Report - co60.col-vxs.space/

Report Overview

Visited public
2023-11-28 14:16:56
Tags
URL
co60.col-vxs.space/
Finishing URL
co60.col-vxs.space/
IP / ASN
185.104.45.166
#200000 Hosting Ukraine LTD
Title
Sebastián Torres💰

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
co60.col-vxs.space	unknown	unknown	No data	No data	2.3 kB	129 kB	185.104.45.166
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-28 07:50:39	541 B	12 kB	142.250.74.3
telegram.org	5408	2003-12-15	2013-12-18 14:14:30	2023-11-27 18:07:21	894 B	8.2 kB	149.154.167.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-28	medium	co60.col-vxs.space/	Telegram
2023-11-28	medium	co60.col-vxs.space/	Telegram
2023-11-28	medium	co60.col-vxs.space/	Telegram
2023-11-28	medium	co60.col-vxs.space/	Telegram
2023-11-28	medium	co60.col-vxs.space/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	co60.col-vxs.space/jquery.js	ScriptElement	88 kB	2023-06-05	2025-05-03
Pretty URL co60.col-vxs.space/jquery.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 16:56 Last Seen2025-05-03 15:27 Times Seen799 Hash 4fcf018b5c604c47ae980185cf0167c2 fa4ab55b154a5a4c4ef55cfad51a2a2d4407af61 32b42f9bc813dd6bad1b45129eade1df8dd1463908f79505209fbfa1aa71018a Loading...

	co60.col-vxs.space/	ScriptElement	596 B	2023-11-18	2024-08-20
Pretty URL co60.col-vxs.space/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-18 14:33 Last Seen2024-08-20 18:56 Times Seen13 Hash 9be602c6d12297644df3e77e94ea6209 a29d6540fa2991957d3a4d07ec898696393374da b354c61e6ee43f0260a351db510d700b03d08a4c3a427196760d1959a8fb04d3 Loading...

	co60.col-vxs.space/	ScriptElement	212 B	2023-11-18	2024-08-20
Pretty URL co60.col-vxs.space/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-18 14:33 Last Seen2024-08-20 18:56 Times Seen13 Hash bdc23be384082cd238e35efe56d29e65 814bba0704983463e98d16851cfb9a911718c906 cd231f04ef39eebc6242b21f1437520ee6dcbb7fb5e3d81f058a5a0174ee0ef2 Loading...

	co60.col-vxs.space/	ScriptElement	62 B	2023-11-18	2024-08-20
Pretty URL co60.col-vxs.space/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-18 14:33 Last Seen2024-08-20 18:56 Times Seen13 Hash 29a077ff1e9da189f37c433797d0fa8d adce5c8b2b9f1c608e4450a4055d3ba2f4907997 32c726230e9fe641b1bf46577db6323b2e4461fccf72f7faaa2aaeb67f057b76 Loading...

	co60.col-vxs.space/	ScriptElement	94 B	2023-11-18	2024-08-20
Pretty URL co60.col-vxs.space/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-18 14:33 Last Seen2024-08-20 18:56 Times Seen13 Hash 64dd63b59c1ebb0a1709d0010c43a7bb 8aeab05c7e515c1ed2522690d7f16e444dcab60a 884e85e261d0a29f196dc2016430c6c130c5331736ff0306b1d0bb5fe414e467 Loading...

	co60.col-vxs.space/tgwallpaper.min.js	ScriptElement	3.0 kB	2023-03-07	2025-05-09
Pretty URL co60.col-vxs.space/tgwallpaper.min.js IP 185.104.45.166 ASN #200000 Hosting Ukraine LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-05-09 19:35 Times Seen49070 Hash 2b89d34702716a8ad2cc3977718f53a3 04406ebd6a9e2ce79dbac5e5048cfe1384e4574a 2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6 Loading...

	co60.col-vxs.space/	ScriptElement	626 B	2023-11-18	2024-08-20
Pretty URL co60.col-vxs.space/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-18 14:33 Last Seen2024-08-20 18:56 Times Seen13 Hash 58cb6792f5f4af0ffa13f3fab806d1bf b5d341214f0c5fbfd446a344ba14c8b1ce4d2473 2f66d7a7e6c92df0c5832fc44befd79d060e70c1aa6a8fc616f4a4b58d2cc279 Loading...

HTTP Transactions (8)

URL IP Response Size

co60.col-vxs.space/css

185.104.45.166

200 OK

4.1 kB

URL GET HTTP/2
co60.col-vxs.space/css
IP
185.104.45.166:443
ASN
#200000 Hosting Ukraine LTD

Requested by
https://co60.col-vxs.space/
Certificate
IssuerLet's Encrypt
Subjectco60.col-vxs.space
FingerprintA9:5A:51:C0:F8:A1:2B:E3:4D:8E:74:C5:D1:8B:4F:C7:03:B0:BD:A2
ValiditySat, 28 Oct 2023 13:11:26 GMT - Fri, 26 Jan 2024 13:11:25 GMT

File type
ASCII text
Size
4.1 kB (4088 bytes)
Hash
3dcd8d9dc8e7e53807231e6bc4648e37
4fa9dc659c06e7fbaf25372c6af55795c9577ae1
740052f6c1e166e7cbe71194bb23bc969be65887a991af38daa863403091282f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /css HTTP/1.1
Host: co60.col-vxs.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://co60.col-vxs.space/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 14:16:39 GMT
content-length: 4088
x-ray: p13015:0.000/wn42388:0.017/wa42388:D=2754
last-modified: Fri, 27 Oct 2023 12:51:42 GMT
etag: "ff8-608b2266c9d5a"
accept-ranges: bytes
X-Firefox-Spdy: h2

co60.col-vxs.space/tgwallpaper.min.js

185.104.45.166

200 OK

12 kB

URL GET HTTP/2
co60.col-vxs.space/tgwallpaper.min.js
IP
185.104.45.166:443
ASN
#200000 Hosting Ukraine LTD

Requested by
https://co60.col-vxs.space/
Certificate
IssuerLet's Encrypt
Subjectco60.col-vxs.space
FingerprintA9:5A:51:C0:F8:A1:2B:E3:4D:8E:74:C5:D1:8B:4F:C7:03:B0:BD:A2
ValiditySat, 28 Oct 2023 13:11:26 GMT - Fri, 26 Jan 2024 13:11:25 GMT

File type
ASCII text, with very long lines (2979), with no line terminators
Size
12 kB (12347 bytes)
Hash
2b89d34702716a8ad2cc3977718f53a3
04406ebd6a9e2ce79dbac5e5048cfe1384e4574a
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /tgwallpaper.min.js HTTP/1.1
Host: co60.col-vxs.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://co60.col-vxs.space/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 14:16:39 GMT
content-type: application/javascript
last-modified: Fri, 27 Oct 2023 12:51:42 GMT
etag: W/"653bb25e-ba3"
x-ray: p13015:0.000/wn42388:0.000/
content-encoding: br
X-Firefox-Spdy: h2

co60.col-vxs.space/avatar2.jpg

185.104.45.166

200 OK

108 kB

URL GET HTTP/2
co60.col-vxs.space/avatar2.jpg
IP
185.104.45.166:443
ASN
#200000 Hosting Ukraine LTD

Requested by
https://co60.col-vxs.space/
Certificate
IssuerLet's Encrypt
Subjectco60.col-vxs.space
FingerprintA9:5A:51:C0:F8:A1:2B:E3:4D:8E:74:C5:D1:8B:4F:C7:03:B0:BD:A2
ValiditySat, 28 Oct 2023 13:11:26 GMT - Fri, 26 Jan 2024 13:11:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Size
108 kB (108147 bytes)
Hash
7c58d35da94c5f6249fc52efd4b48e29
d4b022b4c82b9e1323a549320c31693004f97515
a5c050fb423754d5599ec0a8073e7432b9e2957b7e9d862ba944d6bd68fcb08c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /avatar2.jpg HTTP/1.1
Host: co60.col-vxs.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://co60.col-vxs.space/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 14:16:39 GMT
content-type: image/jpeg
content-length: 108147
last-modified: Fri, 27 Oct 2023 12:51:42 GMT
etag: "653bb25e-1a673"
x-ray: p13015:0.000/wn42388:0.000/
accept-ranges: bytes
X-Firefox-Spdy: h2

co60.col-vxs.space/img/tgme/pattern.svg?1

185.104.45.166

1.6 kB

URL
co60.col-vxs.space/img/tgme/pattern.svg?1
IP
185.104.45.166:0
ASN
#200000 Hosting Ukraine LTD

Certificate
IssuerLet's Encrypt
Subjectco60.col-vxs.space
FingerprintA9:5A:51:C0:F8:A1:2B:E3:4D:8E:74:C5:D1:8B:4F:C7:03:B0:BD:A2
ValiditySat, 28 Oct 2023 13:11:26 GMT - Fri, 26 Jan 2024 13:11:25 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.6 kB (1613 bytes)
Hash
b7636fed457cdb66aac1d5979c484b00
2fe05632a06ba3f06c83e12cbd82a0886eff3722
b96f817be2e49d97fd9647a4744f5d37507ad1cad3260a8f2a8b37414a6d8566

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /img/tgme/pattern.svg?1 HTTP/1.1
Host: co60.col-vxs.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://co60.col-vxs.space/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 28 Nov 2023 14:16:39 GMT
content-type: text/html
content-length: 1613
x-ray: p13015:0.000/wn42388:0.000/wa42388:D=3964
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

142.250.74.3

11 kB

URL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11040, version 1.0\012- data
Size
11 kB (11040 bytes)
Hash
5e22a46c04d947a36ea0cad07afcc9e1
6091d981c2a4ee975c7f6b56186ee698040bb804
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://co60.col-vxs.space
DNT: 1
Connection: keep-alive
Referer: https://co60.col-vxs.space/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:48:12 GMT
expires: Fri, 22 Nov 2024 04:48:12 GMT
cache-control: public, max-age=31536000
age: 466107
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

co60.col-vxs.space/img/tgme/pattern.svg?1

185.104.45.166

1.6 kB

URL
co60.col-vxs.space/img/tgme/pattern.svg?1
IP
185.104.45.166:0
ASN
#200000 Hosting Ukraine LTD

Certificate
IssuerLet's Encrypt
Subjectco60.col-vxs.space
FingerprintA9:5A:51:C0:F8:A1:2B:E3:4D:8E:74:C5:D1:8B:4F:C7:03:B0:BD:A2
ValiditySat, 28 Oct 2023 13:11:26 GMT - Fri, 26 Jan 2024 13:11:25 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.6 kB (1613 bytes)
Hash
b7636fed457cdb66aac1d5979c484b00
2fe05632a06ba3f06c83e12cbd82a0886eff3722
b96f817be2e49d97fd9647a4744f5d37507ad1cad3260a8f2a8b37414a6d8566

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /img/tgme/pattern.svg?1 HTTP/1.1
Host: co60.col-vxs.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://co60.col-vxs.space/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 28 Nov 2023 14:16:39 GMT
content-type: text/html
content-length: 1613
x-ray: p13015:0.000/wn42388:0.010/wa42388:D=3358
X-Firefox-Spdy: h2

telegram.org/img/apple-touch-icon.png

149.154.167.99

200 OK

5.6 kB

URL GET HTTP/2
telegram.org/img/apple-touch-icon.png
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://co60.col-vxs.space/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.org
FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30
ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Size
5.6 kB (5644 bytes)
Hash
295ccdb03006b8dfef45090dafbd46ac
491ab660270e47cbac6a5731c51cca71c1c1b2b1
a51d667d4262047c23e3a2a8aac3b46dc8a58c686cc013f2354011c07bf22cf3

HTTP Headers

GET /img/apple-touch-icon.png HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://co60.col-vxs.space/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 28 Nov 2023 14:16:40 GMT
content-type: image/png
content-length: 5644
last-modified: Thu, 21 Apr 2022 13:47:47 GMT
etag: "62616083-160c"
expires: Sat, 02 Dec 2023 14:16:40 GMT
cache-control: max-age=345600
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

telegram.org/img/website_icon.svg?4

149.154.167.99

200 OK

1.9 kB

URL GET HTTP/2
telegram.org/img/website_icon.svg?4
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://co60.col-vxs.space/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.org
FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30
ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT

File type
SVG Scalable Vector Graphics image\012- XML document, ASCII text, with very long lines (1968), with no line terminators
Size
1.9 kB (1896 bytes)
Hash
5caca7ae1cffb3da0b06150a15020005
04cfb934f238d33209406393a3fbf78454815739
1ea747a06fbc240c2594a8c523cb248bbda4784f0fcad9d0f06334f1a378604f

HTTP Headers

GET /img/website_icon.svg?4 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://co60.col-vxs.space/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 28 Nov 2023 14:16:40 GMT
content-type: image/svg+xml
last-modified: Mon, 20 Jul 2020 20:41:37 GMT
etag: W/"5f160181-768"
expires: Sat, 02 Dec 2023 14:16:40 GMT
cache-control: max-age=345600
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size