| web-telegram-co5.pages.dev/index-DZdzj4QX.css | 172.66.44.107 | 200 OK | 94 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/index-DZdzj4QX.css IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash5151f0482f626a3146651fd8b369945e e1e014b34d75c40aabb4727305db5d71c7ec0ebc c00915c207242f10a2405cf568961cdb7328f126be51dc8de2bf5e4b21fbb35c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /index-DZdzj4QX.css HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"db4f0daa93c6e94e31cc8ad1307349f4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q8dC1uBpDWHtRPn56H%2BAZDXFMiIbCWUff1ZoPNSU%2BreocV90yeKqsybcqVebThAvwwNK4nKu3a7cKTPwj3nea%2FNNfRjH8eymvgOoKWzJGST9DKPFbr%2FZfAORsiYNql5xyc8iDReM7glT1TLrww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb56cdfb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/crypto.worker-CfCshcpI.js | 172.66.44.107 | 200 OK | 0 B |
URL GET HTTP/3web-telegram-co5.pages.dev/crypto.worker-CfCshcpI.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /crypto.worker-CfCshcpI.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: sharedworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"d6f179bfe351477010122956c4305e14"
TE: trailers
HTTP/3 304 Not Modified
date: Fri, 26 Apr 2024 06:13:03 GMT
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XA6yUmwIK3uLQD7J3qRBXk%2BDuUBQDAhrri7yUqJksGvVaj%2Fwn1cv61NY%2B9FsuWcKwUs6iuKiYQjHGaHR2bZ3PR58uVCEmxSkC%2Fn1MAXIy%2FVZJyKAUXcBbNq45fttMAJj2DOr1BSLISCQ%2Bx03tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb8bf56b50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry | 172.66.44.107 | 200 OK | 9.0 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash87fecdadac0beb95f9b7c87b3b3236f0 822f92446c0033a32462aa21208efaef1f0d8c3c 25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: image/png
content-length: 9024
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c35bd3231a46b7b8c79b2578bdec4987"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6BuiOdElw%2BwHPHrFMoK7j%2BOTYat9WCK2JezKnrxqrzyLeGuXQ6NpSvkWSuvdISh7ShIN2PIkRlyQp31hj%2BB1Fe1dkmP5vN0WhmcZ30Jen121gq3dHi4umPW5OGkL3bDvVDCy43AnVkkJhFr6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb90facb50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/assets/img/favicon-16x16.png?v=jw3mK7G9Ry | 172.66.44.107 | 200 OK | 1.0 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/assets/img/favicon-16x16.png?v=jw3mK7G9Ry IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe3ce05eb00b3215df220efaf0fd06e21 d1533966f79dc2984c34317035f31cf3c91298c9 0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: image/png
content-length: 1012
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "164bab244d543d9719126be57e7b82f4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LWZhnUQxe7%2BRKkWzI0WTndg98dLg88abgR43QMM%2Fq4PW7hgWa25b43Pdbbwd%2F3%2BUonhvAt8X7LmYKDhM%2BUu0yL%2F4ea3mBqhm7hOuPGZbyMh9pbpVvoBLGMzbqv4%2Bre%2B07v1LeN16R9d%2By2h6mw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb90fadb50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 172.66.44.107 | 200 OK | 11 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://web-telegram-co5.pages.dev/index-DZdzj4QX.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: font/woff2
content-length: 11056
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "d0122a2078b736d8f34c46ec02e88eb0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQw8%2Fj7By4bJik%2Bd%2FgQPlVg7BL0N%2Fye%2F5rmT8qLapeSTQXixv32SSHjQJMO3yhRGNqWPdGev0XjFqIybBiiYW9lSe4L9Lm69Z7yVmpxqa49RDZhPGmAkyob1vNFy%2FqsQm7JrAmYPPtxcFhgqug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cbb39a8b50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/index-DsiKS7a5.js | 172.66.44.107 | 200 OK | 48 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/index-DsiKS7a5.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (62777) Hash8d0db85c84a36400bcb581bbdec72881 6e082c86a2617795ef7aeb2905d25b6d9cc8506f c1af6ea70ddf66a022072c256697aedb3614a1a74d28ce084dae21e020aa9fa9
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /index-DsiKS7a5.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ad9abe2b71b0652ef208ef659e8d5cb6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBDz%2BzrU%2F0hoUErP0iVSD9ecINbYuCZtTJKiFTrZmgaSzPEiJ81Rb%2FslNRUnH1r2T1rdIV6G1zFY7IogJNOl%2Bmkf1H3gAOTO8eFe%2B8yG1lAKfZo%2Fe8aOItyYbtUDaRBw5Vlc0Ls%2Bmp1OhDUlrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb55cdcb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/countries-CzeCvYH8.js | 172.66.44.107 | 200 OK | 3.9 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/countries-CzeCvYH8.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeUnicode text, UTF-8 text, with very long lines (24043) Hash24d43ec6ffdef8fdf4310a4a8b65b206 8974a9f0f2a76920b5080c3f239fe21396e4ce73 6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /countries-CzeCvYH8.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/index-DsiKS7a5.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"91c809dad43a47e6b5a4a68bc3011245"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sr4a38TajsPwkdw1uhtOI27Y%2BaU5UPh5KQCPMMLTB8vkDcQwV5sZEXyRZ9hpaFVTEf3is6c07j6waJCBqRoTOu7rHdW%2FgChj9niqkOBJazzkpiK7%2BnvAPKM08jOYI4XRABQRvyia3ziERK7MlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb86f2bb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/button-CkX72N64.js | 172.66.44.107 | 200 OK | 13 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/button-CkX72N64.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeASCII text, with very long lines (8748) Hashd3902b818b1d0891d5b13710250be521 44244f04f55467572dd2278669855ea08abe79ef 5fca53dbae44df798b239a79f1a085016fd5232df20bd200600a736607003c50
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /button-CkX72N64.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a350bef6010f0d09d87fdb12c3496aed"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gvVKin5SK1Gq7GZigUA1IE3%2B633eDVA4siu6iHn1RmNim1uOeQmFBEba47D%2Fsi46syN%2B4IYTILk%2B%2FKWASSwKEzIV7b0IU1mc3xue6kV6fq5qVrciFJZx3MOX7YNxO6P%2BlgepeMkE5owstPCuzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb94fecb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/qr-code-styling-BqER1AUU.js | 172.66.44.107 | 200 OK | 17 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/qr-code-styling-BqER1AUU.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (57414) Hashfea56d870467eee7980f4cfe0485c514 c4ee632b8825e210c494d34209a4d118a2b221a2 3a096f8810bd6d74877f45109b2f177acc1a452dedca404611dae397597440c4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /qr-code-styling-BqER1AUU.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/pageSignQR-BQejdWpf.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"cf51fa55ae65eb638c2cc9bbdadb9f55"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cBs%2BNgD5McfBNbZtXYPA%2Fl9JbHv59bUG1iSZldUx8GNWDDgCm04HSvTkZhJuBCYNYJZRWGHornhmXGG5B0yUs%2BistnR7Yg5Itwad4KRUABuOKlyg7PpFy4LOGbBXSz0RQvOBoqKBbk42Iv8Kfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cba5929b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| venus.davidden.com/apiw1 | 104.21.92.94 | | 115 B |
IP104.21.92.94:0
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.davidden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
Content-Length: 0
Origin: https://web-telegram-co5.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 06:13:04 GMT
content-type: text/html
cf-ray: 87a46cbacbc7b4ff-OSL
cf-cache-status: DYNAMIC
cache-control: no-store
access-control-max-age: 1728000
cf-placement: local-OSL
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1Sjvp654cIZTyFpVVJPOUbI5ahaNRQFmmQYl0iDu508a2sCm02plrmAsYBz9kZmY6BHBJmj%2B0Fx%2B41IUvq1ZYMUX2UqpUjc2%2F9u9A8h54tBV2bzUGypXUmXxF5xvq5%2BQEtB4MY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| web-telegram-co5.pages.dev/pageSignQR-BQejdWpf.js | 172.66.44.107 | 200 OK | 28 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/pageSignQR-BQejdWpf.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeJava source, ASCII text, with very long lines (5017) Hash9c6cc6125d29d0f5091ccc67963eda59 9886223f7395229f862097fc129be0cf6b53d6ae b02fa875d0e2b9c56e8e2b19ee57b87ee31fb0bea089a945785158c2beef15f4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /pageSignQR-BQejdWpf.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3c729d2081a9eac4b91152256804f70c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2ByMz6ywIB5hg6LzouN1VrelZuDXN5FJSA6BA7UkIrPpdCfo39xd%2FzZ6wYMoJAHHPGIaEkaDgAHGoHFSjX6Gb0IvpuGKO%2B%2FqxrYPd5vM9ZAfUzDUqc35BVZMqHPsSyH4ESjfdz6vGzCJA9SCRVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb93fe8b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/page-B_0Pvxx5.js | 172.66.44.107 | 200 OK | 11 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/page-B_0Pvxx5.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeASCII text, with very long lines (10306) Hashe31a3f3dfff0e02e8f2b9affaf43f00a 0c48e0e37051b964f0ba41b970f8558383ea68bf 0ced842dffb46e8b11b9e681c724de4266324e3990ce95d4bd7b7b3c5be5f0a5
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /page-B_0Pvxx5.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"09355569460fd7aa9b19061f22c58d25"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pnt4SFfv3v8fZR6xo5mwmFDFCEG7l1dLyIYEqxd8peRckhGHUcT6YGEqxoBB6Qlcv%2FgXS5r7Oa%2FDDYeNldtLXiqZ6YXWFGiE6GeFgyxy6XvpuJpohRZuJvMVEi9%2BHt8QV4CH2OoNCaW2leXOyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb94febb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/ | 172.66.44.107 | 200 OK | 14 kB |
URL User Request GET HTTP/2web-telegram-co5.pages.dev/ IP172.66.44.107:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeHTML document, ASCII text, with very long lines (1757) Hash4ee09669345089b9fb1439250f61b3d6 5d469d686ad9dc92af721fa8bbf0fdc7f47c01b7 02c0d7b4b9ef860059c024813bc647241f2abe8c896e722e9b89ba1881be8636
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET / HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:13:02 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"36531055d14d23524fe42bb9d53ba0c3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYTPrbk5TCncu3k13FPjwDCcIiQomRxdq%2FKZTgyDuRiH8YquK4mzjj8KsHyKs85GHgiBG8I1d2xRBMqD53FGQlXFUrbc9sx6o8yxXE3h4MB7tfyyf%2FJ%2F0a1P%2FMz2PZ8TLv9BDksPxmt%2FcD41YA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb25c49568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| web-telegram-co5.pages.dev/assets/img/logo_padded.svg | 172.66.44.107 | 200 OK | 1.1 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/assets/img/logo_padded.svg IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeSVG Scalable Vector Graphics image Hash4c0b48654a4881c325148a5e00964160 d7d21756c9dd4c1bf4d97087811745aad60506a0 7583a3643a9480ab4d81dd46b700cf3a38ebdd94af1a6059d2b6a3ecff8a65c5
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/img/logo_padded.svg HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:07 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ddc17b460f3542cd68305d2c727dab6c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcsUTAz37%2FHTO7DwroRrtdxVIN8n9ArZ0FLKrz1qjRXkECWiB%2FXbrQECfb%2BpmCQdfTSH8T%2Fop0IjnAUTEs%2FXVQy6kdC%2F8Vp%2BY9P6VAEVq6pHezqifyUHnrH4cGjE4ovF5F0zdkAUiVBFGJN%2B%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cce4a88b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 172.66.44.107 | 200 OK | 11 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://web-telegram-co5.pages.dev/index-DZdzj4QX.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: font/woff2
content-length: 11016
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "741b4527b63febbccc571bad3f4f23cf"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5Ben6zwazdZP2AkkzoZpukaBLV1H6JEKPAWiBFHY74x8nmXQ3UJXt6TAEYlvF8%2F3yMh7%2FDw6AdvFrwuLNwa0kxMIcnTb9Kh3igFiGGY89IAk6ZKHPqAIAJIwcyFIWBhZWpBodsM2UCZ3rBbfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb81ef8b50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/textToSvgURL-Cnw_Q8Rw.js | 172.66.44.107 | 200 OK | 357 B |
URL GET HTTP/3web-telegram-co5.pages.dev/textToSvgURL-Cnw_Q8Rw.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeASCII text, with very long lines (361), with no line terminators Hash31ad5f62e0cdff78fe300dce737cb419 16dcb2d419bc06f8cb8ff3dfb2f21f5bfe27ed28 659fe74289a8b92ce28c03eb6a76ec03d3f3276d58a4cf2234f80afa200d2544
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /textToSvgURL-Cnw_Q8Rw.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9018abc419b3eb734b33499c2e203016"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sXlSrMZ%2FFReQFCos0aYDy%2F6gkD311c5t9IWbGPz7bHONye%2B%2F9PjGfzgK3MLFiK%2Bt%2FFIEx9mjgFUbfCCSRxQ6ADgdVby8skn3Ig0%2Fe9FJEJb6UbIxVEisuwrRRALhGC0ZuVl78I7V7rjbPJfxgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb94ff3b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/textToSvgURL-Cnw_Q8Rw.js | 172.66.44.107 | 200 OK | 357 B |
URL GET HTTP/3web-telegram-co5.pages.dev/textToSvgURL-Cnw_Q8Rw.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeASCII text, with very long lines (361), with no line terminators Hash31ad5f62e0cdff78fe300dce737cb419 16dcb2d419bc06f8cb8ff3dfb2f21f5bfe27ed28 659fe74289a8b92ce28c03eb6a76ec03d3f3276d58a4cf2234f80afa200d2544
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /textToSvgURL-Cnw_Q8Rw.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/pageSignQR-BQejdWpf.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9018abc419b3eb734b33499c2e203016"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6bSp0TVvK8f3LrEvj3pvowHnBXVGZcxqc%2BHcdNygOjGtTlcEapDZlljS%2BCAeoIjLL2ltsOpeIciSJFmZ3pZw4AYWwwTATV8mI%2BUZYeJR953zoxSWg6Lu8MFA1MMWR9pynrdOgKX7FNg49evSRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cba08dab50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/langSign-CN-ja8rh.js | 172.66.44.107 | 200 OK | 1.6 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/langSign-CN-ja8rh.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeASCII text, with very long lines (1751), with no line terminators Hash1ce4deece7f2ffb2cdbc5e5b609e3271 7dff9070112715314c61bb9a682d6885ff12be83 6f66f5c3cfa9d140bb6471d900cd7ad76b924f2ae6b635807df0825f14524e52
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /langSign-CN-ja8rh.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/index-DsiKS7a5.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a296d7a5b452c0bd43052c7947c4ee95"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXheXFQ1DVIUdkKZZxzhNlAxerWvTxFzmo4siCIbt6GB2f7U3iH5uj4w2mr9UCHqj9b%2FXEuW7iCz%2FhgqNU43yYcbRJDqNtEPASVJEpQhqPIPU0WKAd%2BWU6QU%2B9XCF97NeQEYaJWYpBDCOnlxCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb86f29b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/putPreloader-6vPSAuHq.js | 172.66.44.107 | 200 OK | 699 B |
URL GET HTTP/3web-telegram-co5.pages.dev/putPreloader-6vPSAuHq.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeASCII text, with very long lines (736), with no line terminators Hash27fc5493b1a94db9bde197a6e4544a90 04e0aa7e698c80955702c68c0ddaa5e0a729768f cb7bc72671b7d0df2bcf27d24c9b4ccf523adf41da5fb106e3f4a7804effa12c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /putPreloader-6vPSAuHq.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5217cf5002d5772f483cbe7b9f974524"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SerQLR0Fe2UiZ3v1v3bP3%2FvoLOZLCCqpOuM5QGUTwN5QoNUue03Q8iZmI9WHJ7ppbtjxyYZYaYIjDaBs2B%2FoZIH%2FqJ36Exyo1lcjV3525QJzb7xmpyeRF32T6airw%2BuSIDEPmSQy1tDNnYmNIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb94fefb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/_commonjsHelpers-Cpj98o6Y.js | 172.66.44.107 | 200 OK | 290 B |
URL GET HTTP/3web-telegram-co5.pages.dev/_commonjsHelpers-Cpj98o6Y.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeASCII text, with very long lines (302), with no line terminators Hash2f62150f51e1c96c4a1f8fa5d6c72c2a d9529066ad04e0b66323fa0e7f12133bbc6940a4 e306f66b5964b6d3477db797068e0a94b0ef6cf594018197576f4450d9645d5b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /_commonjsHelpers-Cpj98o6Y.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"cee3ad1e2fde417708607f4f2d1b1b8c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIyiO1xvmLzK%2FbupGBaRBqUnIAwMloxTTCklnCk%2FslxaDXZUgvjTgx9pLb8%2ByFp379KO6FdGxVpqOgw0QXR5o0%2FEKKqeqjXJHdiX377qkxy7nNi9vqV4irxQtQdrQ6FhWpr6XIE0SbOiAzofAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cba5926b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/lang-B4ZSNUdw.js | 172.66.44.107 | 200 OK | 120 kB |
URL GET HTTP/3web-telegram-co5.pages.dev/lang-B4ZSNUdw.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
Size120 kB (120212 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /lang-B4ZSNUdw.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/index-DsiKS7a5.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b9ba2aa558d07ccc035b1149d13dc01e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQqE3Helx8sgwhi9zDa7m0EBOlTsthv469e1lJUPOzWElh1r2rOhZPrNjnFLRJP%2FudZpvRIfMmCwrYgUdyOSDGUKVRgHXCEjyURAbhYc4nIzrhv%2BCX7qAfl4TCIK3478YSPM4ha5c9Snp4H1KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cb86f27b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/putPreloader-6vPSAuHq.js | 172.66.44.107 | 200 OK | 699 B |
URL GET HTTP/3web-telegram-co5.pages.dev/putPreloader-6vPSAuHq.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeASCII text, with very long lines (736), with no line terminators Hash27fc5493b1a94db9bde197a6e4544a90 04e0aa7e698c80955702c68c0ddaa5e0a729768f cb7bc72671b7d0df2bcf27d24c9b4ccf523adf41da5fb106e3f4a7804effa12c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /putPreloader-6vPSAuHq.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/pageSignQR-BQejdWpf.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5217cf5002d5772f483cbe7b9f974524"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3d5clbasatL4XvJCxMadmdLc9bMabauZrcTSEKpV%2F5aa2REPfjVW13ydKjeeA89axCCgb4FsPapifUNr9DC7%2BQPWD6amNcXy%2FQLa%2BfekfSHxl9RuP7HG63qCypa%2FWssktcf9864YTOj29B2%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cba08d9b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram-co5.pages.dev/_commonjsHelpers-Cpj98o6Y.js | 172.66.44.107 | 200 OK | 290 B |
URL GET HTTP/3web-telegram-co5.pages.dev/_commonjsHelpers-Cpj98o6Y.js IP172.66.44.107:443
Requested byhttps://web-telegram-co5.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram-co5.pages.dev Fingerprint76:5D:8A:7D:F2:E3:01:E8:42:1A:A4:02:28:74:EA:D8:15:04:52:59 ValidityMon, 25 Mar 2024 15:41:22 GMT - Sun, 23 Jun 2024 15:41:21 GMT
File typeASCII text, with very long lines (302), with no line terminators Hash2f62150f51e1c96c4a1f8fa5d6c72c2a d9529066ad04e0b66323fa0e7f12133bbc6940a4 e306f66b5964b6d3477db797068e0a94b0ef6cf594018197576f4450d9645d5b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /_commonjsHelpers-Cpj98o6Y.js HTTP/1.1
Host: web-telegram-co5.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram-co5.pages.dev/qr-code-styling-BqER1AUU.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:13:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"cee3ad1e2fde417708607f4f2d1b1b8c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJ08%2BShiAjyq2qkvJXVfyuKEoJEBRMNlNbMXtrz99E18hg7effRdyC7SwJc0QO7rMXJILkLkJ%2BboMmTww6T6K0FU2UDVhktIxMvfrh2WdinqgZ3HUGipyiJ8ElcTuVuReuM9ZBmmArtnI6n%2BVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a46cbaf982b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|