| viral-telegram-2023-4575.my-url.art/ |  188.114.96.1 | | 0 B |
URL viral-telegram-2023-4575.my-url.art/ IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Telegram |
GET / HTTP/1.1
Host: viral-telegram-2023-4575.my-url.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 28 Nov 2023 14:14:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 28 Nov 2023 15:14:23 GMT
Location: https://viral-telegram-2023-4575.my-url.art/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0zaDkDgPGK7wJVhed%2B7pIV111R1iqdTh7J3KZ2unlTtowqBTZSVrm0pfU8B0b70JaZRLYQeYheeGvUhsBPT%2BR1CfxbYbwz5EBnRTowPU1Gixtfu6hCDa%2BGjhTKckoqJygw0HS%2Fg7EC%2BYFXaVnSgrXMGz1XBvA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d3378c7d3e712d-OSL
alt-svc: h2=":443"; ma=60
|
|
| viral-telegram-2023-4575.my-url.art/id | 188.114.97.1 | 301 Moved Permanently | 41 kB |
URL User Request GET HTTP/3viral-telegram-2023-4575.my-url.art/id IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectmy-url.art FingerprintE4:CE:3A:FF:00:05:2E:D8:8F:D8:99:5B:F7:C9:96:65:3F:5B:D5:2A ValiditySat, 25 Nov 2023 21:41:45 GMT - Fri, 23 Feb 2024 21:41:44 GMT
Hashb9350d33f349e62f0f4624b31698df9c c503a47924cb0d1c029e55b8cda8e993c8519e3d bf2ab3087ffa39bec2c0e9c655b2b09e5cd23cb8eebf9f6d7c71b138746f7ce4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Telegram |
GET /id HTTP/1.1
Host: viral-telegram-2023-4575.my-url.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Tue, 28 Nov 2023 14:14:26 GMT
content-type: text/html; charset=iso-8859-1
location: http://viral-telegram-2023-4575.my-url.art/id/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aanJ0DPN%2FE168hbE0rUZqQpw4qtbb5mxttq77GyFd5YG%2B77M%2FSU4RW%2FE%2FhBmmtFtMs4G3fWC3bBdbFbZCgHNlJR2B43GPJcKAZpoKAun%2FdaLjNJ0iUk6zlDnFvjOldGQpAPCOzliqp2TIP%2FPQFfHps2s7hGNZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d3379dffcab50b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/gh/cdnvjs/footericon@8.0.0/icons.min.js |  151.101.193.229 | 200 OK | 34 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/cdnvjs/footericon@8.0.0/icons.min.js IP151.101.193.229:443
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeUnicode text, UTF-8 text, with very long lines (65534), with no line terminators Hash9e48f99003579ab8a3dc774745471435 0dfe9bdf396b74df460695da61604218c88a00df 0d25235a839b2c9199edc7a4baa7c4591358476a05aa9170bc7ff7934060539b
GET /gh/cdnvjs/footericon@8.0.0/icons.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 8.0.0
x-jsd-version-type: branch
etag: W/"16401-Df6b3zlrdN9GBpXaYWBCGMiKAN8"
content-encoding: br
accept-ranges: bytes
date: Tue, 28 Nov 2023 14:14:26 GMT
age: 38017
x-served-by: cache-fra-etou8220101-FRA, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33469
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/xTMPqpGT/S9-VTs2-Y5-QFBjwc-GIC9u5-W5-T1bn9-W9y-Wj-H1-Lbtoxkd6sghm-q13jf-F1d5dj-B2-Ili-Nen-Dhen4-JZs-ULd3p6-Oy-INtx-JVMIVN2-LK-i8v.jpg |  162.19.61.80 | 200 OK | 8.1 kB |
URL GET HTTP/2i.postimg.cc/xTMPqpGT/S9-VTs2-Y5-QFBjwc-GIC9u5-W5-T1bn9-W9y-Wj-H1-Lbtoxkd6sghm-q13jf-F1d5dj-B2-Ili-Nen-Dhen4-JZs-ULd3p6-Oy-INtx-JVMIVN2-LK-i8v.jpg IP162.19.61.80:443
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3\012- data Hashdbeec09cef52c3cb434d43a367f55ee7 c9ea4fd04d691d1ee712030b74fe5f50d96e7a27 762aefadd6944916cb2f20070be024ce0fff0252eef058d7a4d387d302b4f8d4
GET /xTMPqpGT/S9-VTs2-Y5-QFBjwc-GIC9u5-W5-T1bn9-W9y-Wj-H1-Lbtoxkd6sghm-q13jf-F1d5dj-B2-Ili-Nen-Dhen4-JZs-ULd3p6-Oy-INtx-JVMIVN2-LK-i8v.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 14:14:26 GMT
content-type: image/jpeg
content-length: 8128
last-modified: Tue, 13 Jun 2023 19:47:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/GmTzn3pL/20230307-183141.jpg | 162.19.61.80 | 200 OK | 17 kB |
URL GET HTTP/2i.postimg.cc/GmTzn3pL/20230307-183141.jpg IP162.19.61.80:443
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x133, components 3\012- data Hash1dbd788591a4093c60a4e32eccb1675e 569f69b2b8cfa98a93fb83854bfcbb7222cbd3fc e57db279860ccaab0a1f8c760af3932b6b8b9087964ea8adbdc19a907c9385dc
GET /GmTzn3pL/20230307-183141.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 14:14:26 GMT
content-type: image/jpeg
content-length: 17086
last-modified: Tue, 07 Mar 2023 11:33:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/GmS9GdxQ/20230402-172040.png | 162.19.61.80 | 200 OK | 226 kB |
URL GET HTTP/2i.postimg.cc/GmS9GdxQ/20230402-172040.png IP162.19.61.80:443
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File typePNG image data, 766 x 800, 8-bit/color RGBA, non-interlaced\012- data Size226 kB (226533 bytes) Hasha7640f4509e63a0c023087afb309143a fbdd5f694afb8c1a29a78ee90aa5e2380b611571 713b7adcaa7a1cd821d115eec9666d46b5dba4c38ad16ae76d20a297348b720b
GET /GmS9GdxQ/20230402-172040.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 14:14:26 GMT
content-type: image/png
content-length: 226533
last-modified: Sun, 02 Apr 2023 10:22:25 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegram.org/js/tgwallpaper.min.js?3 |  149.154.167.99 | 200 OK | 3.0 kB |
URL GET HTTP/2telegram.org/js/tgwallpaper.min.js?3 IP149.154.167.99:443 ASN#62041 Telegram Messenger Inc
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT
File typeASCII text, with very long lines (2998), with no line terminators Hashf03422dc797fd26a3834b1ec041128ed a6e88f4fe48b749c2b7360e8e004f64b6cfffb1a 046ec6b7909d0ca5cc6ef271a1b57b2f2be0bd88e3495fd8c496f1524e8ffaac
GET /js/tgwallpaper.min.js?3 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 28 Nov 2023 14:14:26 GMT
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 19:57:25 GMT
etag: W/"62211da5-ba3"
expires: Sat, 02 Dec 2023 14:14:26 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| viral-telegram-2023-4575.my-url.art/id/ | 188.114.97.1 | 200 OK | 65 kB |
URL User Request GET HTTP/3viral-telegram-2023-4575.my-url.art/id/ IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectmy-url.art FingerprintE4:CE:3A:FF:00:05:2E:D8:8F:D8:99:5B:F7:C9:96:65:3F:5B:D5:2A ValiditySat, 25 Nov 2023 21:41:45 GMT - Fri, 23 Feb 2024 21:41:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Telegram |
GET /id/ HTTP/1.1
Host: viral-telegram-2023-4575.my-url.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 28 Nov 2023 14:14:26 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BddjCWxvip4MD7VDzdF2JkGGxwFW4Z%2BzWdWq1URczwJNGDUKid17CUeemTVe8A9ePJfG6KWGhzjSybHK56S8fAHeUT8HNtGwvp4ysoWe2RMMoYbDKDR2l7g0wNrpCMHDTb1MuP%2FhDsV9WbWLwjmDiULqmPHpkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d3379e4828b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.org/css/font-roboto.css?1 | 149.154.167.99 | 200 OK | 6.2 kB |
URL GET HTTP/2telegram.org/css/font-roboto.css?1 IP149.154.167.99:443 ASN#62041 Telegram Messenger Inc
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT
File typeASCII text, with very long lines (6354), with no line terminators Hashc06318a1f377e388b69b104b4cefa1a6 151f067aae997487880e573876f96b8d598e64db 1a53363e667fffef8a82588191989d36e680b4d341c6b557e62bf207311a3d70
GET /css/font-roboto.css?1 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 28 Nov 2023 14:14:27 GMT
content-type: text/css
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
etag: W/"63512b7d-1816"
expires: Sat, 02 Dec 2023 14:14:27 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Oswald&family=Roboto&family=Teko&display=swap | 142.250.74.106 | 200 OK | 5.2 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Oswald&family=Roboto&family=Teko&display=swap IP142.250.74.106:443
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeASCII text, with very long lines (5373), with no line terminators Hash8279744553b092135453f726e92a7a12 9d31607a9a8c81a75fb8d17ee978385925f543e4 8cf409904ee4c4bdac81a18bc476085c62c95e9fe7bd77df2a71d2bd292d144e
GET /css2?family=Oswald&family=Roboto&family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 14:14:26 GMT
date: Tue, 28 Nov 2023 14:14:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| telegram.org/css/telegram.css?236 | 149.154.167.99 | 200 OK | 115 kB |
URL GET HTTP/2telegram.org/css/telegram.css?236 IP149.154.167.99:443 ASN#62041 Telegram Messenger Inc
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT
File typeASCII text, with very long lines (1267) Size115 kB (114867 bytes) Hash0d209d756face073dd14a437f07e58b2 20cb9119fdd02921a6bd0b1500f78a0b76a7a5c0 acd326a9263ee8c4cbc757fed46333732a0e3f8f48d398cbd4f8e36a09fdaf76
GET /css/telegram.css?236 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 28 Nov 2023 14:14:26 GMT
content-type: text/css
last-modified: Mon, 20 Mar 2023 10:58:55 GMT
etag: W/"64183c6f-1c0b3"
expires: Sat, 02 Dec 2023 14:14:26 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| viral-telegram-2023-4575.my-url.art/id/ast/css/main.css |  0.0.0.0 | | 0 B |
URL GET viral-telegram-2023-4575.my-url.art/id/ast/css/main.css IP0.0.0.0:0
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Telegram |
GET /id/ast/css/main.css HTTP/1.1
Host: viral-telegram-2023-4575.my-url.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| telegram.org/css/bootstrap.min.css?3 | 149.154.167.99 | 200 OK | 42 kB |
URL GET HTTP/2telegram.org/css/bootstrap.min.css?3 IP149.154.167.99:443 ASN#62041 Telegram Messenger Inc
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT
File typeASCII text, with very long lines (42164) Hashc2656e265ef58a9cc9f4b70b15da5fb9 85c5ebdb89d4574d72688c2650d4b84b9b09770a f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
GET /css/bootstrap.min.css?3 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 28 Nov 2023 14:14:26 GMT
content-type: text/css
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
etag: W/"5a05e7c6-a61b"
expires: Sat, 02 Dec 2023 14:14:26 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.5.1.min.js | 151.101.130.137 | 200 OK | 90 kB |
URL GET HTTP/2code.jquery.com/jquery-3.5.1.min.js IP151.101.130.137:443
Requested byhttps://viral-telegram-2023-4575.my-url.art/id/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viral-telegram-2023-4575.my-url.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 28 Nov 2023 14:14:26 GMT
age: 2726179
x-served-by: cache-lga13628-LGA, cache-bma1675-BMA
x-cache: HIT, HIT
x-cache-hits: 20, 367050
x-timer: S1701180866.459392,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2
|
|