| | 172.67.213.219 | 200 OK | 5.2 kB |
URL User Request GET HTTP/1.1IP172.67.213.219:80
File typeHTML document, ASCII text, with very long lines (1757) Hasha092585e030cbba296a2778028b32488 5aefa1bf5e5b56cba25ba59e75741f59031d2a13 776b9fe7d614cd23a74ce0a0a361c6fa4372922d0442a764e559b733314aea70
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/ HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 04 Apr 2024 17:06:35 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ESnIfSk5PxnV2cc0OgNTWn9vaZACpUEfKixX8UnryaXueMsofZyEPBbykJmwoFj7U%2FdJBA2DVXJSIbtegr4G95G9TSmevB0GstOrHxzTs%2Fp%2BdfrNUCwu3zl19kPRnuC16A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae100f9c7127-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/index-pzR5gIOz.css | 172.67.213.219 | 200 OK | 97 kB |
URL GET HTTP/1.1telegram-s.com/en/index-pzR5gIOz.css IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeASCII text, with very long lines (65536), with no line terminators Hash416f9ea67158b5b6d096e7ecfec3051e 7fa9c5a9b8ac72ad0ff2b44a84360e984a582523 6e8f2da9c344b748747fe5b0c3c3e6ff3fe08e1829f2a6aee736dd6697d9ea0c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/index-pzR5gIOz.css HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:57 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-6de14"
Expires: Sat, 27 Apr 2024 01:01:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 9602
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOEhyyrMackZv5SGwJN%2BYlwm%2BqeitMhzXco2%2FBFe5SRFO9sZqWcenIDT05Ng%2FuoX4Bsjq5%2BnQgv%2B4d7hMXOsR%2Bm1Gsz0k0ctcYXH845I%2FWrpasJ5KITjHEuQ11rvDNZlYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae1298e45687-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/login_k.js | 172.67.213.219 | 200 OK | 1.7 kB |
URL GET HTTP/1.1telegram-s.com/login_k.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeJavaScript source, Unicode text, UTF-8 text Hash3e6c10e10fec058178ccad01d7b7d62f 44ce3ba979065dcd9f2a198f48095943bd378653 494d0331c78e0c7c9543e85d9bce945157906e2626c9abdbe3f687920870e7db
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /login_k.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 14 Mar 2024 02:08:38 GMT
Vary: Accept-Encoding
ETag: W/"65f25c26-12e8"
Expires: Sat, 27 Apr 2024 03:41:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJQeoWsF84%2BjtNX3p2Cm4SGKdF%2FNIfhSD4t1oW5Iiw8YThS%2FXN4nbhABRoIH12DUHn5TT0oFLfHWBO12EMVjigU%2BFjJxkZefmxyra7rNfymrs1lQ1wsj7VrkSpK21toQPg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae129a290b49-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/index-XZA1-3MU.js | 172.67.213.219 | 200 OK | 52 kB |
URL GET HTTP/1.1telegram-s.com/en/index-XZA1-3MU.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (63446), with no line terminators Hash516e9c138a2363f35bbbd8d3abe2e827 3947fdcb131eeb4f662301506f0672cf02f8475a 17e0c86d87c90055aa9a393a20a431bb89cb58a3fd0003046bbfd8f7c22e6c3b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/index-XZA1-3MU.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-1fedf"
Expires: Sat, 27 Apr 2024 03:41:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zJIZmAx6moalNUeuxshoe%2Fzz4ouoex3iZAJpbL6tR20wST%2BIk1dL8ED2wsvTnLH0cM%2F8gjOgWG2ERjYseIdisMwpKG4DiXzd%2BFzPz6xdsfk5%2F7TpK2Ecvno5rv8bVqvnpg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae129ba17127-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/lang-Y4EV1698.js | 172.67.213.219 | 200 OK | 38 kB |
URL GET HTTP/1.1telegram-s.com/en/lang-Y4EV1698.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeUnicode text, UTF-8 text, with very long lines (14604) Hashea77aa894390102e8d24f9dc4f41a162 3706e0a834025e92cb0f211623a6bb3795c6505f b16cfc78065c0a3848ca1fd44831e2792d5371dd614cbeb4aacfed1440963eae
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/lang-Y4EV1698.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/index-XZA1-3MU.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-1c9cc"
Expires: Sat, 27 Apr 2024 01:01:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 9600
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=swggOYnTNxLPoQLgxgmkTrPMLzt4LiNV0h8il5MfPRACd7xR6%2Bci66ECBodgBk0y4mZdxc6s9naOLHNoZaRVOP836aZ1hyicTaOXBBGY%2FttF6f2HAddSYf5zzASKH9yp5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae1979d71c06-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/langSign-lcKrqmwM.js | 172.67.213.219 | 200 OK | 831 B |
URL GET HTTP/1.1telegram-s.com/en/langSign-lcKrqmwM.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeASCII text, with very long lines (895) Hash044169c42b6e355439c8fcc5fa4ecc57 5933a11ae125770fe2e3e2deb907af978ceff0e8 900f22723c45f67600638812021437a089daa7c2f0a559ebb85a0726183cee79
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/langSign-lcKrqmwM.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/index-XZA1-3MU.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 06 Mar 2024 19:24:22 GMT
Vary: Accept-Encoding
ETag: W/"65e8c2e6-66e"
Expires: Sat, 27 Apr 2024 01:01:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 9600
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bm6jugzk4IhZb2wSWUx0fqibPiMCi21%2Bpxl64qcYIundzcK2mlAl7gogofBnqrGuHLZiHWxkefnKMHlpVyBcitsTPQblsWG78nzZNmt7OHVuLLEE8KuakB4gNUynSeNsTw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae197f87569d-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/load.html | 172.67.213.219 | 200 OK | 783 B |
IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeHTML document, Unicode text, UTF-8 text Hash3850d88cc79b283b444be0cce3d2acbf bdb6724e823288e425256ac60afe0e25561c14cd 716e7f1ae038828bc9e00fa972d6ef2da468bff4b07b2f8ffa796a29536b00b4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /load.html HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 06 Mar 2024 19:37:38 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dd04dCnONWl1GX%2BrmRQPUlFyIunoPmAybwF6WqIvAB7KPNwTOlkE8WBkOxErV6GcAnt0z6guDlAla7vvPy9dQ2pS4cV0pK1NEiUaO0v9q5c%2B%2BuvHa44Lx2%2FSG2R1Fw2ROQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae195c477127-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/assets/img/favicon-16x16.png?v=jw3mK7G9Ry | 172.67.213.219 | 200 OK | 1.0 kB |
URL GET HTTP/1.1telegram-s.com/en/assets/img/favicon-16x16.png?v=jw3mK7G9Ry IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe3ce05eb00b3215df220efaf0fd06e21 d1533966f79dc2984c34317035f31cf3c91298c9 0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:58 GMT
Content-Type: image/png
Content-Length: 1012
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
ETag: "65da236b-3f4"
Expires: Sun, 26 May 2024 13:01:58 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 9600
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ki1LmEIX%2FD7Yn5J%2F%2FX9RGSeYMs2K6UyaKDSOddvs9dArQNuGJcvP6o9k9hVBguxhV9W57mlIETiFpv07wcHvGtYMtjtEE84TnXaxqcXeERMyUExqBB3akaPhKF5Q2aRpAw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a7ae1b7f757127-OSL
alt-svc: h2=":443"; ma=60
|
|
| img.icons8.com/?size=100&id=lH4FKvmj0iIQ&format=png | 185.76.9.15 | 200 OK | 2.1 kB |
URL GET HTTP/2img.icons8.com/?size=100&id=lH4FKvmj0iIQ&format=png IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttp://telegram-s.com/load.html CertificateIssuerLet's Encrypt Subject1004834818.rsc.cdn77.org FingerprintFD:9B:CD:AE:45:20:20:EA:0C:27:58:F8:5D:B3:8E:9F:51:11:5D:F6 ValiditySun, 14 Apr 2024 18:33:15 GMT - Sat, 13 Jul 2024 18:33:14 GMT
File typePNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced Hash56593829b7819ac6d2e751f72e3fb190 6c531a60fe2841e27d63c51df7c434297a9d6794 c6569f9561d2c42ea7de49ef1e2331a658eb9801af9bce7de2101ca858ac1f2d
GET /?size=100&id=lH4FKvmj0iIQ&format=png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:41:59 GMT
content-type: image/png
content-length: 2067
vary: Origin
access-control-allow-origin: *
icon-id: lH4FKvmj0iIQ
icon-size: 100
icon-format: png
last-modified: Thu, 04 Apr 2024 06:00:53
version: 0.0.29
from-mongo-cache: true
from-redis-cache: false
not-found-platform: false
cache-control: public, max-age=302400
strict-transport-security: max-age=15724800; includeSubDomains
x-77-nzt: EwgBuUwJDQFBDAG5TAoJAfcVJAMADAElE8I0AfcSAAAA
x-77-nzt-ray: c0a4cc286637c0a047cb2b669c6b8100
x-accel-expires: @1714202238
x-accel-date: 1713940274
x-77-cache: HIT
x-77-age: 205863
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegram-s.com/en/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 172.67.213.219 | 200 OK | 11 kB |
URL GET HTTP/1.1telegram-s.com/en/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/index-pzR5gIOz.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: font/woff2
Content-Length: 11016
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
ETag: "65da236b-2b08"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aq%2BCIPr2qtcMjwWKJp%2BE7yB7PA44IYNIvaLpS8n8dRR%2FKu8p6Cy65XstCf6%2F8kTXfd9doI2YTSUtCMZwDZZDV5VcV0OPjGtjaDg753U0Lk0RbTCElI8OYkv%2BsMwhv2nUFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a7ae1938b15687-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/countries-lRU-UavE.js | 172.67.213.219 | 200 OK | 4.6 kB |
URL GET HTTP/1.1telegram-s.com/en/countries-lRU-UavE.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeUnicode text, UTF-8 text, with very long lines (24043) Hash8629decc51355f74113da86fd8068fe8 d15ccf55d00895dc5d608570afc32348f92904d4 8528a55ba5d25bb2b6463f369b7a2046c08ced5f20256978a06119c0d50d08a2
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/countries-lRU-UavE.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/index-XZA1-3MU.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-5e21"
Expires: Sat, 27 Apr 2024 03:41:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24KQVO7BpVn8wqIHRYSXjZQyONsHvyj%2FaJS6J40B%2B1QSR9i1CC91hL%2FVUtfxFszrpgybhW3ux3j6bhUU9eZc0hW7rpV9NyxOGtxw7VTVzroDmpNTzI72B4y9abS08x6mpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae1999ec1c06-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/page-eb81Un_i.js | 172.67.213.219 | 200 OK | 4.3 kB |
URL GET HTTP/1.1telegram-s.com/en/page-eb81Un_i.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeASCII text, with very long lines (10301) Hash429ec8771d7c33eb6394edaf927f3d35 aa9d30b9efb6e00d00367e401e0774c5ab6b3df9 48cde64efcc80711b88bae30629af7a00b6c2d34ec4425c4b7d7a9b83628db84
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/page-eb81Un_i.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://telegram-s.com/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-2868"
Expires: Sat, 27 Apr 2024 01:01:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 9601
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X4%2BmBxQ%2FRgC0ecP%2BmmrSZBoq8ruOD%2BAWNNaXHscb1oSD1LylysiErATnQR8w%2FDx3P7rWHNtMo%2BmU5dgfGU1T1yl0mqbY2Afu2PCi6F0oVGofr3%2BfyuSuBIOUT6dIgfPbhw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae1cfbfe56bf-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/textToSvgURL-Z4O-nL1S.js | 172.67.213.219 | 200 OK | 281 B |
URL GET HTTP/1.1telegram-s.com/en/textToSvgURL-Z4O-nL1S.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeASCII text, with very long lines (306) Hashcca1508d96dbfce74dcbaed756d04955 c539ff84caf27c4b22e498662644c07e6893c19a 36cb02e59322028c02c5365bd56cbd129b3eb2fb4aaec625160ca2dc9786a4bd
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://telegram-s.com/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
ETag: W/"65da236b-165"
Expires: Sat, 27 Apr 2024 01:01:58 GMT
Cache-Control: max-age=43200
CF-Cache-Status: HIT
Age: 9601
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkAaTWVduLR8OM8rB%2B%2F%2BBNZhgwwfHwYiYjvBrbGrGOjCwcsD7PeR0Hz0LWO3fzx2raSJ4acZKsngi5hfQbXK8dfzEgNJT%2FC3XqHmO5DP1ATi2OHU%2F5kf1klx4BYos33mJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a7ae1cffe156a4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/crypto.worker-T8uEdtAd.js | 172.67.213.219 | 200 OK | 26 kB |
URL GET HTTP/1.1telegram-s.com/en/crypto.worker-T8uEdtAd.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash06026fa41e11ac29cae837d4171e000f 08d9171d8cf75e349d06fb3ca03bf80be68268de 19fb2e2b1a73081d0be43d40c28e85d6875138f1f0b89c8a1837c3e806d578b3
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/crypto.worker-T8uEdtAd.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://telegram-s.com/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-10d02"
Expires: Sat, 27 Apr 2024 03:41:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rAHVd51tVEM0SMag8GV241QD%2FG7hSkOyGRMMVT1Vy5KBszhagUn6xGX8mcyWC6PzLJZrpWlQJbzY9AiKT6qqkVSmzcnXJJ0c%2FhurSrm3iff36QdpWju3UAy7fakkcpuA5w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae1948c40b49-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry | 172.67.213.219 | 200 OK | 9.0 kB |
URL GET HTTP/1.1telegram-s.com/en/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash87fecdadac0beb95f9b7c87b3b3236f0 822f92446c0033a32462aa21208efaef1f0d8c3c 25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: image/png
Content-Length: 9024
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
ETag: "65da236b-2340"
Expires: Sun, 26 May 2024 15:41:59 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNjFM36QxHaxIrYRFwYRuo9FgGcFhfNcRrYeQh6Vc082ZfEOIy3jpdLtpn8oN55VlT7R0dbOW4m72wMFo7peQQppjfUwC5I9AfLDa%2F0hfm%2F9aaL0EM%2FaYICAsLXjPS0%2F1g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a7ae1b7af8569d-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/pageSignQR-bI2rYqWN.js | 172.67.213.219 | 200 OK | 2.7 kB |
URL GET HTTP/1.1telegram-s.com/en/pageSignQR-bI2rYqWN.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeJava source, ASCII text, with very long lines (5017) Hash0a01255bcf3e261cbed4d0f64c4391a9 630bc764cb640fd0ef34fe0381491f2e906bac9c 325f7766220ab8219abd6d0c7e04d5c6d99a491d0f9be6a15eca08f16b150fa5
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/pageSignQR-bI2rYqWN.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://telegram-s.com/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-162f"
Expires: Sat, 27 Apr 2024 03:41:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AKACqCVtuiKH8YRHAZgtib181Mh%2B%2BlgAz3nsDFKRKJ1qZARDtWmig60u0iGBoqb886a4h98E%2F2WfsF4IVQVxmFtWll5vpSXSjlMAJQCWjN8ulV6FIq7b2zp16ustFM4qew%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae1cec24569c-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/button-aS2SE0kp.js | 172.67.213.219 | 200 OK | 3.9 kB |
URL GET HTTP/1.1telegram-s.com/en/button-aS2SE0kp.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeASCII text, with very long lines (8753) Hashc4bad91a7928e316ee9b43882737ed78 867ac7e4dfa7047f7c3f08d35aacd34e5fb39186 ad7184835ad021d3015b04b08acc989f05818f9178dbf0226155524e9842871a
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/button-aS2SE0kp.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://telegram-s.com/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-225e"
Expires: Sat, 27 Apr 2024 03:41:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVWr3U%2BN95QKqeHWH9U8nJQsQxviW94sXsHiLmFNFCZ9YDlV1W0jDmCj4bc50Pw5kdnBx2wl%2BkBHhQ%2BO9WpsXzw5rs7Liu60RojuyoWnvlivmTh5l9Z7dJA8aNOecgELLg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae1cffae5684-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/putPreloader--f-Xu9AG.js | 172.67.213.219 | 200 OK | 480 B |
URL GET HTTP/1.1telegram-s.com/en/putPreloader--f-Xu9AG.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeASCII text, with very long lines (394) Hashc198588f758074782a84c012a9850e88 9a4ce429729b2bdbeae10511c7273a92bc534104 f12e62f05d48be6be0d36b76dbda5d0f723cd94de6f7851bbc4ed0191994b4dd
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/putPreloader--f-Xu9AG.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://telegram-s.com/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
ETag: W/"65da236b-2bb"
Expires: Sat, 27 Apr 2024 03:41:59 GMT
Cache-Control: max-age=43200
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pJYkH6qF%2BlsvVHz%2FqulgyBVt%2FmWUwaILizqb3LuKX%2Fj2aEHmn3mzhB19qM%2BWIQZ%2FzhFEVuW3shl6D4PKqVcBq07C5L%2Fh%2FSx%2BKd3Y5Mfy4zyBWqLXcCQ0QKCE%2BvkmECScw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a7ae1cfcb856ba-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/pageSignQR-bI2rYqWN.js | 172.67.213.219 | 200 OK | 2.7 kB |
URL GET HTTP/1.1telegram-s.com/en/pageSignQR-bI2rYqWN.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeJava source, ASCII text, with very long lines (5017) Hash0a01255bcf3e261cbed4d0f64c4391a9 630bc764cb640fd0ef34fe0381491f2e906bac9c 325f7766220ab8219abd6d0c7e04d5c6d99a491d0f9be6a15eca08f16b150fa5
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/pageSignQR-bI2rYqWN.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/index-XZA1-3MU.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-162f"
Expires: Sat, 27 Apr 2024 03:41:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zbf8fXie0dsGhWSscaKPbCzeeA32jMxUuJLKNfYhptKKVSVdiex0%2BwYDWa%2BhtwUy925ugJ5GU%2FjnzaFy%2BcY3VSGQNtcdpm8w4obvKSgrRYd0px0WJD6PQcQtQYCk%2F0shQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae1cfcd75687-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/page-eb81Un_i.js | 172.67.213.219 | 200 OK | 4.3 kB |
URL GET HTTP/1.1telegram-s.com/en/page-eb81Un_i.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeASCII text, with very long lines (10301) Hash429ec8771d7c33eb6394edaf927f3d35 aa9d30b9efb6e00d00367e401e0774c5ab6b3df9 48cde64efcc80711b88bae30629af7a00b6c2d34ec4425c4b7d7a9b83628db84
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/page-eb81Un_i.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/pageSignQR-bI2rYqWN.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-2868"
Expires: Sat, 27 Apr 2024 01:01:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 9601
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZcXX5%2BiyUxtm%2BMEMjEPj5bNAN9KQhLhLmwKAvJpVKCLwFGNOnTaf5FodbWpmRnXs3XmB1Rte30pICA7EXpPOvMkwBO5EHgcNe6yD5ESjomjKSV6%2FzG8jpaB3VbHa0XFQg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae20a9035687-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/button-aS2SE0kp.js | 172.67.213.219 | 200 OK | 3.9 kB |
URL GET HTTP/1.1telegram-s.com/en/button-aS2SE0kp.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeASCII text, with very long lines (8753) Hashc4bad91a7928e316ee9b43882737ed78 867ac7e4dfa7047f7c3f08d35aacd34e5fb39186 ad7184835ad021d3015b04b08acc989f05818f9178dbf0226155524e9842871a
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/button-aS2SE0kp.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/pageSignQR-bI2rYqWN.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-225e"
Expires: Sat, 27 Apr 2024 03:41:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sm9JjX%2B9vgxEJ%2BgwIuBIBis95aAfI2Nx03pCeS28kSowQBDN8apqSVnG5o4x%2BXHRqasbOlflB5FyxrSYa5vypYulG0eVFyhzMEceIAK9UF3JywkVxLBFN3uDbYvfr8%2B2ug%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae20af7a1c06-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/putPreloader--f-Xu9AG.js | 172.67.213.219 | 200 OK | 480 B |
URL GET HTTP/1.1telegram-s.com/en/putPreloader--f-Xu9AG.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeASCII text, with very long lines (394) Hashc198588f758074782a84c012a9850e88 9a4ce429729b2bdbeae10511c7273a92bc534104 f12e62f05d48be6be0d36b76dbda5d0f723cd94de6f7851bbc4ed0191994b4dd
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/putPreloader--f-Xu9AG.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/pageSignQR-bI2rYqWN.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
ETag: W/"65da236b-2bb"
Expires: Sat, 27 Apr 2024 03:41:59 GMT
Cache-Control: max-age=43200
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yaflugSNNnn0Hvp7Iv8jcXdWX374EVzhWoyRr3ZuSdn6YoagEt1lu1GWGM%2BBIyX%2F6yml6LaANOD21Y7IiIoyQf1FG%2Fj77UX9tZ0b9Nu9ul%2FRbbaBQKNzHx7U%2BttsorjgUg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a7ae20ae9b0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/textToSvgURL-Z4O-nL1S.js | 172.67.213.219 | 200 OK | 281 B |
URL GET HTTP/1.1telegram-s.com/en/textToSvgURL-Z4O-nL1S.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeASCII text, with very long lines (306) Hashcca1508d96dbfce74dcbaed756d04955 c539ff84caf27c4b22e498662644c07e6893c19a 36cb02e59322028c02c5365bd56cbd129b3eb2fb4aaec625160ca2dc9786a4bd
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/pageSignQR-bI2rYqWN.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
ETag: W/"65da236b-165"
Expires: Sat, 27 Apr 2024 01:01:58 GMT
Cache-Control: max-age=43200
CF-Cache-Status: HIT
Age: 9601
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ltvu4WmFHIkqGpxFKxJey%2B7i43%2B2eLt6REI%2Bw7CJlLnzdI6iRH1RnJAWDTZxAjdp7gnqdEBaXjioOJ1DoC986wXbSI6jKH9tLbqzzJm2zfM3olJ8TIjX%2Bu59OwH76Dju%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a7ae20ab70569d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/_commonjsHelpers-5-cIlDoe.js | 172.67.213.219 | 200 OK | 226 B |
URL GET HTTP/1.1telegram-s.com/en/_commonjsHelpers-5-cIlDoe.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
Hashfbb884c7112ff8c4ddb8edc410daae6f 299a8b374572849f5028264e3a7f2e71273f1d06 a8df41d98a0fa3d1cb8c8661377ac1a572beb9cd0b68e968f92d69f7c8331483
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/_commonjsHelpers-5-cIlDoe.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://telegram-s.com/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
ETag: W/"65da236b-122"
Expires: Sat, 27 Apr 2024 01:01:59 GMT
Cache-Control: max-age=43200
CF-Cache-Status: HIT
Age: 9600
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zU80e%2FbtQiGlQDNJIhOaqCwxOO3xfSW9Z3s90vm71gdsoemuo2rJ%2F33HiTkAi4uOg3YYFOvS7lmMvTcJvPwzVlhPwFLnrOz3u3YoWd0a3AItL5e90xMsb5HcodwKYqW4GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a7ae20dc795684-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/mtproto.worker-ADXTIUZK.js | 172.67.213.219 | | 281 kB |
URL telegram-s.com/en/mtproto.worker-ADXTIUZK.js IP172.67.213.219:0
Size281 kB (280814 bytes) Hash25879bf7a53b25a4ba5bb084e8939742 43ef258166445e1f5685c02203602545bdf6aceb 5fbcacd7b368ca04a9b204d70122144f4e55ff2e775f9b885ca0354ca0a12b4a
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/mtproto.worker-ADXTIUZK.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://telegram-s.com/en/
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:41:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-eaf49"
Expires: Sat, 27 Apr 2024 03:41:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxciaHzElt1NAOsSe4pdWMHcb4jipqO1lfKC0egnxpN8H%2BQj0UXR0khewMAiUVFGWygaiy2RiKRRqY6sqNtXlrD6%2Fd%2Fn5Vgzbo1PibiP9QDcjZl2dx4qA9o0ZnBd6TMxZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae197e9cb4ee-OSL
alt-svc: h2=":443"; ma=60
|
|
| venus.web.telegram.org/apiw1 | 149.154.167.99 | | 169 B |
URL venus.web.telegram.org/apiw1 IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://telegram-s.com/
Content-Length: 0
Origin: http://telegram-s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Fri, 26 Apr 2024 15:42:00 GMT
content-type: text/html
content-length: 169
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://telegram-s.com
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iPHXmWWF4/eWXB6cU0tbPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 15:42:00 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hCHAhp5b1u/ebJ8rpg++BBbVe/Y=
Sec-WebSocket-Protocol: binary
|
|
| telegram-s.com/en/qr-code-styling-ogpV7fl-.js | 172.67.213.219 | 200 OK | 19 kB |
URL GET HTTP/1.1telegram-s.com/en/qr-code-styling-ogpV7fl-.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (57414) Hash692f467d3bba699553f0dbf68094d72f 67582d4bc87b34a61c43ae8f7f3862562d65efa8 6c4900d40f3335423817340edddd7655d96e707156923fcf3cbf5a6520008d6e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://telegram-s.com/en/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:42:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-10254"
Expires: Sat, 27 Apr 2024 03:42:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXqMom%2BLmDkkgB1DT7cDcH8Mb3JyvgLSWCbQ2SCmUEsyVExNeokcoc8tvxMxbfiA4cuCyk9jhgXUDw3Shqt9ZZNmLqTZW6A4Hk12rbtlJ4Ei2z1d6wmCpVmItHo2jNnFQw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae20da5356bf-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/qr-code-styling-ogpV7fl-.js | 172.67.213.219 | 200 OK | 19 kB |
URL GET HTTP/1.1telegram-s.com/en/qr-code-styling-ogpV7fl-.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (57414) Hash692f467d3bba699553f0dbf68094d72f 67582d4bc87b34a61c43ae8f7f3862562d65efa8 6c4900d40f3335423817340edddd7655d96e707156923fcf3cbf5a6520008d6e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/pageSignQR-bI2rYqWN.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:42:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
Vary: Accept-Encoding
ETag: W/"65da236b-10254"
Expires: Sat, 27 Apr 2024 03:42:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FrcgeDTGjJsiPvFnn7MIu4tDlhRfYjyxQpZWLBmliGtTK9vGpHUlkWxpsfNuFmAYSzobOOS1em6EmGubtiPOXcz402nMQP7GBLQF%2Bj%2BmYYEKlEqDC5T%2BI5zhUzPlMdCLeA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a7ae20d9445687-OSL
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/_commonjsHelpers-5-cIlDoe.js | 172.67.213.219 | 200 OK | 226 B |
URL GET HTTP/1.1telegram-s.com/en/_commonjsHelpers-5-cIlDoe.js IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
Hashfbb884c7112ff8c4ddb8edc410daae6f 299a8b374572849f5028264e3a7f2e71273f1d06 a8df41d98a0fa3d1cb8c8661377ac1a572beb9cd0b68e968f92d69f7c8331483
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/_commonjsHelpers-5-cIlDoe.js HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/qr-code-styling-ogpV7fl-.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:42:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
ETag: W/"65da236b-122"
Expires: Sat, 27 Apr 2024 01:01:59 GMT
Cache-Control: max-age=43200
CF-Cache-Status: HIT
Age: 9601
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Rrjvc76JiL6H44XE2b5Xot5PtvngDUmUerWtBAgJrgpBC9bSq93FlZ4I5atO7LoGIwitIApsRHZM%2BnoMek%2Bs8HtPz7Jdmz0k9CNrkzJpPzQP2qtEzYoC%2BQK7%2BTjBi7LuA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a7ae258c6fb4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| telegram-s.com/en/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 172.67.213.219 | 200 OK | 11 kB |
URL GET HTTP/1.1telegram-s.com/en/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP172.67.213.219:80
Requested byhttp://telegram-s.com/en/
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://telegram-s.com/en/index-pzR5gIOz.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:42:01 GMT
Content-Type: font/woff2
Content-Length: 11056
Connection: keep-alive
Last-Modified: Sat, 24 Feb 2024 17:12:11 GMT
ETag: "65da236b-2b30"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OL2Tervebopi3lgbZJBjyx64dm6Mslda0Shpk%2FAE0fmGCRL%2FCTDecprd1LdBuyRkHYxgH0gHGliQD2kr8h8tNlHLYFqZeEODS4CVfgBAvhIoHlqvHWXisMg0wZnKE3j0Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a7ae25ac94b4ee-OSL
alt-svc: h2=":443"; ma=60
|
|
| | 104.21.50.238 | 301 Moved Permanently | 14 kB |
URL User Request GET HTTP/2IP104.21.50.238:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegram-s.com Fingerprint9E:79:0C:FB:32:B5:18:D0:67:80:80:CE:E9:DC:21:9B:D0:11:86:08 ValiditySun, 21 Apr 2024 09:13:39 GMT - Sat, 20 Jul 2024 09:13:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /en HTTP/1.1
Host: telegram-s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 26 Apr 2024 15:41:57 GMT
content-type: text/html
location: http://telegram-s.com/en/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxLrBozIzxBAmhYtGClAj8brC8O9bS2RfbECCavKeq0qaAlXK6MmvX%2FG5EHihaniRf6ns4obOFT0KY6OiRE21L3QrJ1lQ8fucCMqRTl4mEVzwSeO4AwiPfXMe7MJ0jFeGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a7ae0cea66b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|