Report - web-telegram.ru/

Report Overview

Submitted URL
web-telegram.ru/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 05:36:33
Access
public
Website Title
Telegram Web Webogram online телеграм онлайн неофициальная веб версия
Final URL
web-telegram.ru/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
68

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
web-telegram.ru	85914	2017-02-28	2018-01-16	2023-11-02	17 kB	937 kB	188.114.97.1
venus.web.telegram.org	47739	2003-12-15	2017-01-29	2024-04-16	834 B	999 B	149.154.167.99
kws2.web.telegram.org	49675	2003-12-15	2021-06-23	2024-04-15	2.3 kB	872 B	149.154.167.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram
2024-04-16	medium	web-telegram.ru/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	web-telegram.ru/index-pkJe6Hzm.js	139 kB	2024-04-02	2024-04-17
Pretty URL web-telegram.ru/index-pkJe6Hzm.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 06:31:14 Last Seen2024-04-17 07:36:34 Times Seen3 Hash 46e91ca8328f73f01c323f3a7d1b2f24 8269187312900e19fc342656214e4f8fd0005b31 ab3f3392f0210769e52a1e514183ad3c4d0e461bc0ff24df45994e5ac39c4c2f Loading...

	web-telegram.ru/langSign-lcKrqmwM.js	1.6 kB	2023-10-23	2024-04-17
Pretty URL web-telegram.ru/langSign-lcKrqmwM.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-23 15:41:37 Last Seen2024-04-17 07:36:34 Times Seen5 Hash e7f62a99dcb3f9c2a049d2ebd8bb4d59 78887e1dc5ecba306c5fe75dab193ef33d0823c2 3667812550b378f960a3e072dab1cd6cd27275106ceca72f4038b8ed4fdd979d Loading...

	web-telegram.ru/qr-code-styling-ogpV7fl-.js	66 kB	2024-04-02	2024-04-17
Pretty URL web-telegram.ru/qr-code-styling-ogpV7fl-.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 06:31:14 Last Seen2024-04-17 07:36:34 Times Seen2 Hash fd3c259a198f978429f0a417574ed845 326fe9c2118b937d84bb5cdb477386ff625ad5b5 f5bb239322681e0211c20cc9d88e1aac1a146b479a043e6de87b80418ee34b3c Loading...

	web-telegram.ru/lang-sYHkNrVb.js	120 kB	2024-04-02	2024-04-17
Pretty URL web-telegram.ru/lang-sYHkNrVb.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 06:31:14 Last Seen2024-04-17 07:36:34 Times Seen3 Hash 4ca13f3cb7b94678aa1434758f912b41 c7e25d84fce87a3fca40939138f4897f9c5633b7 30f129385b37fecc18bf24e9c59c6f3411e3448f5618468dfa2c3255ae0a9aef Loading...

	web-telegram.ru/pageSignQR-HABfjaL3.js	5.6 kB	2024-04-02	2024-04-17
Pretty URL web-telegram.ru/pageSignQR-HABfjaL3.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 06:31:14 Last Seen2024-04-17 07:36:34 Times Seen2 Hash a33d15620c49ae9447223f2526054771 7b29fa68012ae16c8687795ab9485586b12418a3 44e393e5555f889fbd62955c94572d0aee6353ab53338bd650e95c39c668365a Loading...

	web-telegram.ru/	458 B	2024-01-05	2024-04-17
Pretty URL web-telegram.ru/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-05 02:21:17 Last Seen2024-04-17 07:36:34 Times Seen6 Hash 7fb358c0adb43ed3d72c8988a36450e0 a5e467febba84e02b2c09ad6d3237633b1d9f9bc 8d05282995de514fef5f8987e83c976b5e61857aefd689a0f05e705167cc03a1 Loading...

	web-telegram.ru/page-O0cMknm3.js	9.4 kB	2024-04-02	2024-04-17
Pretty URL web-telegram.ru/page-O0cMknm3.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-02 06:31:14 Last Seen2024-04-17 07:36:34 Times Seen3 Hash 2c5f8efbeb8933bc94e94486c656d8f5 bad392942384018031ab42eab3aafbe7c47f2bed d68bc5ff96ad5c3809021570a94c0065c3538c292ec7dff0d81ead3adffe8a8f Loading...

	web-telegram.ru/button-8koK4gBD.js	6.0 kB	2024-04-02	2024-04-17
Pretty URL web-telegram.ru/button-8koK4gBD.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-02 06:31:14 Last Seen2024-04-17 07:36:34 Times Seen2 Hash e53bbba5091aebd322a733ff6c59dce3 7f59788eb4fdc49a1b769738cf93269e249e8ea3 4f3832fb6cb787f2ac7c0967bcfcfbc3da0433253a3954869a2a2835cdbec5b8 Loading...

	web-telegram.ru/putPreloader-N7lV1HM2.js	649 B	2024-04-02	2024-04-17
Pretty URL web-telegram.ru/putPreloader-N7lV1HM2.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-02 06:31:14 Last Seen2024-04-17 07:36:34 Times Seen2 Hash 63f5793370b3961703eefb23f42b7620 715f2148d81d89c0b01be65a72aafa282f5b509c c53940cf4f4feaff890fc246467d8d5987245adfa34217530f30e4ad42224c71 Loading...

	web-telegram.ru/_commonjsHelpers-5-cIlDoe.js	236 B	2023-03-14	2024-04-20
Pretty URL web-telegram.ru/_commonjsHelpers-5-cIlDoe.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-03-14 11:18:50 Last Seen2024-04-20 22:35:36 Times Seen141 Hash 146eaf85c344cee008c91f2685dbf82f 42d63529a2c0f2f9cc2b797622f6a3a71cae3e66 9625379badd4849610dfe6c15453cdf0c0071264c90eef177307fac094d2aa6c Loading...

	web-telegram.ru/countries-lRU-UavE.js	24 kB	2023-10-23	2024-04-17
Pretty URL web-telegram.ru/countries-lRU-UavE.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-23 15:41:37 Last Seen2024-04-17 07:36:34 Times Seen4 Hash dd48e3e80b3efd074b6979f8c0a2007d 7cc77ea884bb573256b5088d998ef0ab79c6d634 b9a27828a525d66c8b02fe99b090699326c04ab7fc91bbffa6fed9ad3b5d04c3 Loading...

	web-telegram.ru/textToSvgURL-Z4O-nL1S.js	307 B	2023-10-23	2024-04-17
Pretty URL web-telegram.ru/textToSvgURL-Z4O-nL1S.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-23 15:41:37 Last Seen2024-04-17 07:36:34 Times Seen4 Hash 5683888c3704146957e7d34000e80a62 9ffa4a832d37d7aef6d99f59742a0adb32b09659 118c14f54747e256af803a1878c276f4609a2556dd3606a789f6690d102b2068 Loading...

HTTP Transactions (43)

URL IP Response Size

web-telegram.ru/index-e7WK_YV_.css

188.114.97.1

200 OK

114 kB

URL GET HTTP/3
web-telegram.ru/index-e7WK_YV_.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (113473 bytes)
Hash
5e91b3539458da372c13b0a1fa4e3648
ff5d50966101f2078d8b3ccf862b45950b26dd6f
5a20a4520ea2699487e9b7ca7ecafee626130b72d809a4032b6e84b23c32f9b7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /index-e7WK_YV_.css HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: text/css
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-71216"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 6271
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r78S1bQZTBxT7GXIa4wWDriA5f6ssiUqNwF3yii%2BdQLL%2BNlAMEP0v%2FyRKLP%2F5POsQgXuVFNYE2FpIMZ6KEMgj6BZCKHj1Lkt1W2ubMGIfk%2BAvL0kONuYWTiQKpy9ZKY%2F%2F3U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3cca2ebe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11016, version 1.0
Size
11 kB (11016 bytes)
Hash
15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 11016
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b08"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsHW1oYVRhbdQUqPXHmEoDtdFdtpM5jGa2b%2FFRjsMcOKMrXDLokCPe60CPY7P%2F4P7CuWtytkSTh9pEeVDVfMGDbbGk1LICEooKc46nAwwzroAMIJrYHcBY1oSs3qUfrp2gE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3edc47be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11056, version 1.0
Size
11 kB (11056 bytes)
Hash
07db243db21ed0a6b4ff05ff429686b7
5d62925fdd7ed8e80f206d095ed093994f13d276
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 11056
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b30"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbXKZUa7W3Lj4s%2BqeupY9E20uxzCCx4gDveOjVNBEQPqL%2FhpHoSMPFfMTQHhtduN6AQsqPQ1MfpGMF0DvzIKnWxxQHsBJ4seGeFySRDoCbytN2%2Btoa0qyfavrww7ZePSWVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3eec53be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11056, version 1.0
Size
11 kB (11056 bytes)
Hash
07db243db21ed0a6b4ff05ff429686b7
5d62925fdd7ed8e80f206d095ed093994f13d276
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 11056
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b30"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yuTDIRhot6ePbvxW3uQha7528poIjKU%2BFO%2FO3TPhaTT2b%2FWgUz7Z8KJPFe5c7QK1EwOIY21jDY703Q8%2B8DXg111yG4T9RtJNqmnSvrsh8ss2o2%2FX%2BbVNGT4A8g2lIgubmfY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3eec5dbe49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2

188.114.97.1

200 OK

7.9 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7924, version 1.0
Size
7.9 kB (7924 bytes)
Hash
5d39c40b5f1d878434af6212575d928a
3485c7ae4231075e5b7424e73c8626fdca02e0ad
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 7924
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1ef4"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5YhuboIETLrukf5BcjTuHZIZdqkd6NymXyImlW%2B8hefSkMMQYKXYdXRKpYJXTZRymuYa7VD2Fxa%2F7%2FA0Irma8h1RGpFswPsR9hEFKL0tCf90244qkZbuJIWg6NC96ZCuFvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f5cd6be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2

188.114.97.1

200 OK

8.0 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8024, version 1.0
Size
8.0 kB (8024 bytes)
Hash
073578b7f22768baa58cf9a87380538a
702b779b7ea064cc4713f2234dc74b1097aee389
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 8024
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1f58"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JlHFGDgFVN5pLOSTXbYtyNsflZo2JHkoGwmBw5G7AwVNspohtzJekxljc%2BYkenqHC5u6udWoX%2BIfjLvuYZQLdFxuiOOTUZHi7gUZd6cazq%2FwblZvgC%2BHy1iKNChFfd1Htp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f5cdebe49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2

188.114.97.1

200 OK

6.9 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 6864, version 1.0
Size
6.9 kB (6864 bytes)
Hash
2efb23d70eb9a590216a126ce28120b0
27786db7735f04a4d59ad023fd327d2dea51ae68
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 6864
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1ad0"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3991
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEvUefP5xgI9svND6arRgJDJqyk3CB0cRH%2B%2FoTJ9UbR2EGgCBVf%2BISoVOotKPfD%2Fxi46pWkFhBxOiUbgJg0ekPVgc5phcvbI%2F7n%2BznR3%2FtUwdP%2BdMKbbNmSFKQUJMSkuR5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3fad4ebe49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

188.114.97.1

200 OK

6.7 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 6720, version 1.0
Size
6.7 kB (6720 bytes)
Hash
ddbe8450ae34795dee574854e9b01533
5c9aaeb1b9de21b0fb4c7d9b92276dc5ab81b8ab
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 6720
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1a40"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1LiADIk4KvMFmY%2BDDQEblPjv4eBu%2FembpC%2Bk0uF9J2W54iSG8IrmKFP%2F%2FDhXL7sn4wB2214ZACTlGEfEQH3DEGqC5xtTXfpdgnyXCArC47GiyzQKrCmsfnxeVlEd4NI0xmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3fbd61be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/langSign-lcKrqmwM.js

188.114.97.1

200 OK

938 B

URL GET HTTP/3
web-telegram.ru/langSign-lcKrqmwM.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (895)
Size
938 B (938 bytes)
Hash
e7f62a99dcb3f9c2a049d2ebd8bb4d59
78887e1dc5ecba306c5fe75dab193ef33d0823c2
3667812550b378f960a3e072dab1cd6cd27275106ceca72f4038b8ed4fdd979d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /langSign-lcKrqmwM.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-pkJe6Hzm.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-640"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=126iABOrndln3i1OyC9RaD2Qgegf4QAJTU4sz1VIgR1M74ynIM6CnT%2B5PqX%2Bl2DjSv4nex3aVcJmjx3L%2F5hFEH1ZcZZ8V8mlw8mDcWohzzZDsUBaWdwADXfxEPIo6cZG8d8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f6cefbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

venus.web.telegram.org/apiw1

149.154.167.99

169 B

URL
venus.web.telegram.org/apiw1
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
c2a982d42f89274763eef2a44fe01030
86e6d53f6478cdd0c05611093d9c55a953454af7
d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a

HTTP Headers

POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
Content-Length: 0
Origin: https://web-telegram.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
server: nginx/1.18.0
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: text/html
content-length: 169
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2

kws2.web.telegram.org/apiws

149.154.167.99

0 B

URL
kws2.web.telegram.org/apiws
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://web-telegram.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VFi/MKSDhvg6r0r00qrnWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 05:36:08 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6D4zIrB9B8CLfsgBsRRJLjVZxWc=
Sec-WebSocket-Protocol: binary

kws2.web.telegram.org/apiws

149.154.167.99

0 B

URL
kws2.web.telegram.org/apiws
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://web-telegram.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /QUY5JTRBYBx2SH3k8rn5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 05:36:08 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lg+ZPKFO/IeZYiyA4F+bbKv9Ox8=
Sec-WebSocket-Protocol: binary

venus.web.telegram.org/apiw1

149.154.167.99

169 B

URL
venus.web.telegram.org/apiw1
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
c2a982d42f89274763eef2a44fe01030
86e6d53f6478cdd0c05611093d9c55a953454af7
d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a

HTTP Headers

POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
Content-Length: 0
Origin: https://web-telegram.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
server: nginx/1.18.0
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: text/html
content-length: 169
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2

web-telegram.ru/_commonjsHelpers-5-cIlDoe.js

188.114.97.1

200 OK

87 kB

URL GET HTTP/3
web-telegram.ru/_commonjsHelpers-5-cIlDoe.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text
Size
87 kB (86817 bytes)
Hash
146eaf85c344cee008c91f2685dbf82f
42d63529a2c0f2f9cc2b797622f6a3a71cae3e66
9625379badd4849610dfe6c15453cdf0c0071264c90eef177307fac094d2aa6c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /_commonjsHelpers-5-cIlDoe.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/qr-code-styling-ogpV7fl-.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-ec"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d7lHDc6l7ar1rL89Szn2R1CYSACohKFYSo%2FPw8a6s9DLWN1dZs72PYSGzPjINVZ6r36MRYfChtb6KIJF48FdbqqroJd5ztxtKatuAvovA%2BXU0GkugOjU2Ahf84ewSrcQC6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e42486dbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

kws2.web.telegram.org/apiws

149.154.167.99

0 B

URL
kws2.web.telegram.org/apiws
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://web-telegram.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eATrlQ7jdWMI3U/1d7B+Xw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 05:36:08 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fQz+rZJ0Gj8cOmrckYEmSYfsV3Q=
Sec-WebSocket-Protocol: binary

kws2.web.telegram.org/apiws

149.154.167.99

0 B

URL
kws2.web.telegram.org/apiws
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://web-telegram.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e9e8INsH5i7OSrg2a0HwUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 05:36:08 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zUX+2Ps4jbC0JfzR92/3HRJnwkA=
Sec-WebSocket-Protocol: binary

web-telegram.ru/lang-sYHkNrVb.js

188.114.97.1

200 OK

45 kB

URL GET HTTP/3
web-telegram.ru/lang-sYHkNrVb.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Unicode text, UTF-8 text, with very long lines (14604)
Size
45 kB (44644 bytes)
Hash
4ca13f3cb7b94678aa1434758f912b41
c7e25d84fce87a3fca40939138f4897f9c5633b7
30f129385b37fecc18bf24e9c59c6f3411e3448f5618468dfa2c3255ae0a9aef

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lang-sYHkNrVb.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-pkJe6Hzm.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-1d57f"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dib7U0xS4N3IX3xIQqgCmWQ2IbVPMp6U77Y6UN7jYIRRjFpMItWpgcQbUy4EWi5DEyJRBsbO6U5ZRv9C5fsubDtfvZVvgxjSelSXj5LdP7mYRAt5sMdXuJ2KpBCB23Xe2uQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f6cecbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11016, version 1.0
Size
11 kB (11016 bytes)
Hash
15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 11016
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b08"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qa1lF1wYfyY273BQfYur0u%2FxKpRlKb6SiyVMkSk6MVT6vzpyi0I%2B8PDObb3hNBoOljI%2Bm6kNqqFV2SEOUrAcpH44KhSJ2XSHZOzz9lRQR8Bt0nKgvDKbEvAy5xjCPJqQUAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e442a8dbe49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11056, version 1.0
Size
11 kB (11056 bytes)
Hash
07db243db21ed0a6b4ff05ff429686b7
5d62925fdd7ed8e80f206d095ed093994f13d276
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 11056
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b30"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbrwHhjsYM0920G8MGeCeT8TyWBoAgzF6VBg4wCfr2C9ibpjbSb8JpvIBrdTnv8DI76t1u8K%2BEp7bShElTpEsImSWI%2FaNzwQIu7DW%2BHnf9R87tRwY3BBHe9Cv%2BqNVv%2BdJxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e443aa0be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2

188.114.97.1

200 OK

8.0 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8024, version 1.0
Size
8.0 kB (8024 bytes)
Hash
073578b7f22768baa58cf9a87380538a
702b779b7ea064cc4713f2234dc74b1097aee389
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 8024
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1f58"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CI0f1vybOUVnCNXv8jNo1YoO6uW2K%2B9DjSsD4klyHJkDLpw%2BOpt2n47ErVNJOT5WazAn9rqnXRdohue6Ig3sv3Wyz1X6G0SB03FiuFmIXc4EwwnN75%2BiJujvMnyLFApGmXM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e443aa4be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/ARLRDBD.woff

188.114.97.1

200 OK

30 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/ARLRDBD.woff
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format, TrueType, length 30168, version 0.0
Size
30 kB (30168 bytes)
Hash
98a0555d842e1fa47889f2bae6f00caa
32d07935758bb94eb0ffa35398a5886837612e5d
37b8efec9a531814820b3420e24c3e56f3a7ac6baf5bc29338ae940ecb5cc0b5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/ARLRDBD.woff HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 30168
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-75d8"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 5280
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79pWx02zlCsCEzPKA%2BpkPVaJAN5TSGI025waXDtSmoAYJi2MljDDqBVO6bttp2EgGmzXFf5UZeglt5rAPKxadq%2BjNrWZsFisiGzZ%2FivPsedPPJSgyI4IaRFlI0KwofsjciE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e443aafbe49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11056, version 1.0
Size
11 kB (11056 bytes)
Hash
07db243db21ed0a6b4ff05ff429686b7
5d62925fdd7ed8e80f206d095ed093994f13d276
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 11056
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b30"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ocphA%2BS4FraTxGe5N7vGx9KUA9Gg691Gcc6EeQ1sHHlp2oFwD9DNnksb00ZWaEmkxgQsCK%2BfTOCW0W4gptmsBj5xoZzRujssLH%2B3n%2BlIdcsOZl3qVmx1IyMS55oZCxUgdPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e443ab2be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2

188.114.97.1

200 OK

7.9 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7924, version 1.0
Size
7.9 kB (7924 bytes)
Hash
5d39c40b5f1d878434af6212575d928a
3485c7ae4231075e5b7424e73c8626fdca02e0ad
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 7924
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1ef4"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=csmEqNzXCttVeqQAllmFY3yGnu%2F0p5omLD1cqdGYQhn1qYwz%2FMFSTs3t4fZFzo%2FLC%2BahUju8jG3b8p2qM0Mcv%2B%2BLC132ki7PNB%2FTq7ncpNF1pzsoeDMCfeZjS%2BuRRzQ1yC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e448b30be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/qr-code-styling-ogpV7fl-.js

188.114.97.1

200 OK

66 kB

URL GET HTTP/3
web-telegram.ru/qr-code-styling-ogpV7fl-.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type

Size
66 kB (66079 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/pageSignQR-HABfjaL3.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-1021f"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0DnYE1stphLkcaE5aA3ZdrwpkIBDhpBZUNdi2WO7b3dkwZZm08%2FskfpL0WuG5TH46DLCOlAR%2FtMLxnd%2Budj6Eq2vUfoCeGydDxApoTaaHwnOjo5AZKTavm7iSooWMucIfy0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e418f81be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/

188.114.97.1

200 OK

17 kB

URL User Request GET HTTP/2
web-telegram.ru/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type

Size
17 kB (17084 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET / HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 05:36:06 GMT
content-type: text/html; charset=UTF-8
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
strict-transport-security: max-age=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RBO0s2Lr9Um8zM3%2F4OMOdzd7eEPTK5OZdwF04Nwl9oClJaLlodZG7E%2BMLs8UPFraEDejjQsNvO1YHwuY%2BFEFbCRJZm8xeOR7d5DlsmyoqG8epZKR31LCwp271%2FLZ7cq2DU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875a0e3b2ee010b1-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

web-telegram.ru/page-O0cMknm3.js

188.114.97.1

200 OK

9.4 kB

URL GET HTTP/3
web-telegram.ru/page-O0cMknm3.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (9607), with no line terminators
Size
9.4 kB (9380 bytes)
Hash
cf00e23ed444e4f10941bd86fb4cdda9
b5bdc06caddb65a28eb7deaba0f82354c3a7a107
e481fa2da8f26b149f20bb67cadbdb8fead01ff60f62cf4aee02e3d98324d4f9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /page-O0cMknm3.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/pageSignQR-HABfjaL3.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-24a4"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oH5NaJ8%2BdhHKke%2F1%2BJNbQOyacAueN82iyUhLkYMTpn%2BUyeHO%2B%2FrxUgUlIYZ8XsdphVfpq1e9YWXEMbfob5DcjjkbA1A%2BGA34lqgZgMaKa6YdVlISYI4ragkzwC8QTHEBSCg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e412eedbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/button-8koK4gBD.js

188.114.97.1

200 OK

6.0 kB

URL GET HTTP/3
web-telegram.ru/button-8koK4gBD.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (6677), with no line terminators
Size
6.0 kB (6028 bytes)
Hash
8def4a2b6c69f1b62bd63bc64a39f466
5d4d23ac7aaf6b48e364645414a5d4b0f56122c2
148aabbc90e0cbe287fbd118361c300872dd6ec163e4626a6cd1d48d78a71691

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /button-8koK4gBD.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/pageSignQR-HABfjaL3.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-178c"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zLruaB%2Fs6p3Q2EzOkur%2FxnNEeKUcZUCIX3DmP0hn%2BoKKFGKdEcwwFzbNLEkBbql1pwg%2FBntOMnDK1h8UEollPr4p%2Bq%2FSVAq1JOrFj%2B9WR59m6kYugBTYSu%2FTRnRtZRA%2Bc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e412eefbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/putPreloader-N7lV1HM2.js

188.114.97.1

200 OK

649 B

URL GET HTTP/3
web-telegram.ru/putPreloader-N7lV1HM2.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (685), with no line terminators
Size
649 B (649 bytes)
Hash
fae249ae8736296e6c55277ba534274f
51dd259417a3a666475be453001703b3efba81ff
84682e8c200b1a12af338f701700574d722c4e9659a47087399dbbca4aba8cc3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /putPreloader-N7lV1HM2.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/pageSignQR-HABfjaL3.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-289"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTphTi%2FBBF9WrcfgM%2FHP5ib2kZBU3XE8VW3W8sijBGuovlWk4ODlq7bswsvamJrahM%2B49Mb%2FvkaBCLmucspZkfeucEIPCbRFTfYUlvl3gf94KLGT58Al1IHVx1ZPrfLJIig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e412ef3be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/img/favicon-16x16.png?v=jw3mK7G9Ry

188.114.97.1

200 OK

1.0 kB

URL GET HTTP/3
web-telegram.ru/assets/img/favicon-16x16.png?v=jw3mK7G9Ry
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.0 kB (1012 bytes)
Hash
e3ce05eb00b3215df220efaf0fd06e21
d1533966f79dc2984c34317035f31cf3c91298c9
0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21

HTTP Headers

GET /assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: image/png
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-3f4"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 6308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0woISE5zUuhg7IWc3KP6Ct5zUFxoJoge5Qxruqg6Z%2B6LkTGAUme3FVVUO%2BPThdJqSYYK%2FtWtA4kbbCE%2FQHqSeuursoZR9Nfg%2FYc8cvAgFO%2B0r8Q3A%2F6p3XrSxqwMCxQMjM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f4cc9be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/textToSvgURL-Z4O-nL1S.js

188.114.97.1

200 OK

307 B

URL GET HTTP/3
web-telegram.ru/textToSvgURL-Z4O-nL1S.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (310), with no line terminators
Size
307 B (307 bytes)
Hash
21cac73a9ed9447cc0aa4aa00e964b76
0bf1ee4576160dc06237923f4c7d05854848ff8d
3881af425617b512084ac2fbd69ec9252e8f65d60c82f3105c314233c947d3de

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/pageSignQR-HABfjaL3.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: W/"6600f8ec-133"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obNmxxjP7GahEQR2uQU4dhSXJLK3BgUD%2FwY4wePv1q3skwBCEZSRq5Ig4OcjV86B7McyKHChhGNdwdI5v7PohWDNHVAkQLcBrtqB0NxuKXUUg8j6T3kMmovOyHOCQT6mFgY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e412ef4be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/countries-lRU-UavE.js

188.114.97.1

200 OK

24 kB

URL GET HTTP/3
web-telegram.ru/countries-lRU-UavE.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type

Size
24 kB (24050 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /countries-lRU-UavE.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-pkJe6Hzm.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-5df2"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPQpGAV0vEj2Y3IHOC8JuCtmzTsBoUwTj3HVHn0xBVF4NUSqqxOpPx6SGnO7Tzlzu1sMBThDZrDYjdtsp9hd26CjxKyg88WZ4vEc6%2FDbvuOxE71O7LIs2XZ%2F6qCGndU%2Bzec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f7cfbbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/fonts/tgico.ttf?f5h750

188.114.97.1

200 OK

87 kB

URL GET HTTP/3
web-telegram.ru/assets/fonts/tgico.ttf?f5h750
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tgico
Size
87 kB (86660 bytes)
Hash
3e55ca46cf08759b846b48b0d97bd3b5
d0d834f437b4459989c6d8130978d7cf93695973
89e2a713e168c019894383b81a9ada206ee783fd87560b4339b68c5936b00d97

HTTP Headers

GET /assets/fonts/tgico.ttf?f5h750 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 86660
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-15284"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 6957
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jfzJEUtBwdp%2FTCtbeCoE3KtZTGblF4CXJHCTLXY2hSfAIkf3GvJRWqbeHaOt7qHOQoNSADzcUdYWMg8sJjUKwNaFfIOok4Am%2FRfzYcZwfNpjYQctYWE8NPb8NMlynFBvaso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e4298d1be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/img/logo_padded.svg

188.114.97.1

200 OK

1.1 kB

URL GET HTTP/3
web-telegram.ru/assets/img/logo_padded.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1069 bytes)
Hash
4c0b48654a4881c325148a5e00964160
d7d21756c9dd4c1bf4d97087811745aad60506a0
7583a3643a9480ab4d81dd46b700cf3a38ebdd94af1a6059d2b6a3ecff8a65c5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/img/logo_padded.svg HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:10 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-42d"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 552
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpvPqTUOuDIhCFwEDYf6Mh9MuolBXCEVhfNpvbvovGIro5aZEZVFFBqQ18ymHXmCPkt39h8kYiXWxPApxlqQHjUX11qfX1O1ffqycSwNH1KN%2FTe%2F6tnA%2BrLSHpxzMrj0uMc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e4f9efabe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/textToSvgURL-Z4O-nL1S.js

188.114.97.1

200 OK

307 B

URL GET HTTP/3
web-telegram.ru/textToSvgURL-Z4O-nL1S.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (310), with no line terminators
Size
307 B (307 bytes)
Hash
21cac73a9ed9447cc0aa4aa00e964b76
0bf1ee4576160dc06237923f4c7d05854848ff8d
3881af425617b512084ac2fbd69ec9252e8f65d60c82f3105c314233c947d3de

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: W/"6600f8ec-133"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Op4bMfoNupEfXt8RX4Ue3XBA%2BfE%2F2Gp9o65c57ncYmtgsd5NOlzCW5cKOh%2BpSspjwzlR2k8f6iahajpsVHWOfOWKtGv271pXGbnaNKH8rjoNL%2BSlk0ThxXJoR7IIdf3OJ88%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e406e0bbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/pageSignQR-HABfjaL3.js

188.114.97.1

200 OK

5.6 kB

URL GET HTTP/3
web-telegram.ru/pageSignQR-HABfjaL3.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (5796), with no line terminators
Size
5.6 kB (5632 bytes)
Hash
307a33ee7f4a949b0f2f02202515c3f4
3090be90d76f5da9a310b6f3aeaa431aac14c98c
12916d77690a0e9fe02f6e57f8fc591b13aee188aae61b795171129cfded9e36

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /pageSignQR-HABfjaL3.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-pkJe6Hzm.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-1600"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZXpELteZThxPDm9YPurf2XyOJ7EBFob9HLvuSuSjxqZdtXWfvdVchcKnSe90iWVjpBwqxVfQ97%2Bfy%2BAI92UEsADGwLbKZHahpwalypIqb%2Fj8ziBBfiSpECF92%2FdsuULn2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e406e0dbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/crypto.worker-T8uEdtAd.js

188.114.97.1

200 OK

69 kB

URL GET HTTP/3
web-telegram.ru/crypto.worker-T8uEdtAd.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
69 kB (68815 bytes)
Hash
cc64c20bd4bcfc96eb541efd35519169
cc09495ab449ed2e6507812009650f27b29e097b
ab327886bebbe07733ff2b6e3982afc4e2cfb472e76da946ad28a4c35a1f2ff9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /crypto.worker-T8uEdtAd.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-10ccf"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 6956
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmlWRoDTrgmujyTVRbXZ5mHp5jmqz%2BQhhpVsV9BrGpT4xzQrsd3GMCI7wcgdvcJ0c3xWEKXLb9RsxFPOcCNghEKfglNUGqezkcLDG2HKFqdHXC7alUAOwEYnW9YvxXcT9x8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f0c86be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry

188.114.97.1

200 OK

9.0 kB

URL GET HTTP/3
web-telegram.ru/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
9.0 kB (9024 bytes)
Hash
87fecdadac0beb95f9b7c87b3b3236f0
822f92446c0033a32462aa21208efaef1f0d8c3c
25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b

HTTP Headers

GET /assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: image/png
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-2340"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 6129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOGOdTrfbKL4rT7nt2v%2BIHagdlJw%2FMmWfRvYha9fgRbpXOtezW%2ByKh%2FLy1GwsuCn8q%2FaiibMIbaVv8MeHbEC9EYghQJRBT%2BESNB0nwDzy6LKfsVUPArMi%2FAlj0i1nsuqIro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f4cc6be49-CPH
alt-svc: h3=":443"; ma=86400

web-telegram.ru/pageSignQR-HABfjaL3.js

188.114.97.1

200 OK

5.6 kB

URL GET HTTP/3
web-telegram.ru/pageSignQR-HABfjaL3.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (5796), with no line terminators
Size
5.6 kB (5632 bytes)
Hash
307a33ee7f4a949b0f2f02202515c3f4
3090be90d76f5da9a310b6f3aeaa431aac14c98c
12916d77690a0e9fe02f6e57f8fc591b13aee188aae61b795171129cfded9e36

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /pageSignQR-HABfjaL3.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-1600"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jChFqyehJIF3Ml6Ns4z0mPnoNN2krSUCKtzvyQtouDaM4aJ6D3q%2FcKogw92kYTcYPeTVXLL2jKNuFRD%2B9%2BdgrvbDs9f99ecnQF1MK4M0f0Zozrt8wWO7hmDmxPtDUzt7Zik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e405df8be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/page-O0cMknm3.js

188.114.97.1

200 OK

9.4 kB

URL GET HTTP/3
web-telegram.ru/page-O0cMknm3.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (9607), with no line terminators
Size
9.4 kB (9380 bytes)
Hash
cf00e23ed444e4f10941bd86fb4cdda9
b5bdc06caddb65a28eb7deaba0f82354c3a7a107
e481fa2da8f26b149f20bb67cadbdb8fead01ff60f62cf4aee02e3d98324d4f9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /page-O0cMknm3.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-24a4"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bWg2%2BkynqxulH8Dznd4bBAaGUMLt60Y9NbRxVzpHUKmPwA3zZeAblRXtwWLQZ8LPNWz%2BG9oLNroTu0Oc2Rm1yPFGh%2Ff9nh0o6iB5BoNv9mk25J8JuVz7C5%2BMPKf%2FlRyF0d8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e405dfdbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/index-pkJe6Hzm.js

188.114.97.1

200 OK

139 kB

URL GET HTTP/3
web-telegram.ru/index-pkJe6Hzm.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type

Size
139 kB (138837 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /index-pkJe6Hzm.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-21e55"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aqbK795NwTVhDky9g9D0Ijsa06IFSddguD8UhPGxF8pbELTaOzaVNvtwJxy4fV0TBHsCmKH6O6vfutzc7J2JPkm1WgbJFpzyNpnU%2BJlM35yet52S7VnkofTAXvreLaSkZ1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3cca2cbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/button-8koK4gBD.js

188.114.97.1

200 OK

6.0 kB

URL GET HTTP/3
web-telegram.ru/button-8koK4gBD.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (6677), with no line terminators
Size
6.0 kB (6028 bytes)
Hash
8def4a2b6c69f1b62bd63bc64a39f466
5d4d23ac7aaf6b48e364645414a5d4b0f56122c2
148aabbc90e0cbe287fbd118361c300872dd6ec163e4626a6cd1d48d78a71691

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /button-8koK4gBD.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-178c"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBaE3o8xaHjCtIXq450ZjlbIJXHHzfFIyyLBmNf98pmUZUOguyoWK8II7E1gKYWFrCU42YGWt9ZDVE3aUpPRpPyYq1gujr%2FlIu9ClJkaREgBmtd3FnAWXKwKrjud8T6Y5ZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e406e06be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/putPreloader-N7lV1HM2.js

188.114.97.1

200 OK

649 B

URL GET HTTP/3
web-telegram.ru/putPreloader-N7lV1HM2.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type
ASCII text, with very long lines (685), with no line terminators
Size
649 B (649 bytes)
Hash
fae249ae8736296e6c55277ba534274f
51dd259417a3a666475be453001703b3efba81ff
84682e8c200b1a12af338f701700574d722c4e9659a47087399dbbca4aba8cc3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /putPreloader-N7lV1HM2.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-289"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JlDFFM1sZd%2FAw%2B3xAkVtLcsChnLxDWHNoFiloWBPwEujYfrdd8W5s97nLUvEEJLsiaHp5MGBEhsJFg2ZVLLCgbuYfonR%2Bx8s%2BzIyH4Nmut29hpuGTaRwC7aTEhhfNJdNfa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e406e08be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

web-telegram.ru/qr-code-styling-ogpV7fl-.js

188.114.97.1

200 OK

66 kB

URL GET HTTP/3
web-telegram.ru/qr-code-styling-ogpV7fl-.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-telegram.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-telegram.ru
Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90
ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT

File type

Size
66 kB (66079 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-1021f"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvwKyxrLf%2FUXd%2BOaj%2BGxsyRXztR4Y8c6%2FExEo3RNbGWeaoTcQz6OjNWLs04NP0sZ24cIMwvRPZ8ami5v3EMNjX35MP3wKk3gfKt1%2FHy%2BvXUj400PZIYXoPDJhrJFpbnOH8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e417f73be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML