| redirectblacknguwelittss.pages.dev/img/profile-1.jpg | 172.66.44.202 | 200 OK | 156 kB |
URL GET HTTP/3redirectblacknguwelittss.pages.dev/img/profile-1.jpg IP172.66.44.202:443
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerLet's Encrypt Subjectredirectblacknguwelittss.pages.dev Fingerprint97:E6:33:12:D8:EB:F4:12:64:AD:EE:39:A9:EE:EF:12:3C:A5:B3:20 ValidityTue, 27 Feb 2024 19:01:46 GMT - Mon, 27 May 2024 19:01:45 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1071, components 3 Size156 kB (156077 bytes) Hash1e4e8bf38a736ddbf3b37f725c2c6996 8665bb1f3713fa53ed4f049847781ee46cc02e39 eb1afa33de03f6734510282fbe8cf0c0dbab3c91fccbfa379c50681d419adb65
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /img/profile-1.jpg HTTP/1.1
Host: redirectblacknguwelittss.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redirectblacknguwelittss.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:34:23 GMT
content-type: image/jpeg
content-length: 156077
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "398570c34aafa08182d3cd0963670b22"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=paNIFom3Ic5sUdHGtcGO3Yj7%2BTf1dRH5xc1Jffqv%2FvxeCYLxwki%2Bm7BAgnEFTSu9Ob4j50jBSArNm2uIFysg46av9Cm8xXpv0IYRICWcZZfr5JICoS8d7OQc0adpYTizM4f%2BSuWqhJSXIN5NCEdHGzFO2Z%2FQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b90703ab8b7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css | 151.101.65.229 | 200 OK | 11 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css IP151.101.65.229:443
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash79877fb82de8ca50845081e3c9a201c5 4f6ea69c0e03431ffa1a097a45453b5b3b246d8b af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redirectblacknguwelittss.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
content-encoding: br
accept-ranges: bytes
date: Thu, 28 Mar 2024 16:34:24 GMT
age: 248546
x-served-by: cache-fra-etou8220090-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10883
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:400,700 | 142.250.74.106 | 200 OK | 1.1 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:400,700 IP142.250.74.106:443
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typegzip compressed data, max compression Hash57c523465f51975c5e1f8d5b581a6db4 cda16bcc076d8218f1c7b0731545c8cd6fe28a0f 9d2a2ddddbb5dd5b07cef421d67cfb309e8aa742af9e3bf2b358b609712e65c8
GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redirectblacknguwelittss.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 16:34:24 GMT
date: Thu, 28 Mar 2024 16:34:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3 | 151.101.65.229 | 200 OK | 102 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3 IP151.101.65.229:443
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 102536, version 1.0 Size102 kB (102536 bytes) Hash1ed478a6b265d4b4f5c26bb063203588 1ca5e8c7d2fb8e9d60ad1a1feb2a46e98c248a3d c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
GET /npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://redirectblacknguwelittss.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 102536
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"19088-HKXox9L7jp1grRof6ypG6Ywkij0"
accept-ranges: bytes
date: Thu, 28 Mar 2024 16:34:24 GMT
age: 1945764
x-served-by: cache-fra-eddf8230061-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://redirectblacknguwelittss.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:34:54 GMT
expires: Fri, 28 Mar 2025 02:34:54 GMT
cache-control: public, max-age=31536000
age: 50370
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| telegram.org/img/apple-touch-icon.png | 149.154.167.99 | 200 OK | 5.6 kB |
URL GET HTTP/2telegram.org/img/apple-touch-icon.png IP149.154.167.99:443 ASN#62041 Telegram Messenger Inc
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT
File typePNG image data, 180 x 180, 8-bit/color RGB, non-interlaced Hash295ccdb03006b8dfef45090dafbd46ac 491ab660270e47cbac6a5731c51cca71c1c1b2b1 a51d667d4262047c23e3a2a8aac3b46dc8a58c686cc013f2354011c07bf22cf3
GET /img/apple-touch-icon.png HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redirectblacknguwelittss.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 28 Mar 2024 16:34:24 GMT
content-type: image/png
content-length: 5644
last-modified: Thu, 21 Apr 2022 13:47:47 GMT
etag: "62616083-160c"
expires: Mon, 01 Apr 2024 16:34:24 GMT
cache-control: max-age=345600
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://redirectblacknguwelittss.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Mar 2024 01:34:13 GMT
expires: Sat, 22 Mar 2025 01:34:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 572411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| telegram.org/css/bootstrap.min.css?3 | 149.154.167.99 | 200 OK | 42 kB |
URL GET HTTP/2telegram.org/css/bootstrap.min.css?3 IP149.154.167.99:443 ASN#62041 Telegram Messenger Inc
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT
File typeASCII text, with very long lines (42164) Hashc2656e265ef58a9cc9f4b70b15da5fb9 85c5ebdb89d4574d72688c2650d4b84b9b09770a f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
GET /css/bootstrap.min.css?3 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redirectblacknguwelittss.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 28 Mar 2024 16:34:24 GMT
content-type: text/css
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
etag: W/"5a05e7c6-a61b"
expires: Mon, 01 Apr 2024 16:34:24 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| telegram.org/css/telegram.css?227 | 149.154.167.99 | 200 OK | 115 kB |
URL GET HTTP/2telegram.org/css/telegram.css?227 IP149.154.167.99:443 ASN#62041 Telegram Messenger Inc
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT
File typeASCII text, with very long lines (1267) Size115 kB (114867 bytes) Hash0d209d756face073dd14a437f07e58b2 20cb9119fdd02921a6bd0b1500f78a0b76a7a5c0 acd326a9263ee8c4cbc757fed46333732a0e3f8f48d398cbd4f8e36a09fdaf76
GET /css/telegram.css?227 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redirectblacknguwelittss.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 28 Mar 2024 16:34:24 GMT
content-type: text/css
last-modified: Mon, 20 Mar 2023 10:58:55 GMT
etag: W/"64183c6f-1c0b3"
expires: Mon, 01 Apr 2024 16:34:24 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| redirectblacknguwelittss.pages.dev/style.css | 172.66.44.202 | 200 OK | 337 B |
URL GET HTTP/3redirectblacknguwelittss.pages.dev/style.css IP172.66.44.202:443
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerLet's Encrypt Subjectredirectblacknguwelittss.pages.dev Fingerprint97:E6:33:12:D8:EB:F4:12:64:AD:EE:39:A9:EE:EF:12:3C:A5:B3:20 ValidityTue, 27 Feb 2024 19:01:46 GMT - Mon, 27 May 2024 19:01:45 GMT
File typeASCII text, with very long lines (361), with no line terminators Hash25d3f60956c3a1c8779b3c6d57c8e4c2 bb9fab488cb04f5f0a6e79c062c56ca651697809 6c681158e7e273c956564681a784ce66b5cfe1fb5d0567508b8ec3745e70b07d
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET /style.css HTTP/1.1
Host: redirectblacknguwelittss.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redirectblacknguwelittss.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:34:23 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"90f6d7cd3044dadc6d9b9f251b985245"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4epnIH56hxdqJwVtHCWxktgLODiTXHztImlH61BztJZiXHUYfikyy07ZuZp2sbaZNttkd9uTfOf3xSXIxG3KlfXk1YO1j69gq3n5%2Fj1BmWgUUcTLHTCWxJUh6OJNrH1s3kjn%2F%2Baz5qfW4x4Grqd8OUSqxdKa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b90703ab807129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| telegram.org/js/tgwallpaper.min.js?3 | 149.154.167.99 | 200 OK | 3.0 kB |
URL GET HTTP/2telegram.org/js/tgwallpaper.min.js?3 IP149.154.167.99:443 ASN#62041 Telegram Messenger Inc
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT
File typeASCII text, with very long lines (2998), with no line terminators Hashf03422dc797fd26a3834b1ec041128ed a6e88f4fe48b749c2b7360e8e004f64b6cfffb1a 046ec6b7909d0ca5cc6ef271a1b57b2f2be0bd88e3495fd8c496f1524e8ffaac
GET /js/tgwallpaper.min.js?3 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redirectblacknguwelittss.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 28 Mar 2024 16:34:24 GMT
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 19:57:25 GMT
etag: W/"62211da5-ba3"
expires: Mon, 01 Apr 2024 16:34:24 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| telegram.org/img/tgme/pattern.svg?1 | 149.154.167.99 | 200 OK | 232 kB |
URL GET HTTP/2telegram.org/img/tgme/pattern.svg?1 IP149.154.167.99:443 ASN#62041 Telegram Messenger Inc
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT
File typeSVG Scalable Vector Graphics image Size232 kB (231706 bytes) Hashd0c22c6a97023d85ba6e644a41c44a5d 4284efb616c182da4450c123174ce0e81a322845 118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4
GET /img/tgme/pattern.svg?1 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.org/css/telegram.css?227
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 28 Mar 2024 16:34:24 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Jan 2023 17:52:04 GMT
etag: W/"63b70e44-3891a"
expires: Mon, 01 Apr 2024 16:34:24 GMT
cache-control: max-age=345600
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| telegram.org/img/website_icon.svg?4 | 149.154.167.99 | 200 OK | 1.9 kB |
URL GET HTTP/2telegram.org/img/website_icon.svg?4 IP149.154.167.99:443 ASN#62041 Telegram Messenger Inc
Requested byhttps://redirectblacknguwelittss.pages.dev/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT
File typeSVG Scalable Vector Graphics image Hash5caca7ae1cffb3da0b06150a15020005 04cfb934f238d33209406393a3fbf78454815739 1ea747a06fbc240c2594a8c523cb248bbda4784f0fcad9d0f06334f1a378604f
GET /img/website_icon.svg?4 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redirectblacknguwelittss.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 28 Mar 2024 16:34:24 GMT
content-type: image/svg+xml
last-modified: Mon, 20 Jul 2020 20:41:37 GMT
etag: W/"5f160181-768"
expires: Mon, 01 Apr 2024 16:34:24 GMT
cache-control: max-age=345600
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| redirectblacknguwelittss.pages.dev/ | 172.66.44.202 | 200 OK | 9.2 kB |
URL User Request GET HTTP/2redirectblacknguwelittss.pages.dev/ IP172.66.44.202:443
CertificateIssuerLet's Encrypt Subjectredirectblacknguwelittss.pages.dev Fingerprint97:E6:33:12:D8:EB:F4:12:64:AD:EE:39:A9:EE:EF:12:3C:A5:B3:20 ValidityTue, 27 Feb 2024 19:01:46 GMT - Mon, 27 May 2024 19:01:45 GMT
File typeHTML document, ASCII text, with very long lines (9628), with no line terminators Hash7bbfaa08f2a82819b2ab19dc6a8188ca 4586d0334ecc8c2cd72bf39baacb3fd68ae43186 663b6ffff252aed848d8a46f6b0fd31d79bbde6ad08914d23d4681e80afd2b7d
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram |
GET / HTTP/1.1
Host: redirectblacknguwelittss.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:34:23 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2cc9dc57ae888bd05ff161f4236a1569"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2xKj9YtlD8VJmh2Y0TGPp9xCE8O%2F8MngfVE%2BUTDh3hR%2F%2Fakczpn4gSuQZxTZ%2F9f4goTfXb4QFY7ByjM2Hz6gSSOV1JfmGU2l58McJeDEXu8e2x7XM5W0e1lXbTwOqWq3ipLJxHGQ0gkR3NAE%2BPPCLjC88p7q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b90702289bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|