Report - uzbancolish.shop/

Report Overview

Submitted URL
uzbancolish.shop/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-28 17:53:23
Access
public
Website Title
Telegram
Final URL
uzbancolish.shop/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-03-28	3.2 kB	198 kB	142.250.74.99
webk.telegram.org	507300	2003-12-15	2021-06-03	2024-02-27	884 B	4.2 kB	149.154.167.99
uzbancolish.shop	unknown	unknown	No data	No data	473 B	14 kB	188.114.96.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-03-28	483 B	22 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-03-28	903 B	5.0 kB	104.17.25.14
cdn-icons-png.flaticon.com	79607	2013-05-10	2021-09-02	2024-03-28	451 B	4.4 kB	95.101.10.34
i.ibb.co	13485	2010-07-20	2018-11-25	2024-03-28	887 B	23 kB	162.19.58.156
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-03-28	431 B	32 kB	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	uzbancolish.shop/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	uzbancolish.shop	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js	90 kB	2023-03-07	2024-04-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:27 Last Seen2024-04-27 07:48:43 Times Seen23065 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js	5.0 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:29 Last Seen2024-04-26 09:26:29 Times Seen5251 Hash c8f50397e0560719c62a35318f413e16 a643db87287e6e940fbabe6d8cfee5a8775692d8 a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655 Loading...

	uzbancolish.shop/	3.3 kB	2023-07-05	2024-04-12
Pretty URL uzbancolish.shop/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-05 15:02:06 Last Seen2024-04-12 19:25:48 Times Seen29 Hash 295226cd55242585dcbea5789411e8db 3cf6d54d0d85b0989c89c27d077a87eb5dd61666 3f85de2898d4f942d03ce5a8df233584f8a421a716a6dc1ea69ccf76762d0ec6 Loading...

HTTP Transactions (16)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

104.17.25.14

200 OK

1.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uzbancolish.shop/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4862)
Size
1.4 kB (1399 bytes)
Hash
c8f50397e0560719c62a35318f413e16
a643db87287e6e940fbabe6d8cfee5a8775692d8
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

HTTP Headers

GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uzbancolish.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 17:52:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 1399
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-1359"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2511758
expires: Tue, 18 Mar 2025 17:52:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ga4wQJ2VpHVo480yEcObobG8xledL7YWlHQy%2B%2B1s9ULEkUuFeGKMWjkUntypmLAH%2Fk4n8R02SYQHHvTMwp4DAPzceh622TBk6RgzERInkv%2FYG1jQzVlEtbBV7aRfBSMtYvftzgW3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86b97a1a7e9556a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

104.17.25.14

200 OK

1.5 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uzbancolish.shop/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3201), with no line terminators
Size
1.5 kB (1541 bytes)
Hash
54e7ff4998b2900efc138ead15e54a93
928eeaad352ee4698ec1dddad216ec38424cfee3
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

HTTP Headers

GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uzbancolish.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 17:52:58 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1891737
expires: Tue, 18 Mar 2025 17:52:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BdpCXajDtilnCnSr4wbSHriXCAGcfxbDNgji5fm0tDl8gS116zBmia3Qg0jpNcg1i32OEsvPlk8szpnJzguBc%2B12Ehsv8%2BWBe8AgZ4Yob%2BZJ1WVCn%2Bo8gqzVQhILco7v1mKHIHoS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86b97a1a9ec956a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-icons-png.flaticon.com/512/1/1687.png

95.101.10.34

200 OK

3.7 kB

URL GET HTTP/2
cdn-icons-png.flaticon.com/512/1/1687.png
IP
95.101.10.34:443
ASN
#20940 Akamai International B.V.

Requested by
https://uzbancolish.shop/
Certificate
IssuerLet's Encrypt
Subject*.flaticon.com
Fingerprint0B:76:2A:53:F3:68:3C:D2:1C:6E:D1:3A:0D:9A:5C:87:B6:FD:31:52
ValidityMon, 29 Jan 2024 19:40:59 GMT - Sun, 28 Apr 2024 19:40:58 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced
Size
3.7 kB (3735 bytes)
Hash
2edb56f9746ee735d5c43860956b345f
937ce08d991cd4ed977cc23a12f393e64e647c31
8e504d38f5ef7ac75ec702ad8c0f21534363983db1a6eb163bc497d3a8c57a29

HTTP Headers

GET /512/1/1687.png HTTP/1.1
Host: cdn-icons-png.flaticon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uzbancolish.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 18 Sep 2023 14:10:28 GMT
etag: "2edb56f9746ee735d5c43860956b345f"
x-goog-generation: 1695046228169748
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3735
x-amz-meta-goog-reserved-file-mtime: 1465289292
x-amz-meta-x-goog-reserved-source-generation: 1634265101145661
content-type: image/png
x-amz-checksum-crc32c: 2qfExQ==
accept-ranges: bytes
content-length: 3735
expires: Thu, 28 Mar 2024 17:52:58 GMT
date: Thu, 28 Mar 2024 17:52:58 GMT
vary: Accept-Encoding
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=31536000
x-default-rule: YES
X-Firefox-Spdy: h2

i.ibb.co/Y8123yT/image.png

162.19.58.156

200 OK

16 kB

URL GET HTTP/2
i.ibb.co/Y8123yT/image.png
IP
162.19.58.156:443
ASN
#16276 OVH SAS

Requested by
https://uzbancolish.shop/
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint47:33:B4:39:55:FC:BC:18:08:79:9C:6C:9D:F3:CF:3A:89:C4:99:62
ValidityWed, 07 Feb 2024 12:41:56 GMT - Tue, 07 May 2024 12:41:55 GMT

File type
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
Size
16 kB (16117 bytes)
Hash
4d6fbf8e3d8e97118e99b3622d67494c
54f89136b6d70a888f1ae9b65d56e7c7d4d49462
f488259c103e3926c874249e85115c8e2b62f4ba9522be78fa97e62c02c1c98c

HTTP Headers

GET /Y8123yT/image.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uzbancolish.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:52:58 GMT
content-type: image/png
content-length: 16117
last-modified: Sat, 15 Oct 2022 00:49:39 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/VQfqFm1/telegram-1024x1024-1.png

162.19.58.156

200 OK

5.9 kB

URL GET HTTP/2
i.ibb.co/VQfqFm1/telegram-1024x1024-1.png
IP
162.19.58.156:443
ASN
#16276 OVH SAS

Requested by
https://uzbancolish.shop/
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint47:33:B4:39:55:FC:BC:18:08:79:9C:6C:9D:F3:CF:3A:89:C4:99:62
ValidityWed, 07 Feb 2024 12:41:56 GMT - Tue, 07 May 2024 12:41:55 GMT

File type
PNG image data, 1024 x 1024, 1-bit colormap, non-interlaced
Size
5.9 kB (5919 bytes)
Hash
c085998a03f40d65949aa425df01ab4b
ef91fc1ebe462e084d38d6061b6545261be9924d
dcc7d4ed6eeb4adb4b7dfaee1807fee93c716bf092046e37105799048c3d6cd3

HTTP Headers

GET /VQfqFm1/telegram-1024x1024-1.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uzbancolish.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:52:58 GMT
content-type: image/png
content-length: 5919
last-modified: Thu, 22 Jun 2023 14:44:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://uzbancolish.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31100 bytes)
Hash
00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

HTTP Headers

GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uzbancolish.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:33:09 GMT
expires: Fri, 28 Mar 2025 02:33:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 55189
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.99

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://uzbancolish.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uzbancolish.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:22:14 GMT
expires: Fri, 28 Mar 2025 17:22:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 1844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.99

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://uzbancolish.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uzbancolish.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:22:14 GMT
expires: Fri, 28 Mar 2025 17:22:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 1844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2

142.250.74.99

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://uzbancolish.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17600, version 1.0
Size
18 kB (17600 bytes)
Hash
fdccea76ce7e735503cffbd2accfb7bb
26dff59a8a80b3d4a7361df4cdb948dc0e183a79
eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uzbancolish.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:38:54 GMT
expires: Fri, 28 Mar 2025 17:38:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:48:34 GMT
content-type: font/woff2
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2

142.250.74.99

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://uzbancolish.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17600, version 1.0
Size
18 kB (17600 bytes)
Hash
fdccea76ce7e735503cffbd2accfb7bb
26dff59a8a80b3d4a7361df4cdb948dc0e183a79
eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uzbancolish.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:38:54 GMT
expires: Fri, 28 Mar 2025 17:38:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:48:34 GMT
content-type: font/woff2
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2

142.250.74.99

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://uzbancolish.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17600, version 1.0
Size
18 kB (17600 bytes)
Hash
fdccea76ce7e735503cffbd2accfb7bb
26dff59a8a80b3d4a7361df4cdb948dc0e183a79
eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uzbancolish.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:38:54 GMT
expires: Fri, 28 Mar 2025 17:38:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:48:34 GMT
content-type: font/woff2
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.99

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://uzbancolish.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uzbancolish.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:22:14 GMT
expires: Fri, 28 Mar 2025 17:22:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 1844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

webk.telegram.org/assets/img/favicon-32x32.png

149.154.167.99

200 OK

1.8 kB

URL GET HTTP/2
webk.telegram.org/assets/img/favicon-32x32.png
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://uzbancolish.shop/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.org
FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30
ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
1.8 kB (1800 bytes)
Hash
ad64c15c450502f85e135b27d272512b
f444663ccd6be7d21fe7d38d7dc2359805b0f6da
8e18aee6e70418e31cb2bb69f441ef33083586dd3a5c5d1d335562b840a9ac87

HTTP Headers

GET /assets/img/favicon-32x32.png HTTP/1.1
Host: webk.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uzbancolish.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 28 Mar 2024 17:52:58 GMT
content-type: image/png
content-length: 1800
last-modified: Tue, 07 Jun 2022 14:34:10 GMT
etag: "629f61e2-708"
expires: Thu, 28 Mar 2024 18:52:58 GMT
cache-control: max-age=3600
x-frame-options: deny
accept-ranges: bytes
X-Firefox-Spdy: h2

webk.telegram.org/assets/img/favicon-32x32.png

149.154.167.99

200 OK

1.8 kB

URL GET HTTP/2
webk.telegram.org/assets/img/favicon-32x32.png
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://uzbancolish.shop/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.org
FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30
ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
1.8 kB (1800 bytes)
Hash
ad64c15c450502f85e135b27d272512b
f444663ccd6be7d21fe7d38d7dc2359805b0f6da
8e18aee6e70418e31cb2bb69f441ef33083586dd3a5c5d1d335562b840a9ac87

HTTP Headers

GET /assets/img/favicon-32x32.png HTTP/1.1
Host: webk.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uzbancolish.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 28 Mar 2024 17:52:58 GMT
content-type: image/png
content-length: 1800
last-modified: Tue, 07 Jun 2022 14:34:10 GMT
etag: "629f61e2-708"
expires: Thu, 28 Mar 2024 18:52:58 GMT
cache-control: max-age=3600
x-frame-options: deny
accept-ranges: bytes
X-Firefox-Spdy: h2

uzbancolish.shop/

188.114.96.1

200 OK

13 kB

URL User Request GET HTTP/2
uzbancolish.shop/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectuzbancolish.shop
Fingerprint76:9D:82:88:CD:1A:E1:77:6F:9B:24:97:5A:7D:C4:83:CD:06:FF:58
ValiditySat, 24 Feb 2024 06:23:22 GMT - Fri, 24 May 2024 06:23:21 GMT

File type

Size
13 kB (13011 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: uzbancolish.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 17:52:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2F3CF%2BU7a57rm7Q7skZDqIZPEfL4iHpvXyGwljW%2BsWU%2FUSe1xrhhNHWL8QfExCQ4dGE%2B3AItHPmNHU6ip95%2BYUAZggKI3qX3rouWD53to1AIFkBKWDH%2Bj2Sh1CGuQKO58xHi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b97a18ec64712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

22 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://uzbancolish.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
ASCII text
Size
22 kB (21726 bytes)
Hash
9842b200db0dffb68c6b53eaacc8c0bc
66b0afafc96a0f5ae9dd9e969d0c407200cec696
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7

HTTP Headers

GET /css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uzbancolish.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 17:52:58 GMT
date: Thu, 28 Mar 2024 17:52:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate