Report - telegram-login.xyz/

Report Overview

Submitted URL
telegram-login.xyz/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-06 23:46:23
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2023-06-06	447 B	32 kB	69.16.175.42
telegram-login.xyz	unknown	unknown	No data	No data	1.8 kB	40 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-06-06	medium	telegram-login.xyz/
2023-06-06	medium	telegram-login.xyz/
2023-06-06	medium	telegram-login.xyz/login
2023-06-06	medium	telegram-login.xyz/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.3.min.js	90 kB	2023-03-10	2024-04-26
Pretty URL code.jquery.com/jquery-3.6.3.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:24:46 Last Seen2024-04-26 01:41:24 Times Seen17460 Hash cf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Loading...

	telegram-login.xyz/login	0 B	2023-03-07	2024-04-26
Pretty URL telegram-login.xyz/login IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 04:42:48 Times Seen37083305 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (5)

URL IP Response Size

code.jquery.com/jquery-3.6.3.min.js

69.16.175.42

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.3.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://telegram-login.xyz/login
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (31046 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /jquery-3.6.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://telegram-login.xyz
DNT: 1
Connection: keep-alive
Referer: https://telegram-login.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 06 Jun 2023 23:46:06 GMT
content-encoding: gzip
content-length: 31046
content-type: application/javascript; charset=utf-8
last-modified: Tue, 20 Dec 2022 21:10:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"63a224d0-15f5b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1686095166.dop227.sk1.t,1686095166.cds222.sk1.hn,1686095166.cds262.sk1.c
X-Firefox-Spdy: h2

telegram-login.xyz/static/telegram-logo.1b2bb5b107f046ea9325.svg

188.114.97.1

200 OK

932 B

URL GET HTTP/3
telegram-login.xyz/static/telegram-logo.1b2bb5b107f046ea9325.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://telegram-login.xyz/login
Certificate
IssuerGoogle Trust Services LLC
Subjecttelegram-login.xyz
Fingerprint12:01:FC:24:E3:44:EC:FD:AC:E0:0B:9F:EE:E4:34:6D:5B:8B:DF:CF
ValiditySun, 04 Jun 2023 18:18:35 GMT - Sat, 02 Sep 2023 18:18:34 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (969), with no line terminators
Size
932 B (932 bytes)
Hash
130f977f6ad73b175bee17ac74c474c6
7c508151f8732d849eefa12c818464dc2e114800
a63594cf48dae6ba53c080c5c9b05349c61a8130a2fc4c6a70596831a1c46f0d

Detections

Analyzer	Verdict	Alert
openphish	Telegram

HTTP Headers

GET /static/telegram-logo.1b2bb5b107f046ea9325.svg HTTP/1.1
Host: telegram-login.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram-login.xyz/static/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 06 Jun 2023 23:46:06 GMT
content-type: image/svg+xml; charset=utf-8
last-modified: Thu, 18 May 2023 14:36:29 GMT
cache-control: public, max-age=43200
expires: Wed, 07 Jun 2023 11:46:06 GMT
etag: W/"1684420589.073519-932-603657898"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvadGj%2FiYC%2F1LjivUJDk5Uqsoxh2D78SeEEAKl%2Bk7HdAmkfGd7%2BrnviFHpOH9nnN9TyYA2pDO3XBvxqnY6bHgZE9x8u8PkXqVyrs94VjZWmYrb6WF4H5tL3HXpyrMzktzqZx9XU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d348866bdc2b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

telegram-login.xyz/favicon.ico

188.114.97.1

404 Not Found

207 B

URL GET HTTP/3
telegram-login.xyz/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://telegram-login.xyz/login
Certificate
IssuerGoogle Trust Services LLC
Subjecttelegram-login.xyz
Fingerprint12:01:FC:24:E3:44:EC:FD:AC:E0:0B:9F:EE:E4:34:6D:5B:8B:DF:CF
ValiditySun, 04 Jun 2023 18:18:35 GMT - Sat, 02 Sep 2023 18:18:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
207 B (207 bytes)
Hash
e2acb3cce9b737a3ee36ba74cd0909f8
e37442f2c2e2c84b26782a9a52654e896f726a07
b7776e4089084a066608fe6ca8d0d2a6238d8d47e64bc049d233235f7f371882

Detections

Analyzer	Verdict	Alert
openphish	Telegram

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: telegram-login.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram-login.xyz/login
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 06 Jun 2023 23:46:06 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JsUlne2WXKoE6RDO8cDxnEtw7AFb2RFkETFcjtMMNyJxIc8WY4WP3yZyPW9i8wr5DxkJiTDHOPS6SUYxm8KOfwGb3yRMMvgNSdE6IStvkcfFUPTRyw34eKgffZFwDnXgAd0gig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d3488678e2eb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

telegram-login.xyz/login

188.114.97.1

200 OK

5.0 kB

URL User Request GET HTTP/3
telegram-login.xyz/login
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecttelegram-login.xyz
Fingerprint12:01:FC:24:E3:44:EC:FD:AC:E0:0B:9F:EE:E4:34:6D:5B:8B:DF:CF
ValiditySun, 04 Jun 2023 18:18:35 GMT - Sat, 02 Sep 2023 18:18:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (5105), with no line terminators
Size
5.0 kB (4954 bytes)
Hash
b69bf9e24d9af51da108ab74eee5c5e9
e2fbceaca3d2b5a926b88f75d5e805909d04fffd
cbd431a544416ec35cd7b2dc5d08172183b88ec30b291baa0e83a9cd5161f8e0

Detections

Analyzer	Verdict	Alert
openphish	Telegram

HTTP Headers

GET /login HTTP/1.1
Host: telegram-login.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 06 Jun 2023 23:46:06 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx3HEM8N5Y0ywtk%2BAXxZKr2xOFtAFQSHQwoWEK9qikZ%2BxPKIPg3289ekWMmniMeioiJ7cU0irlPTm4O4JTUx6iCH2gyfXVrYav3iNevI31hyqKz8ViUaCHyQDLohHbrffm8SRhU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d348863fbfcb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

telegram-login.xyz/static/styles.css

188.114.97.1

200 OK

32 kB

URL GET HTTP/3
telegram-login.xyz/static/styles.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://telegram-login.xyz/login
Certificate
IssuerGoogle Trust Services LLC
Subjecttelegram-login.xyz
Fingerprint12:01:FC:24:E3:44:EC:FD:AC:E0:0B:9F:EE:E4:34:6D:5B:8B:DF:CF
ValiditySun, 04 Jun 2023 18:18:35 GMT - Sat, 02 Sep 2023 18:18:34 GMT

File type
ASCII text, with very long lines (486)
Size
32 kB (31630 bytes)
Hash
945b9497fab90bd84b2b83aac86165dd
04cd0ed3d79dd658dae1f8a2e4a9c236fd6b822a
b3e77379ba8d163b7585972f2a3a7d6dd8d2561038d1b164ff2b2c265a77e3d3

Detections

Analyzer	Verdict	Alert
openphish	Telegram

HTTP Headers

GET /static/styles.css HTTP/1.1
Host: telegram-login.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram-login.xyz/login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 06 Jun 2023 23:46:06 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 18 May 2023 14:37:11 GMT
cache-control: public, max-age=43200
expires: Wed, 07 Jun 2023 11:46:06 GMT
etag: W/"1684420631.774571-31630-400035481"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMeylgLavopsPIZpYtHVXxAQ1wytANW%2FbUUdY2Yl1eVwkf64U1MO%2F8joVvWVAX0eEwkRM%2FGdgjmCdKtrm%2FSuF1HX9stgxN7J2aKI3lZib6JJlZOqrvJYOXxK5uD3%2FlHiJf2f2pI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d3488654cc0b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/3

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3