| web-telegram.ru/index-e7WK_YV_.css | 188.114.97.1 | 200 OK | 114 kB |
URL GET HTTP/3web-telegram.ru/index-e7WK_YV_.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size114 kB (113473 bytes) Hash5e91b3539458da372c13b0a1fa4e3648 ff5d50966101f2078d8b3ccf862b45950b26dd6f 5a20a4520ea2699487e9b7ca7ecafee626130b72d809a4032b6e84b23c32f9b7
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /index-e7WK_YV_.css HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: text/css
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-71216"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 6271
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r78S1bQZTBxT7GXIa4wWDriA5f6ssiUqNwF3yii%2BdQLL%2BNlAMEP0v%2FyRKLP%2F5POsQgXuVFNYE2FpIMZ6KEMgj6BZCKHj1Lkt1W2ubMGIfk%2BAvL0kONuYWTiQKpy9ZKY%2F%2F3U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3cca2ebe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 11016
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b08"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsHW1oYVRhbdQUqPXHmEoDtdFdtpM5jGa2b%2FFRjsMcOKMrXDLokCPe60CPY7P%2F4P7CuWtytkSTh9pEeVDVfMGDbbGk1LICEooKc46nAwwzroAMIJrYHcBY1oSs3qUfrp2gE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3edc47be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 11056
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b30"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbXKZUa7W3Lj4s%2BqeupY9E20uxzCCx4gDveOjVNBEQPqL%2FhpHoSMPFfMTQHhtduN6AQsqPQ1MfpGMF0DvzIKnWxxQHsBJ4seGeFySRDoCbytN2%2Btoa0qyfavrww7ZePSWVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3eec53be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 11056
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b30"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yuTDIRhot6ePbvxW3uQha7528poIjKU%2BFO%2FO3TPhaTT2b%2FWgUz7Z8KJPFe5c7QK1EwOIY21jDY703Q8%2B8DXg111yG4T9RtJNqmnSvrsh8ss2o2%2FX%2BbVNGT4A8g2lIgubmfY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3eec5dbe49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2 | 188.114.97.1 | 200 OK | 7.9 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7924, version 1.0 Hash5d39c40b5f1d878434af6212575d928a 3485c7ae4231075e5b7424e73c8626fdca02e0ad ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 7924
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1ef4"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5YhuboIETLrukf5BcjTuHZIZdqkd6NymXyImlW%2B8hefSkMMQYKXYdXRKpYJXTZRymuYa7VD2Fxa%2F7%2FA0Irma8h1RGpFswPsR9hEFKL0tCf90244qkZbuJIWg6NC96ZCuFvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f5cd6be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 | 188.114.97.1 | 200 OK | 8.0 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8024, version 1.0 Hash073578b7f22768baa58cf9a87380538a 702b779b7ea064cc4713f2234dc74b1097aee389 f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 8024
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1f58"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JlHFGDgFVN5pLOSTXbYtyNsflZo2JHkoGwmBw5G7AwVNspohtzJekxljc%2BYkenqHC5u6udWoX%2BIfjLvuYZQLdFxuiOOTUZHi7gUZd6cazq%2FwblZvgC%2BHy1iKNChFfd1Htp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f5cdebe49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2 | 188.114.97.1 | 200 OK | 6.9 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 6864, version 1.0 Hash2efb23d70eb9a590216a126ce28120b0 27786db7735f04a4d59ad023fd327d2dea51ae68 af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 6864
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1ad0"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3991
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEvUefP5xgI9svND6arRgJDJqyk3CB0cRH%2B%2FoTJ9UbR2EGgCBVf%2BISoVOotKPfD%2Fxi46pWkFhBxOiUbgJg0ekPVgc5phcvbI%2F7n%2BznR3%2FtUwdP%2BdMKbbNmSFKQUJMSkuR5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3fad4ebe49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2 | 188.114.97.1 | 200 OK | 6.7 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 6720, version 1.0 Hashddbe8450ae34795dee574854e9b01533 5c9aaeb1b9de21b0fb4c7d9b92276dc5ab81b8ab daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/octet-stream
content-length: 6720
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1a40"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1LiADIk4KvMFmY%2BDDQEblPjv4eBu%2FembpC%2Bk0uF9J2W54iSG8IrmKFP%2F%2FDhXL7sn4wB2214ZACTlGEfEQH3DEGqC5xtTXfpdgnyXCArC47GiyzQKrCmsfnxeVlEd4NI0xmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3fbd61be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/langSign-lcKrqmwM.js | 188.114.97.1 | 200 OK | 938 B |
URL GET HTTP/3web-telegram.ru/langSign-lcKrqmwM.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (895) Hashe7f62a99dcb3f9c2a049d2ebd8bb4d59 78887e1dc5ecba306c5fe75dab193ef33d0823c2 3667812550b378f960a3e072dab1cd6cd27275106ceca72f4038b8ed4fdd979d
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /langSign-lcKrqmwM.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-pkJe6Hzm.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-640"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=126iABOrndln3i1OyC9RaD2Qgegf4QAJTU4sz1VIgR1M74ynIM6CnT%2B5PqX%2Bl2DjSv4nex3aVcJmjx3L%2F5hFEH1ZcZZ8V8mlw8mDcWohzzZDsUBaWdwADXfxEPIo6cZG8d8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f6cefbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| venus.web.telegram.org/apiw1 | 149.154.167.99 | | 169 B |
URL venus.web.telegram.org/apiw1 IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
Content-Length: 0
Origin: https://web-telegram.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: text/html
content-length: 169
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://web-telegram.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VFi/MKSDhvg6r0r00qrnWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 05:36:08 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6D4zIrB9B8CLfsgBsRRJLjVZxWc=
Sec-WebSocket-Protocol: binary
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://web-telegram.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /QUY5JTRBYBx2SH3k8rn5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 05:36:08 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lg+ZPKFO/IeZYiyA4F+bbKv9Ox8=
Sec-WebSocket-Protocol: binary
|
|
| venus.web.telegram.org/apiw1 | 149.154.167.99 | | 169 B |
URL venus.web.telegram.org/apiw1 IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
Content-Length: 0
Origin: https://web-telegram.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: text/html
content-length: 169
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| web-telegram.ru/_commonjsHelpers-5-cIlDoe.js | 188.114.97.1 | 200 OK | 87 kB |
URL GET HTTP/3web-telegram.ru/_commonjsHelpers-5-cIlDoe.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
Hash146eaf85c344cee008c91f2685dbf82f 42d63529a2c0f2f9cc2b797622f6a3a71cae3e66 9625379badd4849610dfe6c15453cdf0c0071264c90eef177307fac094d2aa6c
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /_commonjsHelpers-5-cIlDoe.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/qr-code-styling-ogpV7fl-.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-ec"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d7lHDc6l7ar1rL89Szn2R1CYSACohKFYSo%2FPw8a6s9DLWN1dZs72PYSGzPjINVZ6r36MRYfChtb6KIJF48FdbqqroJd5ztxtKatuAvovA%2BXU0GkugOjU2Ahf84ewSrcQC6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e42486dbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://web-telegram.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eATrlQ7jdWMI3U/1d7B+Xw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 05:36:08 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fQz+rZJ0Gj8cOmrckYEmSYfsV3Q=
Sec-WebSocket-Protocol: binary
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://web-telegram.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e9e8INsH5i7OSrg2a0HwUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 05:36:08 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zUX+2Ps4jbC0JfzR92/3HRJnwkA=
Sec-WebSocket-Protocol: binary
|
|
| web-telegram.ru/lang-sYHkNrVb.js | 188.114.97.1 | 200 OK | 45 kB |
URL GET HTTP/3web-telegram.ru/lang-sYHkNrVb.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeUnicode text, UTF-8 text, with very long lines (14604) Hash4ca13f3cb7b94678aa1434758f912b41 c7e25d84fce87a3fca40939138f4897f9c5633b7 30f129385b37fecc18bf24e9c59c6f3411e3448f5618468dfa2c3255ae0a9aef
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /lang-sYHkNrVb.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-pkJe6Hzm.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-1d57f"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dib7U0xS4N3IX3xIQqgCmWQ2IbVPMp6U77Y6UN7jYIRRjFpMItWpgcQbUy4EWi5DEyJRBsbO6U5ZRv9C5fsubDtfvZVvgxjSelSXj5LdP7mYRAt5sMdXuJ2KpBCB23Xe2uQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f6cecbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 11016
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b08"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qa1lF1wYfyY273BQfYur0u%2FxKpRlKb6SiyVMkSk6MVT6vzpyi0I%2B8PDObb3hNBoOljI%2Bm6kNqqFV2SEOUrAcpH44KhSJ2XSHZOzz9lRQR8Bt0nKgvDKbEvAy5xjCPJqQUAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e442a8dbe49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 11056
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b30"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbrwHhjsYM0920G8MGeCeT8TyWBoAgzF6VBg4wCfr2C9ibpjbSb8JpvIBrdTnv8DI76t1u8K%2BEp7bShElTpEsImSWI%2FaNzwQIu7DW%2BHnf9R87tRwY3BBHe9Cv%2BqNVv%2BdJxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e443aa0be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 | 188.114.97.1 | 200 OK | 8.0 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8024, version 1.0 Hash073578b7f22768baa58cf9a87380538a 702b779b7ea064cc4713f2234dc74b1097aee389 f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 8024
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1f58"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CI0f1vybOUVnCNXv8jNo1YoO6uW2K%2B9DjSsD4klyHJkDLpw%2BOpt2n47ErVNJOT5WazAn9rqnXRdohue6Ig3sv3Wyz1X6G0SB03FiuFmIXc4EwwnN75%2BiJujvMnyLFApGmXM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e443aa4be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/ARLRDBD.woff | 188.114.97.1 | 200 OK | 30 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/ARLRDBD.woff IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format, TrueType, length 30168, version 0.0 Hash98a0555d842e1fa47889f2bae6f00caa 32d07935758bb94eb0ffa35398a5886837612e5d 37b8efec9a531814820b3420e24c3e56f3a7ac6baf5bc29338ae940ecb5cc0b5
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/ARLRDBD.woff HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 30168
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-75d8"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 5280
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79pWx02zlCsCEzPKA%2BpkPVaJAN5TSGI025waXDtSmoAYJi2MljDDqBVO6bttp2EgGmzXFf5UZeglt5rAPKxadq%2BjNrWZsFisiGzZ%2FivPsedPPJSgyI4IaRFlI0KwofsjciE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e443aafbe49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 11056
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-2b30"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ocphA%2BS4FraTxGe5N7vGx9KUA9Gg691Gcc6EeQ1sHHlp2oFwD9DNnksb00ZWaEmkxgQsCK%2BfTOCW0W4gptmsBj5xoZzRujssLH%2B3n%2BlIdcsOZl3qVmx1IyMS55oZCxUgdPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e443ab2be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2 | 188.114.97.1 | 200 OK | 7.9 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7924, version 1.0 Hash5d39c40b5f1d878434af6212575d928a 3485c7ae4231075e5b7424e73c8626fdca02e0ad ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 7924
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-1ef4"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 3271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=csmEqNzXCttVeqQAllmFY3yGnu%2F0p5omLD1cqdGYQhn1qYwz%2FMFSTs3t4fZFzo%2FLC%2BahUju8jG3b8p2qM0Mcv%2B%2BLC132ki7PNB%2FTq7ncpNF1pzsoeDMCfeZjS%2BuRRzQ1yC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e448b30be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/qr-code-styling-ogpV7fl-.js | 188.114.97.1 | 200 OK | 66 kB |
URL GET HTTP/3web-telegram.ru/qr-code-styling-ogpV7fl-.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/pageSignQR-HABfjaL3.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-1021f"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0DnYE1stphLkcaE5aA3ZdrwpkIBDhpBZUNdi2WO7b3dkwZZm08%2FskfpL0WuG5TH46DLCOlAR%2FtMLxnd%2Budj6Eq2vUfoCeGydDxApoTaaHwnOjo5AZKTavm7iSooWMucIfy0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e418f81be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.97.1 | 200 OK | 17 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET / HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 05:36:06 GMT
content-type: text/html; charset=UTF-8
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
strict-transport-security: max-age=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RBO0s2Lr9Um8zM3%2F4OMOdzd7eEPTK5OZdwF04Nwl9oClJaLlodZG7E%2BMLs8UPFraEDejjQsNvO1YHwuY%2BFEFbCRJZm8xeOR7d5DlsmyoqG8epZKR31LCwp271%2FLZ7cq2DU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875a0e3b2ee010b1-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| web-telegram.ru/page-O0cMknm3.js | 188.114.97.1 | 200 OK | 9.4 kB |
URL GET HTTP/3web-telegram.ru/page-O0cMknm3.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (9607), with no line terminators Hashcf00e23ed444e4f10941bd86fb4cdda9 b5bdc06caddb65a28eb7deaba0f82354c3a7a107 e481fa2da8f26b149f20bb67cadbdb8fead01ff60f62cf4aee02e3d98324d4f9
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /page-O0cMknm3.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/pageSignQR-HABfjaL3.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-24a4"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oH5NaJ8%2BdhHKke%2F1%2BJNbQOyacAueN82iyUhLkYMTpn%2BUyeHO%2B%2FrxUgUlIYZ8XsdphVfpq1e9YWXEMbfob5DcjjkbA1A%2BGA34lqgZgMaKa6YdVlISYI4ragkzwC8QTHEBSCg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e412eedbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/button-8koK4gBD.js | 188.114.97.1 | 200 OK | 6.0 kB |
URL GET HTTP/3web-telegram.ru/button-8koK4gBD.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (6677), with no line terminators Hash8def4a2b6c69f1b62bd63bc64a39f466 5d4d23ac7aaf6b48e364645414a5d4b0f56122c2 148aabbc90e0cbe287fbd118361c300872dd6ec163e4626a6cd1d48d78a71691
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /button-8koK4gBD.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/pageSignQR-HABfjaL3.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-178c"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zLruaB%2Fs6p3Q2EzOkur%2FxnNEeKUcZUCIX3DmP0hn%2BoKKFGKdEcwwFzbNLEkBbql1pwg%2FBntOMnDK1h8UEollPr4p%2Bq%2FSVAq1JOrFj%2B9WR59m6kYugBTYSu%2FTRnRtZRA%2Bc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e412eefbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/putPreloader-N7lV1HM2.js | 188.114.97.1 | 200 OK | 649 B |
URL GET HTTP/3web-telegram.ru/putPreloader-N7lV1HM2.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (685), with no line terminators Hashfae249ae8736296e6c55277ba534274f 51dd259417a3a666475be453001703b3efba81ff 84682e8c200b1a12af338f701700574d722c4e9659a47087399dbbca4aba8cc3
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /putPreloader-N7lV1HM2.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/pageSignQR-HABfjaL3.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-289"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTphTi%2FBBF9WrcfgM%2FHP5ib2kZBU3XE8VW3W8sijBGuovlWk4ODlq7bswsvamJrahM%2B49Mb%2FvkaBCLmucspZkfeucEIPCbRFTfYUlvl3gf94KLGT58Al1IHVx1ZPrfLJIig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e412ef3be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/img/favicon-16x16.png?v=jw3mK7G9Ry | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3web-telegram.ru/assets/img/favicon-16x16.png?v=jw3mK7G9Ry IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe3ce05eb00b3215df220efaf0fd06e21 d1533966f79dc2984c34317035f31cf3c91298c9 0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
GET /assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: image/png
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-3f4"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 6308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0woISE5zUuhg7IWc3KP6Ct5zUFxoJoge5Qxruqg6Z%2B6LkTGAUme3FVVUO%2BPThdJqSYYK%2FtWtA4kbbCE%2FQHqSeuursoZR9Nfg%2FYc8cvAgFO%2B0r8Q3A%2F6p3XrSxqwMCxQMjM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f4cc9be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/textToSvgURL-Z4O-nL1S.js | 188.114.97.1 | 200 OK | 307 B |
URL GET HTTP/3web-telegram.ru/textToSvgURL-Z4O-nL1S.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (310), with no line terminators Hash21cac73a9ed9447cc0aa4aa00e964b76 0bf1ee4576160dc06237923f4c7d05854848ff8d 3881af425617b512084ac2fbd69ec9252e8f65d60c82f3105c314233c947d3de
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/pageSignQR-HABfjaL3.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: W/"6600f8ec-133"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obNmxxjP7GahEQR2uQU4dhSXJLK3BgUD%2FwY4wePv1q3skwBCEZSRq5Ig4OcjV86B7McyKHChhGNdwdI5v7PohWDNHVAkQLcBrtqB0NxuKXUUg8j6T3kMmovOyHOCQT6mFgY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e412ef4be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/countries-lRU-UavE.js | 188.114.97.1 | 200 OK | 24 kB |
URL GET HTTP/3web-telegram.ru/countries-lRU-UavE.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /countries-lRU-UavE.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-pkJe6Hzm.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-5df2"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPQpGAV0vEj2Y3IHOC8JuCtmzTsBoUwTj3HVHn0xBVF4NUSqqxOpPx6SGnO7Tzlzu1sMBThDZrDYjdtsp9hd26CjxKyg88WZ4vEc6%2FDbvuOxE71O7LIs2XZ%2F6qCGndU%2Bzec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f7cfbbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/fonts/tgico.ttf?f5h750 | 188.114.97.1 | 200 OK | 87 kB |
URL GET HTTP/3web-telegram.ru/assets/fonts/tgico.ttf?f5h750 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tgico Hash3e55ca46cf08759b846b48b0d97bd3b5 d0d834f437b4459989c6d8130978d7cf93695973 89e2a713e168c019894383b81a9ada206ee783fd87560b4339b68c5936b00d97
GET /assets/fonts/tgico.ttf?f5h750 HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-e7WK_YV_.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:08 GMT
content-type: application/octet-stream
content-length: 86660
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: "6600f8ec-15284"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 6957
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jfzJEUtBwdp%2FTCtbeCoE3KtZTGblF4CXJHCTLXY2hSfAIkf3GvJRWqbeHaOt7qHOQoNSADzcUdYWMg8sJjUKwNaFfIOok4Am%2FRfzYcZwfNpjYQctYWE8NPb8NMlynFBvaso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e4298d1be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/img/logo_padded.svg | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/3web-telegram.ru/assets/img/logo_padded.svg IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeSVG Scalable Vector Graphics image Hash4c0b48654a4881c325148a5e00964160 d7d21756c9dd4c1bf4d97087811745aad60506a0 7583a3643a9480ab4d81dd46b700cf3a38ebdd94af1a6059d2b6a3ecff8a65c5
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/img/logo_padded.svg HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:10 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-42d"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 552
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpvPqTUOuDIhCFwEDYf6Mh9MuolBXCEVhfNpvbvovGIro5aZEZVFFBqQ18ymHXmCPkt39h8kYiXWxPApxlqQHjUX11qfX1O1ffqycSwNH1KN%2FTe%2F6tnA%2BrLSHpxzMrj0uMc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e4f9efabe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/textToSvgURL-Z4O-nL1S.js | 188.114.97.1 | 200 OK | 307 B |
URL GET HTTP/3web-telegram.ru/textToSvgURL-Z4O-nL1S.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (310), with no line terminators Hash21cac73a9ed9447cc0aa4aa00e964b76 0bf1ee4576160dc06237923f4c7d05854848ff8d 3881af425617b512084ac2fbd69ec9252e8f65d60c82f3105c314233c947d3de
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:16 GMT
etag: W/"6600f8ec-133"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Op4bMfoNupEfXt8RX4Ue3XBA%2BfE%2F2Gp9o65c57ncYmtgsd5NOlzCW5cKOh%2BpSspjwzlR2k8f6iahajpsVHWOfOWKtGv271pXGbnaNKH8rjoNL%2BSlk0ThxXJoR7IIdf3OJ88%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e406e0bbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/pageSignQR-HABfjaL3.js | 188.114.97.1 | 200 OK | 5.6 kB |
URL GET HTTP/3web-telegram.ru/pageSignQR-HABfjaL3.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (5796), with no line terminators Hash307a33ee7f4a949b0f2f02202515c3f4 3090be90d76f5da9a310b6f3aeaa431aac14c98c 12916d77690a0e9fe02f6e57f8fc591b13aee188aae61b795171129cfded9e36
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /pageSignQR-HABfjaL3.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/index-pkJe6Hzm.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-1600"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZXpELteZThxPDm9YPurf2XyOJ7EBFob9HLvuSuSjxqZdtXWfvdVchcKnSe90iWVjpBwqxVfQ97%2Bfy%2BAI92UEsADGwLbKZHahpwalypIqb%2Fj8ziBBfiSpECF92%2FdsuULn2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e406e0dbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/crypto.worker-T8uEdtAd.js | 188.114.97.1 | 200 OK | 69 kB |
URL GET HTTP/3web-telegram.ru/crypto.worker-T8uEdtAd.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashcc64c20bd4bcfc96eb541efd35519169 cc09495ab449ed2e6507812009650f27b29e097b ab327886bebbe07733ff2b6e3982afc4e2cfb472e76da946ad28a4c35a1f2ff9
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /crypto.worker-T8uEdtAd.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-10ccf"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 6956
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmlWRoDTrgmujyTVRbXZ5mHp5jmqz%2BQhhpVsV9BrGpT4xzQrsd3GMCI7wcgdvcJ0c3xWEKXLb9RsxFPOcCNghEKfglNUGqezkcLDG2HKFqdHXC7alUAOwEYnW9YvxXcT9x8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f0c86be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry | 188.114.97.1 | 200 OK | 9.0 kB |
URL GET HTTP/3web-telegram.ru/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash87fecdadac0beb95f9b7c87b3b3236f0 822f92446c0033a32462aa21208efaef1f0d8c3c 25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
GET /assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: image/png
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-2340"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 6129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOGOdTrfbKL4rT7nt2v%2BIHagdlJw%2FMmWfRvYha9fgRbpXOtezW%2ByKh%2FLy1GwsuCn8q%2FaiibMIbaVv8MeHbEC9EYghQJRBT%2BESNB0nwDzy6LKfsVUPArMi%2FAlj0i1nsuqIro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3f4cc6be49-CPH
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/pageSignQR-HABfjaL3.js | 188.114.97.1 | 200 OK | 5.6 kB |
URL GET HTTP/3web-telegram.ru/pageSignQR-HABfjaL3.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (5796), with no line terminators Hash307a33ee7f4a949b0f2f02202515c3f4 3090be90d76f5da9a310b6f3aeaa431aac14c98c 12916d77690a0e9fe02f6e57f8fc591b13aee188aae61b795171129cfded9e36
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /pageSignQR-HABfjaL3.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-1600"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jChFqyehJIF3Ml6Ns4z0mPnoNN2krSUCKtzvyQtouDaM4aJ6D3q%2FcKogw92kYTcYPeTVXLL2jKNuFRD%2B9%2BdgrvbDs9f99ecnQF1MK4M0f0Zozrt8wWO7hmDmxPtDUzt7Zik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e405df8be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/page-O0cMknm3.js | 188.114.97.1 | 200 OK | 9.4 kB |
URL GET HTTP/3web-telegram.ru/page-O0cMknm3.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (9607), with no line terminators Hashcf00e23ed444e4f10941bd86fb4cdda9 b5bdc06caddb65a28eb7deaba0f82354c3a7a107 e481fa2da8f26b149f20bb67cadbdb8fead01ff60f62cf4aee02e3d98324d4f9
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /page-O0cMknm3.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-24a4"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bWg2%2BkynqxulH8Dznd4bBAaGUMLt60Y9NbRxVzpHUKmPwA3zZeAblRXtwWLQZ8LPNWz%2BG9oLNroTu0Oc2Rm1yPFGh%2Ff9nh0o6iB5BoNv9mk25J8JuVz7C5%2BMPKf%2FlRyF0d8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e405dfdbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/index-pkJe6Hzm.js | 188.114.97.1 | 200 OK | 139 kB |
URL GET HTTP/3web-telegram.ru/index-pkJe6Hzm.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
Size139 kB (138837 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /index-pkJe6Hzm.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-telegram.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-21e55"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aqbK795NwTVhDky9g9D0Ijsa06IFSddguD8UhPGxF8pbELTaOzaVNvtwJxy4fV0TBHsCmKH6O6vfutzc7J2JPkm1WgbJFpzyNpnU%2BJlM35yet52S7VnkofTAXvreLaSkZ1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e3cca2cbe49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/button-8koK4gBD.js | 188.114.97.1 | 200 OK | 6.0 kB |
URL GET HTTP/3web-telegram.ru/button-8koK4gBD.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (6677), with no line terminators Hash8def4a2b6c69f1b62bd63bc64a39f466 5d4d23ac7aaf6b48e364645414a5d4b0f56122c2 148aabbc90e0cbe287fbd118361c300872dd6ec163e4626a6cd1d48d78a71691
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /button-8koK4gBD.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-178c"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBaE3o8xaHjCtIXq450ZjlbIJXHHzfFIyyLBmNf98pmUZUOguyoWK8II7E1gKYWFrCU42YGWt9ZDVE3aUpPRpPyYq1gujr%2FlIu9ClJkaREgBmtd3FnAWXKwKrjud8T6Y5ZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e406e06be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/putPreloader-N7lV1HM2.js | 188.114.97.1 | 200 OK | 649 B |
URL GET HTTP/3web-telegram.ru/putPreloader-N7lV1HM2.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
File typeASCII text, with very long lines (685), with no line terminators Hashfae249ae8736296e6c55277ba534274f 51dd259417a3a666475be453001703b3efba81ff 84682e8c200b1a12af338f701700574d722c4e9659a47087399dbbca4aba8cc3
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /putPreloader-N7lV1HM2.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-289"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: HIT
age: 4301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JlDFFM1sZd%2FAw%2B3xAkVtLcsChnLxDWHNoFiloWBPwEujYfrdd8W5s97nLUvEEJLsiaHp5MGBEhsJFg2ZVLLCgbuYfonR%2Bx8s%2BzIyH4Nmut29hpuGTaRwC7aTEhhfNJdNfa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e406e08be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web-telegram.ru/qr-code-styling-ogpV7fl-.js | 188.114.97.1 | 200 OK | 66 kB |
URL GET HTTP/3web-telegram.ru/qr-code-styling-ogpV7fl-.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectweb-telegram.ru Fingerprint50:4D:15:DC:64:50:29:19:EC:93:4D:6D:46:69:01:B9:B2:52:91:90 ValidityMon, 25 Mar 2024 06:35:29 GMT - Sun, 23 Jun 2024 06:35:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: web-telegram.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web-telegram.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:36:07 GMT
content-type: application/x-javascript
last-modified: Mon, 25 Mar 2024 04:09:14 GMT
etag: W/"6600f8ea-1021f"
strict-transport-security: max-age=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvwKyxrLf%2FUXd%2BOaj%2BGxsyRXztR4Y8c6%2FExEo3RNbGWeaoTcQz6OjNWLs04NP0sZ24cIMwvRPZ8ami5v3EMNjX35MP3wKk3gfKt1%2FHy%2BvXUj400PZIYXoPDJhrJFpbnOH8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a0e417f73be49-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|