Report - teleghfvg.forum/k/

Report Overview

Visitedpublic

2025-04-05 12:26:34

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
teleghfvg.forum	unknown	2025-04-02	2025-04-05	2025-04-05	12 kB	1.4 MB	104.21.76.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed
2025-04-05	medium	teleghfvg.forum	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	teleghfvg.forum/k/redirect.js	ScriptElement	325 B	2023-07-27	2025-08-01
URL teleghfvg.forum/k/redirect.js IP / ASN 104.21.76.110 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-07-27 Last Seen 2025-08-01 Times Seen 10387 Size 325 B (325 bytes) MD5 17773b57b87a678c98e26a7cac72df6c SHA1 7422857aa75ee81cabcec2eed6c4a6168f363ee1 SHA256 375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f Format Code Loading...

	teleghfvg.forum/k/compatTest.js	ScriptElement	2.5 kB	2024-06-30	2025-07-31
URL teleghfvg.forum/k/compatTest.js IP / ASN 104.21.76.110 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-06-30 Last Seen 2025-07-31 Times Seen 11463 Size 2.5 kB (2544 bytes) MD5 da7800ea928a021f2539ab41e6f2323e SHA1 0141da1dc85ca8f34212f3dde2fac9bf61f5adb7 SHA256 15c24ec2b4cb94f24e66750f09e7071e5659e20a5ed926f69f565e20a81027cf Format Code Loading...

	teleghfvg.forum/k/main.d54bfa037348b154a941.js	ScriptElement	296 kB	2024-12-10	2025-07-12
URL teleghfvg.forum/k/main.d54bfa037348b154a941.js IP / ASN 104.21.76.110 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-10 Last Seen 2025-07-12 Times Seen 8406 Size 296 kB (296503 bytes) MD5 a04bc08436674f0eba06d5c190dc6fe5 SHA1 3d0a8dbececd918da43706976766e246262d254d SHA256 4c70083f389a2fafc6a5f3c35179243623b4416cab07a1c6ce08d3f7c1ddb2ae Format Code Loading...

	teleghfvg.forum/k/8673.1b6dd8d303b0535cc1f8.js	ScriptElement	11 kB	2024-12-10	2025-07-31
URL teleghfvg.forum/k/8673.1b6dd8d303b0535cc1f8.js IP / ASN 104.21.76.110 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-10 Last Seen 2025-07-31 Times Seen 10467 Size 11 kB (10696 bytes) MD5 ea8d5208dada45e8d0844877a7c93db6 SHA1 45d98fbe3dae09a988cccd836d39016c5100f313 SHA256 25f447387cefb643c04e0aa816e21edf562ebe9b7e3f7b808bdb179154fc17b8 Format Code Loading...

HTTP Transactions (26)

URL IP Response Size

GET teleghfvg.forum/k/rlottie-wasm.f013598f1b2ba719f25e.js

104.21.76.110

200 OK

66 kB

URL

teleghfvg.forum/k/rlottie-wasm.f013598f1b2ba719f25e.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2024-05-16

Last Seen2025-08-01

Times Seen11547

Size66 kB (65591 bytes)

MD54441938ee433d3657c20d454d352a336

SHA1dd67121d7fda7c17be196f60c72dfa06bcb5bc6f

SHA256659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:21 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pa4eDFWxdXs9crspbJ9d6dI8HQinrr9ln3X8wPZ%2BY1aWawZbRrhLqBak6DXP4A7JU%2BmGxoob%2FjFcCRcCrwbJYazt3eV4SuIcycfm2neAvU63ecdr3puivX8mY6SSlbpgqW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:57 GMT
vary: Accept-Encoding
etag: W/"67d2d475-10037"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
cf-ray: 92b908882c681c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=7654&x=16"

GET teleghfvg.forum/k/7784.df07a876b22e3b2a83e9.js

104.21.76.110

200 OK

22 kB

URL

teleghfvg.forum/k/7784.df07a876b22e3b2a83e9.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeJavaScript source, ASCII text, with very long lines (21340)

First Seen2024-12-12

Last Seen2025-07-31

Times Seen10263

Size22 kB (21477 bytes)

MD5a0980d43cea486530c30f9f5e1c1b5e4

SHA1deec93f70f8b813b479137075afa6a0a3a25b8bd

SHA2564b5eeb1400e5118a1aff286d9a6cf893bd7c08fc8247c62116238ea587890e9e

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/7784.df07a876b22e3b2a83e9.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:20 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WeGStzaISA1uCmtk2DRO%2B2OxkCvAtzr0t8tvPSc0d7Ps6XxLWSmjTrOCCKbZZQ1U22J1zjbDiD5Uzo4cD0%2BYHWzDtDHyVQ%2FjelJZ6VXYZ6UiihitMvmiG1b36jktHkxzcOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-53e5"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
cf-ray: 92b908811c4d1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=6357&x=16"

GET teleghfvg.forum/k/rlottie-wasm.f013598f1b2ba719f25e.js

104.21.76.110

200 OK

66 kB

URL

teleghfvg.forum/k/rlottie-wasm.f013598f1b2ba719f25e.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2024-05-16

Last Seen2025-08-01

Times Seen11547

Size66 kB (65591 bytes)

MD54441938ee433d3657c20d454d352a336

SHA1dd67121d7fda7c17be196f60c72dfa06bcb5bc6f

SHA256659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:21 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZoYlH1yB6U%2BxmfRXO3EeVDtzxG3H9%2BIPcmJ8oH3QkI56FKsERoE%2B4o2%2F%2BS1hvbGBUFuFMGYJLIdLXqKovwcX3Lnh914UVFkevbCd6ZHX9fR60HpNBAuXJNY77JZ5kRRoJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:57 GMT
vary: Accept-Encoding
etag: W/"67d2d475-10037"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
cf-ray: 92b908883c6a1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=7641&x=16"

GET teleghfvg.forum/k/7784.df07a876b22e3b2a83e9.js

104.21.76.110

200 OK

22 kB

URL

teleghfvg.forum/k/7784.df07a876b22e3b2a83e9.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeJavaScript source, ASCII text, with very long lines (21340)

First Seen2024-12-12

Last Seen2025-07-31

Times Seen10263

Size22 kB (21477 bytes)

MD5a0980d43cea486530c30f9f5e1c1b5e4

SHA1deec93f70f8b813b479137075afa6a0a3a25b8bd

SHA2564b5eeb1400e5118a1aff286d9a6cf893bd7c08fc8247c62116238ea587890e9e

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/7784.df07a876b22e3b2a83e9.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:20 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qiKaBMUYX0L6MtZI89dGozlf9kzMWX7HBtDeoiaXbSYNqJ7iqfBBYyxDJOdeJ%2Fy16ne7zp4R1p5FfKIXVLZeG8llKLT2Mtj3SUcdcC22fbPJvI0mZv%2BbRef%2B3OnaDNjGNzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-53e5"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
cf-ray: 92b908811c4a1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=6369&x=16"

GET teleghfvg.forum/k/5905.db5d2749ecb90aaf2752.js

104.21.76.110

200 OK

140 kB

URL

teleghfvg.forum/k/5905.db5d2749ecb90aaf2752.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2024-12-10

Last Seen2025-07-31

Times Seen10294

Size140 kB (140233 bytes)

MD5fdd268f67cf5c4f79320041e3d156e98

SHA1d66194ee702467dd19130dee59bd824990f5bc71

SHA25636e5ef6880e869bdf9ef2119932dbac7330513aefc50839cc2a6fdde7b519967

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/5905.db5d2749ecb90aaf2752.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:20 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BB%2BmNIzP7UZkx3%2B%2BTAg7Unf127saAhRzVoDBjpCvXJvKduoN5c0xPlB0VFNtYSrNNT1SyIvZ7yRz2Xza%2FhomnxCysYGx2r7oVrL5hXvxzsRsNeQTWZFOqOMWNN8lHv3uYrE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-223c9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
cf-ray: 92b908845c601c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=6965&x=16"

GET teleghfvg.forum/k/compatTest.js

104.21.76.110

200 OK

2.5 kB

URL

teleghfvg.forum/k/compatTest.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (2610), with no line terminators

First Seen2024-08-08

Last Seen2025-04-06

Times Seen2323

Size2.5 kB (2544 bytes)

MD56cfbdd49583de4aef06544f30e1eafb9

SHA1b852473e5433f95a06bf58c7e625876a14358422

SHA2569f053b9be11ee313213aaf4d5269f4a011e068ed6eaf12a557634381fc42c9ec

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/compatTest.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 05 Apr 2025 12:26:14 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-9f0"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b9085eca58f5e0-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET teleghfvg.forum/k/notification.mp3

104.21.76.110

206 Partial Content

11 kB

URL

teleghfvg.forum/k/notification.mp3

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo

First Seen2023-05-16

Last Seen2025-08-01

Times Seen12897

Size11 kB (10880 bytes)

MD5eba09b6a457792c52fc610b5f9f974b3

SHA195e6e0f7648e28ea21bc434054ea59aba3a35aea

SHA25686093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/notification.mp3 HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Sat, 05 Apr 2025 12:26:16 GMT
content-type: audio/mpeg
content-length: 10880
vary: Accept-Encoding
last-modified: Thu, 13 Mar 2025 12:49:57 GMT
etag: "67d2d475-2a80"
accept-ranges: bytes
content-range: bytes 0-10879/10880
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b908696bea1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mcXK0noTFRrELtsArroY0vJ%2BtGVXzUVUOjS91oGpDCs4qjeMtm%2FCiuqbPLGk9iPpDdrmNfEk8bi6n5QjM%2FIo9%2BBKEKenI6a%2Fzg%2FXdxIKg%2F26rppBzjl2cdIR72mAGUAOMC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=2511&x=16"

GET teleghfvg.forum/k/7784.df07a876b22e3b2a83e9.js

104.21.76.110

200 OK

22 kB

URL

teleghfvg.forum/k/7784.df07a876b22e3b2a83e9.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeJavaScript source, ASCII text, with very long lines (21340)

First Seen2024-12-12

Last Seen2025-07-31

Times Seen10263

Size22 kB (21477 bytes)

MD5a0980d43cea486530c30f9f5e1c1b5e4

SHA1deec93f70f8b813b479137075afa6a0a3a25b8bd

SHA2564b5eeb1400e5118a1aff286d9a6cf893bd7c08fc8247c62116238ea587890e9e

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/7784.df07a876b22e3b2a83e9.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:20 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IwC9S9mR3%2FPMaZ5Rd5EC59tPpnMAw5rnPAGbgP4uw0CHlSfFoYM9jfumLPuvE1bns9ztMJj6TgYniE4uJXlJvkvNiOwSu9pg1a%2FulhNgkxghtFrRMiAoSdzOGKBfsIn0BRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-53e5"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b908811c4c1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=6293&x=16"

GET teleghfvg.forum/k/5905.db5d2749ecb90aaf2752.js

104.21.76.110

200 OK

140 kB

URL

teleghfvg.forum/k/5905.db5d2749ecb90aaf2752.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2024-12-10

Last Seen2025-07-31

Times Seen10294

Size140 kB (140233 bytes)

MD5fdd268f67cf5c4f79320041e3d156e98

SHA1d66194ee702467dd19130dee59bd824990f5bc71

SHA25636e5ef6880e869bdf9ef2119932dbac7330513aefc50839cc2a6fdde7b519967

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/5905.db5d2749ecb90aaf2752.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:20 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C6VcCmh%2FWK5%2BbHxYBLzGp2u8gJiYNwMd0q%2FhP5qtNuQeAy1i8jW%2BwG3RwHPWHhPAzzlkKjNeZ2AXHDAbn1d%2FPCOMybz6RUQpTY2LQ8bSDu9LjhA341239S%2Bje6vqTIW0pRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-223c9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
cf-ray: 92b908842c5e1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=6958&x=16"

GET teleghfvg.forum/k/rlottie-wasm.f013598f1b2ba719f25e.js

104.21.76.110

200 OK

66 kB

URL

teleghfvg.forum/k/rlottie-wasm.f013598f1b2ba719f25e.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2024-05-16

Last Seen2025-08-01

Times Seen11547

Size66 kB (65591 bytes)

MD54441938ee433d3657c20d454d352a336

SHA1dd67121d7fda7c17be196f60c72dfa06bcb5bc6f

SHA256659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:21 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QB70Alveb17bTaVmXVgX%2FtO5vNzii%2BmFASjsIdFqJmtikhIytDGFfIv319eoZbrdDe4ysiidFjCUuGqVySQd6KjJIOxyFEOqeUSRFcvqPwjAb8sk5Yceo2t55B%2BL130%2BxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:57 GMT
vary: Accept-Encoding
etag: W/"67d2d475-10037"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b908882c691c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=7636&x=16"

GET teleghfvg.forum/k/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2

104.21.76.110

200 OK

11 kB

URL

teleghfvg.forum/k/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0

First Seen2023-04-05

Last Seen2025-08-01

Times Seen26577

Size11 kB (11016 bytes)

MD515fa3062f8929bd3b05fdca5259db412

SHA16ff06a34f68ad0324ddec1bbe4d453c959178b36

SHA2565d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/main.949acaf34f3882f511ff.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:16 GMT
content-type: font/woff2
content-length: 11016
vary: Accept-Encoding
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
etag: "67d2d474-2b08"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b908688be81c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1SktolqSZCcJ5tawnpDOGTEK7djfxPsCzCFKrqsFtG1LO5r0LIuZvmuFjoGL3ValA5MLcpWKPZbXaHb6inBpdmMvAfM%2BZv6cm1OC%2B%2BgSLlUn0nEXkL958l8%2F%2BSwBfF1t%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=2399&x=16"

GET teleghfvg.forum/k/8673.1b6dd8d303b0535cc1f8.js

104.21.76.110

200 OK

11 kB

URL

teleghfvg.forum/k/8673.1b6dd8d303b0535cc1f8.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (10642)

First Seen2024-12-10

Last Seen2025-07-31

Times Seen10467

Size11 kB (10696 bytes)

MD5ea8d5208dada45e8d0844877a7c93db6

SHA145d98fbe3dae09a988cccd836d39016c5100f313

SHA25625f447387cefb643c04e0aa816e21edf562ebe9b7e3f7b808bdb179154fc17b8

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/8673.1b6dd8d303b0535cc1f8.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:19 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1i8q8FULW8qpBVM9%2BKFJ5ivlEEAuYvhW4%2BaQVluVfLqh%2Fuh14CTh4%2BmGSCMNOL0S1xUxUTJtV3mEB%2FO63TAy%2FlIRqix7xzwF6%2Fv0a7U1i4qrvG6e6FQSgSFN%2B5d11OZZFvM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-29c8"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b9087b5c331c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=5385&x=16"

GET teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

104.21.76.110

200 OK

14 kB

URL

teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (14402)

First Seen2024-12-10

Last Seen2025-07-12

Times Seen8015

Size14 kB (14456 bytes)

MD56471dbad18ad444906e7a2bbac930e90

SHA12c1f84caf20c633205f7535b129ae069187ef14d

SHA2561fce51354cfb15e01d900a86d9806d476a4ceb7fd409a5f2744e8bb81fab56e8

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/2976.4e6e9b1254ce313f06c5.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:19 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Asd5JEMmN4xeX8zR5zVTNQIpQA8wush7ChSYyxby0CJqjPkJtXNNL9FywmC02lGqJaBdQvzzOHmaY9jIO7tC01wf4IyrqKkFESnVPH1wo4TPNjunJ1%2FqSzCeKLP75Ivl0h8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-3878"
content-encoding: gzip
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 92b9087e5c421c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=5846&x=16"

GET teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

104.21.76.110

200 OK

14 kB

URL

teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (14402)

First Seen2024-12-10

Last Seen2025-07-12

Times Seen8015

Size14 kB (14456 bytes)

MD56471dbad18ad444906e7a2bbac930e90

SHA12c1f84caf20c633205f7535b129ae069187ef14d

SHA2561fce51354cfb15e01d900a86d9806d476a4ceb7fd409a5f2744e8bb81fab56e8

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/2976.4e6e9b1254ce313f06c5.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:19 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qd%2FUXcvdvG3czU6IpWPXmhRrA2czDgmjFzfoTvS6eG%2FRJvok13JSWKpXFimPi5fThjmBFzjyBDdOLAAlaMWYdx2jfd766C5D8leUG2IPdJz7kDE9%2BI%2FYiOzAYQ8oxtHbmAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-3878"
content-encoding: gzip
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 92b9087e5c431c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=5850&x=16"

GET teleghfvg.forum/k/7784.df07a876b22e3b2a83e9.js

104.21.76.110

200 OK

22 kB

URL

teleghfvg.forum/k/7784.df07a876b22e3b2a83e9.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeJavaScript source, ASCII text, with very long lines (21340)

First Seen2024-12-12

Last Seen2025-07-31

Times Seen10263

Size22 kB (21477 bytes)

MD5a0980d43cea486530c30f9f5e1c1b5e4

SHA1deec93f70f8b813b479137075afa6a0a3a25b8bd

SHA2564b5eeb1400e5118a1aff286d9a6cf893bd7c08fc8247c62116238ea587890e9e

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/7784.df07a876b22e3b2a83e9.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:20 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZ65JHjp2xJg9mdaw%2BuknjOINmaskKzHOtyGQuccRFgRBI%2BLB8RzlCweNkbSKRbn71N1eK6HKL5qSlwE0MkIYTNjxjtLYRoTqkcbeoijY6ZIGwiAgcdj7RMTv%2BC2z2qdJ6w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-53e5"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
cf-ray: 92b908811c4b1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=6378&x=16"

GET teleghfvg.forum/k/

104.21.76.110

200 OK

4.2 kB

URL

teleghfvg.forum/k/

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (4351), with no line terminators

First Seen2025-04-05

Last Seen2025-04-05

Times Seen1

Size4.2 kB (4174 bytes)

MD5674a02c3e1a98093f02f207823535909

SHA18ae36ed27646bb8a9681bb83772d969ef70125c7

SHA256fc2487ecade6b711f0981c8e9f67ce973c9e401d116153cfe66fb6b5b64d7ca7

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/ HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 05 Apr 2025 12:26:13 GMT
content-type: text/html
content-encoding: br
cf-ray: 92b90858dd3ff5e0-AMS
last-modified: Sun, 16 Mar 2025 09:30:48 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QMwRuTYl2dXDFAGucWR0VFK96ThyLwX0B83ans9q2CCc76cz1sURVqvR7WA5KAnNcIy8akAiYV%2BYO1UqwmX%2F2SfX47iSJIejvsv8KW%2BubaysFqTV9Xog%2BaxrZgb9CI5MZHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=24701&min_rtt=19530&rtt_var=12573&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3211&recv_bytes=1119&delivery_rate=218995&cwnd=251&unsent_bytes=0&cid=c35a5cfe9a875f10&ts=563&x=0"
X-Firefox-Spdy: h2

GET teleghfvg.forum/k/main.d54bfa037348b154a941.js

104.21.76.110

200 OK

296 kB

URL

teleghfvg.forum/k/main.d54bfa037348b154a941.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5605908

Size296 kB (296503 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/main.d54bfa037348b154a941.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 05 Apr 2025 12:26:14 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 13 Mar 2025 12:49:57 GMT
vary: Accept-Encoding
etag: W/"67d2d475-48637"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b9085eba54f5e0-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

104.21.76.110

200 OK

14 kB

URL

teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (14402)

First Seen2024-12-10

Last Seen2025-07-12

Times Seen8015

Size14 kB (14456 bytes)

MD56471dbad18ad444906e7a2bbac930e90

SHA12c1f84caf20c633205f7535b129ae069187ef14d

SHA2561fce51354cfb15e01d900a86d9806d476a4ceb7fd409a5f2744e8bb81fab56e8

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/2976.4e6e9b1254ce313f06c5.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:19 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2Fihko3wIVcBSigExzmVs0W6SOuvSAWUqCS%2FzbKtkpnwDe6p56APkpDF4Y6yistnsN0cuPj8Ani6YzypnHqw39CekTBPdY5HJabWz2YgELO3V40SKwmHVGc%2BrHM9y7f%2BEVU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-3878"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b9087e3c401c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=5852&x=16"

GET teleghfvg.forum/k/redirect.js

104.21.76.110

200 OK

325 B

URL

teleghfvg.forum/k/redirect.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeASCII text, with very long lines (336), with no line terminators

First Seen2023-08-11

Last Seen2025-04-06

Times Seen2257

Size325 B (325 bytes)

MD50f4bee764cf7e7080cc0c1a836d6c85a

SHA17cdea3a612218fe6898aa117eb4598d7d0dce420

SHA2569d8ec261dba46e501288de7aee04435dfe1d8728b0bf65a4a79c08e5c90a5b54

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/redirect.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 05 Apr 2025 12:26:14 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 13 Mar 2025 12:49:57 GMT
cache-control: max-age=14400
cf-cache-status: MISS
etag: W/"67d2d475-145"
content-encoding: br
cf-ray: 92b9085eba52f5e0-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET teleghfvg.forum/k/5905.db5d2749ecb90aaf2752.js

104.21.76.110

200 OK

140 kB

URL

teleghfvg.forum/k/5905.db5d2749ecb90aaf2752.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2024-12-10

Last Seen2025-07-31

Times Seen10294

Size140 kB (140233 bytes)

MD5fdd268f67cf5c4f79320041e3d156e98

SHA1d66194ee702467dd19130dee59bd824990f5bc71

SHA25636e5ef6880e869bdf9ef2119932dbac7330513aefc50839cc2a6fdde7b519967

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/5905.db5d2749ecb90aaf2752.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:20 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vkH5pcMun7UC4DGSJVbQIjaCk8pv8whITU4HBNyaZfQmEhT3e%2BB7YhRYK1Pkslp86t91w6DzkqtKRM70SxJaAFEqZt4LzqJhdjsFYO%2BtlS8ebU7UV3fCqIJFbbO1qfluV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-223c9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b90883ec5d1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=6959&x=16"

GET teleghfvg.forum/k/main.949acaf34f3882f511ff.css

104.21.76.110

200 OK

113 kB

URL

teleghfvg.forum/k/main.949acaf34f3882f511ff.css

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5605908

Size113 kB (113301 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/main.949acaf34f3882f511ff.css HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 05 Apr 2025 12:26:14 GMT
content-type: text/css
server: cloudflare
last-modified: Thu, 13 Mar 2025 12:49:57 GMT
vary: Accept-Encoding
etag: W/"67d2d475-1ba95"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b9085eba56f5e0-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET teleghfvg.forum/k/favicon.svg

104.21.76.110

200 OK

892 B

URL

teleghfvg.forum/k/favicon.svg

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2023-05-06

Last Seen2025-04-06

Times Seen3136

Size892 B (892 bytes)

MD5fbfd454715d8180275b32bd48770a483

SHA10716abb57416f83cfad3e17ff830039c0607b313

SHA256788c238be3597ef42c549caff599bb84e584790f43f7d6013d6a1987264bdbe1

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/favicon.svg HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
etag: W/"67d2d474-37c"
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 92b9086b0bf51c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hfELovDFSsezlErtO9QzLVNjKbDDin5yhHVDzCw84C03JHqzEaNkm5uLq%2BvJ6ff0G7Jd%2Fsmon2FJryMN9QuXbu1V5n3z6BPUrb8%2Foql8iGwPSxblEYgnQ%2BWmuuJGcQhS0ng%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=2767&x=16"

GET teleghfvg.forum/k/rlottie-wasm.f013598f1b2ba719f25e.js

104.21.76.110

200 OK

66 kB

URL

teleghfvg.forum/k/rlottie-wasm.f013598f1b2ba719f25e.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2024-05-16

Last Seen2025-08-01

Times Seen11547

Size66 kB (65591 bytes)

MD54441938ee433d3657c20d454d352a336

SHA1dd67121d7fda7c17be196f60c72dfa06bcb5bc6f

SHA256659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:21 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fhb2tanoT8oiYofUjA%2F6VmW6gB%2FrAt2JzHQEeP6%2B1kh7UoCr6k8nUaiDH%2BmTrN4FF70qMvKCBna68H6pcU4j2U1HMti%2BzqeNvtiTedDwgnVNaEo4o1BvY3GsCt%2FQZP9QfFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:57 GMT
vary: Accept-Encoding
etag: W/"67d2d475-10037"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
cf-ray: 92b908884c6b1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=7650&x=16"

GET teleghfvg.forum/k/icon-192x192.png

104.21.76.110

200 OK

3.1 kB

URL

teleghfvg.forum/k/icon-192x192.png

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typePNG image data, 192 x 192, 8-bit colormap, non-interlaced

First Seen2023-05-16

Last Seen2025-08-01

Times Seen12614

Size3.1 kB (3059 bytes)

MD51a1650d2c76bfc1ac484646c19e495b9

SHA1fe58d66042ce9241226f5da9370230285ff604fc

SHA2566e587a62c9d7a97f25265ab5eb29d101ad2e36810042a4116d2dd29da96b0bf8

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/icon-192x192.png HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:16 GMT
content-type: image/png
content-length: 3059
vary: Accept-Encoding
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
etag: "67d2d474-bf3"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 92b9086b0bf41c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2FR8X4Vfl1UJfvai1NsaZqnnOXxZfaSku0g1qCxxc1%2FH3TdbOf1QwH1sNlfyuUEBvaF%2FK7z%2B43ukUWkJiiuegzdoNxhDvObObbgwRe4M9JWAyLEr%2Bw8dKM9SiUVj087yUE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=2766&x=16"

GET teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

104.21.76.110

200 OK

14 kB

URL

teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (14402)

First Seen2024-12-10

Last Seen2025-07-12

Times Seen8015

Size14 kB (14456 bytes)

MD56471dbad18ad444906e7a2bbac930e90

SHA12c1f84caf20c633205f7535b129ae069187ef14d

SHA2561fce51354cfb15e01d900a86d9806d476a4ceb7fd409a5f2744e8bb81fab56e8

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/2976.4e6e9b1254ce313f06c5.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:19 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WLnzAgi9rw80RvXvXW7Y%2BJIRSsP0UHcYi3c%2FcYACwAR5X6SczS8xEeCXuy0zOwI8OioPqy6Ym8g3kgrXqRbYDhDR9PO0HHHYuPCMXNkhWjuv1pcY%2Bx1KN8eiKZdY875n4mw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-3878"
content-encoding: gzip
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 92b9087e5c411c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=5844&x=16"

GET teleghfvg.forum/k/5905.db5d2749ecb90aaf2752.js

104.21.76.110

200 OK

140 kB

URL

teleghfvg.forum/k/5905.db5d2749ecb90aaf2752.js

IP / ASN

104.21.76.110

#13335 CLOUDFLARENET

Requested byhttps://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2024-12-10

Last Seen2025-07-31

Times Seen10294

Size140 kB (140233 bytes)

MD5fdd268f67cf5c4f79320041e3d156e98

SHA1d66194ee702467dd19130dee59bd824990f5bc71

SHA25636e5ef6880e869bdf9ef2119932dbac7330513aefc50839cc2a6fdde7b519967

Certificate Info

IssuerGoogle Trust Services

Subjectteleghfvg.forum

FingerprintAA:97:B7:0F:03:DA:12:2A:AD:6E:4D:A9:68:B0:75:46:19:98:37:1B

ValidityWed, 02 Apr 2025 10:23:49 GMT - Tue, 01 Jul 2025 11:22:33 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /k/5905.db5d2749ecb90aaf2752.js HTTP/1.1
Host: teleghfvg.forum
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleghfvg.forum/k/2976.4e6e9b1254ce313f06c5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 05 Apr 2025 12:26:20 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uH4D8Z5wkXwXRbXq3OnoQXP04GEMuazaZSfFWvE86iNfSJwhG15S%2BV7Vq9rgxfB3yihQpcviCe0Nmdhyh5xCzI6sz1yQn5oHRq6NU6bsxEmYv16B2MM02bBcozqC6xlyxNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 13 Mar 2025 12:49:56 GMT
vary: Accept-Encoding
etag: W/"67d2d474-223c9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
cf-ray: 92b908844c5f1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7736&min_rtt=816&rtt_var=5126&sent=59&recv=85&lost=0&retrans=0&sent_bytes=6242&recv_bytes=6024&delivery_rate=1722&cwnd=12000&unsent_bytes=0&cid=a502607f989dea0f&ts=6974&x=16"