94.228.169.81200 OK 2.9 kB URL User Request GET HTTP/1.1 IP 94.228.169.81:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2369)
Hash 1a0ddd16cafe71664efe186ac64c5cdc
2b00322a246d6334025a970f2a1660379f82fb16
17b23a7e0561feca90e757c75d343f6d490aa6f43268377dc52e11b0778e3c44
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata low ET WEB_CLIENT Observed Hunter Obfuscator Code M1
GET / HTTP/1.1
Host: nid.wieal.navers.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 02 Jun 2023 16:13:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.30
Content-Encoding: gzip
nid.wieal.navers.online/favicon.ico
94.228.169.81404 Not Found 110 B URL GET HTTP/1.1 nid.wieal.navers.online/favicon.ico
IP 94.228.169.81:80
Requested by http://nid.wieal.navers.online/
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 597ba0d4396e9c906225140ce907092c
28ae2ba65ccdb583d79f85b8cc9509fae697493b
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
GET /favicon.ico HTTP/1.1
Host: nid.wieal.navers.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nid.wieal.navers.online/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty
Date: Fri, 02 Jun 2023 16:13:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.godaddy.com/
192.124.249.24 1.8 kB IP 192.124.249.24:0
Hash adae9668f520ad7d86dc7ee57fcb3aab
647d88a31a3796d719629000ab314f30ef71da28
06f40b8e3f54a468c2f2dd1b8a601f1aa4c496a59819b6dcbb226b3c528f73c3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Jun 2023 16:13:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Jun 2023 15:18:46 GMT
Expires: Sat, 03 Jun 2023 15:18:46 GMT
ETag: "647d88a31a3796d719629000ab314f30ef71da28"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
149.154.167.99200 OK 4.1 kB URL User Request GET HTTP/2 IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.t.me
Fingerprint83:E0:15:E5:1E:0D:A4:7F:F4:2E:EA:2C:AF:23:7A:12:2A:97:C2:6A
ValiditySat, 08 Oct 2022 07:21:51 GMT - Thu, 09 Nov 2023 07:21:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3560)
Hash 4619fdd44325332fc2131ce284106328
536ef2d6fd69a06c1349b30ada692a9f7c628209
13469d535fd3e30534d90dd1cc56fe1496758c5bf89ff36f44a866ad21d0f51b
GET /gainetrubot HTTP/1.1
Host: t.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nid.wieal.navers.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: text/html; charset=utf-8
content-length: 4085
set-cookie: stel_ssid=f33c9bdae96347b116_17561199508779545837; expires=Sat, 03 Jun 2023 16:13:09 GMT; path=/; samesite=None; secure; HttpOnly
pragma: no-cache
cache-control: no-store
x-frame-options: ALLOW-FROM https://web.telegram.org
content-security-policy: frame-ancestors https://web.telegram.org
content-encoding: gzip
strict-transport-security: max-age=35768000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/olGhYO8UhXA
142.250.74.131 472 B URL ocsp.pki.goog/s/gts1d4/olGhYO8UhXA
IP 142.250.74.131:0
Hash 76a17f742c2c6d624745f288b5ede989
1ac422c1182569d0ad21c044c3c74dd292c38a3a
55d78171aeb255f8ff6ee1e025e2687c793d054995758dd8928f23e710c990ac
POST /s/gts1d4/olGhYO8UhXA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 16:13:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.24 1.8 kB IP 192.124.249.24:0
Hash 6812f962666b2c8b03aa34d2ec34735a
251688a1ecb1c3a397c6e9747d8518de17a31792
62d9fea2b2246af1116eb72969ff56df0905ea7cf331c22332a8076f26789fd6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Jun 2023 16:13:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Jun 2023 11:55:25 GMT
Expires: Sat, 03 Jun 2023 11:55:25 GMT
ETag: "251688a1ecb1c3a397c6e9747d8518de17a31792"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41 1.8 kB IP 192.124.249.41:0
Hash 6812f962666b2c8b03aa34d2ec34735a
251688a1ecb1c3a397c6e9747d8518de17a31792
62d9fea2b2246af1116eb72969ff56df0905ea7cf331c22332a8076f26789fd6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Jun 2023 16:13:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Jun 2023 11:55:25 GMT
Expires: Sat, 03 Jun 2023 11:55:25 GMT
ETag: "251688a1ecb1c3a397c6e9747d8518de17a31792"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41 1.8 kB IP 192.124.249.41:0
Hash 6812f962666b2c8b03aa34d2ec34735a
251688a1ecb1c3a397c6e9747d8518de17a31792
62d9fea2b2246af1116eb72969ff56df0905ea7cf331c22332a8076f26789fd6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Jun 2023 16:13:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Jun 2023 11:55:25 GMT
Expires: Sat, 03 Jun 2023 11:55:25 GMT
ETag: "251688a1ecb1c3a397c6e9747d8518de17a31792"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41 1.8 kB IP 192.124.249.41:0
Hash 6812f962666b2c8b03aa34d2ec34735a
251688a1ecb1c3a397c6e9747d8518de17a31792
62d9fea2b2246af1116eb72969ff56df0905ea7cf331c22332a8076f26789fd6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Jun 2023 16:13:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Jun 2023 11:55:25 GMT
Expires: Sat, 03 Jun 2023 11:55:25 GMT
ETag: "251688a1ecb1c3a397c6e9747d8518de17a31792"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdn4.telegram-cdn.org/file/GmXgJs7wl6boxMlt2evrZitpguORP6Hm6DX-117N6FrE-qPCImS9D21E9das-BDwNrXRTRej2tt6KA3qkr1CRPX_Ljj5SgIGHj0cXAuorM5nECDEky9NBUaQqznJ4gOdp-3Kr9-K79h7BAGzoYsEshN-zpQnb0K-zcg_QyBx1p35YrqLxlBihVBN01OA8WEKzClENPrZRxv6ClolxjqkjqtUmZdxF6jlrj05gNutpx81rxfP7qkbGnWDhW-ROvlzif4H9AfxxrQYrxRC_U7l1gEBHX_4OqBlqewCFVGEtY6aII_rqIdUeAC-yHxZrTVRekPsw2_5RyxYZbuLlXBvaw.jpg
34.111.35.152200 OK 36 kB URL GET HTTP/2 cdn4.telegram-cdn.org/file/GmXgJs7wl6boxMlt2evrZitpguORP6Hm6DX-117N6FrE-qPCImS9D21E9das-BDwNrXRTRej2tt6KA3qkr1CRPX_Ljj5SgIGHj0cXAuorM5nECDEky9NBUaQqznJ4gOdp-3Kr9-K79h7BAGzoYsEshN-zpQnb0K-zcg_QyBx1p35YrqLxlBihVBN01OA8WEKzClENPrZRxv6ClolxjqkjqtUmZdxF6jlrj05gNutpx81rxfP7qkbGnWDhW-ROvlzif4H9AfxxrQYrxRC_U7l1gEBHX_4OqBlqewCFVGEtY6aII_rqIdUeAC-yHxZrTVRekPsw2_5RyxYZbuLlXBvaw.jpg
IP 34.111.35.152:443
Certificate IssuerGoogle Trust Services LLC
Subjectcdn4.telegram-cdn.org
Fingerprint9B:DC:51:39:D8:DD:4F:3C:C3:B2:DF:F8:AB:AA:DF:FA:80:CE:00:F5
ValidityWed, 12 Apr 2023 05:31:18 GMT - Tue, 11 Jul 2023 06:25:52 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x320, components 3\012- data
Hash df678444965e77ed4efdaff4b7f45007
d7f5a535076f542cc9bc79109aefa2f952ed53ac
9bf34bd774567bf7845f075dbf8941d2d3aa4d7c70be92bbc840d613b7f857c1
GET /file/GmXgJs7wl6boxMlt2evrZitpguORP6Hm6DX-117N6FrE-qPCImS9D21E9das-BDwNrXRTRej2tt6KA3qkr1CRPX_Ljj5SgIGHj0cXAuorM5nECDEky9NBUaQqznJ4gOdp-3Kr9-K79h7BAGzoYsEshN-zpQnb0K-zcg_QyBx1p35YrqLxlBihVBN01OA8WEKzClENPrZRxv6ClolxjqkjqtUmZdxF6jlrj05gNutpx81rxfP7qkbGnWDhW-ROvlzif4H9AfxxrQYrxRC_U7l1gEBHX_4OqBlqewCFVGEtY6aII_rqIdUeAC-yHxZrTVRekPsw2_5RyxYZbuLlXBvaw.jpg HTTP/1.1
Host: cdn4.telegram-cdn.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: image/jpeg
content-length: 36216
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy: default-src 'none'; sandbox
x-frame-options: DENY
x-xss-protection: 1; mode=block
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
accept-ranges: bytes, bytes
cache-control: public,max-age=7200
etag: "c53aaff5a5ce686be732fcda5414d4aa78f76a6d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
telegram.org/css/bootstrap.min.css?3
149.154.167.99200 OK 11 kB URL GET HTTP/2 telegram.org/css/bootstrap.min.css?3
IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.telegram.org
Fingerprint6B:78:D0:29:DF:A1:B1:16:30:8C:F2:FB:C5:BA:E6:EB:C6:21:C2:A5
ValidityWed, 10 Aug 2022 15:56:28 GMT - Mon, 11 Sep 2023 15:56:28 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 3797a48e769c0869b112446f229557df
e7a62dbc664e92d5cfb3cbfce49d544551a73ed2
53be17a52465b48a5f4cd5aec05a1e28a3599bb55b536c5bfb42d02f0396fce3
GET /css/bootstrap.min.css?3 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: text/css
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
etag: W/"5a05e7c6-a61b"
expires: Tue, 06 Jun 2023 16:13:09 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
telegram.org/js/tgwallpaper.min.js?3
149.154.167.99200 OK 12 kB URL GET HTTP/2 telegram.org/js/tgwallpaper.min.js?3
IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.telegram.org
Fingerprint6B:78:D0:29:DF:A1:B1:16:30:8C:F2:FB:C5:BA:E6:EB:C6:21:C2:A5
ValidityWed, 10 Aug 2022 15:56:28 GMT - Mon, 11 Sep 2023 15:56:28 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 08434ff96a0225b52b7f1534cc8cc3ad
4089edfe5f720053c98a17ec10b79d05282d896b
811dcd9799fda81387041385077d498a9cfef3aa9a164cf47fa4727bb2f6a778
GET /js/tgwallpaper.min.js?3 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 19:57:25 GMT
etag: W/"62211da5-ba3"
expires: Tue, 06 Jun 2023 16:13:09 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
149.154.167.99200 OK 11 kB URL GET HTTP/2 telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.telegram.org
Fingerprint6B:78:D0:29:DF:A1:B1:16:30:8C:F2:FB:C5:BA:E6:EB:C6:21:C2:A5
ValidityWed, 10 Aug 2022 15:56:28 GMT - Mon, 11 Sep 2023 15:56:28 GMT
File type Web Open Font Format (Version 2), TrueType, length 11040, version 1.0\012- data
Hash 5e22a46c04d947a36ea0cad07afcc9e1
6091d981c2a4ee975c7f6b56186ee698040bb804
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
GET /fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://t.me
DNT: 1
Connection: keep-alive
Referer: https://telegram.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: application/octet-stream
content-length: 11040
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
etag: "63512b7d-2b20"
expires: Tue, 06 Jun 2023 16:13:09 GMT
cache-control: max-age=345600
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
149.154.167.99200 OK 6.6 kB URL GET HTTP/2 telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.telegram.org
Fingerprint6B:78:D0:29:DF:A1:B1:16:30:8C:F2:FB:C5:BA:E6:EB:C6:21:C2:A5
ValidityWed, 10 Aug 2022 15:56:28 GMT - Mon, 11 Sep 2023 15:56:28 GMT
File type Web Open Font Format (Version 2), TrueType, length 6620, version 1.0\012- data
Hash 376ffe2ca0b038d08d5e582ec13a310f
ec85284f360bada79122b5dca3088103c769ca8a
2f662599cf4323a18b4f7da381a998a8873c0277fff2d866336f7ee943a102d6
GET /fonts/Roboto/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://t.me
DNT: 1
Connection: keep-alive
Referer: https://telegram.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: application/octet-stream
content-length: 6620
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
etag: "63512b7d-19dc"
expires: Tue, 06 Jun 2023 16:13:09 GMT
cache-control: max-age=345600
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
telegram.org/img/apple-touch-icon.png
149.154.167.99200 OK 5.6 kB URL GET HTTP/2 telegram.org/img/apple-touch-icon.png
IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.telegram.org
Fingerprint6B:78:D0:29:DF:A1:B1:16:30:8C:F2:FB:C5:BA:E6:EB:C6:21:C2:A5
ValidityWed, 10 Aug 2022 15:56:28 GMT - Mon, 11 Sep 2023 15:56:28 GMT
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 295ccdb03006b8dfef45090dafbd46ac
491ab660270e47cbac6a5731c51cca71c1c1b2b1
a51d667d4262047c23e3a2a8aac3b46dc8a58c686cc013f2354011c07bf22cf3
GET /img/apple-touch-icon.png HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: image/png
content-length: 5644
last-modified: Thu, 21 Apr 2022 13:47:47 GMT
etag: "62616083-160c"
expires: Tue, 06 Jun 2023 16:13:09 GMT
cache-control: max-age=345600
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
149.154.167.99200 OK 11 kB URL GET HTTP/2 telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.telegram.org
Fingerprint6B:78:D0:29:DF:A1:B1:16:30:8C:F2:FB:C5:BA:E6:EB:C6:21:C2:A5
ValidityWed, 10 Aug 2022 15:56:28 GMT - Mon, 11 Sep 2023 15:56:28 GMT
File type Web Open Font Format (Version 2), TrueType, length 11028, version 1.0\012- data
Hash 1f6d3cf6d38f25d83d95f5a800b8cac3
279f300ca2cbbdf9f5036ef2f438607fbf377daa
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
GET /fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://t.me
DNT: 1
Connection: keep-alive
Referer: https://telegram.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: application/octet-stream
content-length: 11028
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
etag: "63512b7d-2b14"
expires: Tue, 06 Jun 2023 16:13:09 GMT
cache-control: max-age=345600
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
telegram.org/img/tgme/pattern.svg?1
149.154.167.99200 OK 232 kB URL GET HTTP/2 telegram.org/img/tgme/pattern.svg?1
IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.telegram.org
Fingerprint6B:78:D0:29:DF:A1:B1:16:30:8C:F2:FB:C5:BA:E6:EB:C6:21:C2:A5
ValidityWed, 10 Aug 2022 15:56:28 GMT - Mon, 11 Sep 2023 15:56:28 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size 232 kB (231706 bytes)
Hash d0c22c6a97023d85ba6e644a41c44a5d
4284efb616c182da4450c123174ce0e81a322845
118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4
GET /img/tgme/pattern.svg?1 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.org/css/telegram.css?236
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Jan 2023 17:52:04 GMT
etag: W/"63b70e44-3891a"
expires: Tue, 06 Jun 2023 16:13:09 GMT
cache-control: max-age=345600
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
telegram.org/css/font-roboto.css?1
149.154.167.99200 OK 6.2 kB URL GET HTTP/2 telegram.org/css/font-roboto.css?1
IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.telegram.org
Fingerprint6B:78:D0:29:DF:A1:B1:16:30:8C:F2:FB:C5:BA:E6:EB:C6:21:C2:A5
ValidityWed, 10 Aug 2022 15:56:28 GMT - Mon, 11 Sep 2023 15:56:28 GMT
File type ASCII text, with very long lines (6354), with no line terminators
Hash c06318a1f377e388b69b104b4cefa1a6
151f067aae997487880e573876f96b8d598e64db
1a53363e667fffef8a82588191989d36e680b4d341c6b557e62bf207311a3d70
GET /css/font-roboto.css?1 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: text/css
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
etag: W/"63512b7d-1816"
expires: Tue, 06 Jun 2023 16:13:09 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
telegram.org/css/telegram.css?236
149.154.167.99200 OK 115 kB URL GET HTTP/2 telegram.org/css/telegram.css?236
IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.telegram.org
Fingerprint6B:78:D0:29:DF:A1:B1:16:30:8C:F2:FB:C5:BA:E6:EB:C6:21:C2:A5
ValidityWed, 10 Aug 2022 15:56:28 GMT - Mon, 11 Sep 2023 15:56:28 GMT
File type ASCII text, with very long lines (1267)
Size 115 kB (114867 bytes)
Hash 0d209d756face073dd14a437f07e58b2
20cb9119fdd02921a6bd0b1500f78a0b76a7a5c0
acd326a9263ee8c4cbc757fed46333732a0e3f8f48d398cbd4f8e36a09fdaf76
GET /css/telegram.css?236 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: text/css
last-modified: Mon, 20 Mar 2023 10:58:55 GMT
etag: W/"64183c6f-1c0b3"
expires: Tue, 06 Jun 2023 16:13:09 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
telegram.org/img/website_icon.svg?4
149.154.167.99200 OK 1.9 kB URL GET HTTP/2 telegram.org/img/website_icon.svg?4
IP 149.154.167.99:443
ASN #62041 Telegram Messenger Inc
Certificate IssuerGoDaddy.com, Inc.
Subject*.telegram.org
Fingerprint6B:78:D0:29:DF:A1:B1:16:30:8C:F2:FB:C5:BA:E6:EB:C6:21:C2:A5
ValidityWed, 10 Aug 2022 15:56:28 GMT - Mon, 11 Sep 2023 15:56:28 GMT
File type SVG Scalable Vector Graphics image\012- XML document, ASCII text, with very long lines (1968), with no line terminators
Hash 5caca7ae1cffb3da0b06150a15020005
04cfb934f238d33209406393a3fbf78454815739
1ea747a06fbc240c2594a8c523cb248bbda4784f0fcad9d0f06334f1a378604f
GET /img/website_icon.svg?4 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Jun 2023 16:13:09 GMT
content-type: image/svg+xml
last-modified: Mon, 20 Jul 2020 20:41:37 GMT
etag: W/"5f160181-768"
expires: Tue, 06 Jun 2023 16:13:09 GMT
cache-control: max-age=345600
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2