Report - sigtn.com////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina。com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$

Report Overview

Visited public
2024-05-13 05:55:56
Tags
URL
sigtn.com////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina。com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$
Finishing URL
t.me/ONNXIT
IP / ASN
45.60.63.178
#19551 INCAPSULA
Title
Telegram: Contact @ONNXIT

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn4.cdn-telegram.org	unknown	unknown	No data	No data	771 B	13 kB	34.111.35.152
www.sigtn.com	991771	unknown	No data	No data	1.5 kB	2.5 kB	45.60.65.178
www.shopritedelivers.com	unknown	unknown	No data	No data	612 B	790 B	104.45.158.242
joshare.shareonlinefilemcrosoftnline.ru	unknown	unknown	No data	No data	587 B	4.9 kB	172.67.197.137
telegram.org	5408	unknown	No data	No data	4.0 kB	431 kB	149.154.167.99
t.me	6552	unknown	No data	No data	1.1 kB	11 kB	149.154.167.99
sigtn.com	804423	unknown	No data	No data	662 B	366 B	45.60.63.178
shopritedelivers.com	110596	unknown	No data	No data	608 B	657 B	104.45.158.242
ozbaskentmakina.com.tr	unknown	unknown	No data	No data	533 B	424 B	78.142.209.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-13 04:10:59	low	Client IP	149.154.167.99	ET INFO Observed Telegram Domain (t .me in TLS SNI)
2024-05-13 04:10:59	low	Client IP	149.154.167.99	ET INFO Observed Telegram Domain (t .me in TLS SNI)
2024-05-13 04:11:00	low	Client IP	149.154.167.99	ET INFO Observed Telegram Domain (t .me in TLS SNI)
2024-05-13 04:11:00	low	Client IP	149.154.167.99	ET INFO Observed Telegram Domain (t .me in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	t.me/ONNXIT	ScriptElement	201 B	2024-04-08	2024-08-20
Pretty URL t.me/ONNXIT IP 149.154.167.99 ASN #62041 Telegram Messenger Inc Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-08 16:41 Last Seen2024-08-20 05:27 Times Seen3 Hash b2fdfeb4793309acc27168c2cbdfb962 f1915810e5cc8893a908fd652fe3bf184f3282a3 0bd986a4a95aaf112f1fe8fb702969b33382b4be742aa6b77b10da3ccfb56935 Loading...

	t.me/ONNXIT	ScriptElement	193 B	2023-03-07	2025-05-06
Pretty URL t.me/ONNXIT IP 149.154.167.99 ASN #62041 Telegram Messenger Inc Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:31 Last Seen2025-05-06 15:18 Times Seen45772 Hash 9c629a0c52a2afad699d260f673481fd a4fd0ed3e5daa31480eb6de0faa5d442f015cbf6 ea0d804370930ee958af535ce56cddf1dda419bdc676315ae8af0fbb4c733471 Loading...

	telegram.org/js/tgwallpaper.min.js?3	ScriptElement	3.0 kB	2023-03-07	2025-05-06
Pretty URL telegram.org/js/tgwallpaper.min.js?3 IP 149.154.167.99 ASN #62041 Telegram Messenger Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-05-06 15:18 Times Seen48733 Hash 2b89d34702716a8ad2cc3977718f53a3 04406ebd6a9e2ce79dbac5e5048cfe1384e4574a 2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6 Loading...

	t.me/ONNXIT	ScriptElement	1.3 kB	2024-04-08	2024-08-20
Pretty URL t.me/ONNXIT IP 149.154.167.99 ASN #62041 Telegram Messenger Inc Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-08 16:41 Last Seen2024-08-20 05:27 Times Seen3 Hash 5e9e8e262d33d3f6db3f00c99d8aff51 c651d3aa8bfb8d126f7347c8072bb6788f5cf7e6 550694a3a5ecf4747c83a3528c441c9dba0d2fa2b0ef6ccb66e23f789476f0cc Loading...

HTTP Transactions (19)

	URL	IP	Response	Size
	sigtn.com////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$	45.60.63.178		0 B
URL sigtn.com////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ IP 45.60.63.178:0 ASN #19551 INCAPSULA File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET ////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ HTTP/1.1 Host: sigtn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 301 Moved Permanently Location: https://www.sigtn.com////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ Content-Length: 0 Strict-Transport-Security: max-age=31536000; includeSubDomains Connection: close`

	www.sigtn.com////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$	45.60.65.178		751 B
URL www.sigtn.com////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ IP 45.60.65.178:0 ASN #19551 INCAPSULA File type HTML document, ASCII text, with very long lines (751), with no line terminators Size 751 B (751 bytes) Hash ed7230ed341bbfcd0f56d827fa4b85fb 6d8dcd43825c75ac0e8b6eb7d6f1c6c7f6cc1665 4c0f915be5aa10c5d55cd13fc27cf3501a7d3b2f53ba037c3e1b002c6aadea0d HTTP Headers GET ////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ HTTP/1.1 Host: www.sigtn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store Connection: close Content-Length: 751 X-Iinfo: 5-8280304-0 0NNN RT(1715573451094 30) q(0 -1 -1 -1) r(0 -1) B15(4,200,0) U24 Strict-Transport-Security: max-age=31536000; includeSubDomains x-incap-sess-cookie-hdr: zL9sMENptU5oA+MoNOJnZMuSQWYAAAAAKSxJyuJMGLlrM3zMjo7WMA== Set-Cookie: visid_incap_1371828=ttQwk3vWRiOm/mN8H25ucsuSQWYAAAAAQUIPAAAAAADYmnDNCsQ0vP9L6DdSrZU+; expires=Mon, 12 May 2025 22:58:47 GMT; HttpOnly; path=/; Domain=.sigtn.com; Secure; SameSite=None incap_ses_7235_1371828=vKtJBvKBUSvkYuMoNOJnZMuSQWYAAAAAjNCdITGA3hx2WBpvp+fdVg==; path=/; Domain=.sigtn.com; Secure; SameSite=None

	www.sigtn.com////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$	45.60.65.178		0 B
URL www.sigtn.com////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ IP 45.60.65.178:0 ASN #19551 INCAPSULA File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET ////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=shopritedelivers.com/disclaimer.aspx?returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ HTTP/1.1 Host: www.sigtn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Cookie: visid_incap_1371828=ttQwk3vWRiOm/mN8H25ucsuSQWYAAAAAQUIPAAAAAADYmnDNCsQ0vP9L6DdSrZU+; incap_ses_7235_1371828=vKtJBvKBUSvkYuMoNOJnZMuSQWYAAAAAjNCdITGA3hx2WBpvp+fdVg== Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Type: text/html;charset=UTF-8 Location: http://shopritedelivers.com/disclaimer.aspx?utp=consumer&&returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ Server: Microsoft-IIS/10.0 Set-Cookie: CFID=154410375; Expires=Wed, 06-May-2054 04:10:52 GMT; Path=/; HttpOnly CFTOKEN=52314379; Expires=Wed, 06-May-2054 04:10:52 GMT; Path=/; HttpOnly NSC_MC_172.24.100.46_443=7ce2a3d91ca59d11abf6e834e51f905d9087f8bdec85849549be4a11dc6decfc4e690631;Version=1;Max-Age=7200;path=/;secure;httponly X-Powered-By: ASP.NET Referrer-Policy: no-referrer-when-downgrade Date: Mon, 13 May 2024 04:10:52 GMT Content-Length: 0 X-Forwarded-For: 91.90.42.154 x-incap-sess-cookie-hdr: bGkZPupUbVnkYuMoNOJnZMySQWYAAAAAc49uJ8otBTngzOPJgvhrIg== Strict-Transport-Security: max-age=31536000; includeSubDomains X-CDN: Imperva X-Iinfo: 6-8074431-8074432 NNNN CT(172 346 0) RT(1715573451279 18) q(0 1 6 0) r(8 8) U24

	shopritedelivers.com/disclaimer.aspx?utp=consumer&&returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$	104.45.158.242		295 B
URL shopritedelivers.com/disclaimer.aspx?utp=consumer&&returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ IP 104.45.158.242:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document, ASCII text, with CRLF line terminators Size 295 B (295 bytes) Hash 7bf3dbd539b989c25eb592998d4f988c f7c817fd8babf73286318fc547d584d676720aba 6f34e3ddd265504f459aa9ee8983d76300701ecaec9fac0c3121af792eb8be77 HTTP Headers GET /disclaimer.aspx?utp=consumer&&returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ HTTP/1.1 Host: shopritedelivers.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Location: https://www.shopritedelivers.com:443/disclaimer.aspx?utp=consumer&&returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Mon, 13 May 2024 04:10:51 GMT Content-Length: 295`

	www.shopritedelivers.com/disclaimer.aspx?utp=consumer&&returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$	104.45.158.242		200 B
URL www.shopritedelivers.com/disclaimer.aspx?utp=consumer&&returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ IP 104.45.158.242:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators Size 200 B (200 bytes) Hash 7d00e9add43c198df98924cc6f4dbb80 de0308812ea52c9507b3e1cb531be174e3dd7859 95ed3954a500657eb5fe28aeb0627b49836efc57e164878f7b5cf3099e3756bd HTTP Headers GET /disclaimer.aspx?utp=consumer&&returnurl=%2F%2Fozbaskentmakina%E3%80%82com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ HTTP/1.1 Host: www.shopritedelivers.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Cache-Control: private Content-Type: text/html; charset=utf-8 Location: //ozbaskentmakina。com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ Server: Microsoft-IIS/8.5 Set-Cookie: ACGOLD.ASPXANONYMOUS=uVNGtrSl2gEkAAAAYjkyNDdmZjktY2Q2ZS00NzViLTg1ZGQtYWY2YWUyOTE5ZGEwL5OJdV18qbkeJqUPHNzsBZHCpeOsb_duI0I-jE3e_Kg1; expires=Tue, 14-May-2024 04:10:53 GMT; path=/; HttpOnly ACGOLD.SESSIONID=muvvrvcttztaobi5wzg3nzfu; path=/; HttpOnly; SameSite=Lax X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Mon, 13 May 2024 04:10:53 GMT Content-Length: 200

	ozbaskentmakina.com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$	78.142.209.32		0 B
URL ozbaskentmakina.com.tr/lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ IP 78.142.209.32:0 ASN #209853 Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /lo/obr/Y2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ HTTP/1.1 Host: ozbaskentmakina.com.tr User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK refresh: 0;url=https://joshare.shareonlinefilemcrosoftnline.ru/MY2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ content-type: text/html; charset=UTF-8 content-length: 0 date: Mon, 13 May 2024 04:10:54 GMT alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" X-Firefox-Spdy: h2`

	joshare.shareonlinefilemcrosoftnline.ru/favicon.ico	172.67.197.137		4.3 kB
URL joshare.shareonlinefilemcrosoftnline.ru/favicon.ico IP 172.67.197.137:0 ASN #13335 CLOUDFLARENET File type HTML document, ASCII text Size 4.3 kB (4297 bytes) Hash a34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 HTTP Headers GET /favicon.ico HTTP/1.1 Host: joshare.shareonlinefilemcrosoftnline.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://joshare.shareonlinefilemcrosoftnline.ru/MY2hyaXN0aW5lLmJlamVyYXNjb0B3aXRoc2VjdXJlLmNvbQ==$ Cookie: PHPSESSID=4ef0893be39c100cf20b8f3fc73dbbad Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 404 Not Found date: Mon, 13 May 2024 04:10:54 GMT content-type: text/html; charset=iso-8859-1 cache-control: max-age=14400 cf-cache-status: EXPIRED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qljsLAIzqYBmaVRukCCVgx6szrwIEm9sInkgj44T5O8CDij76uBerqoWBkc6Pkv2T%2F6WNw%2BttLrTdJz78PysYe1AnmKvkz%2FWyz6GPk%2FA%2FkDlSierXo0bZ3P%2FH0UaWHgqmM9UZEVzXVNpAaH7MWQqaWBUNzIjDF%2FeUV8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 882fcd2aec0ab517-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	cdn4.cdn-telegram.org/file/GVM-9IjnyLpOcZ2EIJu2YGSQknBS0sWeu2m8PsEpzwmG3niiayH6U65u326oMOqq1_iC4jcUGOO-T4QLu4raP9rrCdO_SB7DwaQsapqzFU2rAzCw1kiGn6nT9i9YUNDJCzWoK0HLTiHNHAeQOJBFWGbuWUEVAgIQshulvqRr3ndd8R-VO4zXUGRLXXcOu_5L8c8HDyPgjUE--7QSUt4ja6AQzfIXJ0N1IGb75NfgDmyYvWQNip7qrBGAOkCcBVMnANPGyfs8syfUgNMmpw3yRw_gxUkbXCWLHwOL6xC49QRs4mz0UxnT3_Xbg5YDpmBGVNFVo-iLNLdu1soDE7Mcgg.jpg	34.111.35.152	200 OK	12 kB
URL GET HTTP/2 cdn4.cdn-telegram.org/file/GVM-9IjnyLpOcZ2EIJu2YGSQknBS0sWeu2m8PsEpzwmG3niiayH6U65u326oMOqq1_iC4jcUGOO-T4QLu4raP9rrCdO_SB7DwaQsapqzFU2rAzCw1kiGn6nT9i9YUNDJCzWoK0HLTiHNHAeQOJBFWGbuWUEVAgIQshulvqRr3ndd8R-VO4zXUGRLXXcOu_5L8c8HDyPgjUE--7QSUt4ja6AQzfIXJ0N1IGb75NfgDmyYvWQNip7qrBGAOkCcBVMnANPGyfs8syfUgNMmpw3yRw_gxUkbXCWLHwOL6xC49QRs4mz0UxnT3_Xbg5YDpmBGVNFVo-iLNLdu1soDE7Mcgg.jpg IP 34.111.35.152:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://t.me/ONNXIT Certificate IssuerGoogle Trust Services LLC Subjectcdn1.cdn-telegram.org Fingerprint4C:1B:0C:0E:A3:BF:C9:D5:AD:CE:D3:7B:79:1E:EA:EC:75:06:73:D9 ValiditySun, 28 Apr 2024 03:56:12 GMT - Sat, 27 Jul 2024 04:50:46 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x320, components 3 Size 12 kB (12164 bytes) Hash 35a701da2f909a30b46d59732c83ff93 b42efd00a8d2471f8fdf5f2e17cbb3e51560705b 07a07050456f0aeaca176392ffc41360567b7c60a51f4c6c3f6a82cb573fe0ce HTTP Headers GET /file/GVM-9IjnyLpOcZ2EIJu2YGSQknBS0sWeu2m8PsEpzwmG3niiayH6U65u326oMOqq1_iC4jcUGOO-T4QLu4raP9rrCdO_SB7DwaQsapqzFU2rAzCw1kiGn6nT9i9YUNDJCzWoK0HLTiHNHAeQOJBFWGbuWUEVAgIQshulvqRr3ndd8R-VO4zXUGRLXXcOu_5L8c8HDyPgjUE--7QSUt4ja6AQzfIXJ0N1IGb75NfgDmyYvWQNip7qrBGAOkCcBVMnANPGyfs8syfUgNMmpw3yRw_gxUkbXCWLHwOL6xC49QRs4mz0UxnT3_Xbg5YDpmBGVNFVo-iLNLdu1soDE7Mcgg.jpg HTTP/1.1 Host: cdn4.cdn-telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://t.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:00 GMT content-type: image/jpeg content-length: 12164 access-control-allow-origin: * x-content-type-options: nosniff content-security-policy: default-src 'none'; sandbox x-frame-options: DENY x-xss-protection: 1; mode=block access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length accept-ranges: bytes, bytes cache-control: public,max-age=7200 etag: "a14336f5c0dc28f39ba759ae27acfb45a1a05e83" strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2	149.154.167.99	200 OK	11 kB
URL GET HTTP/2 telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://t.me/ONNXIT Certificate IssuerGoDaddy.com, Inc. Subject.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT File type Web Open Font Format (Version 2), TrueType, length 11028, version 1.0 Size 11 kB (11028 bytes) Hash 1f6d3cf6d38f25d83d95f5a800b8cac3 279f300ca2cbbdf9f5036ef2f438607fbf377daa 796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f HTTP Headers `GET /fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1 Host: telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://t.me DNT: 1 Connection: keep-alive Referer: https://telegram.org/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:01 GMT content-type: application/octet-stream content-length: 11028 last-modified: Thu, 20 Oct 2022 11:05:33 GMT etag: "63512b7d-2b14" expires: Fri, 17 May 2024 04:11:01 GMT cache-control: max-age=345600 access-control-allow-origin: accept-ranges: bytes X-Firefox-Spdy: h2`

	telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2	149.154.167.99	200 OK	11 kB
URL GET HTTP/2 telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://t.me/ONNXIT Certificate IssuerGoDaddy.com, Inc. Subject.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT File type Web Open Font Format (Version 2), TrueType, length 11040, version 1.0 Size 11 kB (11040 bytes) Hash 5e22a46c04d947a36ea0cad07afcc9e1 6091d981c2a4ee975c7f6b56186ee698040bb804 0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44 HTTP Headers GET /fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1 Host: telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://t.me DNT: 1 Connection: keep-alive Referer: https://telegram.org/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:01 GMT content-type: application/octet-stream content-length: 11040 last-modified: Thu, 20 Oct 2022 11:05:33 GMT etag: "63512b7d-2b20" expires: Fri, 17 May 2024 04:11:01 GMT cache-control: max-age=345600 access-control-allow-origin: accept-ranges: bytes X-Firefox-Spdy: h2`

	telegram.org/img/apple-touch-icon.png	149.154.167.99	200 OK	5.6 kB
URL GET HTTP/2 telegram.org/img/apple-touch-icon.png IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://t.me/ONNXIT Certificate IssuerGoDaddy.com, Inc. Subject.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced Size 5.6 kB (5644 bytes) Hash 295ccdb03006b8dfef45090dafbd46ac 491ab660270e47cbac6a5731c51cca71c1c1b2b1 a51d667d4262047c23e3a2a8aac3b46dc8a58c686cc013f2354011c07bf22cf3 HTTP Headers `GET /img/apple-touch-icon.png HTTP/1.1 Host: telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://t.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:01 GMT content-type: image/png content-length: 5644 last-modified: Thu, 21 Apr 2022 13:47:47 GMT etag: "62616083-160c" expires: Fri, 17 May 2024 04:11:01 GMT cache-control: max-age=345600 access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2`

	telegram.org/css/telegram.css?237	149.154.167.99	200 OK	115 kB
URL GET HTTP/2 telegram.org/css/telegram.css?237 IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://t.me/ONNXIT Certificate IssuerGoDaddy.com, Inc. Subject.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT File type ASCII text, with very long lines (1267) Size 115 kB (114933 bytes) Hash 8507165c54755807224a197057729d87 ace8a26f8402baee786617e4820a0860822921f2 2df92c7108cf6788ce6ffe7d3170480c6b6ca0367ae57911849b3760f3753994 HTTP Headers `GET /css/telegram.css?237 HTTP/1.1 Host: telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://t.me/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:00 GMT content-type: text/css last-modified: Mon, 22 Apr 2024 10:54:25 GMT etag: W/"662641e1-1c0f5" expires: Fri, 17 May 2024 04:11:00 GMT cache-control: max-age=345600 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2`

	t.me/ONNXIT	149.154.167.99	200 OK	11 kB
URL User Request GET HTTP/2 t.me/ONNXIT IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Certificate IssuerGoDaddy.com, Inc. Subject.t.me FingerprintD7:CC:2A:92:7B:DC:AE:6A:D7:92:51:20:49:AD:3B:AC:F9:27:F8:16 ValidityFri, 06 Oct 2023 19:50:31 GMT - Wed, 06 Nov 2024 19:50:31 GMT File type HTML document, ASCII text, with very long lines (3560) Size 11 kB (10788 bytes) Hash 3cb13c77a441448f18ab412de782bfbb fbb6afba06fe9403bf5f30fa6005c0cd1142b09b e23c5ea0726c2f8e3f58c4beacec0c1848eaee73aa2b59faf990cbd2697cf0f9 HTTP Headers GET /ONNXIT HTTP/1.1 Host: t.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://joshare.shareonlinefilemcrosoftnline.ru/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Sec-Fetch-User: ?1 Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:00 GMT content-type: text/html; charset=utf-8 content-length: 4081 set-cookie: stel_ssid=14e0b7a71d6bcda154_16121385755844088927; expires=Tue, 14 May 2024 04:11:00 GMT; path=/; samesite=None; secure; HttpOnly pragma: no-cache cache-control: no-store x-frame-options: ALLOW-FROM https://web.telegram.org content-security-policy: frame-ancestors https://web.telegram.org content-encoding: gzip strict-transport-security: max-age=35768000 X-Firefox-Spdy: h2

	telegram.org/img/tgme/pattern.svg?1	149.154.167.99	200 OK	232 kB
URL GET HTTP/2 telegram.org/img/tgme/pattern.svg?1 IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://t.me/ONNXIT Certificate IssuerGoDaddy.com, Inc. Subject.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT File type SVG Scalable Vector Graphics image Size 232 kB (231706 bytes) Hash d0c22c6a97023d85ba6e644a41c44a5d 4284efb616c182da4450c123174ce0e81a322845 118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4 HTTP Headers `GET /img/tgme/pattern.svg?1 HTTP/1.1 Host: telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://telegram.org/css/telegram.css?237 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:01 GMT content-type: image/svg+xml last-modified: Thu, 05 Jan 2023 17:52:04 GMT etag: W/"63b70e44-3891a" expires: Fri, 17 May 2024 04:11:01 GMT cache-control: max-age=345600 access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2`

	telegram.org/css/font-roboto.css?1	149.154.167.99	200 OK	6.2 kB
URL GET HTTP/2 telegram.org/css/font-roboto.css?1 IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://t.me/ONNXIT Certificate IssuerGoDaddy.com, Inc. Subject.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT File type ASCII text, with very long lines (6354), with no line terminators Size 6.2 kB (6166 bytes) Hash c06318a1f377e388b69b104b4cefa1a6 151f067aae997487880e573876f96b8d598e64db 1a53363e667fffef8a82588191989d36e680b4d341c6b557e62bf207311a3d70 HTTP Headers `GET /css/font-roboto.css?1 HTTP/1.1 Host: telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://t.me/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:01 GMT content-type: text/css last-modified: Thu, 20 Oct 2022 11:05:33 GMT etag: W/"63512b7d-1816" expires: Fri, 17 May 2024 04:11:01 GMT cache-control: max-age=345600 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2`

	telegram.org/css/bootstrap.min.css?3	149.154.167.99	200 OK	42 kB
URL GET HTTP/2 telegram.org/css/bootstrap.min.css?3 IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://t.me/ONNXIT Certificate IssuerGoDaddy.com, Inc. Subject.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT File type ASCII text, with very long lines (42164) Size 42 kB (42523 bytes) Hash c2656e265ef58a9cc9f4b70b15da5fb9 85c5ebdb89d4574d72688c2650d4b84b9b09770a f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3 HTTP Headers `GET /css/bootstrap.min.css?3 HTTP/1.1 Host: telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://t.me/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:00 GMT content-type: text/css last-modified: Fri, 10 Nov 2017 17:54:14 GMT etag: W/"5a05e7c6-a61b" expires: Fri, 17 May 2024 04:11:00 GMT cache-control: max-age=345600 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2`

	telegram.org/js/tgwallpaper.min.js?3	149.154.167.99	200 OK	3.0 kB
URL GET HTTP/2 telegram.org/js/tgwallpaper.min.js?3 IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://t.me/ONNXIT Certificate IssuerGoDaddy.com, Inc. Subject.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT File type ASCII text, with very long lines (2998), with no line terminators Size 3.0 kB (2979 bytes) Hash f03422dc797fd26a3834b1ec041128ed a6e88f4fe48b749c2b7360e8e004f64b6cfffb1a 046ec6b7909d0ca5cc6ef271a1b57b2f2be0bd88e3495fd8c496f1524e8ffaac HTTP Headers `GET /js/tgwallpaper.min.js?3 HTTP/1.1 Host: telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://t.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:00 GMT content-type: application/javascript last-modified: Thu, 03 Mar 2022 19:57:25 GMT etag: W/"62211da5-ba3" expires: Fri, 17 May 2024 04:11:00 GMT cache-control: max-age=345600 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2`

	telegram.org/img/website_icon.svg?4	149.154.167.99	200 OK	1.9 kB
URL GET HTTP/2 telegram.org/img/website_icon.svg?4 IP 149.154.167.99:443 ASN #62041 Telegram Messenger Inc Requested by https://t.me/ONNXIT Certificate IssuerGoDaddy.com, Inc. Subject.telegram.org FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30 ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT File type SVG Scalable Vector Graphics image Size 1.9 kB (1896 bytes) Hash 5caca7ae1cffb3da0b06150a15020005 04cfb934f238d33209406393a3fbf78454815739 1ea747a06fbc240c2594a8c523cb248bbda4784f0fcad9d0f06334f1a378604f HTTP Headers `GET /img/website_icon.svg?4 HTTP/1.1 Host: telegram.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://t.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.18.0 date: Mon, 13 May 2024 04:11:01 GMT content-type: image/svg+xml last-modified: Mon, 20 Jul 2020 20:41:37 GMT etag: W/"5f160181-768" expires: Fri, 17 May 2024 04:11:01 GMT cache-control: max-age=345600 access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2`

	t.me/ONNXIT	0.0.0.0		0 B
URL User Request GET t.me/ONNXIT IP 0.0.0.0:0 ASN #0 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ONNXIT HTTP/1.1 Host: t.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://joshare.shareonlinefilemcrosoftnline.ru/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Sec-Fetch-User: ?1 Pragma: no-cache Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN