{"report_id":"db97493f-ad5f-4bf4-9a9e-e26aa820aaaa","version":6,"status":"done","tags":[],"date":"2026-05-30T05:41:34Z","url":{"schema":"http","addr":"telegram-auth.online","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"ip":{"addr":"31.31.196.254","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"http","addr":"telegram-auth.online/","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"title":"Почти готово! Домен успешно привязан к хостингу","dom":{"size":768353,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22012)","md5":"893afe302a92bb779c783327f930a141","sha1":"9ba1b12e85e88f2465af84e9cf95136850b29844","sha256":"5008762b01ac7a59d8debe3eccdab3c782d0e2cfa5fe2d2a23c9c31009b0f7dd","sha512":"a626b4e53e2104100099beaecbd95fcd47a81c2cc945c9be63bf71e6de79101cecfdfd231d2c51479942288edd6cfaf49b042f9306e457ccbb2477c4bde332c6","ssdeep":"6144:Q0T9gq5TgX8gscru33oyBsQ70t6o1ys8YfwRXQebnLCNwPdvgH:t3oyBsQ70t6o1yIfwp1n2H","tlshash":"80f419c8abb02c5ed21b8631ac3f89c6f30a75d4b6fc4407694df791e25e116f226678","dom_hash":"domhashcf5334f2d974ddbaf245a75d8719e9aa","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"telegram-auth.online","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"ip":{"addr":"31.31.196.254","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-04T05:41:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"telegram-auth.online","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-05-28","domain_rank":0,"first_seen":"2022-12-12T19:02:49Z","last_seen":"2026-05-30T05:38:47.532706Z","alert_count":0,"request_count":4,"received_data":2306812,"sent_data":1591,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"files.reg.ru","ip":{"addr":"194.67.72.33","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2005-10-31","domain_rank":5588631,"first_seen":"2022-11-17T08:46:40Z","last_seen":"2026-05-29T14:34:55.778942Z","alert_count":0,"request_count":3,"received_data":262800,"sent_data":1572,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"telegram-auth.online/","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"01f8da1f6f1551b84202ad0aad70efd2","sha1":"f7410e44750232e13085e0a3ba649d93239c3efe","sha256":"09a1c3a0db7beafab34929ff0070589812f724b67621a79e2374047e302bbed9","sha512":"006e7bc128add405b845275ebfc8239a260b191873ce85b468bbe7dca5f102371e3e3ac4c6cdaccb07683e790751b6762874da6f30f2a0f2075f83c9dd43ccc4","ssdeep":"","tlshash":"0ea02208a000220888203022c2b3f0080aa3000c8e08c80202020008002000b88888bc","size":59,"data":"","first_seen":"2025-02-02T04:11:25.38907Z","last_seen":"2026-06-08T21:27:47.983153Z","times_seen":1923,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"telegram-auth.online/","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3b72475cdd13c5f7bc5932b9ba584646","sha1":"f29ff2c627c722455106f1272ad1298c485683ff","sha256":"97a832f472badbcd422c3e8533aa7b573808a68336bb4d458fa39d8bab6ed78a","sha512":"b79fc769eb86c7e1938880ff29f85cbf4af5f42a68f779fabe67b651b793efffd2421e24c66d7356291f5d556936d56c21397703fbde4f807f05a9862d7f0a8c","ssdeep":"96:Fs2RDpVjtVzQuHLn6h7u1ixk8LDk1y7VAU20Jc8De+H:FDp7Vrrn6h7u187VbMk","tlshash":"9591c6aa2354e5bb269009d05a2ed193fa157037252b94f0ba1fdc76f97cec08466b70","size":4300,"data":"","first_seen":"2025-02-02T04:11:25.390709Z","last_seen":"2026-06-06T22:30:12.368533Z","times_seen":1898,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"telegram-auth.online/","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c16e56bb4bfa926ac5a74d02c23b7273","sha1":"97ec676002864db2585ddf9e7604b5d891a89918","sha256":"1c256fbc701e83183977e3ce8c66cf41c91d4fc92f0167f0a6c47c97be5e24f8","sha512":"f766e1fe41a67840cc12e817f4cad8a9e132bf31a2300b0b68952fcfc499bd0c1ccdaa6fb60e068d9bf9012ce39cdf8faf05324adbc76005773178bf252fdb3d","ssdeep":"768:pZgOQuhhf/wNvdVnR4I/6rorELrKN260RJBt:P3l9/wlRCMUrh","tlshash":"9e839344faf0aea51679a111b36bc4c3f967425090e3841466cef9e4ec6f53e71a3b2c","size":85207,"data":"","first_seen":"2025-02-02T04:11:25.392268Z","last_seen":"2026-06-06T22:30:12.369745Z","times_seen":1898,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"telegram-auth.online/","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e7593eaf7df55b8d5060955fbccce09e","sha1":"bb3b769ac6bf84486ffe7e11c111fcecc3adcc83","sha256":"d737bca53f14012b7834a2a0f9fb4bd47a2f98ef347d4178e53f428b386087fe","sha512":"13c8ceac8b56427ffbbcc1bb9736ebe58db63b979ccb99578f610d793b930aa0f11c516cbb48a41284775612db8df38e65d3d7df702c830d777a2e6cb821ff7f","ssdeep":"1536:GwCNwl2fuPGzycYsClVsLuqf6BlVoFSdexsJPF/2Xuz9:vCN5vYsCPskDzeW5F/2XQ","tlshash":"39d31789bad1bd6113ba11a1686f88c7f63a5944584f8818f24ef4e5bc3d83e5137b3c","size":130982,"data":"","first_seen":"2025-02-02T04:11:25.393729Z","last_seen":"2026-06-06T22:30:12.370766Z","times_seen":1871,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"telegram-auth.online/","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-30T05:41:09.335Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: telegram-auth.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":0,"dns":1,"connect":28,"send":0,"wait":0,"receive":0,"ssl":85},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"telegram-auth.online/","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"ip":{"addr":"31.31.196.254","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-30T05:41:09.467Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: telegram-auth.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 30 May 2026 05:41:09 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Thu, 28 May 2026 18:04:26 GMT\r\nETag: W/\"bb91d-652e48f11cea2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":768285,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22012)","md5":"a4068b0db971da6fbea71906e260de44","sha1":"3583bef882c703501ca041428d720bd0d227a1b2","sha256":"32d0e81ddc6b5bb8341e87f4245af56e5721509f89d2d4542d90e8353862fd42","sha512":"c612ad0343916017906aef26d63c5e2ae3d8a9f1a32881e485feca36c7cd1d125ff8c03e392251435da255d2538145e656e2b2de9412aa274fa565da96261d80","ssdeep":"6144:a0T9gq5TgX8gscru33oyBsQ70t6o1ysEYfwRXQebnLCNwPdvgJ:r3oyBsQ70t6o1yOfwp1n2J","tlshash":"25f419c8abb02c5ed21b8631ac3f89c6f30a75d4b6fc4407694df791e25e116f226678","first_seen":"2025-11-22T05:43:27.699278Z","last_seen":"2026-05-30T05:41:36.202091Z","times_seen":3,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":28,"dns":1,"connect":29,"send":0,"wait":102,"receive":108,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"telegram-auth.online/","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"ip":{"addr":"31.31.196.254","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://telegram-auth.online/","date":"2026-05-30T05:41:09.833Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: telegram-auth.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://telegram-auth.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 30 May 2026 05:41:09 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Thu, 28 May 2026 18:04:26 GMT\r\nETag: W/\"bb91d-652e48f11cea2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":768285,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22012)","md5":"a4068b0db971da6fbea71906e260de44","sha1":"3583bef882c703501ca041428d720bd0d227a1b2","sha256":"32d0e81ddc6b5bb8341e87f4245af56e5721509f89d2d4542d90e8353862fd42","sha512":"c612ad0343916017906aef26d63c5e2ae3d8a9f1a32881e485feca36c7cd1d125ff8c03e392251435da255d2538145e656e2b2de9412aa274fa565da96261d80","ssdeep":"6144:a0T9gq5TgX8gscru33oyBsQ70t6o1ysEYfwRXQebnLCNwPdvgJ:r3oyBsQ70t6o1yOfwp1n2J","tlshash":"25f419c8abb02c5ed21b8631ac3f89c6f30a75d4b6fc4407694df791e25e116f226678","first_seen":"2025-11-22T05:43:27.699278Z","last_seen":"2026-05-30T05:41:36.202091Z","times_seen":3,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"files.reg.ru/fonts/inter/Inter-Regular.woff2","fqdn":"files.reg.ru","domain":"reg.ru","tld":"ru"},"ip":{"addr":"194.67.72.33","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://telegram-auth.online/","date":"2026-05-30T05:41:09.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.reg.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 24 Mar 2026 10:56:31 GMT","end":"Fri, 09 Oct 2026 10:56:31 GMT"},"fingerprint":{"sha1":"DB:56:E3:C0:A3:22:98:B6:7A:BB:9D:E2:65:D1:38:1D:AF:24:B5:8C","sha256":"F2:E9:10:F2:BF:5E:6B:A8:94:03:EC:C0:5A:56:25:D8:41:55:BF:82:DA:87:DE:A9:24:F0:8C:68:B6:ED:A5:99"}}},"request":{"raw":"GET /fonts/inter/Inter-Regular.woff2 HTTP/1.1\r\nHost: files.reg.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://telegram-auth.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://telegram-auth.online/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 05:41:10 GMT\r\ncontent-length: 98868\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: http://telegram-auth.online\r\naccess-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *\r\ncontent-security-policy: block-all-mixed-content\r\netag: \"dc131113894217b5031000575d9de002\"\r\nlast-modified: Tue, 25 Oct 2022 11:42:32 GMT\r\nvary: Accept-Encoding, Origin\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mtime: 1666084006\r\nx-request-id: 2d7ec16f107793cb66460f912b6d5a6a\r\nexpires: Fri, 21 May 2027 05:41:10 GMT\r\ncache-control: max-age=30758400\r\ncontent-type: font/woff2\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98868,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 98868, version 1.0","md5":"dc131113894217b5031000575d9de002","sha1":"f96348260751ea78b1d23e9557db297290bdaf28","sha256":"d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6","sha512":"0aa4420c7b7dcc70238371f9d21d521d0673caf4c1883eeb2d3254c5a1dad941f4569f418350ffc61e93303466c504179b90ba0acf008250dc9c2c6ddf6f850b","ssdeep":"1536:kWKd1QBjcSqfPdRBUJEW8yB7F2W4Ob2RdFoEw1r4FM9OcU/0UDTTj:m10zEWfB7GObYof1r5icUH","tlshash":"70a312ac58ffdf34aa65a9fcd27856761094223d83edc0ac90a200c6c7b65794fdcd98","first_seen":"2023-04-05T14:51:38Z","last_seen":"2026-06-08T20:37:58.461847Z","times_seen":22967,"resource_available":false,"data":null}},"time_used":1193,"timings":{"blocked":528,"dns":3,"connect":44,"send":0,"wait":44,"receive":90,"ssl":480},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"files.reg.ru/fonts/inter/Inter-Medium.woff2","fqdn":"files.reg.ru","domain":"reg.ru","tld":"ru"},"ip":{"addr":"194.67.72.33","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://telegram-auth.online/","date":"2026-05-30T05:41:09.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.reg.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 24 Mar 2026 10:56:31 GMT","end":"Fri, 09 Oct 2026 10:56:31 GMT"},"fingerprint":{"sha1":"DB:56:E3:C0:A3:22:98:B6:7A:BB:9D:E2:65:D1:38:1D:AF:24:B5:8C","sha256":"F2:E9:10:F2:BF:5E:6B:A8:94:03:EC:C0:5A:56:25:D8:41:55:BF:82:DA:87:DE:A9:24:F0:8C:68:B6:ED:A5:99"}}},"request":{"raw":"GET /fonts/inter/Inter-Medium.woff2 HTTP/1.1\r\nHost: files.reg.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://telegram-auth.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://telegram-auth.online/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 05:41:10 GMT\r\ncontent-length: 105924\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: http://telegram-auth.online\r\naccess-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *\r\ncontent-security-policy: block-all-mixed-content\r\netag: \"75db5319e7e87c587019a5df08d7272c\"\r\nlast-modified: Tue, 25 Oct 2022 11:42:32 GMT\r\nvary: Accept-Encoding, Origin\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mtime: 1666084004\r\nx-request-id: 2984b275c7f5ede35fa717269a7eb642\r\nexpires: Fri, 21 May 2027 05:41:10 GMT\r\ncache-control: max-age=30758400\r\ncontent-type: font/woff2\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105924,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 105924, version 1.0","md5":"75db5319e7e87c587019a5df08d7272c","sha1":"92b30527304b5dc80f45e997e0b1ac4c70110a18","sha256":"1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6","sha512":"4e556d80b52ddbadddf9287f6cdaef0d12113d0fa4a07728fd67767b97806eba5fa0f82711f71e76ee2875192d7618a9b6c277ceb6d69a30f76ca8e3ebb74aa1","ssdeep":"3072:7Jk35GDAni+UzuVEjLH8MSP02J5E4ZjJffp:7ys0iIEjz8MNGRfp","tlshash":"3ca312f46132150feebafcb00b9354415488ea21d39746ebeb74a5a3644dcdb8ea06c3","first_seen":"2023-04-08T13:53:30Z","last_seen":"2026-06-08T20:35:36.621401Z","times_seen":10229,"resource_available":false,"data":null}},"time_used":1230,"timings":{"blocked":526,"dns":4,"connect":46,"send":0,"wait":132,"receive":45,"ssl":472},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"files.reg.ru/fonts/aeonikpro/AeonikPro-Medium.woff2","fqdn":"files.reg.ru","domain":"reg.ru","tld":"ru"},"ip":{"addr":"194.67.72.33","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://telegram-auth.online/","date":"2026-05-30T05:41:09.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.reg.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 24 Mar 2026 10:56:31 GMT","end":"Fri, 09 Oct 2026 10:56:31 GMT"},"fingerprint":{"sha1":"DB:56:E3:C0:A3:22:98:B6:7A:BB:9D:E2:65:D1:38:1D:AF:24:B5:8C","sha256":"F2:E9:10:F2:BF:5E:6B:A8:94:03:EC:C0:5A:56:25:D8:41:55:BF:82:DA:87:DE:A9:24:F0:8C:68:B6:ED:A5:99"}}},"request":{"raw":"GET /fonts/aeonikpro/AeonikPro-Medium.woff2 HTTP/1.1\r\nHost: files.reg.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://telegram-auth.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://telegram-auth.online/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 05:41:10 GMT\r\ncontent-length: 55388\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: http://telegram-auth.online\r\naccess-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *\r\ncontent-security-policy: block-all-mixed-content\r\netag: \"0214496abecf780ec7172e9eece36b28\"\r\nlast-modified: Wed, 10 Jan 2024 09:49:37 GMT\r\nvary: Accept-Encoding, Origin\r\nx-xss-protection: 1; mode=block\r\nx-request-id: 9eb010a4b2942b6e672fab0db5ecdc33\r\nexpires: Fri, 21 May 2027 05:41:10 GMT\r\ncache-control: max-age=30758400\r\ncontent-type: font/woff2\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55388,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 55388, version 1.0","md5":"0214496abecf780ec7172e9eece36b28","sha1":"2cf85a6851507f103df9676aae30fb99fb713e17","sha256":"26bcacbf03755770f640ef57654f59d119aecd24860d21c41f1ee57db203ebd8","sha512":"e09278cdbff71ae67f5bfd4c75513b16f8328070c1220ef176d29f18da572d1d7c940901f89d37ae8b330773ffb366d73e0e4a3a95223da9241879abbce27ddf","ssdeep":"1536:OeBVOQujjZ8qSUG/PHRU9WJShPPnLX1KV:LBVyfjBGHBJS5Pn70V","tlshash":"b24302d83c05faac579b363c04004e95f349fe5e3666fa974217c89f967683a603ed09","first_seen":"2024-02-26T22:58:28Z","last_seen":"2026-06-08T21:27:47.97959Z","times_seen":2577,"resource_available":false,"data":null}},"time_used":1272,"timings":{"blocked":525,"dns":0,"connect":45,"send":0,"wait":176,"receive":42,"ssl":478},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"telegram-auth.online/favicon.ico","fqdn":"telegram-auth.online","domain":"telegram-auth.online","tld":"online"},"ip":{"addr":"31.31.196.254","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://telegram-auth.online/","date":"2026-05-30T05:41:10.310Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: telegram-auth.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://telegram-auth.online/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Sat, 30 May 2026 05:41:10 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Sat, 30 Aug 2025 21:50:39 GMT\r\nETag: W/\"bbd7c-63d9c211498fc\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":769404,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22012)","md5":"342b2a41c4686aee6ce228bcd32aeb9d","sha1":"f4c5aabc6161ed0020ecd39c5e9cd55ac9097f19","sha256":"06b62f860ee223a886af8852857fbe8c978f8e43fb86841eaa3b0de8d72a68fb","sha512":"801ce8803c5a44143501db49a40b0c33fd6e0b543c31212ba2c3d0bce7e8d0435e735dab0ba45bfdb4cadfb3e4fb27443329a2391de62dc1a461ebee9ed01ef9","ssdeep":"6144:i0T9gq5TgX8gscru33oyBsQ70t6o1ysfAUEPusTCNwPdvgJ:D3oyBsQ70t6o1yuArdeJ","tlshash":"7bf409c8abf02c5e921b86316c3f89c6f30a76d4b6fc4407694df791e25e116f226678","first_seen":"2025-10-15T08:19:41.478891Z","last_seen":"2026-05-30T05:41:36.205185Z","times_seen":9,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}