Report - terlegramz.com/

Report Overview

Submitted URL
terlegramz.com/
IP
154.82.100.105
ASN
#399077 TERAEXCH
Submitted
2024-04-19 03:59:20
Access
public
Website Title
Telegram Messenger
Final URL
terlegramz.com/
Tags
meta whatsapp social
urlquery detections
Phishing - WhatsApp

Detections

urlquery
6
Network Intrusion Detection
0
Threat Detection Systems
210

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
terlegramz.com	unknown	2023-07-10	2023-07-11	2023-08-17	27 kB	25 MB	154.82.100.105
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-18	7.0 kB	442 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram
2024-04-18	medium	terlegramz.com/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed
2024-04-19	medium	terlegramz.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	terlegramz.com/TG_ZH/index_files/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-04-28
Pretty URL terlegramz.com/TG_ZH/index_files/v652eace1692a40cfa3763df669d7439c1639079717194 IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-28 23:23:46 Times Seen1641 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	www.googletagmanager.com/gtag/js?id=G-NW6YF835DY&l=dataLayer&cx=c	250 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-NW6YF835DY&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:59:22 Last Seen2024-04-19 05:59:23 Times Seen2 Hash fab4ca82279f6e4657b8400d4e0ad46a 843ff5e87f2df8b751af581f7e10e6a895da5e20 52c1572f1536cc1b73aceb90a06e74961d9375e17ce5daa06a05e69a0021bf7f Loading...

	terlegramz.com/js/config.js	360 B	2023-03-12	2024-04-26
Pretty URL terlegramz.com/js/config.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:05:48 Last Seen2024-04-26 05:43:44 Times Seen1754 Hash 0f473dc8cb0eed8e543f26b9043a3fb6 56069d0c86850c8bcdef6495d213405e4a8b3f6d e9885f72beec80104d584000fea488790bd8c910793bfb3879dc85c2fc54d98b Loading...

	terlegramz.com/TG_ZH/index.html	152 B	2023-03-12	2024-04-26
Pretty URL terlegramz.com/TG_ZH/index.html IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 21:05:48 Last Seen2024-04-26 05:43:43 Times Seen850 Hash 5000e1c0d952344d55c4dabef597c7f4 4f252e3f44f982ae64eb23fca16cf8adfc3516bf 367a59b0504b661ded95278dd9c3bbfd9c28e6ed965fa5a1d9fe03b40fb17e6e Loading...

	terlegramz.com/js/main.js	21 kB	2023-03-08	2024-04-26
Pretty URL terlegramz.com/js/main.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:42:25 Last Seen2024-04-26 05:43:44 Times Seen1748 Hash 401f247640476ab57f1562643278c690 88d3d9ce942bc4f83013a1f302fa57281c62dbd8 39a10a24888c4e0898d8c9c9ed332d88d0203c08d0f5cfbbf82c84cd9eee584f Loading...

	terlegramz.com/js/downloadlist/t168.js	4.6 kB	2023-10-11	2024-04-19
Pretty URL terlegramz.com/js/downloadlist/t168.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-11 15:53:58 Last Seen2024-04-19 07:33:37 Times Seen470 Hash 34b8fd5e497198a6d70f87efb668ee35 bcfbe419a14aa108eddca6c96fe208f6cd544a16 3408cd96b5a919c1a85cc41d0dc11c59e86ff5e2b5cfc5cb910eee9609f5e1e0 Loading...

	terlegramz.com/js/downloadlist/t188.js	782 B	2023-11-05	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t188.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-05 09:07:12 Last Seen2024-04-26 05:43:44 Times Seen334 Hash 368211d1070c79e6a773514dbca26609 16238b82f8cb185568aa9fa8dc60883dd194d2d1 500bbd002818cf0e7c190b19e9c11f76f2c07eeb8a61f8230a92fc3b9e5115fa Loading...

	terlegramz.com/js/downloadlist/t123.js	1.3 kB	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t123.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:59 Last Seen2024-04-26 05:43:44 Times Seen809 Hash 0fb9e618fd33a073988476434552f926 2cc2360494bebcc34e4b63da0a0b6cac8946084a 7eea03bda30f9e9ffa2b4bfc96af1b9cb2dc706d509d036610c5043edaa64163 Loading...

	terlegramz.com/js/downloadlist/t126.js	625 B	2023-09-30	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t126.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-30 01:43:59 Last Seen2024-04-26 05:43:44 Times Seen553 Hash 1d18f93402ead068f68caa3fa3d9d6f4 2f2dda71b403f2d4b926371de49720de8c6c3ac6 9e3d0e5c2f70c6a337c99df23ca98b53093175d9f562d42d46009c3abb6ca4bd Loading...

	terlegramz.com/TG_ZH/index.html	357 B	2023-03-12	2024-04-26
Pretty URL terlegramz.com/TG_ZH/index.html IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 21:05:48 Last Seen2024-04-26 05:43:43 Times Seen895 Hash e5f7a5a45fb070de38e2239bc385060a 5942e3224566ba691288214cbace8554a81b8948 26d030aa3c20704a34fab17b4d255b1a6800b9e528d567c0d988fbfaeaff20ac Loading...

	www.googletagmanager.com/gtag/js?id=G-NW6YF835DY&l=dataLayer&cx=c	250 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-NW6YF835DY&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:59:22 Last Seen2024-04-19 05:59:22 Times Seen2 Hash 9bf6f2072a2f9580169044a05d67fda1 76508a4b56f632cee17dea17f25fc2e503817c1f 7cb5941dde5f23bad4d1cbf44799eed352f71ceb1a3957aeb21f0e2e0fd8cce3 Loading...

	terlegramz.com/TG_ZH/index_files/js	107 kB	2023-05-18	2024-04-26
Pretty URL terlegramz.com/TG_ZH/index_files/js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 00:58:48 Last Seen2024-04-26 05:43:44 Times Seen1564 Hash d28613ff9ab6c4f187868ad0543de0f3 9be8b9973f87458167e984bf5ca3ea11651d4c98 377a867c84d7622e8505d60ab3f2cd91c2bee74035d45971e9fd11f904cc3da6 Loading...

	terlegramz.com/js/downloadlist/t888.js	3.5 kB	2023-05-18	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t888.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 00:58:47 Last Seen2024-04-26 05:43:44 Times Seen1178 Hash f5f4169266f561dc31defb576f011271 0081b577b30cebb75724f3132e04cfa6b61be037 a9621c2d617dc70b2e069a909f47485f3725937352047a33ce2c906e31b3e52a Loading...

	terlegramz.com/js/downloadlist/t158.js	1.8 kB	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t158.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:58 Last Seen2024-04-26 05:43:44 Times Seen798 Hash 5471b90409fa565e42ba12eb5407f47e 98861c71ccf9271dbd11522c1f9cc9a07a52b193 4d8cb1071eb9746ac339793c644c5bb7b471607c9e10ddc52cefbef55199b155 Loading...

	terlegramz.com/js/downloadlist/t121.js	859 B	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t121.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:59 Last Seen2024-04-26 05:43:44 Times Seen799 Hash 48e1282d8f6a96f296d445c641c06d00 9d3072dd2e38c03b2fc911983da0799c1926565d ad7049fae9e9cf23c1146381b5d33f88f317b03a9d83037df5b680155182076c Loading...

	terlegramz.com/js/downloadlist/t108.js	2.5 kB	2023-05-18	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t108.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 00:58:47 Last Seen2024-04-26 05:43:43 Times Seen1179 Hash 19610ffffb5f8db346ac477b61881b9a 6c67ec85150a99971ebc6154d93abc63e68e6f3f 25cb46b283e4f73d90fa61138ad36987d098d83abfd2a4e2c0cce04b0352b106 Loading...

	terlegramz.com/js/downloadlist/t109.js	1.1 kB	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t109.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:58 Last Seen2024-04-26 05:43:44 Times Seen797 Hash 08237d27309671227c0fdae0778aa361 97bf37ed683c6768f2c2ad30054610c2e0707259 a0fe39acb33ef027a796a95991f0851513cb40c76a05da7bccfe0b5b62acf723 Loading...

	terlegramz.com/js/download.js	3.5 kB	2023-07-12	2024-04-26
Pretty URL terlegramz.com/js/download.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-12 13:54:29 Last Seen2024-04-26 05:43:44 Times Seen1165 Hash 9b3fba1b3c1f07ebaa4cc0d8c627ce46 353ce9ff4ad2cf0dbddf1645425d6f6c6aa8e434 a01cfd51880bb90e4396b1df541b893dcd761de237e5409bba626c165244b2aa Loading...

	www.googletagmanager.com/gtag/js?id=UA-212845866-1&l=dataLayer&cx=c	202 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=UA-212845866-1&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:59:22 Last Seen2024-04-19 05:59:22 Times Seen2 Hash cc7fd1c626242f4cd9a31b550e4c4d60 ea183d232e4b79e209a6e867037efb05a86ca227 a51848201350725b5578b36198ffd6b46a840972b91ebdf34241bfb0bc71251d Loading...

	terlegramz.com/TG_ZH/index_files/js(1)	211 kB	2023-03-12	2024-04-26
Pretty URL terlegramz.com/TG_ZH/index_files/js(1) IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:05:48 Last Seen2024-04-26 05:43:44 Times Seen1336 Hash abfaa1e5adb26dd8dcee9ce4a2dc6148 467cd255cd9bd6fa0afdfd5813b52cda6cdc48fc 5a93b0bce4a0f9e2c5fe4117885c4d1adec6b2ab688ebfe5a32d492ea5e75ba9 Loading...

	terlegramz.com/js/downloadlist/t101.js	2.3 kB	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t101.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:59 Last Seen2024-04-26 05:43:44 Times Seen785 Hash 02087d80b01987cf992aa6c24d73020d 3359c89c9acab6ce06325fe63fb2c6b7fe9511ee 817240a7fd481deb0186a2a108cf98235d66be207c5f3ec85bb1f918257f422c Loading...

	terlegramz.com/js/downloadlist/t118.js	2.2 kB	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t118.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:59 Last Seen2024-04-26 05:43:44 Times Seen798 Hash 0e671e3aad1ac7a29b3931b42a3c1d12 aa4b3e472d97e5152950093793dc3095a2aa7ed8 2900c9f9c76ccba46cc629b0b63cfb208bccc9fe9e14856c81590f16f0a83c80 Loading...

	terlegramz.com/js/redirect.js	1.4 kB	2023-05-18	2024-04-26
Pretty URL terlegramz.com/js/redirect.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 00:58:47 Last Seen2024-04-26 05:43:44 Times Seen1155 Hash 2490e6600fce98123314f7170bb81756 e8fc4723f93c2f5527558c159998d4f864322a48 c3948e7959d9652e15a5b4ced6f078edfef982e4a37f73f2fac6d7e763d5f9ad Loading...

	terlegramz.com/TG_ZH/index.html	189 B	2023-03-12	2024-04-26
Pretty URL terlegramz.com/TG_ZH/index.html IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 21:05:48 Last Seen2024-04-26 05:43:43 Times Seen851 Hash ba308764957703be86acad39a720dd38 893a332a0183d9a04c2cfad9270a2c40db321b65 0ad9261293f4448a259fbdec3e4235abb10494721bec9eb4fa0b5005c9018444 Loading...

	terlegramz.com/sandbox%20eval%20code	147 B	2023-04-11	2024-05-02
Pretty URL terlegramz.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-02 09:39:33 Times Seen344013 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c	266 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:59:22 Last Seen2024-04-19 05:59:22 Times Seen2 Hash 54e73ce4839ab58dbaf55683f5f9b5fb c3ab4523d5a72faf56f061b2985c848ea403c1f8 47fcff71d074eb9fb86e6451e1d95be3c097bc4eb2e7461ad85b50b16d233808 Loading...

	www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c	266 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:59:22 Last Seen2024-04-19 05:59:22 Times Seen2 Hash aaa9a02369c572a2509cd5a4772d3f39 758aab134769be70a0451e8eb5b47c66dfa78d95 005a136d6218a06241a5862e1057bcfb7e2d6deabf877bbe84f05eb467ee5c58 Loading...

	terlegramz.com/js/downloadlist/t115.js	1.0 kB	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t115.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:59 Last Seen2024-04-26 05:43:44 Times Seen800 Hash 743d05427df4e95ab2247b2ab7ee5305 6bad00a45e8dcbb6ef587c893960085e3713492d 23c81fcc5ff70876037f4ae9ef436c0aaaf0702cc879b6c6d63b10653c30906e Loading...

	terlegramz.com/TG_ZH/index.html	0 B	2023-03-07	2024-05-02
Pretty URL terlegramz.com/TG_ZH/index.html IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-02 09:42:13 Times Seen37268840 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	terlegramz.com/js/downloadlist/dev.js	392 B	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/dev.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:58 Last Seen2024-04-26 05:43:44 Times Seen790 Hash 2971dd9c134ddb1e5ebfc17421409bce 80a8b5467c565d06bf1d4c9528449fd3e9e3f751 df9ef32fe813a92221dd511a3e0b42326c2fb5a2eb108e45287ae016c1019365 Loading...

	terlegramz.com/js/downloadlist/t117.js	2.1 kB	2023-09-11	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t117.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-11 13:49:19 Last Seen2024-04-26 05:43:44 Times Seen658 Hash 19f2305e9d91046dbb0a0aa18b8d423b 2d2cbe5a3b89a2688624a2abe17ede9e2892b918 e241fbfff68e33667c7a1b8f9a5b594f45510c5893a55a51e6c1ff291c78ba2f Loading...

	terlegramz.com/js/downloadlist/t125.js	5.0 kB	2023-12-05	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t125.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 13:18:47 Last Seen2024-04-26 05:43:44 Times Seen216 Hash ea48da5f8eb8db6ee3432ed5eef6f379 6c51506f7299b97c54522f27d716a390f185782b 96c3c0c0e62036edd61da5e0627a4066ff06843ab64742611bfba8cf11a1f258 Loading...

	terlegramz.com/TG_ZH/index_files/gtm.js.download	119 kB	2023-03-12	2024-04-26
Pretty URL terlegramz.com/TG_ZH/index_files/gtm.js.download IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:05:48 Last Seen2024-04-26 05:43:44 Times Seen1592 Hash c2f5efa78f85a28c9dbc2b5adac56ec5 4ccee472dbdfc7919cdcbe02f09692ed69fa5b95 8cbaae5ea817ea19555ba3c88649f6db86533c6a0fb945042ac060b0c446199c Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-02
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-02 09:39:34 Times Seen343506 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	terlegramz.com/js/downloadlist/t110.js	4.9 kB	2023-09-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t110.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-22 13:17:18 Last Seen2024-04-26 05:43:44 Times Seen611 Hash 9e8ac54dce89effadb3cc715caa5f92c 21ae925f6f9309e51ddeac494be72586a21e0aa5 111f892c1cec5412194f8475b9da3baf3d0f35433931e67d0f83426223f943c0 Loading...

	terlegramz.com/js/downloadlist/t111.js	2.1 kB	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t111.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:59 Last Seen2024-04-26 05:43:44 Times Seen798 Hash 4a7a58d9f7c286949dd871855413b756 dd9c3c33b71480f00b1b73f579812b394f3afad6 dd7f775b17c0076260d598464b4182bb20c8c4b4e72129a803fa2368007b7561 Loading...

	terlegramz.com/js/downloadlist/t112.js	447 B	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t112.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:59 Last Seen2024-04-26 05:43:44 Times Seen806 Hash f7a63afa6ec355ce766deed8ffa0c022 e3c6dd5b44208981a6b8de67c6cf3c8b47192090 51e6c343b8bfdaed3a028ec35d8ef7b1ae3005b29626ee5a56824fc9100cba83 Loading...

	terlegramz.com/js/downloadlist/t127.js	1.1 kB	2023-08-22	2024-04-26
Pretty URL terlegramz.com/js/downloadlist/t127.js IP 154.82.100.105 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 12:02:59 Last Seen2024-04-26 05:43:44 Times Seen800 Hash 7afa3d13ec1a7b1522b970b82cee5f3c af4fca474478a297e7beb224279b2c8e9f8906de 57e1ddd475399fe142ab60a79f8d803e1155db1e5842e11e974bfc848f73a2f1 Loading...

HTTP Transactions (66)

URL IP Response Size

terlegramz.com/

154.82.100.105

200 OK

476 B

URL User Request GET HTTP/2
terlegramz.com/
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
HTML document, ASCII text
Size
476 B (476 bytes)
Hash
6558055141a3d97f9cca7af47ec0e453
d13ab44e7508a71c1e4e35e788b45ae7488168ce
7cbf9f187f8d0ada6bae23489672fd84fd044b935c62099ff80ba28fa7b6565f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:53 GMT
content-type: text/html
content-length: 476
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 07:53:50 GMT
etag: "ee366c29367d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/redirect.js

154.82.100.105

200 OK

700 B

URL GET HTTP/2
terlegramz.com/js/redirect.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
700 B (700 bytes)
Hash
2490e6600fce98123314f7170bb81756
e8fc4723f93c2f5527558c159998d4f864322a48
c3948e7959d9652e15a5b4ced6f078edfef982e4a37f73f2fac6d7e763d5f9ad

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/redirect.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:53 GMT
content-type: application/javascript
content-length: 700
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 07:53:50 GMT
etag: "ee366c29367d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/config.js

154.82.100.105

200 OK

316 B

URL GET HTTP/2
terlegramz.com/js/config.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
316 B (316 bytes)
Hash
0f473dc8cb0eed8e543f26b9043a3fb6
56069d0c86850c8bcdef6495d213405e4a8b3f6d
e9885f72beec80104d584000fea488790bd8c910793bfb3879dc85c2fc54d98b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/config.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:53 GMT
content-type: application/javascript
content-length: 316
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:32:07 GMT
etag: "eef157667fad81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index.html

154.82.100.105

200 OK

6.6 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/index.html
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (430)
Size
6.6 kB (6629 bytes)
Hash
1cd80beb10e9c6a2b4fe22531b4ee94a
4d26f4436c260a6b671804361c0a83d17b34d45d
02a01d88474a06d372dc3412584bf7c252e03125166c241ebe684ec6a4e81e66

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index.html HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:53 GMT
content-type: text/html
content-length: 6629
content-encoding: gzip
last-modified: Sun, 18 Dec 2022 07:15:04 GMT
etag: "973c5c73b012d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/favicon.ico

154.82.100.105

404 Not Found

8.5 kB

URL GET HTTP/2
terlegramz.com/favicon.ico
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
8.5 kB (8529 bytes)
Hash
d60fe6e305f836d5b942b32278a7b1a7
072d98fd864ad203e2164af8fa5942b6c623bdc8
217997338677cb4c6028849c2c69b11146e515f0bc49c01fa18a3e5f66201204

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WhatsApp
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: NgxFence
date: Fri, 19 Apr 2024 03:58:53 GMT
content-type: text/html
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/telegram.css

154.82.100.105

200 OK

22 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/telegram.css
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text, with very long lines (1267)
Size
22 kB (22287 bytes)
Hash
081310a3179c096b57d01c1a7ef8f7c9
552a38700f9f99d7a060cd7739c75f4441595f08
8ddab33bd2921e0a99c5f9919ca4a9c22a11916db184f15b9501c0dd6a99947a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/telegram.css HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: text/css
content-length: 22287
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "0f32e44fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/t_logo.png

154.82.100.105

200 OK

11 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/t_logo.png
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
11 kB (11449 bytes)
Hash
2c84be4c4dec401d09a64498cbbd382d
1c7053b083d5e59ed5cb4912c5500f39beaf765e
88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/t_logo.png HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/png
content-length: 11449
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "c78ec444fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-5X96JGP

142.250.74.168

404 Not Found

1.6 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5X96JGP
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1582 bytes)
Hash
dec4e08a670adfda39c1786023575d93
b79c6430e9ae40bb406e82414e4dc16823e52dac
086d3cd81ad84e789f4c63f17d69b3b9e3c21e5e16c60969a9921dcaa6a6bc0e

HTTP Headers

GET /gtm.js?id=GTM-5X96JGP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: text/html; charset=UTF-8
server: Google Tag Manager
content-length: 1582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

terlegramz.com/file/cbc986292284a428e2.jpg

154.82.100.105

200 OK

147 kB

URL GET HTTP/2
terlegramz.com/file/cbc986292284a428e2.jpg
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x357, components 3
Size
147 kB (147023 bytes)
Hash
cee9bffa334b7617b4c695e6e00408f4
3967a9583b519497bcad6432bb5ef7ee9897b324
1a2b102a55c9f22ec06063eb2be4ee54f6ca0e21391c8b096ee9e0c08fe92d89

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /file/cbc986292284a428e2.jpg HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/jpeg
content-length: 147023
last-modified: Wed, 16 Nov 2022 05:52:12 GMT
etag: "7c3bf2927ff9d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/file/66eebb00fd46acb1ce.jpg

154.82.100.105

200 OK

171 kB

URL GET HTTP/2
terlegramz.com/file/66eebb00fd46acb1ce.jpg
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x374, components 3
Size
171 kB (171309 bytes)
Hash
98e1ad4f472359ad088f4a937ac00c32
55c5d6480be58cccc9f42456654cdd2a57489c32
adbb4d0a389cd244a73b98167b6ee4ce19f18a1c9a31e25628a618609ef0352c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /file/66eebb00fd46acb1ce.jpg HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/jpeg
content-length: 171309
last-modified: Wed, 16 Nov 2022 05:52:12 GMT
etag: "c7d8ef927ff9d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/gtm.js.download

154.82.100.105

200 OK

56 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/gtm.js.download
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
JavaScript source, ASCII text, with very long lines (1615)
Size
56 kB (56040 bytes)
Hash
c2f5efa78f85a28c9dbc2b5adac56ec5
4ccee472dbdfc7919cdcbe02f09692ed69fa5b95
8cbaae5ea817ea19555ba3c88649f6db86533c6a0fb945042ac060b0c446199c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/gtm.js.download HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: text/plain
content-length: 56040
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "a92bc244fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/main.js

154.82.100.105

200 OK

5.8 kB

URL GET HTTP/2
terlegramz.com/js/main.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
JavaScript source, ASCII text
Size
5.8 kB (5804 bytes)
Hash
401f247640476ab57f1562643278c690
88d3d9ce942bc4f83013a1f302fa57281c62dbd8
39a10a24888c4e0898d8c9c9ed332d88d0203c08d0f5cfbbf82c84cd9eee584f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/main.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: application/javascript
content-length: 5804
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 10:14:52 GMT
etag: "0f6254736f0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/download.js

154.82.100.105

200 OK

989 B

URL GET HTTP/2
terlegramz.com/js/download.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
989 B (989 bytes)
Hash
9b3fba1b3c1f07ebaa4cc0d8c627ce46
353ce9ff4ad2cf0dbddf1645425d6f6c6aa8e434
a01cfd51880bb90e4396b1df541b893dcd761de237e5409bba626c165244b2aa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/download.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: application/javascript
content-length: 989
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 11:30:20 GMT
etag: "0ee7de821b3d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/v652eace1692a40cfa3763df669d7439c1639079717194

154.82.100.105

200 OK

6.2 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/v652eace1692a40cfa3763df669d7439c1639079717194
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
JavaScript source, ASCII text, with very long lines (13970), with no line terminators
Size
6.2 kB (6247 bytes)
Hash
19514b1be5ee33b45d32c1fcd4c67ec2
bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: text/plain
content-length: 6247
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:19 GMT
etag: "a554c944fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-212845866-1&l=dataLayer&cx=c

142.250.74.168

200 OK

73 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-212845866-1&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (73227 bytes)
Hash
cc7fd1c626242f4cd9a31b550e4c4d60
ea183d232e4b79e209a6e867037efb05a86ca227
a51848201350725b5578b36198ffd6b46a840972b91ebdf34241bfb0bc71251d

HTTP Headers

GET /gtag/js?id=UA-212845866-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:58:55 GMT
expires: Fri, 19 Apr 2024 03:58:55 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73227
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c

142.250.74.168

200 OK

93 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3034)
Size
93 kB (92751 bytes)
Hash
54e73ce4839ab58dbaf55683f5f9b5fb
c3ab4523d5a72faf56f061b2985c848ea403c1f8
47fcff71d074eb9fb86e6451e1d95be3c097bc4eb2e7461ad85b50b16d233808

HTTP Headers

GET /gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:58:55 GMT
expires: Fri, 19 Apr 2024 03:58:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

terlegramz.com/img/t_main_Android_demo.mp4

154.82.100.105

404 Not Found

1.2 kB

URL GET HTTP/2
terlegramz.com/img/t_main_Android_demo.mp4
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
1.2 kB (1231 bytes)
Hash
d60fe6e305f836d5b942b32278a7b1a7
072d98fd864ad203e2164af8fa5942b6c623bdc8
217997338677cb4c6028849c2c69b11146e515f0bc49c01fa18a3e5f66201204

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WhatsApp
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/t_main_Android_demo.mp4 HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: text/html
content-length: 1231
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-NW6YF835DY&l=dataLayer&cx=c

142.250.74.168

200 OK

88 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-NW6YF835DY&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
88 kB (88475 bytes)
Hash
9bf6f2072a2f9580169044a05d67fda1
76508a4b56f632cee17dea17f25fc2e503817c1f
7cb5941dde5f23bad4d1cbf44799eed352f71ceb1a3957aeb21f0e2e0fd8cce3

HTTP Headers

GET /gtag/js?id=G-NW6YF835DY&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:58:55 GMT
expires: Fri, 19 Apr 2024 03:58:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88475
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

terlegramz.com/img/t_main_iOS_demo.mp4

154.82.100.105

404 Not Found

1.2 kB

URL GET HTTP/2
terlegramz.com/img/t_main_iOS_demo.mp4
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
1.2 kB (1231 bytes)
Hash
d60fe6e305f836d5b942b32278a7b1a7
072d98fd864ad203e2164af8fa5942b6c623bdc8
217997338677cb4c6028849c2c69b11146e515f0bc49c01fa18a3e5f66201204

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WhatsApp
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/t_main_iOS_demo.mp4 HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: text/html
content-length: 1231
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/img/twitter.png

154.82.100.105

200 OK

1.3 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/img/twitter.png
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
PNG image data, 21 x 17, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1272 bytes)
Hash
1ed9bf7633f4f449c8d2df94ea0eb35f
2902ba9c2b127c74c2550298a0578d7d8da941c2
e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/img/twitter.png HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index_files/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/png
content-length: 1272
last-modified: Sat, 24 Sep 2022 10:13:13 GMT
etag: "351e4441fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c

142.250.74.168

200 OK

93 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3034)
Size
93 kB (92800 bytes)
Hash
aaa9a02369c572a2509cd5a4772d3f39
758aab134769be70a0451e8eb5b47c66dfa78d95
005a136d6218a06241a5862e1057bcfb7e2d6deabf877bbe84f05eb467ee5c58

HTTP Headers

GET /gtag/js?id=G-VE3X12E1EV&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:58:55 GMT
expires: Fri, 19 Apr 2024 03:58:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92800
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

terlegramz.com/TG_ZH/img/SiteAndroid.jpg?2

154.82.100.105

200 OK

21 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/img/SiteAndroid.jpg?2
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 290x270, components 3
Size
21 kB (21090 bytes)
Hash
f5eb8dcf9b18f19053034101e920574e
9513c6c5e39669ad27132d470008955dbaae61f0
15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/img/SiteAndroid.jpg?2 HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index_files/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/jpeg
content-length: 21090
last-modified: Sat, 24 Sep 2022 10:13:13 GMT
etag: "57903a41fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/img/SiteiOS.jpg?2

154.82.100.105

200 OK

31 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/img/SiteiOS.jpg?2
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 442x270, components 3
Size
31 kB (31305 bytes)
Hash
89486a05599a1cfd549f8fb2d70e7d73
24867697525df19b88e79d75ff32384eba57b321
5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/img/SiteiOS.jpg?2 HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index_files/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/jpeg
content-length: 31305
last-modified: Sat, 24 Sep 2022 10:13:13 GMT
etag: "622d3d41fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/js

154.82.100.105

200 OK

51 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
JavaScript source, ASCII text, with very long lines (1615)
Size
51 kB (50938 bytes)
Hash
d28613ff9ab6c4f187868ad0543de0f3
9be8b9973f87458167e984bf5ca3ea11651d4c98
377a867c84d7622e8505d60ab3f2cd91c2bee74035d45971e9fd11f904cc3da6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: text/plain
content-length: 50938
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "a92bc244fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=terlegramz.com%2FTG_ZH%2Findex.html&tdp=G-VE3X12E1EV;79544094;0;2;0&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=terlegramz.com%2FTG_ZH%2Findex.html&tdp=G-VE3X12E1EV;79544094;0;2;0&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=terlegramz.com%2FTG_ZH%2Findex.html&tdp=G-VE3X12E1EV;79544094;0;2;0&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 03:58:55 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/td?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=terlegramz.com%2FTG_ZH%2Findex.html&tdp=G-VE3X12E1EV;79544094;0;2;0&z=0

142.250.74.168

204 No Content

0 B

URL GET HTTP/3
www.googletagmanager.com/td?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=terlegramz.com%2FTG_ZH%2Findex.html&tdp=G-VE3X12E1EV;79544094;0;2;0&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /td?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=terlegramz.com%2FTG_ZH%2Findex.html&tdp=G-VE3X12E1EV;79544094;0;2;0&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Fri, 19 Apr 2024 03:58:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

terlegramz.com/TG_ZH/img/SiteDesktop.jpg?2

154.82.100.105

200 OK

98 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/img/SiteDesktop.jpg?2
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1246x260, components 3
Size
98 kB (97628 bytes)
Hash
fa44f18971e0750249cbcf34f66ae11a
0b4017cad011b2ef346094e1c37abb912fa9b7d7
9d47030d555e1765171c05b57ed755744d6051364674efbd99a98df9ec7fa9cd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/img/SiteDesktop.jpg?2 HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index_files/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/jpeg
content-length: 97628
last-modified: Sat, 24 Sep 2022 10:13:13 GMT
etag: "36f33c41fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&tr=1ccdemoutboundclick.1ccdemdownload.1ccdemvideo.1ccdemsitesearch.1ccdemscroll.1ccdempageview.1ccdconversionmarking.1setproductsettings.1ogtgooglesignals&ti=2ccdemoutboundclick.2ccdemdownload.2ccdemvideo.2ccdemsitesearch.2ccdemscroll.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&tr=1ccdemoutboundclick.1ccdemdownload.1ccdemvideo.1ccdemsitesearch.1ccdemscroll.1ccdempageview.1ccdconversionmarking.1setproductsettings.1ogtgooglesignals&ti=2ccdemoutboundclick.2ccdemdownload.2ccdemvideo.2ccdemsitesearch.2ccdemscroll.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&tr=1ccdemoutboundclick.1ccdemdownload.1ccdemvideo.1ccdemsitesearch.1ccdemscroll.1ccdempageview.1ccdconversionmarking.1setproductsettings.1ogtgooglesignals&ti=2ccdemoutboundclick.2ccdemdownload.2ccdemvideo.2ccdemsitesearch.2ccdemscroll.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 03:58:55 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

terlegramz.com/TG_ZH/img/SiteLogos.png

154.82.100.105

404 Not Found

530 B

URL GET HTTP/2
terlegramz.com/TG_ZH/img/SiteLogos.png
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
530 B (530 bytes)
Hash
d60fe6e305f836d5b942b32278a7b1a7
072d98fd864ad203e2164af8fa5942b6c623bdc8
217997338677cb4c6028849c2c69b11146e515f0bc49c01fa18a3e5f66201204

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WhatsApp
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/img/SiteLogos.png HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index_files/telegram.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: text/html
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 03:58:55 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtag.config&eid=4&u=AAAAAAAAAAAAAIAAAAAAAABA&h=Ag&epr=1G.2G&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtag.config&eid=4&u=AAAAAAAAAAAAAIAAAAAAAABA&h=Ag&epr=1G.2G&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtag.config&eid=4&u=AAAAAAAAAAAAAIAAAAAAAABA&h=Ag&epr=1G.2G&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 03:58:55 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-NW6YF835DY&l=dataLayer&cx=c

142.250.74.168

200 OK

88 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-NW6YF835DY&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
88 kB (88501 bytes)
Hash
fab4ca82279f6e4657b8400d4e0ad46a
843ff5e87f2df8b751af581f7e10e6a895da5e20
52c1572f1536cc1b73aceb90a06e74961d9375e17ce5daa06a05e69a0021bf7f

HTTP Headers

GET /gtag/js?id=G-NW6YF835DY&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:58:55 GMT
expires: Fri, 19 Apr 2024 03:58:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

terlegramz.com/js/config.js

154.82.100.105

200 OK

316 B

URL GET HTTP/2
terlegramz.com/js/config.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
316 B (316 bytes)
Hash
0f473dc8cb0eed8e543f26b9043a3fb6
56069d0c86850c8bcdef6495d213405e4a8b3f6d
e9885f72beec80104d584000fea488790bd8c910793bfb3879dc85c2fc54d98b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/config.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:55 GMT
content-type: application/javascript
content-length: 316
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:32:07 GMT
etag: "eef157667fad81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/dev.js

154.82.100.105

200 OK

332 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/dev.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
332 B (332 bytes)
Hash
2971dd9c134ddb1e5ebfc17421409bce
80a8b5467c565d06bf1d4c9528449fd3e9e3f751
df9ef32fe813a92221dd511a3e0b42326c2fb5a2eb108e45287ae016c1019365

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/dev.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 332
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:37:33 GMT
etag: "c7bfbc83cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t101.js

154.82.100.105

200 OK

526 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t101.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
526 B (526 bytes)
Hash
02087d80b01987cf992aa6c24d73020d
3359c89c9acab6ce06325fe63fb2c6b7fe9511ee
817240a7fd481deb0186a2a108cf98235d66be207c5f3ec85bb1f918257f422c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t101.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 526
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "9d33e463cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t108.js

154.82.100.105

200 OK

608 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t108.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
608 B (608 bytes)
Hash
19610ffffb5f8db346ac477b61881b9a
6c67ec85150a99971ebc6154d93abc63e68e6f3f
25cb46b283e4f73d90fa61138ad36987d098d83abfd2a4e2c0cce04b0352b106

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t108.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 608
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 11:49:04 GMT
etag: "2a514673a26bd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t168.js

154.82.100.105

200 OK

676 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t168.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
676 B (676 bytes)
Hash
34b8fd5e497198a6d70f87efb668ee35
bcfbe419a14aa108eddca6c96fe208f6cd544a16
3408cd96b5a919c1a85cc41d0dc11c59e86ff5e2b5cfc5cb910eee9609f5e1e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t168.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 676
content-encoding: gzip
last-modified: Mon, 09 Oct 2023 04:04:54 GMT
etag: "03725c265fad91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t188.js

154.82.100.105

200 OK

407 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t188.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
407 B (407 bytes)
Hash
368211d1070c79e6a773514dbca26609
16238b82f8cb185568aa9fa8dc60883dd194d2d1
500bbd002818cf0e7c190b19e9c11f76f2c07eeb8a61f8230a92fc3b9e5115fa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t188.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 407
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 06:18:40 GMT
etag: "3bda73ebaffda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t888.js

154.82.100.105

200 OK

495 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t888.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
495 B (495 bytes)
Hash
f5f4169266f561dc31defb576f011271
0081b577b30cebb75724f3132e04cfa6b61be037
a9621c2d617dc70b2e069a909f47485f3725937352047a33ce2c906e31b3e52a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t888.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 495
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 05:51:57 GMT
etag: "80bc5e8f706bd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t110.js

154.82.100.105

200 OK

769 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t110.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
769 B (769 bytes)
Hash
9e8ac54dce89effadb3cc715caa5f92c
21ae925f6f9309e51ddeac494be72586a21e0aa5
111f892c1cec5412194f8475b9da3baf3d0f35433931e67d0f83426223f943c0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t110.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 769
content-encoding: gzip
last-modified: Fri, 22 Sep 2023 04:34:36 GMT
etag: "0164717eedd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t111.js

154.82.100.105

200 OK

616 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t111.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
616 B (616 bytes)
Hash
4a7a58d9f7c286949dd871855413b756
dd9c3c33b71480f00b1b73f579812b394f3afad6
dd7f775b17c0076260d598464b4182bb20c8c4b4e72129a803fa2368007b7561

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t111.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 616
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "9d33e463cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t112.js

154.82.100.105

200 OK

344 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t112.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
344 B (344 bytes)
Hash
f7a63afa6ec355ce766deed8ffa0c022
e3c6dd5b44208981a6b8de67c6cf3c8b47192090
51e6c343b8bfdaed3a028ec35d8ef7b1ae3005b29626ee5a56824fc9100cba83

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t112.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 344
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "9d33e463cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t117.js

154.82.100.105

200 OK

608 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t117.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
608 B (608 bytes)
Hash
19f2305e9d91046dbb0a0aa18b8d423b
2d2cbe5a3b89a2688624a2abe17ede9e2892b918
e241fbfff68e33667c7a1b8f9a5b594f45510c5893a55a51e6c1ff291c78ba2f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t117.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 608
content-encoding: gzip
last-modified: Mon, 11 Sep 2023 07:02:24 GMT
etag: "ad6286ea7de4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t118.js

154.82.100.105

200 OK

501 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t118.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
501 B (501 bytes)
Hash
0e671e3aad1ac7a29b3931b42a3c1d12
aa4b3e472d97e5152950093793dc3095a2aa7ed8
2900c9f9c76ccba46cc629b0b63cfb208bccc9fe9e14856c81590f16f0a83c80

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t118.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 501
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "ed96e663cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/js(1)

154.82.100.105

200 OK

94 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/js(1)
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
JavaScript source, ASCII text, with very long lines (15517)
Size
94 kB (93707 bytes)
Hash
7a9e4aaf55542554e3c0e472f62d9ebc
5f90438759652eac3e1308f424f4a028c73fc31c
9b15a0effa2ee1c9ebec3078b1f4240fcc562e0d24ede119b09acd45f334bcf7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/js(1) HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: text/plain
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "a92bc244fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t109.js

154.82.100.105

200 OK

418 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t109.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
418 B (418 bytes)
Hash
08237d27309671227c0fdae0778aa361
97bf37ed683c6768f2c2ad30054610c2e0707259
a0fe39acb33ef027a796a95991f0851513cb40c76a05da7bccfe0b5b62acf723

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t109.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 418
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "9d33e463cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t115.js

154.82.100.105

200 OK

399 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t115.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
399 B (399 bytes)
Hash
743d05427df4e95ab2247b2ab7ee5305
6bad00a45e8dcbb6ef587c893960085e3713492d
23c81fcc5ff70876037f4ae9ef436c0aaaf0702cc879b6c6d63b10653c30906e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t115.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 399
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "9d33e463cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t121.js

154.82.100.105

200 OK

396 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t121.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text, with CRLF line terminators
Size
396 B (396 bytes)
Hash
48e1282d8f6a96f296d445c641c06d00
9d3072dd2e38c03b2fc911983da0799c1926565d
ad7049fae9e9cf23c1146381b5d33f88f317b03a9d83037df5b680155182076c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t121.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 396
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "ed96e663cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t123.js

154.82.100.105

200 OK

456 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t123.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text, with CRLF line terminators
Size
456 B (456 bytes)
Hash
0fb9e618fd33a073988476434552f926
2cc2360494bebcc34e4b63da0a0b6cac8946084a
7eea03bda30f9e9ffa2b4bfc96af1b9cb2dc706d509d036610c5043edaa64163

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t123.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 456
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "ed96e663cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t125.js

154.82.100.105

200 OK

870 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t125.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text, with CRLF line terminators
Size
870 B (870 bytes)
Hash
ea48da5f8eb8db6ee3432ed5eef6f379
6c51506f7299b97c54522f27d716a390f185782b
96c3c0c0e62036edd61da5e0627a4066ff06843ab64742611bfba8cf11a1f258

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t125.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 870
content-encoding: gzip
last-modified: Fri, 01 Dec 2023 10:23:08 GMT
etag: "08eb7604024da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t127.js

154.82.100.105

200 OK

411 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t127.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
411 B (411 bytes)
Hash
7afa3d13ec1a7b1522b970b82cee5f3c
af4fca474478a297e7beb224279b2c8e9f8906de
57e1ddd475399fe142ab60a79f8d803e1155db1e5842e11e974bfc848f73a2f1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t127.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 411
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:43:57 GMT
etag: "eb76ef6c4d4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t126.js

154.82.100.105

200 OK

368 B

URL GET HTTP/2
terlegramz.com/js/downloadlist/t126.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text
Size
368 B (368 bytes)
Hash
1d18f93402ead068f68caa3fa3d9d6f4
2f2dda71b403f2d4b926371de49720de8c6c3ac6
9e3d0e5c2f70c6a337c99df23ca98b53093175d9f562d42d46009c3abb6ca4bd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t126.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 368
content-encoding: gzip
last-modified: Fri, 29 Sep 2023 08:59:51 GMT
etag: "8a2bcb4eb3f2d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/911807f65dfb4f8f20.gif

154.82.100.105

200 OK

2.0 MB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/911807f65dfb4f8f20.gif
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
GIF image data, version 89a, 512 x 512
Size
2.0 MB (2002471 bytes)
Hash
6a88bbd5858b7d9234fb7d0c6c5059a6
c3412d69dfa2ce6b208d52e6842ea7807cff42d3
f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/911807f65dfb4f8f20.gif HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/gif
content-length: 2002471
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "d4fb644fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/d4b936ecc2c939f4fa.gif

154.82.100.105

200 OK

2.2 MB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/d4b936ecc2c939f4fa.gif
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
GIF image data, version 89a, 512 x 512
Size
2.2 MB (2202471 bytes)
Hash
9f6cb1e0d2a29541764755e05b484de7
d443f92ed7059a30db98857f6c5c290589ebfe24
abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/d4b936ecc2c939f4fa.gif HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/gif
content-length: 2202471
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "9565bd44fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/7318c11715aa2ec45b.gif

154.82.100.105

200 OK

2.3 MB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/7318c11715aa2ec45b.gif
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
GIF image data, version 89a, 512 x 512
Size
2.3 MB (2254846 bytes)
Hash
999ccb074c15d6377f97302832038c14
c08b94482ad5540f68a896f30cc890474c058e1d
15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/7318c11715aa2ec45b.gif HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/gif
content-length: 2254846
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "e5feb344fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/dd4eeb46cc5efc0688.gif

154.82.100.105

200 OK

2.4 MB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/dd4eeb46cc5efc0688.gif
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
GIF image data, version 89a, 512 x 512
Size
2.4 MB (2415534 bytes)
Hash
cbd2d6af702cab22fb23c7d159abc428
c0b6c9da2c8da897c00df0a6569d2fd2540dbc1f
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/dd4eeb46cc5efc0688.gif HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/gif
content-length: 2415534
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "9565bd44fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/feb1e161b1d3608613.gif

154.82.100.105

200 OK

2.4 MB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/feb1e161b1d3608613.gif
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
GIF image data, version 89a, 512 x 512
Size
2.4 MB (2424803 bytes)
Hash
14c0a01070573bc00e0f462023e8162f
8d8725f9bdbe99060b86e0a03434bb5c4e3be8af
116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/feb1e161b1d3608613.gif HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/gif
content-length: 2424803
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "a92bc244fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/f3cec6c451d023c109.gif

154.82.100.105

200 OK

2.7 MB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/f3cec6c451d023c109.gif
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
GIF image data, version 89a, 512 x 512
Size
2.7 MB (2700330 bytes)
Hash
21528f532493017ca7a8cdfa73ba1f09
798073fd3b30c0688787edac94667d6025b027ae
3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/f3cec6c451d023c109.gif HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/gif
content-length: 2700330
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "e5c8bf44fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/b6c5dbc0e4f6553805.gif

154.82.100.105

200 OK

3.1 MB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/b6c5dbc0e4f6553805.gif
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
GIF image data, version 89a, 512 x 512
Size
3.1 MB (3145277 bytes)
Hash
5433cf6cf6daa107f38cc2f2b221adc5
84156830cc0e51264342c37f2043c441562b137f
321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/b6c5dbc0e4f6553805.gif HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/gif
content-length: 3145277
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "cc2bb44fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/9ce5fa5f3fb74460b4.gif

154.82.100.105

200 OK

3.3 MB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/9ce5fa5f3fb74460b4.gif
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
GIF image data, version 89a, 512 x 512
Size
3.3 MB (3327196 bytes)
Hash
3ca4222d4871d2c299e44dbbd14ebb46
19ee2e1c0d6da440c08076dc1a657c8e58aa0662
e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/9ce5fa5f3fb74460b4.gif HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/gif
content-length: 3327196
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "549fb844fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/TG_ZH/index_files/7d57d7159cf4fbe9b2.gif

154.82.100.105

200 OK

3.4 MB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/7d57d7159cf4fbe9b2.gif
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
GIF image data, version 89a, 512 x 512
Size
3.4 MB (3422486 bytes)
Hash
e60746b12f4e6cca778727472f415218
4e3b517a1911d891d018bc63b66e1b69837a3e15
b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/7d57d7159cf4fbe9b2.gif HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: image/gif
content-length: 3422486
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "d4fb644fecfd81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.load&eid=12&u=AgAAAAAAAAAAAIAAAAAAAABA&h=Ag&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.load&eid=12&u=AgAAAAAAAAAAAIAAAAAAAABA&h=Ag&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtm.load&eid=12&u=AgAAAAAAAAAAAIAAAAAAAABA&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 03:59:01 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

terlegramz.com/cdn-cgi/rum?

154.82.100.105

404 Not Found

7.5 kB

URL POST HTTP/2
terlegramz.com/cdn-cgi/rum?
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
d60fe6e305f836d5b942b32278a7b1a7
072d98fd864ad203e2164af8fa5942b6c623bdc8
217997338677cb4c6028849c2c69b11146e515f0bc49c01fa18a3e5f66201204

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1104
Origin: https://terlegramz.com
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: NgxFence
date: Fri, 19 Apr 2024 03:59:00 GMT
content-type: text/html
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&tr=1gct&ti=1gct&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&tr=1gct&ti=1gct&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-VE3X12E1EV&v=3&t=t&pid=1216185956&cv=1&rv=44h0&tc=10&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&tr=1gct&ti=1gct&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 03:58:55 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

terlegramz.com/TG_ZH/index_files/bootstrap.min.css

154.82.100.105

200 OK

42 kB

URL GET HTTP/2
terlegramz.com/TG_ZH/index_files/bootstrap.min.css
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text, with very long lines (42164)
Size
42 kB (42523 bytes)
Hash
c2656e265ef58a9cc9f4b70b15da5fb9
85c5ebdb89d4574d72688c2650d4b84b9b09770a
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TG_ZH/index_files/bootstrap.min.css HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:54 GMT
content-type: text/css
content-length: 7999
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 10:13:18 GMT
etag: "0f32e44fecfd81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

terlegramz.com/js/downloadlist/t158.js

154.82.100.105

200 OK

1.8 kB

URL GET HTTP/2
terlegramz.com/js/downloadlist/t158.js
IP
154.82.100.105:443
ASN
#399077 TERAEXCH

Requested by
https://terlegramz.com/TG_ZH/index.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectterlegramz.com
FingerprintB4:F9:10:3E:52:FE:EB:1B:86:FC:4C:85:73:AD:AA:3F:74:49:19:63
ValidityMon, 10 Jul 2023 10:03:42 GMT - Thu, 08 Aug 2024 10:03:41 GMT

File type
ASCII text, with very long lines (1981), with no line terminators
Size
1.8 kB (1802 bytes)
Hash
a5585e246e9d80e7abc7cfc83dce8e56
4153df953b26c3519dbd80717f61be12a4465e17
5bb5244ae2f62dae815263d01d2f07e1cb85c4d57352ef7644c6917aa7460fe9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/downloadlist/t158.js HTTP/1.1
Host: terlegramz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://terlegramz.com/TG_ZH/index.html
Cookie: _ga_VE3X12E1EV=GS1.1.1713499135.1.0.1713499135.0.0.0; _ga=GA1.1.1382878232.1713499135; _ga_NW6YF835DY=GS1.1.1713499135.1.0.1713499135.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: NgxFence
date: Fri, 19 Apr 2024 03:58:56 GMT
content-type: application/javascript
content-length: 446
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 07:36:40 GMT
etag: "ed96e663cbd4d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML