| tw-dj0.pages.dev/index-KevWqk89.js | 188.114.97.1 | 200 OK | 58 kB |
URL GET HTTP/3tw-dj0.pages.dev/index-KevWqk89.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (63446), with no line terminators Hash6867c5123bc060de024a45f53c4b13e3 aad5cb01918d434062d18bec3ace47d9949b65b8 15cc80dc07602e9328a1875e6e3561d8d13ca2f5e0861da3289818a30fcce4f5
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /index-KevWqk89.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:23 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"06aef8925fe06bdd800663461ca79bef"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQTO4LrajF%2FoI2jihmQcLkF1GbeiLF7DTsZEa7BtGElpVA6AIypJu2aZKlIDro14OdfN3x7Vyi93x7UPf%2BAwWr88tZSQoy7h4SGYzsWyBa9GhED2Hx3WZo8yJELf5jCVDGmQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e578a08f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/crypto.worker-9wi-02Dm.js | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/3tw-dj0.pages.dev/crypto.worker-9wi-02Dm.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /crypto.worker-9wi-02Dm.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: sharedworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"373ac5763891b4602530475372997442"
TE: trailers
HTTP/3 304 Not Modified
date: Wed, 17 Apr 2024 04:32:24 GMT
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4FXYqnbfOhtMOyIbf7IsFfpDeT9J7zlAXZdNsT8nRKH5gusKaEAX5TQ8qbHAnLcz321%2BVJHjLrO6pzZ1OXitxBJEeO66FD%2BflSLhVYKrHE1robBL9qJDkJevwuLni4oKwbt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e83aea8f58-CPH
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry | 188.114.97.1 | 200 OK | 9.0 kB |
URL GET HTTP/3tw-dj0.pages.dev/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash87fecdadac0beb95f9b7c87b3b3236f0 822f92446c0033a32462aa21208efaef1f0d8c3c 25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: image/png
content-length: 9024
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c35bd3231a46b7b8c79b2578bdec4987"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ed8EmRtPcRtvcy4NImRAYumBEnzpNgCDiSqXyS%2BonOEr7aTw%2FRN2LW7gvQ9EB485OJILzvyGCuquxVU39bEQXAcNc8Wcq%2FEreOwx%2FMJhMRFiCnPbYbWQnsXMsLuD%2BEfwJ6%2Fr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e86b0c8f58-CPH
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/assets/img/favicon-16x16.png?v=jw3mK7G9Ry | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3tw-dj0.pages.dev/assets/img/favicon-16x16.png?v=jw3mK7G9Ry IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe3ce05eb00b3215df220efaf0fd06e21 d1533966f79dc2984c34317035f31cf3c91298c9 0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: image/png
content-length: 1012
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "164bab244d543d9719126be57e7b82f4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFCpWf5OZTW7f0ZR4opwA%2FSMOt5zkdEz9YPIinwcfnJ2fVATLcrsrK4j%2FZWdQRmevUBaCIvKY0oiuOuOIvhBmPGfhLWcHHx4edNIrmPt0Xdhc2SqvqIB%2Fdg8NqVsXmaW4d68"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e86b0d8f58-CPH
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/textToSvgURL-Z4O-nL1S.js | 188.114.97.1 | 200 OK | 29 kB |
URL GET HTTP/3tw-dj0.pages.dev/textToSvgURL-Z4O-nL1S.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeASCII text, with very long lines (306) Hashcca1508d96dbfce74dcbaed756d04955 c539ff84caf27c4b22e498662644c07e6893c19a 36cb02e59322028c02c5365bd56cbd129b3eb2fb4aaec625160ca2dc9786a4bd
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"cee18038c184fa3137d53bb34227dbc1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mz9zF8mDApsLgt4aLWQWetb5SFLK6V%2BfMETjgWQcodAB0MYkj0Ow5t1KcfFV8jsyuxXuAHURP8v06xg%2FUtEU5V45fpuUAz%2F9FdFo%2Bop1DuMN1Xaxvdpm0tpmVDUXSLiVUgyN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e8ab338f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/page-h4-JFMdU.js | 188.114.97.1 | 200 OK | 4.4 kB |
URL GET HTTP/3tw-dj0.pages.dev/page-h4-JFMdU.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeASCII text, with very long lines (10301) Hashce10f25ca7abcecc4b3619f85fef181e cfc9ac15ac52239c6c0164c1014ab3af0455bec3 d813b32d2e72eac30aec8e8ca5316b1d89c1fe921a2e6e34cf7deb0266c5f176
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /page-h4-JFMdU.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"47bce3ee9e9631c2601b4f9f44f0a17c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmQQWPogleDWUs2uqUCJ58xHTWJ8ZjBWwVCI6xYDb2wc2IYK%2BhPabdiCCg3p%2BrxVed5cOY%2FCP%2FCqL7vOv4LqJGGn0pbfXo2055CcM7XiqA62ynnUK6wn5EoaIrtm0pOSD3XH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e89b278f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| twv.gonewest.topmoto.pl/venus/apiw1 | 76.76.21.93 | | 169 B |
URL twv.gonewest.topmoto.pl/venus/apiw1 IP76.76.21.93:0
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /venus/apiw1 HTTP/1.1
Host: twv.gonewest.topmoto.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
Content-Length: 0
Origin: https://tw-dj0.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-headers: origin, content-type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Wed, 17 Apr 2024 04:32:25 GMT
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-id: arn1::qnhwn-1713328345345-5be6efe0e649
content-length: 169
X-Firefox-Spdy: h2
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://tw-dj0.pages.dev
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1rE5LF9zlbPe6ZhK3PukdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 04:32:25 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r3NXC5XCbCWPUIqpibG3+kRUaTQ=
Sec-WebSocket-Protocol: binary
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://tw-dj0.pages.dev
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6/JUGr0rwJZxrUjJsWSa5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 04:32:25 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5lKG4x/ugdNdGbh9DFPXFGdvZzY=
Sec-WebSocket-Protocol: binary
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://tw-dj0.pages.dev
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Orvu8U7Dg+dUPdUvycijSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 04:32:25 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FI0X65beZPkyL0W1OvYK08LHVk0=
Sec-WebSocket-Protocol: binary
|
|
| twv.gonewest.topmoto.pl/venus/apiw1 | 76.76.21.93 | | 169 B |
URL twv.gonewest.topmoto.pl/venus/apiw1 IP76.76.21.93:0
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /venus/apiw1 HTTP/1.1
Host: twv.gonewest.topmoto.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
Content-Length: 0
Origin: https://tw-dj0.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
access-control-allow-headers: origin, content-type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-store
content-type: text/html
date: Wed, 17 Apr 2024 04:32:25 GMT
pragma: no-cache
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-id: arn1::t6qfd-1713328345808-0b5893dddb88
content-length: 169
X-Firefox-Spdy: h2
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://tw-dj0.pages.dev
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yz+ASe+dV8eBpaeImT+aKg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 17 Apr 2024 04:32:25 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: j5+b3xRTm8EgPkspjNjcd+x4yWE=
Sec-WebSocket-Protocol: binary
|
|
| tw-dj0.pages.dev/mtproto.worker-g-qIvUmp.js | 188.114.97.1 | | 265 kB |
URL tw-dj0.pages.dev/mtproto.worker-g-qIvUmp.js IP188.114.97.1:0
CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
Size265 kB (265019 bytes) Hashf7a9fb8e2e3a94c6494389feeb6d5dbe 395f3a1bf66e4f524a98a006d0243070002d9383 cab9f84ba576808de208a77d84533a7cd2d95085c2c7cd9b6a0d43c73e5174e7
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /mtproto.worker-g-qIvUmp.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: sharedworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2a1dab430a4a6d0027f1839a6d277ac5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crEa2uIQ4Bupp46xgs9KaomhOeR%2BPdTHrJRx7c7V6k4TDQ63aMhzTna2qz5LazWmK8oWj7oS%2BbMM6FsCbuCjRHBLxIWhwGFC8SRw4R7s7hSPHdgDFgHds%2BxR4gpZgSLuK1R1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e7ba8f8f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/pageSignQR-9_AZc9Zh.js | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3tw-dj0.pages.dev/pageSignQR-9_AZc9Zh.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeJava source, ASCII text, with very long lines (5011) Hash112d42f86d11a91c015bff5d765098b1 7c54af3076512daba57f12b3a19f0139cd36ab93 996785acfb0bf84bc3d2a424b2cfbbb41139d8ccf0dbf3fb9017f34806be2be5
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /pageSignQR-9_AZc9Zh.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"52ec5738d71785ba9934cf18812c5e97"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjsuix16v4zC1fMh8GMZyq5d3j67yVW%2FpI%2Bxdb4jur0gaHf6SMo%2Bo%2FFSA%2Bv1cvDQ6oAS6f5N4mCbdXSFGsusqKky1fHWo376NQcs07lWLr4qnuVQRGj%2FoIzfcVfUrIL2Xx9G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e89b258f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.97.1 | 200 OK | 14 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeHTML document, ASCII text, with very long lines (1757) Hash814f03d75ca264c0b8b3896c1d490586 a3052fb36259b30cee38db76d20d4f957b755c02 74124b00edb2aa4b4794a25b45586d32808454caa46d78ce02f08e2abfcb0bfc
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET / HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:32:23 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c1505e5a759ab3d7114daddffca79adf"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZpIn1Nl4TEuRC00KsdutUBsWS%2BqgLVZB9U4guSrscH37OBEsR3U0P5nM5v3yfbXzeemczcgi92rAY%2FmLG5j7Yj25PpNiXKEyL3LEkxPNYLctDkqTXL29an7FDjVMIlzOLC9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e40d4592bb-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tw-dj0.pages.dev/_commonjsHelpers-5-cIlDoe.js | 188.114.97.1 | 200 OK | 290 B |
URL GET HTTP/3tw-dj0.pages.dev/_commonjsHelpers-5-cIlDoe.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeASCII text, with very long lines (302), with no line terminators Hash2c4d6d27d76dee6e31a5e78877faba51 6a2773032cf08261b695305eb75b6aa25fb91d77 0d9af4fa5be8e6567f6e919c636e66546d0e1394b45f8140456512ae5dc690b0
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /_commonjsHelpers-5-cIlDoe.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/qr-code-styling-ogpV7fl-.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a3104b7dc8b495a8a4b6541a2ebf1944"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5uA8RKAEg6q6cNPjgbNtTmM0d1H9fLn71gTOCKm5dJar8o03lOe8QAN6cHzTS3PoXvrg7R2ZyrTdbrSsRIHD9xXBPbhcna86%2FNe6mpVMmPsNYLDLYThOH65x5bYS0DUA%2Bwn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0ea6c888f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/qr-code-styling-ogpV7fl-.js | 188.114.97.1 | 200 OK | 66 kB |
URL GET HTTP/3tw-dj0.pages.dev/qr-code-styling-ogpV7fl-.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/pageSignQR-9_AZc9Zh.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c65e4bbee96a3ef4748771f9299f45c2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R8jIZ4DwuRAdnhNnYAk%2FwDuZVz0fScXPd1JZemcrBSk85Ya%2BApy%2BUfEom271YgOX4yBepO6qXg2MSfGRdkHXlgGHj4dxTMATaLF0584eRl3IiLi3HHmMlEXTxz%2BrT0hN7y2f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e9bc1c8f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/index-a3UEjh-7.css | 188.114.97.1 | 200 OK | 450 kB |
URL GET HTTP/3tw-dj0.pages.dev/index-a3UEjh-7.css IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
Size450 kB (449925 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /index-a3UEjh-7.css HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e431100b02cf4c93cde1323776b557d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dyIM5JVtTYurAG3p9dbhQb9myEwzqopLhFM3gS50g7mfwCCUxCFYcR9%2BKoOanTQ6PNyp7kBMdiQ5vV%2BpQU2W5s03sT63Sw3cOljw6HYO4Hev%2FSi7SxXpr%2BEIAjCS7Gd6SHja"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e578a28f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/lang-zHzLTv6f.js | 188.114.97.1 | 200 OK | 116 kB |
URL GET HTTP/3tw-dj0.pages.dev/lang-zHzLTv6f.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
Size116 kB (116455 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /lang-zHzLTv6f.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/index-KevWqk89.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b55dfd9f04b0fd68125b46e9926ddf31"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ecglvyWqUC12V87nCwnVOi%2BIl%2Bm0brGjNJlEtEb%2B8qSH2uUiKf0MkjuhntYRS7NnWVLPLRqhABrR0XQqp0rUYbUzAojylFkS5Kq%2BNZnTLqG9ngbi8g018ldfs9JOonD2%2Fn6g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e7ca988f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/countries-lRU-UavE.js | 188.114.97.1 | 200 OK | 24 kB |
URL GET HTTP/3tw-dj0.pages.dev/countries-lRU-UavE.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /countries-lRU-UavE.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/index-KevWqk89.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"59fb56f80ffcf23bfac3be46b1d20f34"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7L3p3Yj8PbRJ%2Fh4i%2BGYPd7KcOUHE0pePPtYb6pkbYR0AOhDcjUULp6U0rXPHae45WuIXEF%2BeOK4zsj7TnNhtwpFuUe4Hzrz5kT2%2BQAwTeIJp3Fz%2BaU2MAWJBNZM9QG%2FfYS7V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e7daa48f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/qr-code-styling-ogpV7fl-.js | 188.114.97.1 | 200 OK | 66 kB |
URL GET HTTP/3tw-dj0.pages.dev/qr-code-styling-ogpV7fl-.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c65e4bbee96a3ef4748771f9299f45c2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66wLf6dh1%2FmGt2NY2zDKKSjscNj%2BCMfphnmi%2FVBh1frY9EmLwgGz%2BwogjC3h%2BEXwWpMJxmf1Opf8vNrBWKu7xzTtEUlbBFc%2FWQQtEyZL8YP9okothEOxpKn%2FjTgUGNVCNCw6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e9bc1a8f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3tw-dj0.pages.dev/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://tw-dj0.pages.dev/index-a3UEjh-7.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: font/woff2
content-length: 11056
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "d0122a2078b736d8f34c46ec02e88eb0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCD0TzBW7g%2FbWkm%2FHuHYujFXvbN6ftH8aXR5Q5Qg41ltzytWZdo%2Fk6C95%2BJ1xWjuXTnk1ShYWRrd4YsGEYsHPjoJZNWNxIHMTWaQDLmXnTiyx%2FhWcH2mQMVwRJJ0rl9vPLLj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0eaccbd8f58-CPH
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/langSign-lcKrqmwM.js | 188.114.97.1 | 200 OK | 1.6 kB |
URL GET HTTP/3tw-dj0.pages.dev/langSign-lcKrqmwM.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeASCII text, with very long lines (1751), with no line terminators Hash6503e4eb7fe92e639f1398a512bdf9d5 8fe9788360af3dde5507e78d48aa5324a99c0216 fe461dd4a36a65359703e4ec0f5f2a6cfbf8bc2d73ef82a8a75b3df3f12379b8
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /langSign-lcKrqmwM.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/index-KevWqk89.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0b8cfc934941a167cd3552bc2666ff7b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r7EnQqUN0FymntfohXV%2Fbt7qi9Or8FWxT2Fiux5%2FGSmxkPQkpquX3f7xw3cRkuyjvEwCCJkRgAcQSvzrQ0LL8wSt6XWj3fd9A1zGM5SGAbACY%2BVL6dGp5ogqUGrZbmhf5Cp2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e7ca9c8f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/putPreloader-UPXgnht_.js | 188.114.97.1 | 200 OK | 699 B |
URL GET HTTP/3tw-dj0.pages.dev/putPreloader-UPXgnht_.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeASCII text, with very long lines (736), with no line terminators Hashe7b882df454dc6de5d1f047228e47ba9 5f209b3de17265499558244201519b5f24fa06ad 99fbf8f6ae29970383a2871e8b7f71c58fc0058dbf5738f2c09be340fc26c04e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /putPreloader-UPXgnht_.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a93e7cd704732ec98a26ab657d046e64"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbF0bhm%2BUV7GJbQfYeYsV4R8YDSorfJ7xL8UJp5LdDQ8tw5yeMrtplMuFx632vL9aQ46XMBhZQF8Y82ji%2FiepFCTI3qFulJyRwW%2FRwty49YtZMKMwF%2F9mOTzcAiiQV09RvGv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e8ab328f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3tw-dj0.pages.dev/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://tw-dj0.pages.dev/index-a3UEjh-7.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: font/woff2
content-length: 11016
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "741b4527b63febbccc571bad3f4f23cf"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LnEjzVwAAC0pSkOREI%2F5VJk%2Fa8ce8hICGIpumCMQ7Msy39KjVH6LWYNnixS3CScUkv75Ko3483LTBFFEuN6QMkZrV831rq4W2bVO%2FpU%2B2cCKOpvY2BlO8ytIuYs%2FPEMal9l5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e78a618f58-CPH
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/button-2EiMqoep.js | 188.114.97.1 | 200 OK | 8.8 kB |
URL GET HTTP/3tw-dj0.pages.dev/button-2EiMqoep.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeASCII text, with very long lines (9526), with no line terminators Hash7cb0fb418b7ff76e2116a63ce91024b3 d7cedc25bf050caf955568be86992b32f169b5ea 08a10f519f05af8f791cedf604f9e092b7442071f2a26c4eaff1abc89f89d173
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /button-2EiMqoep.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2ea761ec58755dd571f1e41152024f50"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BA%2BptshgD3ZDM7Gqg1Kru2joQh4RTyP0Gd3jn0t6iPZZm4gcN%2Ff0jRdVCGwDV3XIk3iJh4MFRtecN61w5MagSoNeHKEkltc%2BjNHtBBKBTkAsZm69c5aa8r2UuNdApc5Ru5GX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e89b288f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/putPreloader-UPXgnht_.js | 188.114.97.1 | 200 OK | 699 B |
URL GET HTTP/3tw-dj0.pages.dev/putPreloader-UPXgnht_.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeASCII text, with very long lines (736), with no line terminators Hashe7b882df454dc6de5d1f047228e47ba9 5f209b3de17265499558244201519b5f24fa06ad 99fbf8f6ae29970383a2871e8b7f71c58fc0058dbf5738f2c09be340fc26c04e
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /putPreloader-UPXgnht_.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/pageSignQR-9_AZc9Zh.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a93e7cd704732ec98a26ab657d046e64"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVJALlDiyVl9HH1qUgUtSnvy9W679Py64x1U4%2FJ8emHIfBDjBnJsu5TKsja7XghSTdOGxw8Zms%2FAgDxyoyLqCJLvBpbJ1TwkZ%2B0oVNfo%2BPVYAjht2MbZqPF9VPjF2VeuyLnQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e94bcc8f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/_commonjsHelpers-5-cIlDoe.js | 188.114.97.1 | 200 OK | 290 B |
URL GET HTTP/3tw-dj0.pages.dev/_commonjsHelpers-5-cIlDoe.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeASCII text, with very long lines (302), with no line terminators Hash2c4d6d27d76dee6e31a5e78877faba51 6a2773032cf08261b695305eb75b6aa25fb91d77 0d9af4fa5be8e6567f6e919c636e66546d0e1394b45f8140456512ae5dc690b0
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /_commonjsHelpers-5-cIlDoe.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a3104b7dc8b495a8a4b6541a2ebf1944"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6DZlaxA9cuOEyuJ6llx%2F5ZhgwwhXm9Lqa16AWqXFeRNIyEHqHt11%2FOSf9jpUXUyGld8ULFndxxhFQsbMB4Yuuhg4f2Ss2hfBXUsIY0%2FQXBnGBpLW9uyLPBfitZ5tLGowKGas"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e9bc1b8f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/assets/img/logo_padded.svg | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/3tw-dj0.pages.dev/assets/img/logo_padded.svg IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeSVG Scalable Vector Graphics image Hash4c0b48654a4881c325148a5e00964160 d7d21756c9dd4c1bf4d97087811745aad60506a0 7583a3643a9480ab4d81dd46b700cf3a38ebdd94af1a6059d2b6a3ecff8a65c5
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /assets/img/logo_padded.svg HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:27 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ddc17b460f3542cd68305d2c727dab6c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CoW1VQFGpmt0c8K9VDSCxEd4039dKyWUbSA3JzaNhn3Q86ScoY7BOQViweX0u0LDd036M7NpJhVppdqa3u%2Fkdh25%2FKBl1aYFszJirjNnI7c2LHsIVKsJ8lA7LxpX3ajYnkE6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0fab9078f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tw-dj0.pages.dev/button-2EiMqoep.js | 188.114.97.1 | 200 OK | 8.8 kB |
URL GET HTTP/3tw-dj0.pages.dev/button-2EiMqoep.js IP188.114.97.1:443
Requested byhttps://tw-dj0.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttw-dj0.pages.dev Fingerprint1F:25:96:2F:CE:6F:67:78:98:2F:8B:EB:60:09:8F:21:EA:BE:E4:18 ValidityTue, 16 Apr 2024 11:40:38 GMT - Mon, 15 Jul 2024 11:40:37 GMT
File typeASCII text, with very long lines (9526), with no line terminators Hash7cb0fb418b7ff76e2116a63ce91024b3 d7cedc25bf050caf955568be86992b32f169b5ea 08a10f519f05af8f791cedf604f9e092b7442071f2a26c4eaff1abc89f89d173
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | PhishTank | phishing | Other |
GET /button-2EiMqoep.js HTTP/1.1
Host: tw-dj0.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tw-dj0.pages.dev/pageSignQR-9_AZc9Zh.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:32:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2ea761ec58755dd571f1e41152024f50"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cu4QrY10nI%2Fd8pOsSijP6ZZaaDgjYUNUXF2275Cyu4e5qBdm6VpaExZhO0kfhDoz%2BpYIobze%2FsMiR%2B9Oy3jv9htxlPZMdBDj%2Fv2w6XhrvsrYnP0ZW1xFCNErLqhokfuhCqYb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b0e94bc78f58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|