Report - telegromj.com/

Report Overview

Submitted URL
telegromj.com/
IP
45.64.52.26
ASN
#64050 BGPNET Global ASN
Submitted
2024-04-20 04:51:12
Access
public
Website Title
Telegram
Final URL
telegromj.com/
Tags
telegram phishing
urlquery detections
Phishing - Telegram

Detections

urlquery
7
Network Intrusion Detection
0
Threat Detection Systems
58

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
zws2.web.telegram.org	144268	2003-12-15	2021-06-24	2024-04-18	583 B	220 B	149.154.167.99
telegromj.com	unknown	unknown	No data	No data	13 kB	2.3 MB	45.64.52.26
telegram.me	11938	2014-01-07	2013-10-13	2024-04-18	419 B	515 B	149.154.167.99
t.me	6552	2010-05-20	2015-06-29	2024-04-19	412 B	470 B	149.154.167.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram
2024-04-19	medium	telegromj.com/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	telegromj.com/redirect.js	325 B	2023-07-27	2024-05-03
Pretty URL telegromj.com/redirect.js IP 45.64.52.26 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-27 09:32:34 Last Seen2024-05-03 05:37:04 Times Seen204 Hash 17773b57b87a678c98e26a7cac72df6c 7422857aa75ee81cabcec2eed6c4a6168f363ee1 375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f Loading...

	telegromj.com/main.bcfddf515958c318bae6.js	383 kB	2024-03-20	2024-05-03
Pretty URL telegromj.com/main.bcfddf515958c318bae6.js IP 45.64.52.26 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 16:46:41 Last Seen2024-05-03 05:37:04 Times Seen65 Hash 6c64bf843a757b3182f86021b4584267 0ac99edc6bf5c94961a61aea4c4ef38fc1e7fa37 96fc4ea1bec90c26a9bdbf53ced2d7e379c7c5bd478ffbcc100b16ef5b936617 Loading...

	telegromj.com/1915.7c097c4f98f78164d509.js	18 kB	2024-01-25	2024-05-02
Pretty URL telegromj.com/1915.7c097c4f98f78164d509.js IP 45.64.52.26 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-25 07:46:59 Last Seen2024-05-02 00:52:39 Times Seen77 Hash da88a8550ef58d5fed48f5d54f88ee08 51fe5562057d56bfeda2d6bb6ed3ecb449cfd927 207f18121e4a48210dd0aff08d57b1fb9af346a17e38d57d60be15a7f5c733f4 Loading...

	telegram.me/_websync_?authed=0&version=10.4.5+A	4 B	2023-03-07	2024-05-03
Pretty URL telegram.me/_websync_?authed=0&version=10.4.5+A IP 149.154.167.99 ASN #62041 Telegram Messenger Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-05-03 06:46:40 Times Seen23477 Hash b326b5062b2f0e69046810717534cb09 5ffe533b830f08a0326348a9160afafc8ada44db b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b Loading...

	telegromj.com/3748.0fa60c5a44d4b42a0115.js	9.8 kB	2024-01-25	2024-05-03
Pretty URL telegromj.com/3748.0fa60c5a44d4b42a0115.js IP 45.64.52.26 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-25 07:46:59 Last Seen2024-05-03 05:37:04 Times Seen80 Hash 02161e4617efa57e5c0ab5ae61300dcd bc99b5da6161b06d78a7f88119cd45f2dd826fbe 46ff1f7377f83f6826433319f1a08efbebd39b4eef483c4924416a80df01a73c Loading...

	telegromj.com/6839.01a53cbedf5d86d252ec.js	46 kB	2023-10-19	2024-05-02
Pretty URL telegromj.com/6839.01a53cbedf5d86d252ec.js IP 45.64.52.26 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-19 01:38:58 Last Seen2024-05-02 00:52:39 Times Seen127 Hash 2075f46f0950d8614b73045505b7aafc 34da1902bc42580deab249ac8ef5c4901d243a43 f693fccbb0f64594079d492db05d3bced69a6c6cab7514d4b78733570fd592a1 Loading...

	telegromj.com/compatTest.js	927 B	2023-07-27	2024-05-03
Pretty URL telegromj.com/compatTest.js IP 45.64.52.26 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-27 09:32:34 Last Seen2024-05-03 05:37:04 Times Seen173 Hash 8d3c978142adca439569a4e8e809f193 2b23f728dc23ca4fdaeaee01acd48cc316e1a278 c4691c694cc9ec2c292557bab2b88f1c7476b56b1eb4df50340264b0efb9db4f Loading...

HTTP Transactions (32)

URL IP Response Size

telegromj.com/compatTest.js

45.64.52.26

200 OK

927 B

URL GET HTTP/2
telegromj.com/compatTest.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
JavaScript source, ASCII text
Size
927 B (927 bytes)
Hash
8d3c978142adca439569a4e8e809f193
2b23f728dc23ca4fdaeaee01acd48cc316e1a278
c4691c694cc9ec2c292557bab2b88f1c7476b56b1eb4df50340264b0efb9db4f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /compatTest.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:47 GMT
content-type: application/javascript
content-length: 927
last-modified: Thu, 18 Jan 2024 21:12:24 GMT
etag: "65a99438-39f"
expires: Sat, 20 Apr 2024 16:50:47 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/redirect.js

45.64.52.26

200 OK

325 B

URL GET HTTP/2
telegromj.com/redirect.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
ASCII text
Size
325 B (325 bytes)
Hash
17773b57b87a678c98e26a7cac72df6c
7422857aa75ee81cabcec2eed6c4a6168f363ee1
375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /redirect.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:47 GMT
content-type: application/javascript
content-length: 325
last-modified: Thu, 18 Jan 2024 21:12:24 GMT
etag: "65a99438-145"
expires: Sat, 20 Apr 2024 16:50:47 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegram.me/_websync_?authed=0&version=10.4.5+A

149.154.167.99

24 B

URL GET
telegram.me/_websync_?authed=0&version=10.4.5+A
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

Requested by
https://telegromj.com/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.me
FingerprintCA:AA:65:FE:33:CD:9C:CC:BB:2D:14:C7:05:66:C5:F7:7C:8D:63:2E
ValidityWed, 20 Sep 2023 01:49:33 GMT - Mon, 21 Oct 2024 01:49:33 GMT

File type
ASCII text, with no line terminators
Size
24 B (24 bytes)
Hash
b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

HTTP Headers

GET /_websync_?authed=0&version=10.4.5+A HTTP/1.1
Host: telegram.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: application/json; charset=utf-8
content-length: 24
set-cookie: stel_web_auth=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; samesite=None; secure; HttpOnly
stel_web_force=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; samesite=None; secure; HttpOnly
pragma: no-cache
cache-control: no-store
content-encoding: gzip
strict-transport-security: max-age=35768000
X-Firefox-Spdy: h2

t.me/_websync_?authed=0&version=10.4.5+A

149.154.167.99

200 OK

4 B

URL GET HTTP/2
t.me/_websync_?authed=0&version=10.4.5+A
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://telegromj.com/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.t.me
FingerprintD7:CC:2A:92:7B:DC:AE:6A:D7:92:51:20:49:AD:3B:AC:F9:27:F8:16
ValidityFri, 06 Oct 2023 19:50:31 GMT - Wed, 06 Nov 2024 19:50:31 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

HTTP Headers

GET /_websync_?authed=0&version=10.4.5+A HTTP/1.1
Host: t.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: application/json; charset=utf-8
content-length: 4
set-cookie: stel_web_auth=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; samesite=None; secure; HttpOnly
stel_web_force=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; samesite=None; secure; HttpOnly
pragma: no-cache
cache-control: no-store
strict-transport-security: max-age=35768000
X-Firefox-Spdy: h2

telegromj.com/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2

45.64.52.26

200 OK

11 kB

URL GET HTTP/2
telegromj.com/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11016, version 1.0
Size
11 kB (11016 bytes)
Hash
15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telegram
OpenPhish	phishing	Telegram

HTTP Headers

GET /KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/main.4087993f942398d56511.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: font/woff2
content-length: 11016
last-modified: Sat, 09 Mar 2024 09:10:32 GMT
etag: "65ec2788-2b08"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/chat-bg-br.f34cc96fbfb048812820.png

45.64.52.26

200 OK

1.9 kB

URL GET HTTP/2
telegromj.com/chat-bg-br.f34cc96fbfb048812820.png
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGB, non-interlaced
Size
1.9 kB (1920 bytes)
Hash
ff2989744d4813c906047582226abd28
41b973276f7a99af05115b89b401aceb02f573c8
3151f7930d821bccf4a76cbbe4a3533e2b56bdff696f260c864ab639ac7526ea

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telegram
OpenPhish	phishing	Telegram

HTTP Headers

GET /chat-bg-br.f34cc96fbfb048812820.png HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/main.4087993f942398d56511.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: image/png
content-length: 1920
last-modified: Sat, 09 Mar 2024 09:10:32 GMT
etag: "65ec2788-780"
expires: Mon, 20 May 2024 04:50:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/

45.64.52.26

200 OK

274 kB

URL User Request GET HTTP/2
telegromj.com/
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
gzip compressed data, from Unix
Size
274 kB (274046 bytes)
Hash
5166d8f3653307308c80a3b0fcda00a2
f27c10753e30ecd59154b88d564906b21e0ea8a6
7b6756ca024f007bf1c7ec8f9d7e7986b864ee2a9246e35a8e28ce8e71e78b2b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET / HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:47 GMT
content-type: text/html
last-modified: Sun, 10 Mar 2024 09:34:26 GMT
vary: Accept-Encoding
etag: W/"65ed7ea2-c50"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2

45.64.52.26

200 OK

11 kB

URL GET HTTP/2
telegromj.com/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11056, version 1.0
Size
11 kB (11056 bytes)
Hash
07db243db21ed0a6b4ff05ff429686b7
5d62925fdd7ed8e80f206d095ed093994f13d276
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telegram
OpenPhish	phishing	Telegram

HTTP Headers

GET /KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2 HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/main.4087993f942398d56511.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: font/woff2
content-length: 11056
last-modified: Sat, 09 Mar 2024 09:10:32 GMT
etag: "65ec2788-2b30"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/notification.mp3

45.64.52.26

206 Partial Content

11 kB

URL GET HTTP/2
telegromj.com/notification.mp3
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo
Size
11 kB (10880 bytes)
Hash
eba09b6a457792c52fc610b5f9f974b3
95e6e0f7648e28ea21bc434054ea59aba3a35aea
86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /notification.mp3 HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: audio/mpeg
content-length: 10880
last-modified: Thu, 18 Jan 2024 21:12:24 GMT
etag: "65a99438-2a80"
strict-transport-security: max-age=31536000
content-range: bytes 0-10879/10880
X-Firefox-Spdy: h2

telegromj.com/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2

45.64.52.26

200 OK

11 kB

URL GET HTTP/2
telegromj.com/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11056, version 1.0
Size
11 kB (11056 bytes)
Hash
07db243db21ed0a6b4ff05ff429686b7
5d62925fdd7ed8e80f206d095ed093994f13d276
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telegram
OpenPhish	phishing	Telegram

HTTP Headers

GET /KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2 HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/main.4087993f942398d56511.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: font/woff2
content-length: 11056
last-modified: Sat, 09 Mar 2024 09:10:32 GMT
etag: "65ec2788-2b30"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2

45.64.52.26

200 OK

11 kB

URL GET HTTP/2
telegromj.com/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11016, version 1.0
Size
11 kB (11016 bytes)
Hash
15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telegram
OpenPhish	phishing	Telegram

HTTP Headers

GET /KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/main.4087993f942398d56511.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: font/woff2
content-length: 11016
last-modified: Sat, 09 Mar 2024 09:10:32 GMT
etag: "65ec2788-2b08"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/3748.0fa60c5a44d4b42a0115.js

45.64.52.26

200 OK

3.7 kB

URL GET HTTP/2
telegromj.com/3748.0fa60c5a44d4b42a0115.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
JavaScript source, ASCII text, with very long lines (9780)
Size
3.7 kB (3748 bytes)
Hash
02161e4617efa57e5c0ab5ae61300dcd
bc99b5da6161b06d78a7f88119cd45f2dd826fbe
46ff1f7377f83f6826433319f1a08efbebd39b4eef483c4924416a80df01a73c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /3748.0fa60c5a44d4b42a0115.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 07:26:36 GMT
vary: Accept-Encoding
etag: W/"65ed60ac-266a"
expires: Sat, 20 Apr 2024 16:50:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/rlottie-wasm.5e3833cedb8fb71c8d8e.js

45.64.52.26

200 OK

340 kB

URL GET HTTP/2
telegromj.com/rlottie-wasm.5e3833cedb8fb71c8d8e.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/4680.4c2ac3941aac89823979.js
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
gzip compressed data, from Unix
Size
340 kB (339778 bytes)
Hash
0ac841dbc358a1a69ad0c37bdfab5a3f
7f8d1c2cad5f202dd9360ebd7bee74ac685d09b7
e69e8d64604ded06ed5918428c65f9ababdae07292688d9d6d393009defd710f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /rlottie-wasm.5e3833cedb8fb71c8d8e.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/4680.4c2ac3941aac89823979.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:50 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 07:26:36 GMT
vary: Accept-Encoding
etag: W/"65ed60ac-1005e"
expires: Sat, 20 Apr 2024 16:50:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/5802.36a9971f58c808c4a974.js

45.64.52.26

200 OK

34 kB

URL GET HTTP/2
telegromj.com/5802.36a9971f58c808c4a974.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/4680.4c2ac3941aac89823979.js
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
gzip compressed data, from Unix
Size
34 kB (33502 bytes)
Hash
a3a2013704476288826cd803d6f7605c
5c57d39e5d9586d993a384f6302b1feafc3b86ae
69d152f418072da6cccffa6234cab54ad33e239783eddb0edea0c4a111913791

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /5802.36a9971f58c808c4a974.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/4680.4c2ac3941aac89823979.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:50 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 07:26:36 GMT
vary: Accept-Encoding
etag: W/"65ed60ac-541b"
expires: Sat, 20 Apr 2024 16:50:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/favicon.svg

45.64.52.26

200 OK

892 B

URL GET HTTP/2
telegromj.com/favicon.svg
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
SVG Scalable Vector Graphics image
Size
892 B (892 bytes)
Hash
d9ee2d4b0edd9f8ba2fb7242162c2c47
398522893cf2cdefb5176f11bc67eab31c2d7382
a462f1c5333e16b48335054493cfd1d0a13a96847b4b9ffe2cf24403e6e86010

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /favicon.svg HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:51 GMT
content-type: image/svg+xml
content-length: 892
last-modified: Thu, 18 Jan 2024 21:12:24 GMT
etag: "65a99438-37c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/QrPlane.a921709f266564f65b7e.tgs

45.64.52.26

2.1 kB

URL
telegromj.com/QrPlane.a921709f266564f65b7e.tgs
IP
45.64.52.26:0
ASN
#64050 BGPNET Global ASN

Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
gzip compressed data, was "PlaneLogoPlain.json", last modified: Fri Dec 17 11:58:31 2021, from Unix
Size
2.1 kB (2101 bytes)
Hash
9fe5425a55be5cfd60c1ee5f2ca2c733
6055dbe3afe9575b921a9863534e91428a847021
486cbe566d05f023f3c72ec00b55f921deb1f7aed2efb630fe717425e2d98d0a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /QrPlane.a921709f266564f65b7e.tgs HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegromj.com/4680.4c2ac3941aac89823979.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:51 GMT
content-type: application/octet-stream
content-length: 2101
last-modified: Sat, 09 Mar 2024 09:10:32 GMT
etag: "65ec2788-835"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/5802.36a9971f58c808c4a974.js

45.64.52.26

200 OK

8.3 kB

URL GET HTTP/2
telegromj.com/5802.36a9971f58c808c4a974.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/4680.4c2ac3941aac89823979.js
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
gzip compressed data, from Unix
Size
8.3 kB (8317 bytes)
Hash
d5f9a7c97f89bf610f1cfafc82760502
49e6761b4ac72cde66f90a4e818c33e14b3e5813
fbb99a4d29a2bbfddff512f8b700ed5f26fde7b0545b568b8a42889a05db3549

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /5802.36a9971f58c808c4a974.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/4680.4c2ac3941aac89823979.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:50 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 07:26:36 GMT
vary: Accept-Encoding
etag: W/"65ed60ac-541b"
expires: Sat, 20 Apr 2024 16:50:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/blank.8dd283bceccca95a48d8.png

45.64.52.26

200 OK

68 B

URL GET HTTP/2
telegromj.com/blank.8dd283bceccca95a48d8.png
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /blank.8dd283bceccca95a48d8.png HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegromj.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:53 GMT
content-type: image/png
content-length: 68
last-modified: Sat, 09 Mar 2024 09:10:32 GMT
etag: "65ec2788-44"
expires: Mon, 20 May 2024 04:50:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/blank.8dd283bceccca95a48d8.png

45.64.52.26

200 OK

68 B

URL GET HTTP/2
telegromj.com/blank.8dd283bceccca95a48d8.png
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /blank.8dd283bceccca95a48d8.png HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegromj.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:53 GMT
content-type: image/png
content-length: 68
last-modified: Sat, 09 Mar 2024 09:10:32 GMT
etag: "65ec2788-44"
expires: Mon, 20 May 2024 04:50:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/2041.5fe028b52e13d7a937b4.js

45.64.52.26

200 OK

43 kB

URL GET HTTP/2
telegromj.com/2041.5fe028b52e13d7a937b4.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/4680.4c2ac3941aac89823979.js
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
gzip compressed data, from Unix
Size
43 kB (43232 bytes)
Hash
c390b44bebfba74c1a3a97b1000f2318
3ed9c72ec6a8f7d2b3fffad94ca076ce3863f4a3
506168fd880516f86638e9968a325098fa0b0d4fea622a4b4fefaebeb982ccb4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /2041.5fe028b52e13d7a937b4.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/4680.4c2ac3941aac89823979.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:50 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 07:26:36 GMT
vary: Accept-Encoding
etag: W/"65ed60ac-223ca"
expires: Sat, 20 Apr 2024 16:50:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/4680.4c2ac3941aac89823979.js

45.64.52.26

200 OK

24 kB

URL GET HTTP/2
telegromj.com/4680.4c2ac3941aac89823979.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
gzip compressed data, from Unix
Size
24 kB (23857 bytes)
Hash
06efac6222934e4898aad11f98ca804f
8154385f6b4d2d0db62865b18e4efde5b3384727
1a4b470eeec40e2b37857b9063a3d65f2741d6481cbfe8444478735d812f6c00

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /4680.4c2ac3941aac89823979.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 09:34:26 GMT
vary: Accept-Encoding
etag: W/"65ed7ea2-2814"
expires: Sat, 20 Apr 2024 16:50:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/main.bcfddf515958c318bae6.js

45.64.52.26

200 OK

383 kB

URL GET HTTP/2
telegromj.com/main.bcfddf515958c318bae6.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type

Size
383 kB (382665 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /main.bcfddf515958c318bae6.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:47 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 09:34:26 GMT
vary: Accept-Encoding
etag: W/"65ed7ea2-5d6c9"
expires: Sat, 20 Apr 2024 16:50:47 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/8764.58763b7a689318950e51.js

45.64.52.26

200 OK

27 kB

URL GET HTTP/2
telegromj.com/8764.58763b7a689318950e51.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/8415.f3265a8085428f6feeb2.js
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
JavaScript source, ASCII text, with very long lines (27305)
Size
27 kB (27442 bytes)
Hash
0198d988a3400c6f4abdcd15352e954d
27b573f135096fc85ce78ddd2dae6071de71bcd5
b38c94050169465563c915a3ca347af2cbf5cb981995a5bc3bc88b5cfe017ba9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /8764.58763b7a689318950e51.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/8415.f3265a8085428f6feeb2.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:50 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 07:26:36 GMT
vary: Accept-Encoding
etag: W/"65ed60ac-6b32"
expires: Sat, 20 Apr 2024 16:50:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/chat-bg-pattern-light.ee148af944f6580293ae.png

45.64.52.26

200 OK

273 kB

URL GET HTTP/2
telegromj.com/chat-bg-pattern-light.ee148af944f6580293ae.png
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
PNG image data, 1123 x 2307, 4-bit colormap, non-interlaced
Size
273 kB (272875 bytes)
Hash
3d558d8de7082a2b2355076c8988c3fd
d74980e29b0ec2f102b0dcd614503fd42a255b85
00745db819d91c37bf0f59bee00ab2efe9766fddcb726ff1bcb6847748b2bbc7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telegram
OpenPhish	phishing	Telegram

HTTP Headers

GET /chat-bg-pattern-light.ee148af944f6580293ae.png HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/main.4087993f942398d56511.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: image/png
content-length: 272875
last-modified: Sat, 09 Mar 2024 09:10:32 GMT
etag: "65ec2788-429eb"
expires: Mon, 20 May 2024 04:50:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/icon-192x192.png

45.64.52.26

200 OK

3.1 kB

URL GET HTTP/2
telegromj.com/icon-192x192.png
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
Size
3.1 kB (3059 bytes)
Hash
1a1650d2c76bfc1ac484646c19e495b9
fe58d66042ce9241226f5da9370230285ff604fc
6e587a62c9d7a97f25265ab5eb29d101ad2e36810042a4116d2dd29da96b0bf8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /icon-192x192.png HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:51 GMT
content-type: image/png
content-length: 3059
last-modified: Thu, 18 Jan 2024 21:12:24 GMT
etag: "65a99438-bf3"
expires: Mon, 20 May 2024 04:50:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

telegromj.com/8415.f3265a8085428f6feeb2.js

45.64.52.26

200 OK

556 kB

URL GET HTTP/2
telegromj.com/8415.f3265a8085428f6feeb2.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type

Size
556 kB (556360 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /8415.f3265a8085428f6feeb2.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: application/javascript
last-modified: Thu, 21 Mar 2024 05:35:50 GMT
vary: Accept-Encoding
etag: W/"65fbc736-87d48"
expires: Sat, 20 Apr 2024 16:50:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/1915.7c097c4f98f78164d509.js

45.64.52.26

200 OK

18 kB

URL GET HTTP/2
telegromj.com/1915.7c097c4f98f78164d509.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type

Size
18 kB (18138 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /1915.7c097c4f98f78164d509.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 07:26:36 GMT
vary: Accept-Encoding
etag: W/"65ed60ac-46da"
expires: Sat, 20 Apr 2024 16:50:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/6839.01a53cbedf5d86d252ec.js

45.64.52.26

200 OK

46 kB

URL GET HTTP/2
telegromj.com/6839.01a53cbedf5d86d252ec.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type

Size
46 kB (45754 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /6839.01a53cbedf5d86d252ec.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:49 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 07:26:36 GMT
vary: Accept-Encoding
etag: W/"65ed60ac-b2ba"
expires: Sat, 20 Apr 2024 16:50:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/1649.23ef32650e96d33d6586.js

45.64.52.26

200 OK

45 kB

URL GET HTTP/2
telegromj.com/1649.23ef32650e96d33d6586.js
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/8415.f3265a8085428f6feeb2.js
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
JavaScript source, ASCII text, with very long lines (44841)
Size
45 kB (44895 bytes)
Hash
d185f3823bb419e0227eb45b85facdca
b50068ba63e52fd9d71dbfa7cb42fe82a6f4af16
fbcc1367611f1d387d2b7340f92b66b4a0a5311742ec3d806d848692b98e78c9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /1649.23ef32650e96d33d6586.js HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/8415.f3265a8085428f6feeb2.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:50 GMT
content-type: application/javascript
last-modified: Sun, 10 Mar 2024 07:26:36 GMT
vary: Accept-Encoding
etag: W/"65ed60ac-af5f"
expires: Sat, 20 Apr 2024 16:50:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

telegromj.com/main.4087993f942398d56511.css

45.64.52.26

200 OK

109 kB

URL GET HTTP/2
telegromj.com/main.4087993f942398d56511.css
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type

Size
109 kB (109237 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /main.4087993f942398d56511.css HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:47 GMT
content-type: text/css
last-modified: Sun, 10 Mar 2024 07:26:36 GMT
vary: Accept-Encoding
etag: W/"65ed60ac-1aab5"
expires: Sat, 20 Apr 2024 16:50:47 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

zws2.web.telegram.org/apiws

149.154.167.99

101 Switching Protocols

0 B

URL GET HTTP/1.1
zws2.web.telegram.org/apiws
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://telegromj.com/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.web.telegram.org
Fingerprint74:51:4A:F8:C5:D2:E1:36:68:30:25:98:05:27:E8:6F:57:FC:E0:3B
ValidityWed, 30 Aug 2023 00:40:43 GMT - Mon, 30 Sep 2024 00:40:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apiws HTTP/1.1
Host: zws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://telegromj.com
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G/f5uKVsNhVb3rYMQLDCgQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Sat, 20 Apr 2024 04:50:51 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DyRYLduHsaXBU0lKwhH2vz7NgKI=
Sec-WebSocket-Protocol: binary

telegromj.com/system/tgdata/queryDeviceName

45.64.52.26

200 OK

48 B

URL GET HTTP/2
telegromj.com/system/tgdata/queryDeviceName
IP
45.64.52.26:443
ASN
#64050 BGPNET Global ASN

Requested by
https://telegromj.com/8415.f3265a8085428f6feeb2.js
Certificate
IssuerLet's Encrypt
Subjecttelegrome.com
Fingerprint1A:06:0C:BB:45:71:7F:DD:83:70:77:23:C2:A5:F6:A8:27:07:2F:27
ValidityFri, 19 Apr 2024 14:55:10 GMT - Thu, 18 Jul 2024 14:55:09 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Size
48 B (48 bytes)
Hash
047dcaea80ca2d431778eaf6b4d14f68
461adf29edb0b5741eb31d04e22f1640275689ad
334f2ce16a2bbe3ed5c3d196fc9897874b2c8a803cf1279620ae20e174f56acc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /system/tgdata/queryDeviceName HTTP/1.1
Host: telegromj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegromj.com/8415.f3265a8085428f6feeb2.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 04:50:51 GMT
content-type: application/json
cache-control: no-cache
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (32)

URL GET HTTP/2

IP

ASN

Requested by