Report - newest-group-of-sluts.pages.dev/

Report Overview

Visited public
2024-08-08 22:03:08
Tags
URL
newest-group-of-sluts.pages.dev/
Finishing URL
newest-group-of-sluts.pages.dev/
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
OFFICIAL TELEGRAM DATING

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Sent	Received	IP
r10.o.lencr.org	unknown	2.6 kB	7.1 kB	2.23.172.203
o.pki.goog	unknown	1.6 kB	3.5 kB	142.251.9.94
cdn.jsdelivr.net	439	1.1 kB	114 kB	151.101.129.229
fonts.gstatic.com	unknown	1.1 kB	39 kB	216.58.207.227
newest-group-of-sluts.pages.dev	unknown	1.4 kB	232 kB	188.114.96.1
telegram.org	5408	2.7 kB	378 kB	149.154.167.99
fonts.googleapis.com	8877	450 B	11 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-08-08	medium	newest-group-of-sluts.pages.dev/	Telegram
2024-08-08	medium	newest-group-of-sluts.pages.dev/	Telegram
2024-08-08	medium	newest-group-of-sluts.pages.dev/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-08	medium	newest-group-of-sluts.pages.dev	Sinkholed
2024-08-08	medium	newest-group-of-sluts.pages.dev	Sinkholed
2024-08-08	medium	newest-group-of-sluts.pages.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	newest-group-of-sluts.pages.dev/	ScriptElement	201 B	2023-03-26	2025-05-27
Pretty URL newest-group-of-sluts.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 13:28 Last Seen2025-05-27 14:51 Times Seen1718 Hash d2f554bca2d55319522f74f53737856a 259e4b393d286e5dc6bd7bd7b0c1cedb9f3f8300 65304f9451b75c3e64f9c11cd89ca24cf1f54562c4d5374b929ab46dd8ab2ec5 Loading...

	telegram.org/js/tgwallpaper.min.js?3	ScriptElement	3.0 kB	2023-03-07	2025-05-27
Pretty URL telegram.org/js/tgwallpaper.min.js?3 IP 149.154.167.99 ASN #62041 Telegram Messenger Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-05-27 14:51 Times Seen50474 Hash 2b89d34702716a8ad2cc3977718f53a3 04406ebd6a9e2ce79dbac5e5048cfe1384e4574a 2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6 Loading...

	newest-group-of-sluts.pages.dev/	ScriptElement	0 B	0001-01-01	2025-05-27
Pretty URL newest-group-of-sluts.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-27 19:13 Times Seen4771355 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (27)

URL IP Response Size

r10.o.lencr.org/

2.23.172.203

504 B

URL
r10.o.lencr.org/
IP
2.23.172.203:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a4b0d33ac49c96c71e39bb632bda5673
f4a1b2c6888fbf71cf9f3a36170c0968463df973
b28c45ed35b17a62f81e5aa81541f61740e5dfb5d5c1baa572feed4a4e2db9c5

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B28C45ED35B17A62F81E5AA81541F61740E5DFB5D5C1BAA572FEED4A4E2DB9C5"
Last-Modified: Tue, 06 Aug 2024 06:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3547
Expires: Thu, 08 Aug 2024 23:01:48 GMT
Date: Thu, 08 Aug 2024 22:02:41 GMT
Connection: keep-alive

r10.o.lencr.org/

2.23.172.203

504 B

URL
r10.o.lencr.org/
IP
2.23.172.203:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a7b6b62c40d039614a8e497e28dfcb92
e5883c177b8d622fd5fc7a925e437df4c3fdb984
496d0482a522c54fcea43174ca83c7a72bcb5cfd6c15c02ecd955557ee00eb03

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "496D0482A522C54FCEA43174CA83C7A72BCB5CFD6C15C02ECD955557EE00EB03"
Last-Modified: Thu, 08 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10074
Expires: Fri, 09 Aug 2024 00:50:35 GMT
Date: Thu, 08 Aug 2024 22:02:41 GMT
Connection: keep-alive

r10.o.lencr.org/

2.23.172.203

504 B

URL
r10.o.lencr.org/
IP
2.23.172.203:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e7a128439c6dec237227cc4b883a2c99
7794fc9e9bc964823a96cec60a2ec829dbce9919
f0a648a200fc7849174d4b74c6fbfee82b5bd098c9c9cae7084bdafaba169e3b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F0A648A200FC7849174D4B74C6FBFEE82B5BD098C9C9CAE7084BDAFABA169E3B"
Last-Modified: Tue, 06 Aug 2024 06:26:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7625
Expires: Fri, 09 Aug 2024 00:09:47 GMT
Date: Thu, 08 Aug 2024 22:02:42 GMT
Connection: keep-alive

r10.o.lencr.org/

2.23.172.203

504 B

URL
r10.o.lencr.org/
IP
2.23.172.203:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
41f3021c1502428798a392f3c2ef0fc8
c7a61247c753e72345e5c4504056a09889a3916e
cb2873c69274d15b03f8aaa26260d7a2341f2e276f876f444f1fee5679266653

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CB2873C69274D15B03F8AAA26260D7A2341F2E276F876F444F1FEE5679266653"
Last-Modified: Thu, 08 Aug 2024 18:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11623
Expires: Fri, 09 Aug 2024 01:16:25 GMT
Date: Thu, 08 Aug 2024 22:02:42 GMT
Connection: keep-alive

o.pki.goog/wr2

142.251.9.94

472 B

URL
o.pki.goog/wr2
IP
142.251.9.94:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a03e5022373b95d46179b25ac9b7f460
ef63b1a206d921b9d9fcf0b71e05a576b28f1027
cd80a67f46435f0000d801da9138919e7ca11daf5ea3e8e64d1873259a8c2cd5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Aug 2024 22:02:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

151.101.129.229

200 OK

10 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
ASCII text
Size
10 kB (10209 bytes)
Hash
79877fb82de8ca50845081e3c9a201c5
4f6ea69c0e03431ffa1a097a45453b5b3b246d8b
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

HTTP Headers

GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newest-group-of-sluts.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
content-encoding: br
accept-ranges: bytes
date: Thu, 08 Aug 2024 22:02:42 GMT
age: 3060901
x-served-by: cache-fra-etou8220090-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10209
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.251.9.94

472 B

URL
o.pki.goog/wr2
IP
142.251.9.94:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a03e5022373b95d46179b25ac9b7f460
ef63b1a206d921b9d9fcf0b71e05a576b28f1027
cd80a67f46435f0000d801da9138919e7ca11daf5ea3e8e64d1873259a8c2cd5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Aug 2024 22:02:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3

151.101.129.229

200 OK

102 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 102536, version 1.0
Size
102 kB (102536 bytes)
Hash
1ed478a6b265d4b4f5c26bb063203588
1ca5e8c7d2fb8e9d60ad1a1feb2a46e98c248a3d
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13

HTTP Headers

GET /npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newest-group-of-sluts.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"19088-HKXox9L7jp1grRof6ypG6Ywkij0"
accept-ranges: bytes
date: Thu, 08 Aug 2024 22:02:43 GMT
age: 3254481
x-served-by: cache-fra-eddf8230061-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 102536
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.251.9.94

472 B

URL
o.pki.goog/wr2
IP
142.251.9.94:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c01d8b350350f14af51661a8d6af3d2c
353a84b777a919ffb56646203ea5db97637c0c48
dcdf2755004087a52c61449ff055486243843b39551c9587a2ecd8f85fd0cef4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Aug 2024 22:02:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.251.9.94

472 B

URL
o.pki.goog/wr2
IP
142.251.9.94:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c01d8b350350f14af51661a8d6af3d2c
353a84b777a919ffb56646203ea5db97637c0c48
dcdf2755004087a52c61449ff055486243843b39551c9587a2ecd8f85fd0cef4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Aug 2024 22:02:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newest-group-of-sluts.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Aug 2024 03:11:10 GMT
expires: Sun, 03 Aug 2025 03:11:10 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
age: 499893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Size
19 kB (18596 bytes)
Hash
c83e4437a53d7f849f9d32df3d6b68f3
fabea5ad92ed3e2431659b02e7624df30d0c6bbc
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newest-group-of-sluts.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Aug 2024 20:57:23 GMT
expires: Fri, 08 Aug 2025 20:57:23 GMT
cache-control: public, max-age=31536000
age: 3920
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

newest-group-of-sluts.pages.dev/img/profile-1.jpg

188.114.96.1

200 OK

220 kB

URL GET HTTP/3
newest-group-of-sluts.pages.dev/img/profile-1.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoogle Trust Services
Subjectnewest-group-of-sluts.pages.dev
Fingerprint8D:D9:78:3B:83:1F:2E:58:12:BB:4E:8E:32:D4:F4:F0:08:82:41:92
ValidityMon, 22 Jul 2024 03:48:48 GMT - Sun, 20 Oct 2024 03:48:47 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 960x1280, components 3
Size
220 kB (220493 bytes)
Hash
c54cfaf079be0b93eaea5c623f0bdee0
679b4332ca373e92245c6769f4b78a71c9694bbd
2d450b1ba0dccc353fb9871def53c216b59bc155352c4e02c72643a0dcde1d2d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/profile-1.jpg HTTP/1.1
Host: newest-group-of-sluts.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newest-group-of-sluts.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 08 Aug 2024 22:02:43 GMT
content-type: image/jpeg
content-length: 220493
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9d7806def9909cbe02b3fe11a3d6dcdb"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQwDunS%2F7KeyYWEvH5pXTEGbyn%2F0luNIwmYhqOXLGUhIOdPT9d%2F9vhMTMPvfV8fm8Xj%2BrOr3Lu1j3n%2FtPIx%2BlIyB7IL5KSDBvOvQGIWSz0m%2Fv4dGaDrKi8dEVVyXopT3HUkEAil%2BZA6BzXXtxPVXm09g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b02cad2a94dabd5-CPH
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.251.9.94

472 B

URL
o.pki.goog/wr2
IP
142.251.9.94:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c01d8b350350f14af51661a8d6af3d2c
353a84b777a919ffb56646203ea5db97637c0c48
dcdf2755004087a52c61449ff055486243843b39551c9587a2ecd8f85fd0cef4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Aug 2024 22:02:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

telegram.org/img/apple-touch-icon.png

149.154.167.99

200 OK

5.6 kB

URL GET HTTP/2
telegram.org/img/apple-touch-icon.png
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.org
FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30
ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced
Size
5.6 kB (5644 bytes)
Hash
295ccdb03006b8dfef45090dafbd46ac
491ab660270e47cbac6a5731c51cca71c1c1b2b1
a51d667d4262047c23e3a2a8aac3b46dc8a58c686cc013f2354011c07bf22cf3

HTTP Headers

GET /img/apple-touch-icon.png HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newest-group-of-sluts.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 08 Aug 2024 22:02:43 GMT
content-type: image/png
content-length: 5644
last-modified: Thu, 21 Apr 2022 13:47:47 GMT
etag: "62616083-160c"
expires: Mon, 12 Aug 2024 22:02:43 GMT
cache-control: max-age=345600
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

r10.o.lencr.org/

2.23.172.201

504 B

URL
r10.o.lencr.org/
IP
2.23.172.201:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
460334cc4e5b7d0e9bae1a2db2ad27cd
b0a331b5252d61b68e687dc25581842a360aac4f
8e85f0944ea44f26c441f73cd791e0cf50936b0278733f5af7305e594372df58

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8E85F0944EA44F26C441F73CD791E0CF50936B0278733F5AF7305E594372DF58"
Last-Modified: Tue, 06 Aug 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3453
Expires: Thu, 08 Aug 2024 23:00:17 GMT
Date: Thu, 08 Aug 2024 22:02:44 GMT
Connection: keep-alive

r10.o.lencr.org/

2.23.172.201

504 B

URL
r10.o.lencr.org/
IP
2.23.172.201:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
460334cc4e5b7d0e9bae1a2db2ad27cd
b0a331b5252d61b68e687dc25581842a360aac4f
8e85f0944ea44f26c441f73cd791e0cf50936b0278733f5af7305e594372df58

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8E85F0944EA44F26C441F73CD791E0CF50936B0278733F5AF7305E594372DF58"
Last-Modified: Tue, 06 Aug 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3453
Expires: Thu, 08 Aug 2024 23:00:17 GMT
Date: Thu, 08 Aug 2024 22:02:44 GMT
Connection: keep-alive

r10.o.lencr.org/

2.23.172.201

504 B

URL
r10.o.lencr.org/
IP
2.23.172.201:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
460334cc4e5b7d0e9bae1a2db2ad27cd
b0a331b5252d61b68e687dc25581842a360aac4f
8e85f0944ea44f26c441f73cd791e0cf50936b0278733f5af7305e594372df58

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8E85F0944EA44F26C441F73CD791E0CF50936B0278733F5AF7305E594372DF58"
Last-Modified: Tue, 06 Aug 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3453
Expires: Thu, 08 Aug 2024 23:00:17 GMT
Date: Thu, 08 Aug 2024 22:02:44 GMT
Connection: keep-alive

telegram.org/img/website_icon.svg?4

149.154.167.99

200 OK

6.1 kB

URL GET HTTP/2
telegram.org/img/website_icon.svg?4
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.org
FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30
ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT

File type
gzip compressed data, max speed, from Unix
Size
6.1 kB (6136 bytes)
Hash
d40d10237027f369dddba337e14b19c2
777a31067c2920cef767f693eddeff2fa0e0441a
94e63f3f6fdb22436098322e624e93930b3eead0f8be9dbff9a9568c2472011e

HTTP Headers

GET /img/website_icon.svg?4 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newest-group-of-sluts.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 08 Aug 2024 22:02:43 GMT
content-type: image/svg+xml
last-modified: Mon, 20 Jul 2020 20:41:37 GMT
etag: W/"5f160181-768"
expires: Mon, 12 Aug 2024 22:02:43 GMT
cache-control: max-age=345600
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,700

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
gzip compressed data, max compression
Size
11 kB (10818 bytes)
Hash
5ba0d3bea26aeadce728f800e8fe1f6b
b892b0bd26ae748f0150d7cfd942f7ec1a144fe0
16377c0929bbe9e4765e907ec7e1c005253b1f3c083a50e224ea285573368197

HTTP Headers

GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newest-group-of-sluts.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Aug 2024 22:02:42 GMT
date: Thu, 08 Aug 2024 22:02:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r10.o.lencr.org/

2.23.172.201

504 B

URL
r10.o.lencr.org/
IP
2.23.172.201:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
460334cc4e5b7d0e9bae1a2db2ad27cd
b0a331b5252d61b68e687dc25581842a360aac4f
8e85f0944ea44f26c441f73cd791e0cf50936b0278733f5af7305e594372df58

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8E85F0944EA44F26C441F73CD791E0CF50936B0278733F5AF7305E594372DF58"
Last-Modified: Tue, 06 Aug 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3453
Expires: Thu, 08 Aug 2024 23:00:17 GMT
Date: Thu, 08 Aug 2024 22:02:44 GMT
Connection: keep-alive

newest-group-of-sluts.pages.dev/style.css

188.114.96.1

200 OK

680 B

URL GET HTTP/3
newest-group-of-sluts.pages.dev/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoogle Trust Services
Subjectnewest-group-of-sluts.pages.dev
Fingerprint8D:D9:78:3B:83:1F:2E:58:12:BB:4E:8E:32:D4:F4:F0:08:82:41:92
ValidityMon, 22 Jul 2024 03:48:48 GMT - Sun, 20 Oct 2024 03:48:47 GMT

File type
ASCII text
Size
680 B (680 bytes)
Hash
a01e36ed97a0f4e064f9a2aa2b466148
e6a44ea80eee8ab24c98b1eba13cbc7fa9317c14
5c892a0a872b30b4dcad6d5b308c44d1ceb335594b2e330a1efb1c7b8742a8bc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style.css HTTP/1.1
Host: newest-group-of-sluts.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newest-group-of-sluts.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 08 Aug 2024 22:02:42 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"90f6d7cd3044dadc6d9b9f251b985245"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PlJ8eVjLzWxHoOk1oYk%2Fgf8VU5pfAPX0qniWA4OcWZAtpfQC5NvA3gjwEYOAHd1zacF%2Bx5HvliXlV%2F9b0O8bubNJWIrj0QTJ%2FUtqo88dKHnPnmATr3YBTNA%2FfsI1fn%2F5%2Fej8s9cMMRcFeSgQKU%2BS47Lc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b02cad1bfe2abd5-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

telegram.org/css/bootstrap.min.css?3

149.154.167.99

200 OK

14 kB

URL GET HTTP/2
telegram.org/css/bootstrap.min.css?3
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.org
FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30
ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT

File type
gzip compressed data, max speed, from Unix
Size
14 kB (13979 bytes)
Hash
be68e9f6d789020388b680511797745e
3b8a8927e8c91da9f6e1daf79bfa35c29dc8fe95
878fa27ac046601a6770788698d103b4a67b717d9c00fe271de07b23c89f28e2

HTTP Headers

GET /css/bootstrap.min.css?3 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newest-group-of-sluts.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 08 Aug 2024 22:02:42 GMT
content-type: text/css
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
etag: W/"5a05e7c6-a61b"
expires: Mon, 12 Aug 2024 22:02:42 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

telegram.org/js/tgwallpaper.min.js?3

149.154.167.99

200 OK

3.0 kB

URL GET HTTP/2
telegram.org/js/tgwallpaper.min.js?3
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.org
FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30
ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT

File type
ASCII text, with very long lines (2998), with no line terminators
Size
3.0 kB (2979 bytes)
Hash
f03422dc797fd26a3834b1ec041128ed
a6e88f4fe48b749c2b7360e8e004f64b6cfffb1a
046ec6b7909d0ca5cc6ef271a1b57b2f2be0bd88e3495fd8c496f1524e8ffaac

HTTP Headers

GET /js/tgwallpaper.min.js?3 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newest-group-of-sluts.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 08 Aug 2024 22:02:42 GMT
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 19:57:25 GMT
etag: W/"62211da5-ba3"
expires: Mon, 12 Aug 2024 22:02:42 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

telegram.org/img/tgme/pattern.svg?1

149.154.167.99

200 OK

232 kB

URL GET HTTP/2
telegram.org/img/tgme/pattern.svg?1
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.org
FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30
ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT

File type
SVG Scalable Vector Graphics image
Size
232 kB (231706 bytes)
Hash
d0c22c6a97023d85ba6e644a41c44a5d
4284efb616c182da4450c123174ce0e81a322845
118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4

HTTP Headers

GET /img/tgme/pattern.svg?1 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://telegram.org/css/telegram.css?227
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 08 Aug 2024 22:02:43 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Jan 2023 17:52:04 GMT
etag: W/"63b70e44-3891a"
expires: Mon, 12 Aug 2024 22:02:43 GMT
cache-control: max-age=345600
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

newest-group-of-sluts.pages.dev/

188.114.96.1

200 OK

8.9 kB

URL User Request GET HTTP/2
newest-group-of-sluts.pages.dev/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectnewest-group-of-sluts.pages.dev
Fingerprint8D:D9:78:3B:83:1F:2E:58:12:BB:4E:8E:32:D4:F4:F0:08:82:41:92
ValidityMon, 22 Jul 2024 03:48:48 GMT - Sun, 20 Oct 2024 03:48:47 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (9306), with no line terminators
Size
8.9 kB (8936 bytes)
Hash
c686031ee42296137d6f3900969fe5fa
7be9aa3484ee1451f77af95704e251337dafa00c
2f8464e358af245a71183b7afdb8228c3ff8fd8cce18fcb7eda1095a38a083a8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: newest-group-of-sluts.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 08 Aug 2024 22:02:42 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkuX%2B4XC4MqxLOVfnSbgxj%2Fp9QPW6kRYBQqNJG2L18DTGWEKsyb1SvnfkwS0lFwA6HJfaqwXJPcDHVzZ3%2BjnElZhtIeKYZ%2BPo1YMante1ppvRPI%2F%2FzSMt1eREn7%2BIZUqEya4xqHp2yaypVnZzoCmUTlp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b02cacfde5e92a3-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

telegram.org/css/telegram.css?227

149.154.167.99

200 OK

115 kB

URL GET HTTP/2
telegram.org/css/telegram.css?227
IP
149.154.167.99:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://newest-group-of-sluts.pages.dev/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegram.org
FingerprintAB:E8:E5:0A:DF:76:6C:98:C8:9F:D7:9C:26:CC:5E:B0:3D:AD:09:30
ValidityFri, 11 Aug 2023 16:00:43 GMT - Wed, 11 Sep 2024 16:00:43 GMT

File type
ASCII text, with very long lines (1267)
Size
115 kB (115173 bytes)
Hash
ac847f644cf61a35e802b48b4c8537ac
637f9d85f21897e1b4854edda5d6b0d46864825d
83b8f4380fd44f4f399db9be9b3dffec7957bd250fd26855eb4975f26df93946

HTTP Headers

GET /css/telegram.css?227 HTTP/1.1
Host: telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newest-group-of-sluts.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 08 Aug 2024 22:02:42 GMT
content-type: text/css
last-modified: Fri, 02 Aug 2024 00:39:02 GMT
etag: W/"66ac2aa6-1c1e5"
expires: Mon, 12 Aug 2024 22:02:42 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (27)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL