| telegram.haibao.tw/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3telegram.haibao.tw/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/index-75cbdc15.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:55 GMT
content-type: application/octet-stream
content-length: 11016
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: "659941c2-2b08"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42fSlw4aMDf8kP3ehXZN6oEZncQJBazXApRxIzMdO11uUDLnpfq58v0SjwkfVWdV8FBXZ8QquZXtKP%2BXaJ45eUw90rlCAYH4ofN67v3pCltQ6vOoKZ2xtQPKG3hdKMp2h8BB560%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe81ee0f5696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/assets/img/favicon-16x16.png?v=jw3mK7G9Ry | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3telegram.haibao.tw/assets/img/favicon-16x16.png?v=jw3mK7G9Ry IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe3ce05eb00b3215df220efaf0fd06e21 d1533966f79dc2984c34317035f31cf3c91298c9 0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
GET /assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: image/png
content-length: 1012
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: "659941c2-3f4"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syQKmSts1jttlCBXAzMH9IQMJT3Hn9%2BABZZOm%2BhKps9AwJGwDeNGQjMj0vm4PMMEgjeywC4U%2B6kac9oc630gIUCU02JNR%2F606yt57xhu5SNoS8KhYvVRGZ9q3%2B%2F2aq2pQkiqo2E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe87d8855696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/crypto.worker-b2b2021e.js | 188.114.96.1 | 200 OK | 33 kB |
URL GET HTTP/3telegram.haibao.tw/crypto.worker-b2b2021e.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash55687bec6cfb8122879e7647ea9b6b7f cd8d30ffa8942628367456979d6cf51453b66c9e 49579442ef4643b0db19dbd6e309cc7c0764ecad9290cb9aa9ecab84e59656b3
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /crypto.worker-b2b2021e.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram.haibao.tw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-10cef"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iMogjQv2RuRsuYqNHGF1YJ8FTnsArc%2BzUIkubuVOfba7pyMAVcVzwas5tKFe2BQA8Hxt2Rz7TcbZUn7nHHAAy61fwc0vQm%2FEtlw7%2FYSv3%2FdSSAbOqlGKVNI5cm%2Fv%2FKISdBDMfIM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe81fe195696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/textToSvgURL-c6ebb454.js | 188.114.96.1 | 200 OK | 436 B |
URL GET HTTP/3telegram.haibao.tw/textToSvgURL-c6ebb454.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (306), with CRLF line terminators Hashe887eae33ac4e1bd999c9a755cbb1209 4fe727c86362778344a5a5966388df6d0e84de83 35df25f60b66bb4a61e5e6cfddc37e76a0fdab5fcdfa23fc6a661c91d9489060
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /textToSvgURL-c6ebb454.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram.haibao.tw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-167"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=izdU036Y9%2FEVThGhaa5s%2BwgQLWoR6SycExrBzcN6r6hxfszjiav%2BIMgONEk45H6VrgxXdmK8rIl1Ya2i7VjQN1XBCvsH%2Fhy6DchKHc0FA2dDF13cWoTwLeZbrnhTOisLxJDZZlo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe8908f15696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/index-ee5db018.js | 188.114.96.1 | 200 OK | 47 kB |
URL GET HTTP/3telegram.haibao.tw/index-ee5db018.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (63446), with no line terminators Hashfb8a7acddd1694afa6e6fd19eac34088 e971355011b4dac7192f99f1784c52c8bc4110dc 77049c518b6dc92516a27abf8c86ce715e1369bf6a40afcdba00ef447650c128
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /index-ee5db018.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:54 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-1e696"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPQsaQJ3gcBbvU4%2FAoSNWHv2VAZKqAtnOHnCKhwVmOU2z92Rv3wrd0brkA0bCOYq2nwLA4Iq%2FoF3PY31f3VnswOR1aqCrQ2vNpIPMwvzOWaywzNqJ2qIyl3f5woE3JP6K0tlhuI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe7909ae5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://telegram.haibao.tw
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I2ARAgYcLkxp5ro/3GR5SA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Sat, 27 Apr 2024 04:15:57 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VfcF6Y23jPrtY35VRAJ0ePYd/BQ=
Sec-WebSocket-Protocol: binary
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://telegram.haibao.tw
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BRjhGII19Yscy2elzBTVrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Sat, 27 Apr 2024 04:15:57 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NhJcgilFrqkFw/HiXpNnccFxBB4=
Sec-WebSocket-Protocol: binary
|
|
| venus.web.telegram.org/apiw1 | 149.154.167.99 | | 169 B |
URL venus.web.telegram.org/apiw1 IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram.haibao.tw/
Content-Length: 0
Origin: https://telegram.haibao.tw
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Sat, 27 Apr 2024 04:15:57 GMT
content-type: text/html
content-length: 169
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://telegram.haibao.tw
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G/tZjVs4sCTI7IlbBcPCSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Sat, 27 Apr 2024 04:15:57 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CtAgz25yGhFwHxNybqtvr0+ECyc=
Sec-WebSocket-Protocol: binary
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://telegram.haibao.tw
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pni+iwmH+2M6yFynR/7dmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Sat, 27 Apr 2024 04:15:57 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +7O7QArJKSJ5Ext0bcBIYEKFaHw=
Sec-WebSocket-Protocol: binary
|
|
| telegram.haibao.tw/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3telegram.haibao.tw/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/index-75cbdc15.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:58 GMT
content-type: application/octet-stream
content-length: 11056
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: "659941c2-2b30"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e8N5yjoVVs1oGyxTtQUf3WBXnCqm%2BRhK3tdIIw1h6aCA2w1KhjXcdAQw1IHXucfcFSZAG4yB5Lki%2FAJuSOM8M6iiBLkKvyJHG1Pv0UJ%2BTSOjanS%2BHS1VUxbCik%2F35f0cfOlENmk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe926cf75696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/textToSvgURL-c6ebb454.js | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3telegram.haibao.tw/textToSvgURL-c6ebb454.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (306), with CRLF line terminators Hashe887eae33ac4e1bd999c9a755cbb1209 4fe727c86362778344a5a5966388df6d0e84de83 35df25f60b66bb4a61e5e6cfddc37e76a0fdab5fcdfa23fc6a661c91d9489060
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /textToSvgURL-c6ebb454.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/pageSignQR-99b43efe.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-167"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPMM8gDZ3YR7Ir3AvVBKIZS%2BXcpZcq%2FzCcbVb5BD1NZ6r386N%2Bfa%2BcWTSQH56sK3T7CHX2EYGR73p2RCUmUDQDHUyCzlESgt9ffMcfHqwCi%2BAnfO0z96O84jOnMPmVOMEAVVtaM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe8cba3b5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/button-af00bb43.js | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3telegram.haibao.tw/button-af00bb43.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (8513), with CRLF line terminators Hash9baa76fbdfaa331df6cd4073d67b10ca 6c77759ca351af48afd5dbded115c02e180eb75f 482f2051b1cdf9a98b83c919bb7af5b09b8c1673ca766363d1e09b487caa8a90
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /button-af00bb43.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram.haibao.tw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-2170"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FMawQfe%2BSZe8QQ1%2BYFpTjbnC6FpfvCml3TjT%2BHvqsna2%2BGqt0SvPGTNQSf5W1HtWafu1KvEEQnpzECy5Ig7bVd%2BZxsphVxOsperkaK9eGvgMEinO6bfxZtO5Wnx%2Ff1y4XcXauo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe8908ed5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/pageSignQR-99b43efe.js | 188.114.96.1 | 200 OK | 5.6 kB |
URL GET HTTP/3telegram.haibao.tw/pageSignQR-99b43efe.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (5766), with no line terminators Hash095f8fe91dc344db2075c6cc901a4fe1 2d595c4ac53cce9f424ac0263669f389d3f3afe5 502b0c55ab8511dbf9be4c14af77f8ab70fccd8933fc25e7602268fe4f23f7fe
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /pageSignQR-99b43efe.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/index-ee5db018.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-15d3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqUn5RTapvF8IOptIeb%2FR%2F1h5oczyEA4N%2BCOT%2FOJ0T%2BwEzGrpW32Q3JIA%2B%2BbK16dYd9YuCeMrukHj2u%2Bq4Ym8y9x6NnwvH9pRbPm907OY2MsKSQk%2BFSZ4RQgr93RR3hqdJzdxfQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe8908f25696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/_commonjsHelpers-725317a4.js | 188.114.96.1 | 200 OK | 292 B |
URL GET HTTP/3telegram.haibao.tw/_commonjsHelpers-725317a4.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (306), with no line terminators Hash5a71747ad7fab8941f63e70715326fea 48b4c469ff08e9104530912d18b866e75cafb055 aea110a6ca12e00c6a59e0d59f4fe144a5b77d2145d43dc431e3a8dc04c6fa28
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /_commonjsHelpers-725317a4.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram.haibao.tw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:57 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-124"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ga9Y%2B7g9BCxaRV4NFXRhr%2FITFKttY0jSnxKxmpg0S2UUe0iOhfw8ykFG%2FjOn2gkWHsNYViqppHta4YzUOz6sOaYoOpS%2B5w3T0LmiCZUC6FLu5LSDX7%2F5zYXsTE3eqhnmQba%2FDsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe8cea4f5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/_commonjsHelpers-725317a4.js | 188.114.96.1 | 200 OK | 292 B |
URL GET HTTP/3telegram.haibao.tw/_commonjsHelpers-725317a4.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (306), with no line terminators Hash5a71747ad7fab8941f63e70715326fea 48b4c469ff08e9104530912d18b866e75cafb055 aea110a6ca12e00c6a59e0d59f4fe144a5b77d2145d43dc431e3a8dc04c6fa28
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /_commonjsHelpers-725317a4.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/qr-code-styling-8a04fb73.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:57 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-124"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NzszoHLYsS0ui%2BqEFrYb40JsjAUoNNIWhZ571eTISxwyiiE4AmsaHUEelQMMQa38tnerrq%2FeHJUdP7O6l6P9V5NvXb1kVC6AbnN9q5G1wiF3XMdX7c9eKAQ38eH%2BXMDbllLApvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe924cdd5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry | 188.114.96.1 | 200 OK | 9.0 kB |
URL GET HTTP/3telegram.haibao.tw/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash87fecdadac0beb95f9b7c87b3b3236f0 822f92446c0033a32462aa21208efaef1f0d8c3c 25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
GET /assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: image/png
content-length: 9024
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: "659941c2-2340"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9mRLFWPVITU3LVXHTPVw7ENOTQy8IcAFFiMqaEzsBSCOg2z4B52fVeRR99TdxP9i9l3WJKI5biMJqXScz%2FFAigviQpX3tUvwWguCoVWYrMKsLoTgbVGtcefcOKZWOTwK2f2NcR8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe87d8845696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/page-f4384e73.js | 188.114.96.1 | 200 OK | 10 kB |
URL GET HTTP/3telegram.haibao.tw/page-f4384e73.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (10193), with CRLF line terminators Hash06bc2168b91cdaaaad05f70ff71ff08c f85fcf04ddfa098b7155e0d4cec4a42f3990a4c1 98cce73847581b80f500037882b26797eacd65199f2fba6cbd8c9cb3af88869d
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /page-f4384e73.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram.haibao.tw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-27fe"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MhT8e8%2FGHCKOLXmGJHf3a9glEieMNPK6%2FhjKK2koomlFlsLX6Lp%2BulClpws8xnRIcJyRQHikCOkArFX9yiQDHMi6j4xSm5WOEUizM%2FCohJYzRzGEwc3Tvhan7%2FaxH%2BuBpIfA%2FHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe88f8ea5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/putPreloader-f439c452.js | 188.114.96.1 | 200 OK | 704 B |
URL GET HTTP/3telegram.haibao.tw/putPreloader-f439c452.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (746), with no line terminators Hash6cd8147e42be27412f2deed5ca452a66 b7a9dc0371d4a497bf1cc65de410f60ea875ca8a 41afb3cf4bd9b9f6d7a88e795a4da4292a95335055e4eb640cffc197c798ffd0
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /putPreloader-f439c452.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram.haibao.tw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-2c0"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKJAzm7sfcqyy%2BC9DwMzap%2BSyF2f%2FzwkY805%2F5xuTaJVIUcra%2BYEYcc0JK%2Fnhs7i7Qna6a%2BqRqkbn9h%2FKTtRG6f3KerRsZdFCrTYQD7ZeMl5yZYl31IG5xunokKAdyq80EP%2BZ2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe8908ee5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/pageSignQR-99b43efe.js | 188.114.96.1 | 200 OK | 5.6 kB |
URL GET HTTP/3telegram.haibao.tw/pageSignQR-99b43efe.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (5766), with no line terminators Hash095f8fe91dc344db2075c6cc901a4fe1 2d595c4ac53cce9f424ac0263669f389d3f3afe5 502b0c55ab8511dbf9be4c14af77f8ab70fccd8933fc25e7602268fe4f23f7fe
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /pageSignQR-99b43efe.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram.haibao.tw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-15d3"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v41LkyVhAAKlx8vJHd1wJMAR8lVAdDvmisZ5XASAL0iza48ZcscEH1TzI%2BGuHklSR6K0s7%2Fsp%2FxmTzjisC%2BMabV3Bw%2F1w7gN0vMXmq1S3GWAhndXROMMbWL%2BB0t5f8z%2FsuFdCKw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe88f8e75696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/lang-49055ff2.js | 188.114.96.1 | 200 OK | 109 kB |
URL GET HTTP/3telegram.haibao.tw/lang-49055ff2.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
Size109 kB (108655 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /lang-49055ff2.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/index-ee5db018.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-1a86f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fuq5y%2FA%2FJF4sxkUUXvO2Z%2BbHuYaYBxiOLKlMOkY24t3dj8nghVuxNFDA89F%2BWZBhz89upjK9%2FXI6cPWjFGqzXLdUu15rVo%2BTnTIaw5UZO%2F3T5mc4tyiW3j6oAjF%2BowWlR5MMBk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe823e4b5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/index-75cbdc15.css | 188.114.96.1 | 200 OK | 434 kB |
URL GET HTTP/3telegram.haibao.tw/index-75cbdc15.css IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
Size434 kB (433718 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /index-75cbdc15.css HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:55 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 11:32:12 GMT
etag: W/"65aa5dbc-69e36"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CY28vllYh3LcoZsbCuncdFx6h0PmImfU35Oz517iUzhXTEG3h41JWSPuvF8IeYtcMewMYEAeGbIoDvOIpMPLKpM17TUDUrzLez4Hd7rHBh%2BDdbF%2BVpKIXwgSfg5T%2BHznDlTVzgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe7909b05696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.96.1 | 200 OK | 14 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeHTML document, ASCII text, with very long lines (1757), with CRLF line terminators Hashb00f92da86b10abe471409b4cfcc62ff 1c0214ace70a64fa2d6a440ade8ba04e22f475ce 44c210b8a7a232d445704e1521157aa703e46a7f64d703475586fe47d8620628
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET / HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 Apr 2024 04:15:53 GMT
content-type: text/html
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FCq8R4R0aifJOs3Dsjgs6rLBP2htnASvyVVjm6%2FgqpEE5NQR6pzq7oiM%2FP3gwP1dstswwLddG%2Fl5slKmtwmbsR%2Bfts1oQdycZrdBw3PAM%2Bpkzdq0k1H%2Bc2eFBhQQt2iW3suE4YA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87abfe74fb3656ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| telegram.haibao.tw/countries-5301fc59.js | 188.114.96.1 | 200 OK | 24 kB |
URL GET HTTP/3telegram.haibao.tw/countries-5301fc59.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /countries-5301fc59.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/index-ee5db018.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:55 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-5e23"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x80PIJKqfbuPk9r5rVDsqlRfP7sfbmWGUlI3tnJ4Rx3s%2BlNTsAKu0Lb6mM%2F%2B4sGwrqcRefavReClHUgawo3xc7xeG41nJGTqtNoIxeSzw%2FD%2BPzJ9AreRSA5b9Y2RhoHi2jTXU8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe823e4d5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/page-f4384e73.js | 188.114.96.1 | 200 OK | 10 kB |
URL GET HTTP/3telegram.haibao.tw/page-f4384e73.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (10193), with CRLF line terminators Hash06bc2168b91cdaaaad05f70ff71ff08c f85fcf04ddfa098b7155e0d4cec4a42f3990a4c1 98cce73847581b80f500037882b26797eacd65199f2fba6cbd8c9cb3af88869d
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /page-f4384e73.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/pageSignQR-99b43efe.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-27fe"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1djsnZc%2ByBe05fHGI7IE1fOpDOcUHvNb2XIWuSsHhiRlwrj7BeNzIpttvIoq4tq2HvKnYlCkVCCJK0hflnvgvYS7AoQGwzhoXV5O0LaiMcpQCC7m8lDpaldPWt7vco2T2KH5xNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe8caa385696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/qr-code-styling-8a04fb73.js | 188.114.96.1 | 200 OK | 66 kB |
URL GET HTTP/3telegram.haibao.tw/qr-code-styling-8a04fb73.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /qr-code-styling-8a04fb73.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram.haibao.tw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:57 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-102af"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LuaXodcmk1lQrdcS4QwHM5YeVcXglT08J%2BF4O8f06dfQRoTOnCpxUTqpF3WaTsbQLZp%2FOpu4l%2B33U8zYzbUdDpR%2B%2B6XTziky0COu9bhdqk1a%2FvLCubtsbnE6R7EhF%2BQTN2x6VfM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe8cea4d5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/assets/img/logo_padded.svg | 188.114.96.1 | 200 OK | 1.1 kB |
URL GET HTTP/3telegram.haibao.tw/assets/img/logo_padded.svg IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeSVG Scalable Vector Graphics image Hash60c58dcbb2ef9968748fe3878a2c6dff dacac165b656bf03221f85b1843e1c7d8cb0b2ac 6fd7169d2c3cbfeed8e04a542d371c3d8504d5a69268b78deb6691703216f502
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /assets/img/logo_padded.svg HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telegram.haibao.tw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:59 GMT
content-type: image/svg+xml
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-43b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPT1jQGomjEwJgFxjblxlIugB6Dre8YxIpEWhzKsNmy2jOEG35JJ1KK0EBztzuDCJlYNUhzJgODDZU3%2FmzbsxblANo4tqG%2BKdIoFWOWkQU4BLrdM2UHj%2BMc4YNMjXU88YYzI0x0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe9aa87b5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/langSign-66e8939d.js | 188.114.96.1 | 200 OK | 1.7 kB |
URL GET HTTP/3telegram.haibao.tw/langSign-66e8939d.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (1769), with no line terminators Hash0e4ad7c977e057c3b54dd846b93871bc 251ccac60406a6ac964f02aeca7384f36b285de9 9db8dc92a331b234e53c59af2fff62de9d0590cfb75229ec6b4fc1d79c0ee520
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /langSign-66e8939d.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/index-ee5db018.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:55 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-677"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7hfKeApQimzHELw2A9mmBTNszDTWgQgGUMbpWHM0RXd0hN614yy8IvQ%2BFcfd%2BrT6uZq8B6u4jEo6EqYvSv%2Fvt90trnVCPKFzWBtpT2AAiuaWsW1ZenN8Bt%2FONgxgkydnPnrKuUk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe823e4c5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/putPreloader-f439c452.js | 188.114.96.1 | 200 OK | 704 B |
URL GET HTTP/3telegram.haibao.tw/putPreloader-f439c452.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
File typeASCII text, with very long lines (746), with no line terminators Hash6cd8147e42be27412f2deed5ca452a66 b7a9dc0371d4a497bf1cc65de410f60ea875ca8a 41afb3cf4bd9b9f6d7a88e795a4da4292a95335055e4eb640cffc197c798ffd0
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /putPreloader-f439c452.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/pageSignQR-99b43efe.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:56 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-2c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0FvS6aMPSeARICf9vQf6ZofaJ7RU90T%2F%2BSevz33RhJVd7YX2vcUWcoZtcmRIWxbuCSFcqYIWGqtaTX2btsI136LPTifliqVC7pufQO0jwFyEcMD%2Bkht%2F357hTYC7mT6k%2BnzTKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe8cba3a5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.haibao.tw/qr-code-styling-8a04fb73.js | 188.114.96.1 | 200 OK | 66 kB |
URL GET HTTP/3telegram.haibao.tw/qr-code-styling-8a04fb73.js IP188.114.96.1:443
Requested byhttps://telegram.haibao.tw/ CertificateIssuerGoogle Trust Services LLC Subjecthaibao.tw Fingerprint76:0B:25:57:E5:25:B4:45:80:2F:00:E1:AF:BE:3F:56:60:40:B9:34 ValidityMon, 15 Apr 2024 12:16:07 GMT - Sun, 14 Jul 2024 12:16:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /qr-code-styling-8a04fb73.js HTTP/1.1
Host: telegram.haibao.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.haibao.tw/pageSignQR-99b43efe.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 04:15:57 GMT
content-type: application/javascript
last-modified: Sat, 06 Jan 2024 12:04:18 GMT
etag: W/"659941c2-102af"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57vtGzk5ZwsMfIRMwr3lMDaB1ARhj%2FKNpGECj05FQNrmLHhXqhXrESVC%2FirAHgm8KSMo5xsI024KU8ZUOLo%2FM5CFP8E5tfvICQcRDJVkuusuPmGjBdN%2BrL%2BHi3im%2FoiOqq7ozGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87abfe8cea525696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|