| telegram-web-k-koto.pages.dev/index-257913ec.js | 172.66.44.167 | 200 OK | 63 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/index-257913ec.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (63446), with no line terminators Hash2b75f84114c64a48ae191f606ef8109d 0fe4042e0e6feb74298a99d54fea52786c380a70 3b46907a63e08809a49768249a103d30695944d0cd374f642c7685cb44a4f50d
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /index-257913ec.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:32 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"626ca76ee4270b1d69a7ed1b66aaa678"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQPe64XKA%2FH6Uvk%2FQbnH1imFScl18P9XsRgZKKnDdndVXMLpd2b9%2FS2gfzeIFbhX8urf0%2B7Sj98ur5m9P37u%2BbGgdeUXQHHugwXTkqUWAaPFAKwuNr6kpMS2buYZ5xL4Mr3pseTGrvv%2FcmW6jCy1Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a910b0c56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/langSign-66e8939d.js | 172.66.44.167 | 200 OK | 1.8 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/langSign-66e8939d.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeASCII text, with very long lines (895) Hashb1fb189d8c6640ca34096506a34baaa4 cb811e89f3c08f1d90eda051a29760fa1165e4d8 7285632faf1a90db84b6da17536028924fd77630408e7ba20172637dd2b7fe32
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /langSign-66e8939d.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/index-257913ec.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5a29e5d9c312b68171d6e68b1381397b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djXlEE0uUdmbUq%2ByGUToV9p9MtFVHvTCL%2FXAbwiKUdG%2FykNxf46EQlyg3kQvxEA6kqQwS4ZxSaUeDCFv9vYyUlfipl92CbEcuYft6yY2y3Lr1rmyd6DWOWXb%2BSWSX2878pQiz%2BT%2FQCqNnkS8z2CZTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a92dbd756c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/mtproto.worker-017fd0e6.js | 172.66.44.167 | | 227 kB |
URL telegram-web-k-koto.pages.dev/mtproto.worker-017fd0e6.js IP172.66.44.167:0
CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
Size227 kB (226729 bytes) Hash295d1015e18834582b7b3e8461a8c002 e52edd49d721bcdbe8175c23d7b3c05019b8a6f9 f97524ccb2a1ef2f75015f5aaee54270be8998a6536a6637e0659edb8d862cfb
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /mtproto.worker-017fd0e6.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: sharedworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"30bcdaf22177564bde3f518ee258775e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4E%2Bt0NYpEaZDB7m6T6dGQV%2FBg1E6MutZp1R9UKkq4zy6zpuC6ICGWVupBqUfGxFVbzQ5l94gqUe2m64ElVKNXie6%2BpwMQ0IdVdZ6JSFq40VcW7GbCMeUz0yeJrBHu6M7OfEPbD4ViOveCqGZKfBceg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a92cbcb56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| venus.web.telegram.org/apiw1 | 149.154.167.99 | | 169 B |
URL venus.web.telegram.org/apiw1 IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
Content-Length: 0
Origin: https://telegram-web-k-koto.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: text/html
content-length: 169
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| telegram-web-k-koto.pages.dev/putPreloader-339e0b30.js | 172.66.44.167 | 200 OK | 598 B |
URL GET HTTP/3telegram-web-k-koto.pages.dev/putPreloader-339e0b30.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeASCII text, with very long lines (394) Hashc45c524cd173c84436b69a2f496abf68 0f5fdae5cbc792070561a1f817167ba9a3b1a1c4 3c79832d5037073878feadbc4979dd8128f6e709e736661c3614ed3b2fd5ca90
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /putPreloader-339e0b30.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/pageSignQR-3ec2680d.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a43b9973f5550aeb9e15bbf1457e4608"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iX8fKlBc95Rp1kizS9svElPoFMorLq4Rn0MlEMThq9y03lVWn7lrgiOs%2Bm9REyZwoTnLBQts7R0ZY9nqrrL1MJSqbY9Z1hyJYwgU%2F%2B19OsOfFe5J3YlUwsG0QMR41Tp1kHGrzpD2WgzQgq3fLjZkEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a946ca256c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://telegram-web-k-koto.pages.dev
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5rUwHhkBnQLJZwMC0Y/p/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 24 Apr 2024 04:51:33 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hduJW2Q7E1Q3ZJhkhoLHEXgnbNw=
Sec-WebSocket-Protocol: binary
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://telegram-web-k-koto.pages.dev
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aBBF6vQyvfrRsNIYBIGv1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 24 Apr 2024 04:51:33 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B0KML32QVNsgttdF5UGF/OqKvtI=
Sec-WebSocket-Protocol: binary
|
|
| venus.web.telegram.org/apiw1 | 149.154.167.99 | | 169 B |
URL venus.web.telegram.org/apiw1 IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
Content-Length: 0
Origin: https://telegram-web-k-koto.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: text/html
content-length: 169
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| telegram-web-k-koto.pages.dev/qr-code-styling-c40cd486.js | 172.66.44.167 | 200 OK | 28 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/qr-code-styling-c40cd486.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (57474) Hash507abdddf8a6083dd32cfd55e8dd9c77 7bb27293c0e040b92aa79925df938bc5ae810bff 48d812700c5555c6823724cb0ce93936e5067175e37a41b6f3edd1ceecea2bfc
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /qr-code-styling-c40cd486.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/pageSignQR-3ec2680d.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2024b4af6efb72a858b6bd36ad6cca0b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bz6isX0QI6IZrQGnPVWpvkN3kX2EmZzUCURhhpiJkxHglA5j9uq1utUTFzXf5pRpjyE8PYZzl9oe0HuDYfSPqMIq6Fvu2P%2BxPfLynNVlDnAUAelwhZUV5ENJr0tXNmLBg16a6sg91s2iv0CZaH4Qcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a94bcd756c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 172.66.44.167 | 200 OK | 11 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://telegram-web-k-koto.pages.dev/index-70fb3a96.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: font/woff2
content-length: 11016
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "741b4527b63febbccc571bad3f4f23cf"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gaS4Lr33pocMyBneEMUIBDOq0g3lubtLlFrNL%2FmWuA9cfU0YIezJi%2F56yCvvdh9WO%2Figz47SpJC9PAAtjZ5ow8%2Bv2uxsqk6dO6WBAK6qvvuEt%2FEgFIMka%2F4Z1TvoUP%2FNGB%2BMuTYqWbAJg60RA3RmGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a955d1e56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://telegram-web-k-koto.pages.dev
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +HmOXYU351bJwrV3eIlQ2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 24 Apr 2024 04:51:33 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tD2qzEipauwU4hgwKTGgfrT4jlo=
Sec-WebSocket-Protocol: binary
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://telegram-web-k-koto.pages.dev
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wFg6rKo0+kDQAhKpgkiObw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 24 Apr 2024 04:51:33 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a1MYZ1cUl11J7ukIBxcGMRC7ogw=
Sec-WebSocket-Protocol: binary
|
|
| telegram-web-k-koto.pages.dev/pageSignQR-3ec2680d.js | 172.66.44.167 | 200 OK | 11 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/pageSignQR-3ec2680d.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeJava source, ASCII text, with very long lines (5538) Hash77ff88e190b7aa6e83e2a85159663605 04509f3fc32864877cdcd563979f3159cdb71706 0a69ec2e289e2c58ac11a4ea727652749d1348a23144118ece9047bdae38c6ae
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /pageSignQR-3ec2680d.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3fd69c4c6df759fe9157ac8b8e641095"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgHUEJzblfo8ozfwVqUDr9qoxCmbMH%2F%2BN56NgHNyvkTocpk397PtvqHjOt2%2Fi0W%2BTy%2Bh014qi1kLRzh2KeTbBe687Od6p7Vk2alzDZmbE7K%2BfH58RUNBBnxPahsz1r0ez0S1FmHI%2B4CDq%2FU4gJke0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a93ac4456c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/assets/img/logo_padded.svg | 172.66.44.167 | 200 OK | 6.8 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/assets/img/logo_padded.svg IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeSVG Scalable Vector Graphics image Hash256adedc8580ce9d3e5d41bb6467a8e2 b1dd7a21d38aeabac25762e7c0587f82fd40274a eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/img/logo_padded.svg HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:35 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ddc17b460f3542cd68305d2c727dab6c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CB1C5vJGD1SijlPrcpajKiT%2F9GKZUuvsB7fUbmpI14KAmAbAznIqJc6zD%2F%2Fply91Uzh%2BTc%2BoN09trY9x2WB7%2Fwjuzc5VUlOHJp%2FdX%2FiDWVD475bYtCsCUaVGWfrzIHhItHvwuCyJNs32dhpZYFSpOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937aa27b5c56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 172.66.44.167 | 200 OK | 11 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://telegram-web-k-koto.pages.dev/index-70fb3a96.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: font/woff2
content-length: 11056
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "d0122a2078b736d8f34c46ec02e88eb0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWEXBoB9BEFzqSLXFY0cMBic52QqdILk2sEz%2Fns9ruk4aT2EcbzaXmtApvQzgfW0L8utvy8M%2FZ0XM%2FvZHmyg1zlxXdx92vXjR2hKMIa5nQXHyE833q77%2FWY91zRCsHhUI0r2suCxtxO%2BrpmVqEvRYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a954d1a56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/lang-5a385cdb.js | 172.66.44.167 | 200 OK | 83 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/lang-5a385cdb.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /lang-5a385cdb.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/index-257913ec.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"41ed5bd498697b7a3dc987814297f5a3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U1X98chP%2BKVQAgFrvOkzYdln5tvBMUgXv%2FAvmD7emHOq2yYob1X4Zk3YroTn3va6Ts2HpaxeHFrhSo0OoDGSA9GX4xh%2BbtqCBLleDw0aXS4JTT29cVlyffPTPDesE9GINQWVVS3vUJU9gD7AT8kg3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a92dbd456c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/assets/img/favicon-16x16.png?v=jw3mK7G9Ry | 172.66.44.167 | 200 OK | 1.0 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/assets/img/favicon-16x16.png?v=jw3mK7G9Ry IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe3ce05eb00b3215df220efaf0fd06e21 d1533966f79dc2984c34317035f31cf3c91298c9 0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: image/png
content-length: 1012
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "164bab244d543d9719126be57e7b82f4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=koczaY7XWjvkLcpBsRgFBjSBMOw2skdYOaFwwASRru8jFzq61yJkX8ou0cSSOlFzJtR1JOPdyOf0R%2FGMuTwAtDMz8KEk%2BiQB8R%2B8bq%2BF0RGkF1cEAXXRsUyF%2F94IxA3vtB8cn71qPnDXra2F5RaG9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a937c2756c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/textToSvgURL-c6ebb454.js | 172.66.44.167 | 200 OK | 357 B |
URL GET HTTP/3telegram-web-k-koto.pages.dev/textToSvgURL-c6ebb454.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeASCII text, with very long lines (361), with no line terminators Hashea2a87dc9755781a19e407ae7bc5dc0d 41a7d07495e01e09e53eb51215ccf778c3aea92f 0a6994411c1666d1f665895c1d61536c24b0f0f5f9176f81d839c5316ea3d1be
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /textToSvgURL-c6ebb454.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"745425261de7a48f7926db2f3e90629a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUjMDf1h2tSvp92qGGOJAegFdTDG4apnCfZAoHoq962P%2F8BulICH2oDhqiEUn68Zy1MTzMFAgtU5xLL7abvtLeF%2FA7b%2Bw3Q7esYLP3KWr50Evab7lH6ZWU%2BTxDAbZPMK3s8k1ftnf3HozqBB1kXo7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a93bc4e56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/page-e73ef7e4.js | 172.66.44.167 | 200 OK | 10 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/page-e73ef7e4.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeASCII text, with very long lines (9973) Hashd2c1421214af33d9f24b639356538756 c3ddcaa0916df3be36a23e4971119ff03bd7b258 a5086c994cb0c2bc71c6ef6cb36bb6af87f439c59dc923f59c5fe9b468765b5f
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /page-e73ef7e4.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/pageSignQR-3ec2680d.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9863bf3c6880827c9fa2d12b7f24d67c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ASiVfoz%2FoJAiy0IySnwcuAu302YZgWSevbKazMsVBOPGpV3Q3rxoNd%2Bul%2BD%2B9%2FHtpnxXZJRvIzad4DCxhrQzKqaMmUmJP2ov44qPSbf7b3gP9GQXFq1GdumXr%2BHBjPHi6%2BbZr%2FM7hHDs6T5sA0bB2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a945c9a56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/index-70fb3a96.css | 172.66.44.167 | 200 OK | 397 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/index-70fb3a96.css IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
Size397 kB (396827 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /index-70fb3a96.css HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:32 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ec6b87e9f7a9e296afb5672d942613db"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SHZYih8kP4Z0jFNppoDP0995WJ5jMIHIwFnZ593CCOLWOgkjtqWZqvyg8BmR5XvdQrIt0hzbLq9LHsNrHCiYu0Hcbos5qL59jgkyQJj2QeT8ht%2Bph6S2OgxM8L1Or70gXK9ZfKGxXVVQc%2FSnHIUr0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a910b0e56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/button-a9a2d121.js | 172.66.44.167 | 200 OK | 7.4 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/button-a9a2d121.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeASCII text, with very long lines (7988), with no line terminators Hash41fa581c1f120a5193e0df1cf5963155 32d8e84a765d6d92b9ee2c387dd4555530c94ce7 d0cc27fa43c4ab1945aacfa6ab454ebf769189c438d2966f7c2248b9e3e54c26
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /button-a9a2d121.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ebade2dbf20c926759fb45ba379b8347"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2FcdpdF2RQ%2Fs1rIRraQwSsh%2BoQDblP2Lkw%2Bn63morbcyNf7IRAXnbBJ%2Bofmy55pDDSmbtwR2czwnoBAt1aNXkJDUbQpI9d2itfEuozYTgl4C5yeJSjW674Qiy3wHWPmV7du6061ncBRw5lawxbKSoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a93ac4756c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/ | 172.66.44.167 | 200 OK | 14 kB |
URL User Request GET HTTP/2telegram-web-k-koto.pages.dev/ IP172.66.44.167:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeHTML document, ASCII text, with very long lines (1757) Hashb76a59b43efb967dae7a76953b2bf4a8 d3de34a520433b6fc136bbd669fb32942de0f33d 29187d118413b1122f301970cf912828d190d1f0b4a2f8b9229a811016ba1e82
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET / HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:51:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"db55e7ba5feb9a3f67859b149302a12a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WBINMen%2Fe83AWUKOIRwlMXgx8W9eNBjV7D8cpcoK8BjG0bfIB2H0c37cFBTyqWANiaMF%2FuOZVt3G%2F0J9%2FyCf2dwDH49%2B2%2FLqiLtBCV1lLfW8g9jtKNm4e70by6Igp3iZNFee96AFKu3xnHmYXLtI3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a8e9d0956b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| telegram-web-k-koto.pages.dev/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry | 172.66.44.167 | 200 OK | 9.0 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash87fecdadac0beb95f9b7c87b3b3236f0 822f92446c0033a32462aa21208efaef1f0d8c3c 25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: image/png
content-length: 9024
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c35bd3231a46b7b8c79b2578bdec4987"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P9U0Hf57c2M6VSuaom780yY6THv3O53o6nkVONOw%2F6E3FhpGr9X20LKMU5zaPPwL4ib6silnd7tGpnqU4U9YiB%2BjIqGIvqJI9x4ykXQpEQawNtvU8t4rNtn%2BBBO%2FGHuaH0d%2FjwIFvagyPQYldWYsxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a937c2656c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/page-e73ef7e4.js | 172.66.44.167 | 200 OK | 10 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/page-e73ef7e4.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeASCII text, with very long lines (9973) Hashd2c1421214af33d9f24b639356538756 c3ddcaa0916df3be36a23e4971119ff03bd7b258 a5086c994cb0c2bc71c6ef6cb36bb6af87f439c59dc923f59c5fe9b468765b5f
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /page-e73ef7e4.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9863bf3c6880827c9fa2d12b7f24d67c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ttyUJBRUJZZgYO84wMoPsBGcxV3fWj9Ao6d9pRm3Yx%2FOiEZOTWxacVYebxfD13vKUVrN9kSdqdVWIB7zTMmNSUBY14DMNrrztINrQUPCNWCn9boCTmHr%2BfEhRDG588eit4QvBTEpEfnCm9odl6wm%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a93ac4656c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/crypto.worker-b2b2021e.js | 172.66.44.167 | 200 OK | 69 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/crypto.worker-b2b2021e.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash061a201747d764fcd611ff886b2b27ef d0fbcab1a5c52c5c38f46b2ed048cf8637716686 58fafa3a075d804360271b6b081e9c3c46ba344659ef3cb10d5561afc1147448
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /crypto.worker-b2b2021e.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:32 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"860187db15075ef93d9f1f93f6ce3e29"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5hXRwXAyRvRikbruZCVAROoMUtS1kTnbWagf8aTh2e5EAXfNZhE4oTy9n5iAqKIh8VztMi%2BZ8FwUrYodsZwc7Y4sgE58cAoj%2F55M36ieTm1emWsaoThjUa7kUY%2FupO2sQB96d7Xa1OB16TR7P1N5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a927bab56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/countries-5301fc59.js | 172.66.44.167 | 200 OK | 24 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/countries-5301fc59.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /countries-5301fc59.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/index-257913ec.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"e980704d431b4d599e68121466b55e1b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tnKrRmbmP31gvob5JguQyPGCvTnnc42ZqmzVj2eexuz4OPW4ClCnPeIGAlDlRgQPfHjx%2BPS1ZJqMCd1zm8n23q5HydrxYyI8RgzJyjDxfi5smycApv9tHKpODdGM0wvNhwx%2BySUtOm%2FHyDWIvUGxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a92dbd856c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/button-a9a2d121.js | 172.66.44.167 | 200 OK | 7.4 kB |
URL GET HTTP/3telegram-web-k-koto.pages.dev/button-a9a2d121.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeASCII text, with very long lines (7988), with no line terminators Hash41fa581c1f120a5193e0df1cf5963155 32d8e84a765d6d92b9ee2c387dd4555530c94ce7 d0cc27fa43c4ab1945aacfa6ab454ebf769189c438d2966f7c2248b9e3e54c26
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /button-a9a2d121.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/pageSignQR-3ec2680d.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ebade2dbf20c926759fb45ba379b8347"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8z1VoLVc%2F3xFnwL3y%2FT8vrQtTOBEz4oVV0BPgIAjDbyqHSjt0dfb6bEGRtpukV1BJ6lSQ3bUEg6ZtnmiIuEmm%2By7gH2MUTv8imSxecucQY87gNB4c4FxeU6ywmexo9fjBo84UP1AHfFmXxAbIad8FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a945c9f56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram-web-k-koto.pages.dev/textToSvgURL-c6ebb454.js | 172.66.44.167 | 200 OK | 357 B |
URL GET HTTP/3telegram-web-k-koto.pages.dev/textToSvgURL-c6ebb454.js IP172.66.44.167:443
Requested byhttps://telegram-web-k-koto.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttelegram-web-k-koto.pages.dev FingerprintCF:AF:84:33:E4:07:43:E3:A8:89:14:7C:19:22:E0:4F:E2:4F:52:10 ValidityTue, 23 Apr 2024 12:26:13 GMT - Mon, 22 Jul 2024 12:26:12 GMT
File typeASCII text, with very long lines (361), with no line terminators Hashea2a87dc9755781a19e407ae7bc5dc0d 41a7d07495e01e09e53eb51215ccf778c3aea92f 0a6994411c1666d1f665895c1d61536c24b0f0f5f9176f81d839c5316ea3d1be
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /textToSvgURL-c6ebb454.js HTTP/1.1
Host: telegram-web-k-koto.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram-web-k-koto.pages.dev/pageSignQR-3ec2680d.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:51:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"745425261de7a48f7926db2f3e90629a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rS0cy4vJo%2F8fkv0gpjRV7zNB%2FCm0UVWhPh0rJq1Mk3hie%2BqHcP5FG2X5c1H7bey01E2q0vyhDuJWJBqJgW63QavW7G1Hu7YZ5ByD6tNlh0ABEaqhi3E9kVOxuzujR1yzM%2B9QXcrXZTALpQwtahf6%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87937a946ca356c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|