| telegramhk.com/static/css/style.min.css | 172.67.175.63 | 200 OK | 18 kB |
URL GET HTTP/3telegramhk.com/static/css/style.min.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typegzip compressed data, from Unix Hashe530e27ad37e29ca48c5b76df145176e ec0f91cb9f4bec3f122d475fdffd07e0fe3c3188 09f6765eb4557adda74be66968e3fc48c77efc7eaf0a4eeea220aec39f74a9ec
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/style.min.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-1ae32"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ll3963kmJkCAosHImkKzHNZUry9wxZYduvDWZBwvFDC%2FptefSrdzysgbxTVPjpGoNk%2FO%2BpcMi4GjPViVWZqlbvB17TDWc2UjfFFPnKWOOCJ74y%2B%2Bf62u2Uh%2BkManqBQN%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a67339ea8b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/js/JQuery.js | 172.67.175.63 | 200 OK | 37 kB |
URL GET HTTP/3telegramhk.com/static/js/JQuery.js IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typegzip compressed data, from Unix Hash58ffae2132e0fd02f03df20e2e755493 41fd8e2d1775ae1c249757fc049388d1ee3897b8 e146d15aa76f69881ca4d13f100b72da120e1dbb9c9967d4d02d309380ad6b44
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/js/JQuery.js HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-155a6"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J75C%2F6Scye3mBrNlEebfuoBwm03k5SF%2F4g0rEE3F4qoHpH1fsqonPzwPHH%2FDZzBrjS37To6bFygZ952aGqhmlSUVRIvmWSRtkZ7BcIITxqAhJpjJCVyCOpaY6Co9%2BHUzjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a6733aee4b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/js/lazyload.min.js | 172.67.175.63 | 200 OK | 12 kB |
URL GET HTTP/3telegramhk.com/static/js/lazyload.min.js IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typegzip compressed data, from Unix Hash92eeb7dd773ef7ad649ff6baf15d9896 3f11259242fac0907cc4b8d2e6a022d1bfb21201 828c6a0a05642c4d8e60a647abe55c2ac5157b5ba59d1d16dccad28b6e77242b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/js/lazyload.min.js HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-22bc"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Caap5zql%2FDYZ3te1KYjty%2Fql1US6JdeAKxVB0XpLvgurlMsH7e7nKsvGQ%2BsfL0zgYHJTS1dWpaCkoOvOo%2FOGHZ3PDX1CHd9HSOis9SjHIvKS6qIRr6463Dy6kFKMDPYmCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a6733aef3b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/js/modal.min.js | 172.67.175.63 | 200 OK | 13 kB |
URL GET HTTP/3telegramhk.com/static/js/modal.min.js IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typegzip compressed data, from Unix Hash0dd35bb2ea470e7b74452ee77a1730f6 f9b3b806c9fbf6acde2b2ec9f15a042bc42030c6 6a0c0cd21bd4c4d20771a45d11ad40328516dd38f7b28abcb7dec0ec940d9d8a
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/js/modal.min.js HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-1a39"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cXsIxVbY02fW9emtubqXUZO8KdVxtcjib%2B9BoAqID9bSehakDiA3FGWXZxwaOeybUyuFn7430gcTTs1jQqkodz8BSBVRspMt4gq%2Fyf%2BKq5RHrEpqBZL6557nETcWG7KtDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a6733aeeab4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/js/kk-star-ratings.min.js | 172.67.175.63 | 200 OK | 5.1 kB |
URL GET HTTP/3telegramhk.com/static/js/kk-star-ratings.min.js IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typegzip compressed data, from Unix Hash0e5d80f85dd51c9c7327e1c4f4d0eba4 76f637178917d23f4e2a09b81c6a1826bd06fbed 3372734ddfcf79eddbd9f25afcf0f6e900b5c6326eaa07c2b9171fcbc6fbca07
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/js/kk-star-ratings.min.js HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-54f"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXrnM81eoDLnnq0FF%2FnCPPEizovFPXINlupTYpE9gwRzaTt%2FtusAxJZaeUC7VXAHaYUx78rLP5OPLw41gUOleHcwswyhDFvITBjrkc4umPvs7a06WPHW7eTzll7j35RhvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a6733aef1b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.51.la/js-sdk-pro.min.js | 163.181.157.113 | 200 OK | 13 kB |
URL GET HTTP/2sdk.51.la/js-sdk-pro.min.js IP163.181.157.113:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
CertificateIssuerGlobalSign nv-sa Subject*.51.la Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79 ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (34110) Hash24bb520e9517f2ed3ed987b46aeaf723 846723563d7dd2bff3954f93633b11af0103adc8 d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 12846
date: Sun, 28 Apr 2024 20:09:00 GMT
vary: Accept-Encoding
x-oss-request-id: 662EACDCE144DC3230A0C500
x-oss-cdn-auth: success
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5143829838470429443
x-oss-storage-class: Standard
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
content-encoding: gzip
ali-swift-global-savetime: 1714334940
via: cache15.l2de2[0,0,200-0,H], cache16.l2de2[1,0], ens-cache10.de7[0,0,200-0,H], ens-cache8.de7[1,0]
age: 1014138
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 30 Apr 2024 09:29:08 GMT
x-swift-cachetime: 1161592
access-control-allow-origin: *
timing-allow-origin: *
eagleid: a3b5839c17153490782757435e
X-Firefox-Spdy: h2
|
|
| sdk.51.la/event/js-sdk-event.min.js?u=KNsxLYTnvmFyzGbH | 163.181.157.113 | 200 OK | 21 kB |
URL GET HTTP/2sdk.51.la/event/js-sdk-event.min.js?u=KNsxLYTnvmFyzGbH IP163.181.157.113:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
CertificateIssuerGlobalSign nv-sa Subject*.51.la Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79 ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65308) Hash5b2d813e4bfc861988a078082199b9de aa0be99256f9bb6f12c1e47838e6f822714a380c 927638eed00ada53b754ddd8c200a30ed317d3606f5219d553b2c84eaf992041
GET /event/js-sdk-event.min.js?u=KNsxLYTnvmFyzGbH HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://telegramhk.com
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 21348
date: Sun, 05 May 2024 00:37:23 GMT
vary: Accept-Encoding
x-oss-request-id: 6636D4C31344D1383648E3AB
x-oss-cdn-auth: success
last-modified: Thu, 08 Jun 2023 02:24:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12997830976545422151
x-oss-storage-class: Standard
content-md5: Wy2BPkv8hhmIoHgIIZm53g==
x-oss-server-time: 3
content-encoding: gzip
ali-swift-global-savetime: 1714869443
via: cache12.l2de2[0,0,200-0,H], cache26.l2de2[1,0], ens-cache1.de7[0,0,200-0,H], ens-cache4.de7[0,0]
age: 479635
x-cache: HIT TCP_HIT dirn:12:540852419
x-swift-savetime: Thu, 09 May 2024 17:25:15 GMT
x-swift-cachetime: 889928
access-control-allow-origin: *
timing-allow-origin: *
eagleid: a3b5839817153490784306469e
X-Firefox-Spdy: h2
|
|
| telegramhk.com/static/picture/t_logo.png | 172.67.175.63 | 200 OK | 11 kB |
URL GET HTTP/3telegramhk.com/static/picture/t_logo.png IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hash2c84be4c4dec401d09a64498cbbd382d 1c7053b083d5e59ed5cb4912c5500f39beaf765e 88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/t_logo.png HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/png
content-length: 11449
last-modified: Wed, 20 Mar 2024 16:37:04 GMT
etag: "65fb10b0-2cb9"
expires: Sat, 08 Jun 2024 12:07:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 92614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2FoliSVjl2DiS8C9ILHNNRuZzHH01XbPscm7vItiUsCX878UVAYn9nkhjPZ6MBzr5X4RBtDv%2BfjTmN2olju6fHykiSS%2FQNeHQkMA3Z8tzp2wo7eh1dehYkROuKZycmcZ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673c7dceb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/css/reset.css | 172.67.175.63 | 200 OK | 4.4 kB |
URL GET HTTP/3telegramhk.com/static/css/reset.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typegzip compressed data, from Unix Hashcf7992c84652093d78087fa463da9e5b e7f2e45b0ed2ed0c0a958760c7e593af2402ad36 18e7ca8fbf4e85a74b752ffb06c479a3600255cb73d30476f94d867e690601c9
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/reset.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-2296"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7z1YK0a7AEDNm8aTnnKcfif7hUiTJvVfr2wMFWZBzXj7ClHsGazJuV9rjXDlxg1FvYIKHHefKkIRrNQlPPf4Bq265jSOyIZNUWw5mx6ydRjkn9p3LPuLQGAk5Gst8UNJ8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a67339eb3b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/css/fonts.css | 172.67.175.63 | 200 OK | 190 kB |
URL GET HTTP/3telegramhk.com/static/css/fonts.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
Size190 kB (189882 bytes) Hash8dfcfcb197826cfbdc5d7121770493c9 2b35d13d22f50862a7ad270b9ab21a2eb58c1413 93e07b80bc5bb4001c0ff3e5dde469b622f008228b808a352251883ae2cf7020
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/fonts.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
etag: W/"65fb115f-11b"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKyxM1nehPT1M3fAjh79mogPAj7Ka9mnpPTPh%2Fxan87p0EBjQr25n%2FtkrAqowXtKls%2BFPMpCw7e0yR8i8PX3%2BpA8R5ZyPWi8Lhzs5zBD7EO9qVIQvIYVRtOlAE2CMBU9gA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a67339eb6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/picture/anzhuo.jpg | 172.67.175.63 | 200 OK | 60 kB |
URL GET HTTP/3telegramhk.com/static/picture/anzhuo.jpg IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 580x540, components 3 Hash24f86f2261882ec1716f52ab63a2d86d 45d0d4e93ead12682c2327f2bb64e07aa7a8dc49 197ccf17aa1a5dfab4579f6fabc2fe08eea6338eb371e5ca2739ae6aa5361695
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/anzhuo.jpg HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/jpeg
content-length: 59994
last-modified: Wed, 20 Mar 2024 16:37:30 GMT
etag: "65fb10ca-ea5a"
expires: Sat, 08 Jun 2024 17:25:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 73562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBMJxH2MnH9yBsMjOFYYKe8qvLA8GPoeDttZPjXu%2BbN3ABNLqmlrHOLFR%2Be%2FD9M4RfsOZEKEv04HkaHSgD5pl2rb%2FvbdQH5BZ8YPImrHX3XrPlRR1czu3LBmgPxTbjJjhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673c9decb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 172.67.175.63 | 200 OK | 19 kB |
URL User Request GET HTTP/2IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9462), with CRLF, LF line terminators Hash88601f086000dff05b54ebc41412ea73 77aa97e05eaa00dbba48e690d98300a431eda9f5 d7ca4672093dc97318905342671544be50cff5637934f8690cf1ad8d3e1e53a7
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 13:51:16 GMT
content-type: text/html
last-modified: Wed, 20 Mar 2024 16:43:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qXDa%2F9tW88cCcqIJfBx7qHbciUUsnvGXGXa03PE8vWm3f7ClynzR6Bc2IDQ72tOSdUX4MdSFxWFKZ9UiEZLi3XrqT9nAiPQlKGhVgMHU9JluxXSrdOFLnX7HBgnD%2BGXWNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a672f984956aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| telegramhk.com/static/picture/jiandan.gif | 172.67.175.63 | 200 OK | 2.4 MB |
URL GET HTTP/3telegramhk.com/static/picture/jiandan.gif IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeGIF image data, version 89a, 512 x 512 Size2.4 MB (2415534 bytes) Hashcbd2d6af702cab22fb23c7d159abc428 c0b6c9da2c8da897c00df0a6569d2fd2540dbc1f 58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/jiandan.gif HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/gif
content-length: 2415534
last-modified: Wed, 20 Mar 2024 16:37:09 GMT
etag: "65fb10b5-24dbae"
expires: Sat, 08 Jun 2024 12:07:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 92614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fxSWMU5NuB6lY5FrJM8DAoKOM3f2s2H7j7mXNvJYNtTMefmnFfR2qvreso7vjhnURlyUINSShHuY6XOLSnKGK3q66un7t1uAV8PC6xIJEmhrIfboJfJJZRz3HyD7Z4CQLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673c9dfcb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/font/AlibabaPuHuiTi-2-55-Regular.ttf | 172.67.175.63 | 200 OK | 8.4 MB |
URL GET HTTP/3telegramhk.com/static/font/AlibabaPuHuiTi-2-55-Regular.ttf IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeTrueType Font data, digitally signed, 17 tables, 1st "DSIG", name offset 0x7b9c00 Size8.4 MB (8449680 bytes) Hash7d731481e9c4c5be457ebf734ae9ba61 c0eaa72326b48da628c8ef83e40d970fbd27bff2 a22ad467d9d6b4c9a0b2e033927ed41592743c987546a7397215ce96b850743b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/font/AlibabaPuHuiTi-2-55-Regular.ttf HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/static/css/fonts.css
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: application/octet-stream
content-length: 8449680
last-modified: Wed, 20 Mar 2024 16:39:15 GMT
etag: "65fb1133-80ee90"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KhY0fgg05kYNLyCTeduMnPGgSSvu1PiI6rjaOudSXUM%2Fa1rnU%2FH0J%2B4A1WlKQrm%2B24OtyCTQRhDE5QBSZ12neC7ojCO7bg94azCEMeFIbuvmQHpZdu3sNoG2%2FQMrC5mREQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673c0cd4b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| collect-v6.51.la/v6/collect?dt=4 | 163.181.154.138 | 403 Forbidden | 0 B |
URL POST HTTP/1.1collect-v6.51.la/v6/collect?dt=4 IP163.181.154.138:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
CertificateIssuerGlobalSign nv-sa Subject*.51.la Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79 ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 380
Origin: https://telegramhk.com
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: Tengine
Content-Length: 0
Connection: keep-alive
Date: Fri, 10 May 2024 13:51:18 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://telegramhk.com
Access-Control-Allow-Credentials: true
Ali-Swift-Global-Savetime: 1715349078
Via: cache26.l2de2[182,182,403-0,M], cache26.l2de2[183,0], ens-cache1.gb4[200,200,403-1280,M], ens-cache1.gb4[201,0]
Cache-Control: no-cache
Age: 0
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-Error: orig response 4XX error
X-Swift-SaveTime: Fri, 10 May 2024 13:51:18 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: a3b59a9517153490787413012e
|
|
| telegramhk.com/static/css/kk-star-ratings.min.css | 172.67.175.63 | 200 OK | 2.0 MB |
URL GET HTTP/3telegramhk.com/static/css/kk-star-ratings.min.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typegzip compressed data, from Unix Size2.0 MB (2036409 bytes) Hash67f1fd5d94b592ebee75a79e4f679963 947d04d6a77e8c9b0efe5a2e2cc1259c2f86dbfa 0159a568a2b66c7690aed3c22d16d25492aeaf8dc7aa339d09216bd3af69ca35
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/kk-star-ratings.min.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-91d"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0qJo7PFsX%2B81l%2BpmburhwhODhjx8wY3KeFeSr7Sag9D4gPJCgJgcrHZX1fjrfyDoIRiidQ47YKGWKFxeYEET1zLtAvDTvdLSaCD87U6VK5P250fs45iP9%2BY483rjmijSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a67339eaeb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/file/t_main_Android_demo.mp4 | 172.67.175.63 | 206 Partial Content | 251 kB |
URL GET HTTP/3telegramhk.com/static/file/t_main_Android_demo.mp4 IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeISO Media, MP4 v2 [ISO 14496-14] Size251 kB (250838 bytes) Hash36bebc24f7516d37cbfbb4ee2aedf6f6 c40bb63cbe7c48f67faf8db89240fd60f912e1ce 03b2ae439d25e00e297b01942883f4ef8a6a5c87e01dd0faec6f1eef24b92816
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/file/t_main_Android_demo.mp4 HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Fri, 10 May 2024 13:51:18 GMT
content-type: video/mp4
content-length: 250838
last-modified: Wed, 20 Mar 2024 16:39:56 GMT
etag: "65fb115c-3d3d6"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-range: bytes 0-250837/250838
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIQcoeMv4G5qtcyw3Dlkb9FeVsg%2BMRxa1ZD%2BdOVPkEA5mXJpqDVWABV69aQDgOOJbaCA%2FA0MKBQ%2FptwhjOvNElX%2F99ozYtwb1heDaOd7xmAJ9NV5x8HicjNnAxb9XGD6YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673c5d92b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/file/t_main_iOS_demo.mp4 | 172.67.175.63 | 206 Partial Content | 245 kB |
URL GET HTTP/3telegramhk.com/static/file/t_main_iOS_demo.mp4 IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeISO Media, MP4 v2 [ISO 14496-14] Size245 kB (244748 bytes) Hash91daa37e09df8b688f7832e7d6d80aa6 fc59e29275e98dd5dce1efc9b982ec1ba5ad4276 eaf99fdddbab6953d53df2a7e81b5275e90e221e0a7ebd3d99f42cf4b6aba6d2
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/file/t_main_iOS_demo.mp4 HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Fri, 10 May 2024 13:51:18 GMT
content-type: video/mp4
content-length: 244748
last-modified: Wed, 20 Mar 2024 16:39:56 GMT
etag: "65fb115c-3bc0c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-range: bytes 0-244747/244748
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sEkgeWqRyze%2FuYhB%2FW7FQ1skXNfbNw8QEGucRTVE5YA%2BvCroRrUEEnWjPZx49JDJVXtKmET4f8P8%2B9GB3ja%2BYHsUP%2FYiEh7%2FNxWbuWgbPgKits%2F45T8CZlFQj5g493QnWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673c5da4b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/picture/simi.gif | 172.67.175.63 | 200 OK | 2.2 MB |
URL GET HTTP/3telegramhk.com/static/picture/simi.gif IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeGIF image data, version 89a, 512 x 512 Size2.2 MB (2202471 bytes) Hash9f6cb1e0d2a29541764755e05b484de7 d443f92ed7059a30db98857f6c5c290589ebfe24 abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/simi.gif HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/gif
content-length: 2202471
last-modified: Wed, 20 Mar 2024 16:37:16 GMT
etag: "65fb10bc-219b67"
expires: Sat, 08 Jun 2024 12:07:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 92614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkIydtDehTybQMZ37Eu2oWGYExonNpRF7qzzwnsFfOtsc3l8DXJub7NNE1birOAA6kFaFkKEcndsfkkXVJ1MHgXzMupwNyepQ%2Fi%2BtivNwCEHNKW18491y3u4u3JAyO%2F92Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673d2eb7b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/picture/d3.gif | 172.67.175.63 | 200 OK | 2.3 MB |
URL GET HTTP/3telegramhk.com/static/picture/d3.gif IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeGIF image data, version 89a, 512 x 512 Size2.3 MB (2254846 bytes) Hash999ccb074c15d6377f97302832038c14 c08b94482ad5540f68a896f30cc890474c058e1d 15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/d3.gif HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/gif
content-length: 2254846
last-modified: Wed, 20 Mar 2024 16:37:14 GMT
etag: "65fb10ba-2267fe"
expires: Sat, 08 Jun 2024 12:07:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 92614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dHXpDWIej7PCoyb%2Fm8uQX53qSM%2FDFy3kufauTv8k%2FIQIdSJvnIEeT%2F4tapNQyBujsYU37AbWnUCZmpOmz0GjUt4U%2Bggv2qeuKjvHGD8bnTZ5yCSmFh9Mxid59xWjahT8pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673d2ebab4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/css/header.css | 172.67.175.63 | 200 OK | 3.4 MB |
URL GET HTTP/3telegramhk.com/static/css/header.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typegzip compressed data, from Unix Size3.4 MB (3423338 bytes) Hash0ffe588ac07d6fde49313e231b883ce5 ee9238ac865181a73c6d1761c3b73881db656592 c22fe2c55d4c1f9b5f8d9571f9a23cdd211df705f47d14725c638f816b4e2310
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/header.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-c5b"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5f2N0ViBCc4BcxhtPyQKORvMvc3imxKLIIvzpHKW%2B44kj6%2F8%2BMwWsWWOh4CkRddTiqPTTq4TplK5CTquk44WglJZxvWUqrGdilpbHuLkktQxiN9hJGt74Fihr0bPuxdzEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a67339eb7b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/css/wen.css | 172.67.175.63 | 200 OK | 2.0 MB |
URL GET HTTP/3telegramhk.com/static/css/wen.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typegzip compressed data, from Unix Size2.0 MB (2004736 bytes) Hash5d80496252b2840e1964353a9e9a1e96 430dd12b2f5e5e7579d6084442bca9f992d47286 c46646ebd90d55afeb28915402b62978354edb820738e9991021dc61eabcb1ac
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/wen.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-26f9"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRz0x%2F%2FkfjOqFZm12%2FqrmLrbs%2FEwxKNv4RJ2wOxZEFobqcmvBt0iIkFU8vGnkYL%2BnsiF9q01bN7aTq%2BgReRCHUV30YpYe2QQKE5ZonQ6nGKMOOnfJg%2FXsNQCRe6bik%2B9bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a67339ec3b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/picture/d6.gif | 172.67.175.63 | 200 OK | 2.4 MB |
URL GET HTTP/3telegramhk.com/static/picture/d6.gif IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeGIF image data, version 89a, 512 x 512 Size2.4 MB (2424803 bytes) Hash14c0a01070573bc00e0f462023e8162f 8d8725f9bdbe99060b86e0a03434bb5c4e3be8af 116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/d6.gif HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/gif
content-length: 2424803
last-modified: Wed, 20 Mar 2024 16:37:08 GMT
etag: "65fb10b4-24ffe3"
expires: Sat, 08 Jun 2024 12:07:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 92614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cbfvGcQwkstYoOQTx0Audwe9mzaqJ%2Ba6WkpwABJT8iVL69AXVQJ94zRjuF9W2MvaXac7mQRx7wLNEyPuHLKWKKySXlW5Mm%2FrTgolzuv7g%2FKRjTsZFd95XisnCSXyrbIn7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673d2ebfb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/js/faq-schema-ultimate-public.js | 172.67.175.63 | 200 OK | 8.8 kB |
URL GET HTTP/3telegramhk.com/static/js/faq-schema-ultimate-public.js IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeJavaScript source, ASCII text Hash49cea0a781874a962879c2caca9bc322 72c1650de2b93ef320d2db873fbb473fe360269c 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/js/faq-schema-ultimate-public.js HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
etag: W/"65fb115f-346"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FGRaaUDLUNkhr%2FmbjE0UctAP8VnEXCXYE5puGlhrSA6zdCNqdhNMKQzuy6WlufOBU9%2FdD0lGaLljxUEyKJeJ6cen%2FLLlkEsfjW9IOWchE%2BlKowA07Q2UAj5pPwd0hNQNJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a6733aedeb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/favicon.ico | 172.67.175.63 | 200 OK | 20 kB |
URL GET HTTP/3telegramhk.com/favicon.ico IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hash2c84be4c4dec401d09a64498cbbd382d 1c7053b083d5e59ed5cb4912c5500f39beaf765e 88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:21 GMT
content-type: image/x-icon
last-modified: Wed, 20 Mar 2024 12:01:17 GMT
etag: W/"65fad00d-2cb9"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFw4GsYtM%2BTiYu07drFvXteyFlvnVTiuiFpDX236MMOuOOivIREYpfuuNdbmJgMg1CsTNJMCqbL2Z3SVVwe2MBMPgFjPUdrwv2OZH0ifnQ0U0Pih3%2BpifJx%2BlZLAnPGSTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a674b0b4fb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/page/2 | 172.67.175.63 | 404 Not Found | 7.8 kB |
IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /page/2 HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Fri, 10 May 2024 13:51:23 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y4Z4HLniZxjvRDdofq8boo9iiw2MLj4ToGOeptXXNbV1F5Vm6lGH0ednKoOB6QD95eveSCrdciAXeKxXem1M2u0yDJHLncqoAK9bvSU%2BUl5GR7hMgVR2eK%2Bfx7bAwr%2BdHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a67598b06b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/js/jquery.min.js | 172.67.175.63 | 200 OK | 88 kB |
URL GET HTTP/3telegramhk.com/static/js/jquery.min.js IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/js/jquery.min.js HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-15601"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MWBoHystxG8C%2F0QWWHnYouWfWM7Oe1rBW7ravU67A9ejCqnX%2FhCkSN4%2Bk8qYQzDWZdxiYiE6v30Q3li2bnwLJtoUvu63HRxi9ZI7QCwRmJSHajnz07xslVuB4%2FNAsrwsgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a6733aed6b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/picture/td_laptop.png | 172.67.175.63 | 200 OK | 190 kB |
URL GET HTTP/3telegramhk.com/static/picture/td_laptop.png IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typePNG image data, 840 x 487, 8-bit/color RGBA, non-interlaced Size190 kB (189734 bytes) Hash40d4266e5aadc87cceec1ab420dc2692 266c56990a106b6e9efb0f9ef2a1a752aa6fa0fc 3a1d4890b3e91a01c20c65b75f1ae028e3c445cad1fd2d249dd0868876dfe4b4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/td_laptop.png HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/png
content-length: 189734
last-modified: Wed, 20 Mar 2024 16:37:04 GMT
etag: "65fb10b0-2e526"
expires: Sat, 08 Jun 2024 12:07:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 92614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RdDIBiUXMiQPGbd10SCdtC1NVBwSAVQcTy%2FORTWUyH3EHUC3FUOUhwL3CAiNkKy3tvEsL7rr1B2FlMM0%2BQWcMrTKae3%2FUYyJoAbwfl779PCLEU3zUUtMjPTN5CUI3ExEvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673c8ddbb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/picture/d4.gif | 172.67.175.63 | 200 OK | 3.4 MB |
URL GET HTTP/3telegramhk.com/static/picture/d4.gif IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
Size3.4 MB (3422486 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/d4.gif HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/gif
content-length: 3422486
last-modified: Wed, 20 Mar 2024 16:37:15 GMT
etag: "65fb10bb-343916"
expires: Sat, 08 Jun 2024 12:07:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 92614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2HKQIEdZWKrNTxP6J6c6muS8WzM9pQjX8yXW7lG2MDI4cTwZjKNMUQ9wyI%2BLoEqzk%2FKZ%2Fch9%2F6YL1bhANsUeiEfMjz7sUUQpfNRssXKZJ%2Bcu6VM8hUoC1UdZZv1b1jgPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673d2ebdb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/css/footer.css | 172.67.175.63 | 200 OK | 2.4 kB |
URL GET HTTP/3telegramhk.com/static/css/footer.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeASCII text, with very long lines (2499), with no line terminators Hash3cd26853aeca9a93d8991c4fbf80467f d948a454c580550304b9e861eb6755891aec3b8a 64193f7c864fd74e6450a364558c41d1b7ad5fcfb8451d516d86859bb55b6a44
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/footer.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-944"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GEKObfd35tbrgiMJPNwhYVPRVLA4IlzWrISai13ZohL4mKpKsOEU1rCgQRv63k3Fzwx2zgKMTa%2FCpnUZReBhIGFWoEcuCTQ7k5X8rFmcvjidqkbERZxENEBVslp%2Bpy6B2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a67339ebdb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/css/modal.min.css | 172.67.175.63 | 200 OK | 2.4 kB |
URL GET HTTP/3telegramhk.com/static/css/modal.min.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeASCII text, with very long lines (2391), with no line terminators Hash4539c7f626b884d194ebf9bccb052e0f 49032c6e12e2d7ad1b8d16e831823df6bdb1e75a 33db771837adf19619f9c740ca4954e9389336aa7c2cab673044fdbbae203825
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/modal.min.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-957"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BCqIfUWKQU0xnPmC7Q%2FK3mHJdE%2FMPgnXwUxAamqQTFHvA8HARWEQM2Z2oMS9SgmUeVg9YNJ9xa%2BLOR2bNcGCHAdeOVtk1GMWFLZAV7ZCpdQvWznQzWILCWnebM%2BYZsBaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a67339ed0b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/picture/zhongwen_a.png | 172.67.175.63 | 200 OK | 1.5 kB |
URL GET HTTP/3telegramhk.com/static/picture/zhongwen_a.png IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typePNG image data, 26 x 24, 8-bit/color RGBA, non-interlaced Hash5ef37dda1cf34c87e1d8df3d3ad892d3 e3409fd1acf4a44ed0d5a0655aae8dc036e49a14 3f4916d4dd945744b333087f7dce11b59455de86127eb34bf45970b59ab5187c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/zhongwen_a.png HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/png
content-length: 1483
last-modified: Wed, 20 Mar 2024 16:37:04 GMT
etag: "65fb10b0-5cb"
expires: Sat, 08 Jun 2024 12:07:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 92614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2w0HtnrwhSj4HqYMACrPTkjbKrsxkutFwD4mWqTk2LpxVFJ6PqgbQd0fkob4wOUUnwdtY8bMAiPXGaIu5GQox%2BGQ93Ykwog%2BfYtaaYkF2hWpDEzsK7Q%2FLdZJoMyCswM5UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673c9de8b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/font/AlibabaPuHuiTi-2-105-Heavy.ttf | 172.67.175.63 | 200 OK | 2.0 MB |
URL GET HTTP/3telegramhk.com/static/font/AlibabaPuHuiTi-2-105-Heavy.ttf IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
Size2.0 MB (2035700 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/font/AlibabaPuHuiTi-2-105-Heavy.ttf HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/static/css/fonts.css
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: application/octet-stream
content-length: 2035700
last-modified: Wed, 20 Mar 2024 16:39:13 GMT
etag: "65fb1131-1f0ff4"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5dnu6aLWs5bI3J0GYMudwptXtuyK7urnSM0AED50KAsaHN6A8KnF9DumvRS1AYGQkYFE8kMdBEK2UI2yvvxrtDyz3BSrdWCn451wTrIcxTDYjU13VTVF22H%2BUErWL3Lwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673c1ce7b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/picture/d5.gif | 172.67.175.63 | 200 OK | 2.0 MB |
URL GET HTTP/3telegramhk.com/static/picture/d5.gif IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
Size2.0 MB (2002471 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/d5.gif HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/gif
content-length: 2002471
last-modified: Wed, 20 Mar 2024 16:37:19 GMT
etag: "65fb10bf-1e8e27"
expires: Sat, 08 Jun 2024 12:07:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 92614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPo5PwnBNTu%2BKaKlZNgMIswPk12ZCxvjM7Ennt7ALT%2BR%2BEbZAfN%2F45h8Fd1pdDQK8oqo2m9huexd79mchMOR%2Fc6udbqbwFaMDzej7UlCCzmymZxq5ZgwzkXOETuIsnoM8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673d2ebeb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/js/jquery-migrate.min.js | 172.67.175.63 | 200 OK | 14 kB |
URL GET HTTP/3telegramhk.com/static/js/jquery-migrate.min.js IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/js/jquery-migrate.min.js HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-3509"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AS7Ibb%2Fd7bAhPJA4yeLlvMZIsiC%2FGYEBCUAngBTOmqFb3MyrAVue%2FcP2hTGNEQ6fTz%2BwZ83uf3CoJi9BrxMY1BL9MA%2BhIPqV%2BsXmaZOtsCl3apWW%2B3azsTVYPyZ5VzVghQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a6733aed8b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/picture/twitter_2x.png | 172.67.175.63 | 200 OK | 1.8 kB |
URL GET HTTP/3telegramhk.com/static/picture/twitter_2x.png IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typePNG image data, 42 x 34, 8-bit/color RGBA, non-interlaced Hash0946d1815d70d8718b27b655adcdca48 82c082061ca48f6046b82b5f079d1679ec2efa23 ecf8b3e71463f374da983ceec053e78a11896e5cf2cc1da1cad7cbc8c9f1c0cf
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/picture/twitter_2x.png HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Cookie: __vtins__KNsxLYTnvmFyzGbH=%7B%22sid%22%3A%20%2218d11dc1-7604-5ae3-a4be-43c565ebe41e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715350878341%2C%20%22ct%22%3A%201715349078341%7D; __51uvsct__KNsxLYTnvmFyzGbH=1; __51vcke__KNsxLYTnvmFyzGbH=71341bab-cc7a-580d-8c50-d3e38b3e69a5; __51vuft__KNsxLYTnvmFyzGbH=1715349078345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:18 GMT
content-type: image/png
content-length: 1768
last-modified: Wed, 20 Mar 2024 16:37:04 GMT
etag: "65fb10b0-6e8"
expires: Sat, 08 Jun 2024 12:07:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 92614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fUjV17gJWxNMTrTjcJpcgDu49TtdGkWG1SRVsyd9k9KOVV2O5OZmSCNpvwsFvtuZVH8YXV7fW3e9exgF5qVI%2FL036oSMrKRX0MvU83cM10WkHE7XQ7q14YSLDdiQL9Wa8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a673c7dd3b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/css/index.css | 172.67.175.63 | 200 OK | 8.6 kB |
URL GET HTTP/3telegramhk.com/static/css/index.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeUnicode text, UTF-8 text, with very long lines (8892), with no line terminators Hasha22d6c82ed907679b48cef8e9dec0cbd 17cf9b5f8648422dfc3db6667376bf35c62cd6ce 3f44315c4b505ae56f6a851825b43d7f001ca09a4240c78f9592e9e1d93ef569
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/index.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-2194"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P86mf5ddUyq%2BWfyHdkwWWHoY%2FdxZNBgoVS6VvEXUxiX%2FJW%2F7k0%2BpokQ3tMSM%2B%2BwBzsEfyeNhmJ43tXl6kl6a8k7gdogbUBnKAvqc0%2FrPQagncR9%2BhknyfC5XTEek%2BrGKpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a67339ec1b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/css/faq-schema-ultimate-public.css | 172.67.175.63 | 200 OK | 98 B |
URL GET HTTP/3telegramhk.com/static/css/faq-schema-ultimate-public.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
File typeASCII text, with no line terminators Hash24c4b6db393b6cc1211eb2ddcc03de39 37d2659972d29e14c9d978d92fe384fec5591c65 13cbd0ed90c5dc8d96a52d2e40da4f77ac7aae629770b173c551da057a914fa3
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/faq-schema-ultimate-public.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
etag: W/"65fb115f-62"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sADHKbXU0%2FEFYYheDVyjyQC3iFFVBLw%2BB0IR9V%2B%2FsNupFduFF0arxTPsg14hrFJe07n7ZjLXYHtJlBMyLkBMzDT7SceUCTN6CFJQ%2FehxWGv1e2eyRyRjDvQGXtVPRHjoJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a67339eabb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegramhk.com/static/css/bost.css | 172.67.175.63 | 200 OK | 46 kB |
URL GET HTTP/3telegramhk.com/static/css/bost.css IP172.67.175.63:443
CertificateIssuerGoogle Trust Services LLC Subjecttelegramhk.com Fingerprint9A:A3:BA:FF:68:AA:C8:B1:D2:E6:FB:E5:83:43:BD:73:E3:7B:70:40 ValidityWed, 20 Mar 2024 10:34:25 GMT - Tue, 18 Jun 2024 10:34:24 GMT
Hashd13a823168a50734ff00bbddd69f1d6c f3e1f9da65d6c7d5b4afea57e5de2f079688decc 66ac0fdf7cc345bb3feb9eeafbab724bf674a9187de2f974e81da8c3bffe882d
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /static/css/bost.css HTTP/1.1
Host: telegramhk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegramhk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:51:17 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 16:39:59 GMT
vary: Accept-Encoding
etag: W/"65fb115f-b2eb"
expires: Sat, 11 May 2024 01:51:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0G5SyWRG23ZRhpmf%2FpRk9%2BPzopF3o%2FR3wTd5lOBC2RnDXLz2XbmpwnTISWs5W44tpr%2FgbvsLXG4UvVTjXc%2FccSmzH858tMC6wagghHBF4%2FMAlsMGRAfFTaLafvi8oXqLUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881a67339ec8b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|