqdn":"verifybot.click","domain":"verifybot.click","tld":"click"},"ip":{"addr":"104.21.36.88","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"web.telegram.org/a/","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"title":"Telegram","dom":{"size":3236,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (3236), with no line terminators","md5":"1e4d16b6a1edfcd6e36a803e77cd9541","sha1":"eff461253265c9f47c14515d17f20d6eda73fb73","sha256":"4a5cb438a29e3c32051132fe394a2e59040c4367bd1543d24cefa2e2965f0276","sha512":"22052bf42558a157fd742bc8156a00d4ac657942277a07a82d4561060eeeb5d059e32775ff62d880afa0826d2e57cdab78812c89ec4dd275b42793c68ae04ae4","ssdeep":"","tlshash":"0c612f938b18c84e3321823ae9b3f0c8c216d40fe9b47c50f58545ab4ae5ef4d6b3666","dom_hash":"domhash0f31abafeaf2029a3dea65104db1780c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"verifybot.click/","fqdn":"verifybot.click","domain":"verifybot.click","tld":"click"},"ip":{"addr":"104.21.36.88","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T15:34:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-02-14","alert":"Hunting_JS_WebAssembly","trigger":"web.telegram.org/a/rlottie-wasm.b8cd14b929a7127811bd.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"verifybot.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"verifybot.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"verifybot.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"web.telegram.org","ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":10184,"first_seen":"2014-10-23T18:15:32Z","last_seen":"2026-02-10T14:15:14.35702Z","alert_count":4,"request_count":29,"received_data":3924340,"sent_data":13397,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"verifybot.click","ip":{"addr":"104.21.36.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-24","domain_rank":0,"first_seen":"2026-02-13T13:42:06.490091Z","last_seen":"2026-02-13T13:42:06.490091Z","alert_count":3,"request_count":1,"received_data":2156,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"web.telegram.org/a/compatTest.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7a3be2fca8a7cf2ccb5dda8f415230e","sha1":"83bc559d0c7943d2d41abddf522cf06a783a9f65","sha256":"24472258bff4c7fc5ea9c1d54c3b07b462dd5ee0d6921d3c33ffff20db209529","sha512":"6277c3f63b2630cdc7b7f11d9841a233a46c7290f7bf081439529df7c7b01408bb1da9e334e04c93bf58cd14c9a246a93853914adf62604c330d7296c3cb9eb4","ssdeep":"","tlshash":"2651f51a4cb56271606d6166eb0fb14376288577060ceb7ca220cf397eb185b825fee9","size":3033,"data":"","first_seen":"2025-10-10T21:08:45.115241Z","last_seen":"2026-06-02T15:33:17.78149Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/main.e9789093343a2ac8f9f0.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"7dde874fb93970a2c1f8d764f7c624e8","sha1":"3d58520292e17bd92d06f08a6bb25199090373ed","sha256":"a10180f015adde29cf1ae50e325d106e4c1213f547f5c6281ab2bc6166a80d5f","sha512":"de080af0a23de32a9981a622788e144b7cbcbc6bd0d75df16ddaa45ccb0796aae18567d7e03453b322d8b7b08fcdd88fc0d4ee8bd5138b3fcfcba1283cc71536","ssdeep":"12288:cSERVGpXkiyVPe+rKLqbLnaLIqQi66KZM6KdW/QuQjv49Hk+EZm94erioHa8T5Q/:cSu82VG5ljLUU","tlshash":"7cb44cc570d674e9a3e309e5a4ab0098b6395944380dc4a0f16dfce93e364aab373f5d","size":531046,"data":"","first_seen":"2026-01-25T19:31:06.226861Z","last_seen":"2026-02-22T08:42:27.583812Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/6708.c6a3daf9dd10d19220e9.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"baf8171b8a5ad8cf05d6e08fdfe5c66f","sha1":"74e28fd21ca8ca8bbf4949f8509da801c14517dc","sha256":"c2495ada558d6816c759886b28860492ec60dbed76bd5a151701517cddfc90d9","sha512":"a30b8cb9e778dad9bd818ce9fe53d8a53cbfe23ed623451b48fca350b260953db3feeb15cd03471aff34516b5fcd0b8f4665044bf50124cb2768f0f6d6c1f741","ssdeep":"192:KIKfyWQPKyT1/Ca7mBP+WiYUpahWqPBdLKM/GtiV0D1UYf1r:KIwyWFyTMtB+XYUshDPBRKMFY1UYf1r","tlshash":"a212d896a131747e62aa84d5e2140b027e36d5587c09a2bdf73c7cfb2d9640a34bcf78","size":9405,"data":"","first_seen":"2026-01-25T19:31:06.22267Z","last_seen":"2026-06-02T15:33:17.779081Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/js/app.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b84db2cd5822b73926d993777c2fd65","sha1":"a63a7380ad23c84201449d974eb717dd3571761f","sha256":"7583205460e8aa46ec80d7ef8340f10db692ec7ca8b7df2decb95a558246c4c9","sha512":"aac54428d53e71100058ed5d7bb03aa1f90a500c1b36a24e70c0430475098e86156ba26c99be13251bb98e5bf23a6e7e9a90061c72a88f75956ef10da74a9006","ssdeep":"49152:+7Bfi869Ob+kL1tJubGURp9ss7NfIa9IumQ5J4vsRLHKuZW1s83Ue8K6q:Si8ORC","tlshash":"7fc5f774729c703ac3a25ea664af610f69f15120780d0505b3fe95da2fa5c8bcc36f7a","size":2633033,"data":"","first_seen":"2023-06-16T15:07:04Z","last_seen":"2026-06-05T17:30:37.955478Z","times_seen":145,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/redirect.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"17773b57b87a678c98e26a7cac72df6c","sha1":"7422857aa75ee81cabcec2eed6c4a6168f363ee1","sha256":"375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f","sha512":"28d9e1c2af08154e653e2291db46f4110edbf9f5591192f8d695c8852f9c3c755d69dfb5a032a45f51e0a3fc9417f16c20d0772b1225ca9b85e5531e12fa8bfc","ssdeep":"","tlshash":"e8e07dda0279030417e013f36d82b4709137c2fb604c5d028d984321a1b9b4f5b7b84f","size":325,"data":"","first_seen":"2023-07-27T09:32:34Z","last_seen":"2026-06-13T09:01:11.041588Z","times_seen":11482,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"web.telegram.org/a/","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T15:34:31.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/ HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:31 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-c75\"\r\nexpires: Sat, 14 Feb 2026 16:34:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3189,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (3189), with no line terminators","md5":"be609e201e78fd119aeeafff5fe3f51a","sha1":"8ea26d4ad4f3d8c44b2fcc266c114ffa9e474e96","sha256":"eabd3d224bbac2ef98aa6d7ed94c76fcd9bcebf9aa2ac02f838812cb5f39ec86","sha512":"286b1ebd14a1efa20f32dd4ba12c97631578bcfcbb3767a77eb7e9165f18973c1a3c024cef6a28b5845746cf4610e7639e1beaacd67d82f476a3ac64e7f8f2fc","ssdeep":"","tlshash":"9a611e934b18c84e2321863adab3f0c8c216d40ee9b47c50f58556eb4ae5ef0d6b3666","first_seen":"2026-01-25T19:31:06.207514Z","last_seen":"2026-02-22T08:42:27.586663Z","times_seen":26,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:31.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/main.e5993bf7c3ccb7ca28d8.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:31 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 11016\r\nlast-modified: Mon, 21 Oct 2024 03:28:41 GMT\r\netag: \"6715ca69-2b08\"\r\nexpires: Sat, 14 Feb 2026 16:34:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11016,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 11016, version 1.0","md5":"15fa3062f8929bd3b05fdca5259db412","sha1":"6ff06a34f68ad0324ddec1bbe4d453c959178b36","sha256":"5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479","sha512":"07e96d7520b4ede158e77bef10a01a33cd8be7d263fe6900f89c023e65e4a63570e8a442dec2e96030fb563b25610005a748d48f9330fd31eb91b37d1003d376","ssdeep":"192:Tysuo7z1NVoTUYAKVOO7YVxRwHQUXFI5xoBwH9f4d9QFmOfiS:TvdvVoTSjOYR4QUVIgBwpFLaS","tlshash":"6e32af8071ff1c50ff85c2f69be68efa2c2b1895c619016f5240b476397525e9c294bb","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-06-13T09:19:11.049623Z","times_seen":33943,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/6805.20e07b81ad525efcb177.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:35.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/6805.20e07b81ad525efcb177.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-1cee\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7406,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7352)","md5":"d0b5d78516ca99d915f71308c47531af","sha1":"208d9aa7e1d08492c590fdf3a2544779681f1444","sha256":"88819a2d8cbc2d3a10de6a6d5636fa8c29139cbadd93d986c2270e9132c6fb25","sha512":"a2069836bd96764aa4ee79537f0489ad7cd578453de7c4164611ed79a0ef00ab88a95b0d70a4d588477c45f06613c2ff91ed6ca33f9091c558c3aac2fcd10e53","ssdeep":"192:TNqqTgmYJN52V76EjpEYbDTk5iXgz+oY1:TTTgmYJN52VbpfrHXgz+oI","tlshash":"cbe1d4d23752153ee3869dc8ed3e1093a0a1d9683a2881a4777a6cd77d27ec1e071f93","first_seen":"2026-01-25T19:31:06.224888Z","last_seen":"2026-02-22T08:42:27.580712Z","times_seen":26,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/main.e5993bf7c3ccb7ca28d8.css","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:31.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/main.e5993bf7c3ccb7ca28d8.css HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:31 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-1f05c\"\r\nexpires: Sat, 14 Feb 2026 16:34:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":127068,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (12225)","md5":"2b476f4197af0f323064ce6b640e5560","sha1":"bd204013b920c8c3402b1120891c641dc85ad081","sha256":"237b849af0ba769a4183e947d3fddeee9275140818598937f9a315ee291cdbbf","sha512":"f012c7c82080f065029f050d6e13cd39b6f25c3f017af8c2f25cc929248feae6c26ff7ef881fab38e371fc37706cf0008d7648e077144cf0c0d84131a7d15c7b","ssdeep":"768:wwiUAQ6milPrHhnjjk9zrsiQewMaYsMwLTyWmiVy1ZlwHfXRdLoo9Vb6UbDWAx2P:JiedzrsiQwsMknXRB1W976DfT/IJ","tlshash":"71c3d799e94411f9ab33c23e97c4e76c8938e481de610fafb247615c07cb7da12d2b58","first_seen":"2026-01-25T19:31:06.220661Z","last_seen":"2026-06-02T15:33:17.780966Z","times_seen":31,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/3345.50137368530e1c9f7189.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/3345.50137368530e1c9f7189.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-b34\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2868,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2814)","md5":"e4d0bb03b727167259ec0ea278479468","sha1":"3afe29f0613e104f3c9325267ac5113a7563073d","sha256":"8b10d393b15f5dcffd914913a07f478e8a5af204f98774156e8efb4a1cbf25ab","sha512":"bc4f03d4fc71d7aaf3a128207e34934910280ba3da0bb3e9fe5fe808d389828ce463b1f5aed6edef0b1ac5416eca6c7e10811e2fdb3c8fcdd673c233c608a9ed","ssdeep":"","tlshash":"f2512b482a33387a1ca747abf4573b120d2513b13819f48316199eef8a7724f4b03f49","first_seen":"2026-01-25T19:31:06.223502Z","last_seen":"2026-02-22T08:42:27.576991Z","times_seen":26,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/3345.50137368530e1c9f7189.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/3345.50137368530e1c9f7189.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-b34\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2868,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2814)","md5":"e4d0bb03b727167259ec0ea278479468","sha1":"3afe29f0613e104f3c9325267ac5113a7563073d","sha256":"8b10d393b15f5dcffd914913a07f478e8a5af204f98774156e8efb4a1cbf25ab","sha512":"bc4f03d4fc71d7aaf3a128207e34934910280ba3da0bb3e9fe5fe808d389828ce463b1f5aed6edef0b1ac5416eca6c7e10811e2fdb3c8fcdd673c233c608a9ed","ssdeep":"","tlshash":"f2512b482a33387a1ca747abf4573b120d2513b13819f48316199eef8a7724f4b03f49","first_seen":"2026-01-25T19:31:06.223502Z","last_seen":"2026-02-22T08:42:27.576991Z","times_seen":26,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/main.e9789093343a2ac8f9f0.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:31.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/main.e9789093343a2ac8f9f0.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:31 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-81a6d\"\r\nexpires: Sat, 14 Feb 2026 16:34:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":531053,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65486), with no line terminators","md5":"7dde874fb93970a2c1f8d764f7c624e8","sha1":"3d58520292e17bd92d06f08a6bb25199090373ed","sha256":"a10180f015adde29cf1ae50e325d106e4c1213f547f5c6281ab2bc6166a80d5f","sha512":"de080af0a23de32a9981a622788e144b7cbcbc6bd0d75df16ddaa45ccb0796aae18567d7e03453b322d8b7b08fcdd88fc0d4ee8bd5138b3fcfcba1283cc71536","ssdeep":"12288:cSERVGpXkiyVPe+rKLqbLnaLIqQi66KZM6KdW/QuQjv49Hk+EZm94erioHa8T5Q/:cSu82VG5ljLUU","tlshash":"7cb44cc570d674e9a3e309e5a4ab0098b6395944380dc4a0f16dfce93e364aab373f5d","first_seen":"2026-01-25T19:31:06.226861Z","last_seen":"2026-02-22T08:42:27.583812Z","times_seen":26,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/6805.20e07b81ad525efcb177.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:35.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/6805.20e07b81ad525efcb177.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-1cee\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7406,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7352)","md5":"d0b5d78516ca99d915f71308c47531af","sha1":"208d9aa7e1d08492c590fdf3a2544779681f1444","sha256":"88819a2d8cbc2d3a10de6a6d5636fa8c29139cbadd93d986c2270e9132c6fb25","sha512":"a2069836bd96764aa4ee79537f0489ad7cd578453de7c4164611ed79a0ef00ab88a95b0d70a4d588477c45f06613c2ff91ed6ca33f9091c558c3aac2fcd10e53","ssdeep":"192:TNqqTgmYJN52V76EjpEYbDTk5iXgz+oY1:TTTgmYJN52VbpfrHXgz+oI","tlshash":"cbe1d4d23752153ee3869dc8ed3e1093a0a1d9683a2881a4777a6cd77d27ec1e071f93","first_seen":"2026-01-25T19:31:06.224888Z","last_seen":"2026-02-22T08:42:27.580712Z","times_seen":26,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/7784.ceaddb18016a000281b7.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/7784.ceaddb18016a000281b7.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 22:05:21 GMT\r\netag: W/\"6949c0a1-5268\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21096,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20959)","md5":"1b6a1d0f75aa9e357af17942cf43dc37","sha1":"f0c9356156e80becdfecd22a7df95ad0e5d9764b","sha256":"2b23702791ff873f03f46ede8ad50407c95e304f7f81e069ad6f415cd9bbf86c","sha512":"66061712b71b338272151502df5c1b5a867d41efe3513842bd21cb26fefe88ed56d3ee43904e952668ace943e0c3bb8541524f308423c2ed17e31ffdfdaaf5af","ssdeep":"384:2AfpRdH3KLSWInGDrQ+YW5LhoASLv5S8VwktQ0CSRU6f/k5MC6LEmYwt/9RXC6i5:2AfpRdX+DrQ2LhoASLFtQUU63k5MC6Lm","tlshash":"b892187a56ad058252ec48e90ccb1c9951b8e0233c871d7e5174fdd630f28d7e2ead79","first_seen":"2025-11-20T01:35:27.898761Z","last_seen":"2026-06-02T15:33:17.774942Z","times_seen":47,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/7784.ceaddb18016a000281b7.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/7784.ceaddb18016a000281b7.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 22:05:21 GMT\r\netag: W/\"6949c0a1-5268\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21096,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20959)","md5":"1b6a1d0f75aa9e357af17942cf43dc37","sha1":"f0c9356156e80becdfecd22a7df95ad0e5d9764b","sha256":"2b23702791ff873f03f46ede8ad50407c95e304f7f81e069ad6f415cd9bbf86c","sha512":"66061712b71b338272151502df5c1b5a867d41efe3513842bd21cb26fefe88ed56d3ee43904e952668ace943e0c3bb8541524f308423c2ed17e31ffdfdaaf5af","ssdeep":"384:2AfpRdH3KLSWInGDrQ+YW5LhoASLv5S8VwktQ0CSRU6f/k5MC6LEmYwt/9RXC6i5:2AfpRdX+DrQ2LhoASLFtQUU63k5MC6Lm","tlshash":"b892187a56ad058252ec48e90ccb1c9951b8e0233c871d7e5174fdd630f28d7e2ead79","first_seen":"2025-11-20T01:35:27.898761Z","last_seen":"2026-06-02T15:33:17.774942Z","times_seen":47,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/7784.ceaddb18016a000281b7.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/7784.ceaddb18016a000281b7.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 22:05:21 GMT\r\netag: W/\"6949c0a1-5268\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21096,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20959)","md5":"1b6a1d0f75aa9e357af17942cf43dc37","sha1":"f0c9356156e80becdfecd22a7df95ad0e5d9764b","sha256":"2b23702791ff873f03f46ede8ad50407c95e304f7f81e069ad6f415cd9bbf86c","sha512":"66061712b71b338272151502df5c1b5a867d41efe3513842bd21cb26fefe88ed56d3ee43904e952668ace943e0c3bb8541524f308423c2ed17e31ffdfdaaf5af","ssdeep":"384:2AfpRdH3KLSWInGDrQ+YW5LhoASLv5S8VwktQ0CSRU6f/k5MC6LEmYwt/9RXC6i5:2AfpRdX+DrQ2LhoASLFtQUU63k5MC6Lm","tlshash":"b892187a56ad058252ec48e90ccb1c9951b8e0233c871d7e5174fdd630f28d7e2ead79","first_seen":"2025-11-20T01:35:27.898761Z","last_seen":"2026-06-02T15:33:17.774942Z","times_seen":47,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/rlottie-wasm.b8cd14b929a7127811bd.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/rlottie-wasm.b8cd14b929a7127811bd.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 22:05:21 GMT\r\netag: W/\"6949c0a1-10001\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65537,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f9197a18681b7cc4f51b1911286902b0","sha1":"3f585990b02c98c9d787cb74c2a52fdf5d753b98","sha256":"bed5811a3341e35e206eaf3a0518c50edfe50ee9da37480286ac38ff29813c0d","sha512":"9679389c7ae84ee258a31c28e0da91ca3885c491f3e15e544d04c0bbb73c820e03ef8a834d96be0d29305534b18302f2b0110d9361e1d5f34a0fed38912550cd","ssdeep":"768:O6g4cP2yQ6eO0PDlgTdxHzvszXIn2B1ARnv76AeuFYNYjYxRrqhlr3NKR:O1Q6eOyQ5UzXpmK8y1alr8R","tlshash":"2c53e88535d9b0ab42837878946f310bf1ab6d52681c8410db1dd4dabcb4e49e63ffe8","first_seen":"2025-08-04T01:39:06.738468Z","last_seen":"2026-06-12T06:27:36.528442Z","times_seen":178,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-02-14","alert":"Hunting_JS_WebAssembly","trigger":"web.telegram.org/a/rlottie-wasm.b8cd14b929a7127811bd.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/3345.50137368530e1c9f7189.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/3345.50137368530e1c9f7189.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-b34\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2868,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2814)","md5":"e4d0bb03b727167259ec0ea278479468","sha1":"3afe29f0613e104f3c9325267ac5113a7563073d","sha256":"8b10d393b15f5dcffd914913a07f478e8a5af204f98774156e8efb4a1cbf25ab","sha512":"bc4f03d4fc71d7aaf3a128207e34934910280ba3da0bb3e9fe5fe808d389828ce463b1f5aed6edef0b1ac5416eca6c7e10811e2fdb3c8fcdd673c233c608a9ed","ssdeep":"","tlshash":"f2512b482a33387a1ca747abf4573b120d2513b13819f48316199eef8a7724f4b03f49","first_seen":"2026-01-25T19:31:06.223502Z","last_seen":"2026-02-22T08:42:27.576991Z","times_seen":26,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/3345.50137368530e1c9f7189.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/3345.50137368530e1c9f7189.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-b34\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2868,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2814)","md5":"e4d0bb03b727167259ec0ea278479468","sha1":"3afe29f0613e104f3c9325267ac5113a7563073d","sha256":"8b10d393b15f5dcffd914913a07f478e8a5af204f98774156e8efb4a1cbf25ab","sha512":"bc4f03d4fc71d7aaf3a128207e34934910280ba3da0bb3e9fe5fe808d389828ce463b1f5aed6edef0b1ac5416eca6c7e10811e2fdb3c8fcdd673c233c608a9ed","ssdeep":"","tlshash":"f2512b482a33387a1ca747abf4573b120d2513b13819f48316199eef8a7724f4b03f49","first_seen":"2026-01-25T19:31:06.223502Z","last_seen":"2026-02-22T08:42:27.576991Z","times_seen":26,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/rlottie-wasm.b8cd14b929a7127811bd.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/rlottie-wasm.b8cd14b929a7127811bd.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 22:05:21 GMT\r\netag: W/\"6949c0a1-10001\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65537,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f9197a18681b7cc4f51b1911286902b0","sha1":"3f585990b02c98c9d787cb74c2a52fdf5d753b98","sha256":"bed5811a3341e35e206eaf3a0518c50edfe50ee9da37480286ac38ff29813c0d","sha512":"9679389c7ae84ee258a31c28e0da91ca3885c491f3e15e544d04c0bbb73c820e03ef8a834d96be0d29305534b18302f2b0110d9361e1d5f34a0fed38912550cd","ssdeep":"768:O6g4cP2yQ6eO0PDlgTdxHzvszXIn2B1ARnv76AeuFYNYjYxRrqhlr3NKR:O1Q6eOyQ5UzXpmK8y1alr8R","tlshash":"2c53e88535d9b0ab42837878946f310bf1ab6d52681c8410db1dd4dabcb4e49e63ffe8","first_seen":"2025-08-04T01:39:06.738468Z","last_seen":"2026-06-12T06:27:36.528442Z","times_seen":178,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-02-14","alert":"Hunting_JS_WebAssembly","trigger":"web.telegram.org/a/rlottie-wasm.b8cd14b929a7127811bd.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/compatTest.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:31.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/compatTest.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:31 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 22:05:21 GMT\r\netag: W/\"6949c0a1-bd9\"\r\nexpires: Sat, 14 Feb 2026 16:34:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3033,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (413)","md5":"a7a3be2fca8a7cf2ccb5dda8f415230e","sha1":"83bc559d0c7943d2d41abddf522cf06a783a9f65","sha256":"24472258bff4c7fc5ea9c1d54c3b07b462dd5ee0d6921d3c33ffff20db209529","sha512":"6277c3f63b2630cdc7b7f11d9841a233a46c7290f7bf081439529df7c7b01408bb1da9e334e04c93bf58cd14c9a246a93853914adf62604c330d7296c3cb9eb4","ssdeep":"","tlshash":"2651f51a4cb56271606d6166eb0fb14376288577060ceb7ca220cf397eb185b825fee9","first_seen":"2025-10-10T21:08:45.115241Z","last_seen":"2026-06-02T15:33:17.78149Z","times_seen":76,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/notification.mp3","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:31.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/notification.mp3 HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:31 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 10880\r\nlast-modified: Mon, 21 Oct 2024 03:28:41 GMT\r\netag: \"6715ca69-2a80\"\r\nexpires: Sat, 14 Feb 2026 16:34:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-range: bytes 0-10879/10880\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10880,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo","md5":"eba09b6a457792c52fc610b5f9f974b3","sha1":"95e6e0f7648e28ea21bc434054ea59aba3a35aea","sha256":"86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6","sha512":"9dfc5ff830c9ed75c9923528c31e1361fa36500d76a209cd475984e5585a644c8aff1600bf02a658ef363436a51988ff1e63aa7606e541dc4a7b3449c5be4852","ssdeep":"192:RuQQeX7rYX/WUUIk8DLh+2BHpZqlXCYP69tuORf6tVQRa/nwNQBv5JC:RRYeUUEDLk2VClyaV0aZ5g","tlshash":"37226b18af11056ef4866bf0b3939b8dc42d26c37a26d4cdd3a5d7e369430e2a7d500d","first_seen":"2023-05-16T22:57:55Z","last_seen":"2026-06-13T09:01:11.037115Z","times_seen":16757,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/6708.c6a3daf9dd10d19220e9.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:34.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/6708.c6a3daf9dd10d19220e9.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-24bd\"\r\nexpires: Sat, 14 Feb 2026 16:34:34 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9405,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9351)","md5":"baf8171b8a5ad8cf05d6e08fdfe5c66f","sha1":"74e28fd21ca8ca8bbf4949f8509da801c14517dc","sha256":"c2495ada558d6816c759886b28860492ec60dbed76bd5a151701517cddfc90d9","sha512":"a30b8cb9e778dad9bd818ce9fe53d8a53cbfe23ed623451b48fca350b260953db3feeb15cd03471aff34516b5fcd0b8f4665044bf50124cb2768f0f6d6c1f741","ssdeep":"192:KIKfyWQPKyT1/Ca7mBP+WiYUpahWqPBdLKM/GtiV0D1UYf1r:KIwyWFyTMtB+XYUshDPBRKMFY1UYf1r","tlshash":"a212d896a131747e62aa84d5e2140b027e36d5587c09a2bdf73c7cfb2d9640a34bcf78","first_seen":"2026-01-25T19:31:06.22267Z","last_seen":"2026-06-02T15:33:17.779081Z","times_seen":31,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/7784.ceaddb18016a000281b7.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/7784.ceaddb18016a000281b7.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 22:05:21 GMT\r\netag: W/\"6949c0a1-5268\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21096,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20959)","md5":"1b6a1d0f75aa9e357af17942cf43dc37","sha1":"f0c9356156e80becdfecd22a7df95ad0e5d9764b","sha256":"2b23702791ff873f03f46ede8ad50407c95e304f7f81e069ad6f415cd9bbf86c","sha512":"66061712b71b338272151502df5c1b5a867d41efe3513842bd21cb26fefe88ed56d3ee43904e952668ace943e0c3bb8541524f308423c2ed17e31ffdfdaaf5af","ssdeep":"384:2AfpRdH3KLSWInGDrQ+YW5LhoASLv5S8VwktQ0CSRU6f/k5MC6LEmYwt/9RXC6i5:2AfpRdX+DrQ2LhoASLFtQUU63k5MC6Lm","tlshash":"b892187a56ad058252ec48e90ccb1c9951b8e0233c871d7e5174fdd630f28d7e2ead79","first_seen":"2025-11-20T01:35:27.898761Z","last_seen":"2026-06-02T15:33:17.774942Z","times_seen":47,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/js/app.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/","date":"2026-02-14T15:34:30.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /js/app.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 06 May 2023 05:54:26 GMT\r\netag: W/\"6455eb92-282d49\"\r\nexpires: Sat, 14 Feb 2026 16:34:30 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2633033,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"fd7e668d42d17f3834f7c12b24e6cb0c","sha1":"0dfef1b2476a765461835145516ac53af16ccbc9","sha256":"569a476867e274991780c4daa38ab3d3cfb653490dbb35935034970e0ff194ff","sha512":"fd49ece3ece6565b818239fd0c4562e75e9496afdd38423ad84dabdd42f0483634b5e30d3557a52b57569e975011d55363549302c4f7ca000625745c12fb8e56","ssdeep":"12288:ZFCAE62iy5d7BfrY98MiGM5yiAnCcZx7EU+kL1tJulBGmOAwQNl:+7Bfi8MVjl/7EU+kL1tJubGUl","tlshash":"85250698b58eb0799ba37572549f610ba2b45964780c4406f3f4e4ea2cf84cb8c37f79","first_seen":"2025-10-21T23:13:11.596968Z","last_seen":"2026-05-09T15:56:38.505407Z","times_seen":6,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/6805.20e07b81ad525efcb177.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:35.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/6805.20e07b81ad525efcb177.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-1cee\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7406,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7352)","md5":"d0b5d78516ca99d915f71308c47531af","sha1":"208d9aa7e1d08492c590fdf3a2544779681f1444","sha256":"88819a2d8cbc2d3a10de6a6d5636fa8c29139cbadd93d986c2270e9132c6fb25","sha512":"a2069836bd96764aa4ee79537f0489ad7cd578453de7c4164611ed79a0ef00ab88a95b0d70a4d588477c45f06613c2ff91ed6ca33f9091c558c3aac2fcd10e53","ssdeep":"192:TNqqTgmYJN52V76EjpEYbDTk5iXgz+oY1:TTTgmYJN52VbpfrHXgz+oI","tlshash":"cbe1d4d23752153ee3869dc8ed3e1093a0a1d9683a2881a4777a6cd77d27ec1e071f93","first_seen":"2026-01-25T19:31:06.224888Z","last_seen":"2026-02-22T08:42:27.580712Z","times_seen":26,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/redirect.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:31.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/redirect.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:31 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 325\r\nlast-modified: Mon, 21 Oct 2024 03:28:41 GMT\r\netag: \"6715ca69-145\"\r\nexpires: Sat, 14 Feb 2026 16:34:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":325,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"17773b57b87a678c98e26a7cac72df6c","sha1":"7422857aa75ee81cabcec2eed6c4a6168f363ee1","sha256":"375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f","sha512":"28d9e1c2af08154e653e2291db46f4110edbf9f5591192f8d695c8852f9c3c755d69dfb5a032a45f51e0a3fc9417f16c20d0772b1225ca9b85e5531e12fa8bfc","ssdeep":"","tlshash":"e8e07dda0279030417e013f36d82b4709137c2fb604c5d028d984321a1b9b4f5b7b84f","first_seen":"2023-07-27T09:32:34Z","last_seen":"2026-06-13T09:01:11.041588Z","times_seen":11482,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/6805.20e07b81ad525efcb177.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:34.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/6805.20e07b81ad525efcb177.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 20 Jan 2026 11:15:15 GMT\r\netag: W/\"696f63c3-1cee\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7406,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7352)","md5":"d0b5d78516ca99d915f71308c47531af","sha1":"208d9aa7e1d08492c590fdf3a2544779681f1444","sha256":"88819a2d8cbc2d3a10de6a6d5636fa8c29139cbadd93d986c2270e9132c6fb25","sha512":"a2069836bd96764aa4ee79537f0489ad7cd578453de7c4164611ed79a0ef00ab88a95b0d70a4d588477c45f06613c2ff91ed6ca33f9091c558c3aac2fcd10e53","ssdeep":"192:TNqqTgmYJN52V76EjpEYbDTk5iXgz+oY1:TTTgmYJN52VbpfrHXgz+oI","tlshash":"cbe1d4d23752153ee3869dc8ed3e1093a0a1d9683a2881a4777a6cd77d27ec1e071f93","first_seen":"2026-01-25T19:31:06.224888Z","last_seen":"2026-02-22T08:42:27.580712Z","times_seen":26,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/rlottie-wasm.b8cd14b929a7127811bd.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/rlottie-wasm.b8cd14b929a7127811bd.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 22:05:21 GMT\r\netag: W/\"6949c0a1-10001\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65537,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f9197a18681b7cc4f51b1911286902b0","sha1":"3f585990b02c98c9d787cb74c2a52fdf5d753b98","sha256":"bed5811a3341e35e206eaf3a0518c50edfe50ee9da37480286ac38ff29813c0d","sha512":"9679389c7ae84ee258a31c28e0da91ca3885c491f3e15e544d04c0bbb73c820e03ef8a834d96be0d29305534b18302f2b0110d9361e1d5f34a0fed38912550cd","ssdeep":"768:O6g4cP2yQ6eO0PDlgTdxHzvszXIn2B1ARnv76AeuFYNYjYxRrqhlr3NKR:O1Q6eOyQ5UzXpmK8y1alr8R","tlshash":"2c53e88535d9b0ab42837878946f310bf1ab6d52681c8410db1dd4dabcb4e49e63ffe8","first_seen":"2025-08-04T01:39:06.738468Z","last_seen":"2026-06-12T06:27:36.528442Z","times_seen":178,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-02-14","alert":"Hunting_JS_WebAssembly","trigger":"web.telegram.org/a/rlottie-wasm.b8cd14b929a7127811bd.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"verifybot.click/","fqdn":"verifybot.click","domain":"verifybot.click","tld":"click"},"ip":{"addr":"104.21.36.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T15:34:29.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"verifybot.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 09:59:33 GMT","end":"Fri, 24 Apr 2026 10:53:24 GMT"},"fingerprint":{"sha1":"20:C0:C8:33:95:66:4B:86:E9:F4:6A:10:C6:DD:DD:3D:24:04:DA:D5","sha256":"45:40:EE:84:09:1F:DD:BE:4E:F8:59:F6:DB:01:E3:ED:DC:3B:AE:11:A4:C3:39:A4:F2:1D:E5:97:ED:BA:CC:24"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: verifybot.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 14 Feb 2026 15:34:30 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://web.telegram.org/\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B0%2BZLNzz%2BNmJmlQu3Z7yb1NZg6RUBitfyHeQ7J%2B3gz0cAmzbp1HK5O%2BxkOiKfqwFYvwKY4oKtYhah2Bvd%2Fq4cQnbi3jhP%2FoCZJrLQml4Jg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9cdda1450a9c90fd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1587,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T09:48:57.028044Z","times_seen":16383237,"resource_available":true,"data":null}},"time_used":760,"timings":{"blocked":73,"dns":47,"connect":8,"send":0,"wait":610,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"verifybot.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"verifybot.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"verifybot.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/favicon.svg","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:32.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/favicon.svg HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:32 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 892\r\nlast-modified: Mon, 21 Oct 2024 03:28:41 GMT\r\netag: \"6715ca69-37c\"\r\nexpires: Sat, 14 Feb 2026 16:34:32 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":892,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d9ee2d4b0edd9f8ba2fb7242162c2c47","sha1":"398522893cf2cdefb5176f11bc67eab31c2d7382","sha256":"a462f1c5333e16b48335054493cfd1d0a13a96847b4b9ffe2cf24403e6e86010","sha512":"e404678e96fe6f6d1fe6c1390e4a64d90844a2d8903f84f1a34b23137593da5ba04112d9504b8bf480b392b294830a363344c5767e3bb5b7a3cb6f5df2a3aa45","ssdeep":"","tlshash":"97114493d060e71ad4c9e16bef61fca0116720cee5b745d485d95a34500fcdbfc08668","first_seen":"2023-05-09T00:01:39Z","last_seen":"2026-06-13T09:01:11.047324Z","times_seen":13982,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/icon-192x192.png","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://web.telegram.org/a/","date":"2026-02-14T15:34:32.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/icon-192x192.png HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 3059\r\nlast-modified: Mon, 21 Oct 2024 03:28:41 GMT\r\netag: \"6715ca69-bf3\"\r\nexpires: Sat, 14 Feb 2026 16:34:32 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3059,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"1a1650d2c76bfc1ac484646c19e495b9","sha1":"fe58d66042ce9241226f5da9370230285ff604fc","sha256":"6e587a62c9d7a97f25265ab5eb29d101ad2e36810042a4116d2dd29da96b0bf8","sha512":"79c5c9278959bc94f66434779bebc1b46c055655f0bc58aa375f179c227e7ac0e52dea196764719d42aadcf98e4fd3b5a4488f2db977edde430aa3df733c03bc","ssdeep":"","tlshash":"bd514cd3253318e8e2dbfd7ace62041f656691ce5638ec120568de720c8985dc070caa","first_seen":"2023-05-16T22:57:55Z","last_seen":"2026-06-13T09:01:11.036448Z","times_seen":16398,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/a/rlottie-wasm.b8cd14b929a7127811bd.js","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://web.telegram.org/a/6805.20e07b81ad525efcb177.js","date":"2026-02-14T15:34:35.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /a/rlottie-wasm.b8cd14b929a7127811bd.js HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/a/6805.20e07b81ad525efcb177.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 22:05:21 GMT\r\netag: W/\"6949c0a1-10001\"\r\nexpires: Sat, 14 Feb 2026 16:34:35 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65537,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f9197a18681b7cc4f51b1911286902b0","sha1":"3f585990b02c98c9d787cb74c2a52fdf5d753b98","sha256":"bed5811a3341e35e206eaf3a0518c50edfe50ee9da37480286ac38ff29813c0d","sha512":"9679389c7ae84ee258a31c28e0da91ca3885c491f3e15e544d04c0bbb73c820e03ef8a834d96be0d29305534b18302f2b0110d9361e1d5f34a0fed38912550cd","ssdeep":"768:O6g4cP2yQ6eO0PDlgTdxHzvszXIn2B1ARnv76AeuFYNYjYxRrqhlr3NKR:O1Q6eOyQ5UzXpmK8y1alr8R","tlshash":"2c53e88535d9b0ab42837878946f310bf1ab6d52681c8410db1dd4dabcb4e49e63ffe8","first_seen":"2025-08-04T01:39:06.738468Z","last_seen":"2026-06-12T06:27:36.528442Z","times_seen":178,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-02-14","alert":"Hunting_JS_WebAssembly","trigger":"web.telegram.org/a/rlottie-wasm.b8cd14b929a7127811bd.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T15:34:30.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:30 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 25 Oct 2023 19:17:17 GMT\r\netag: W/\"653969bd-633\"\r\nexpires: Sat, 14 Feb 2026 16:34:30 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1587,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1586)","md5":"72185d31a0f89aeb823542338721d3af","sha1":"ade80d63eac4e6902591b4f3a5c1fdb45e9c5c6e","sha256":"7f4a55f8b3642929c5e19f41fd363c938a995dceb9bb4c1c183f3e09a21164d0","sha512":"4c1a670714e1a66dba0228863987dea136445d4596bac51c93bd1abb0341151c09a95cb58232983419c502d17cc98812a7655ec82762cc89afac21dd46ccf20f","ssdeep":"","tlshash":"be31cd23df24d80d2261417af56ab08dc95ac50de5a05591bbd059ef9ce2ff4a0f3237","first_seen":"2023-11-13T03:35:07Z","last_seen":"2026-05-10T23:38:07.175334Z","times_seen":50,"resource_available":true,"data":null}},"time_used":410,"timings":{"blocked":194,"dns":16,"connect":23,"send":0,"wait":23,"receive":0,"ssl":151},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.telegram.org/css/app.css","fqdn":"web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://web.telegram.org/","date":"2026-02-14T15:34:30.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /css/app.css HTTP/1.1\r\nHost: web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.telegram.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 14 Feb 2026 15:34:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 18 Dec 2020 13:53:22 GMT\r\netag: W/\"5fdcb452-2ee4f\"\r\nexpires: Sat, 14 Feb 2026 16:34:30 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: deny\r\nx-served-by: meta4240517\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":192079,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (556)","md5":"9800f784d00ac7a3515484676b730bcb","sha1":"93a5e9d8631d889ec17686c287d5f6ffe21704fd","sha256":"ab24b8258e6d00603702753a091af931e3995de0059ab0aadc1bf8700a8cb37e","sha512":"068a47f6e81c8bfc665c3f36a8c0454ef007cc7ef20b2ab559bdb549b89206cf5c9b078607e56a1e42e495c3ea22e214d6caf7b3b725c58e61cf2f8836e35d83","ssdeep":"1536:M5Ab7X71glCQeWXl42vaYaWp/HSPcIzGY3I91NPNrZBXxxVYRR:Mwqta3qaI913VYRR","tlshash":"1b14e671a520316e7027c526b4e1eec63a188043e5ab5ffff23b65b8c7895c91633b46","first_seen":"2023-05-31T01:38:55Z","last_seen":"2026-06-05T17:30:37.93947Z","times_seen":194,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}