t.me Open in urlscan Pro
2001:67c:4e8:1033:3:100:0:a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oblosvita.mk.gov.ua/
Effective URL:
https://t.me/rwhack_group
Submission: On March 04 via manual (March 4th 2022, 12:47:20 pm UTC) from DK — Scanned from DE

Summary HTTP 27 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 27 HTTP transactions. The main IP is 2001:67c:4e8:1033:3:100:0:a, located in Virgin Islands (British) and belongs to TELEGRAM, VG. The main domain is t.me. The Cisco Umbrella rank of the primary domain is 11043.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 6th 2021. Valid for: a year.

This is the only time t.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	217.77.210.254 217.77.210.254	31272 (WILDPARK-...) (WILDPARK-AS ISP WildPark)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2001:67c:4e8:... 2001:67c:4e8:1033:3:100:0:a	62041 (TELEGRAM) (TELEGRAM)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2001:67c:4e8:... 2001:67c:4e8:1033:5:100:0:a	62041 (TELEGRAM) (TELEGRAM)
1	149.154.165.133 149.154.165.133	62041 (TELEGRAM) (TELEGRAM)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
27	8

14 217.77.210.254 (Mykolayiv, Ukraine)

ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA)
PTR: clyde.mk.gov.ua

oblosvita.mk.gov.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:1033:3:100:0:a (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)

t.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:67c:4e8:1033:5:100:0:a (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.154.165.133 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

cdn4.telesco.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	mk.gov.ua oblosvita.mk.gov.ua	481 KB
4	telegram.org telegram.org — Cisco Umbrella Rank: 10318	268 KB
3	gstatic.com fonts.gstatic.com	41 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	telesco.pe cdn4.telesco.pe — Cisco Umbrella Rank: 25425	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	t.me t.me — Cisco Umbrella Rank: 11043	2 KB
0	Failed function sub() { [native code] }. Failed
27	8

	Domain	Requested by
14	oblosvita.mk.gov.ua	oblosvita.mk.gov.ua
4	telegram.org	t.me telegram.org
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.google-analytics.com
1	cdn4.telesco.pe	t.me
1	fonts.googleapis.com	t.me
1	t.me	oblosvita.mk.gov.ua
0	resolve Failed	t.me
27	8

This site contains links to these domains. Also see Links.

Domain
telegram.org

Subject Issuer	Validity	Valid
*.t.me Go Daddy Secure Certificate Authority - G2	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2021-09-10` - `2022-10-09`	a year	crt.sh
*.telesco.pe Go Daddy Secure Certificate Authority - G2	`2020-03-10` - `2022-04-13`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 1 frames:

Frame: tg://resolve?domain=rwhack_group
Frame ID: D35AFF513C8F8688D9BD2B2258933A79
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram: Contact @rwhack_group

Page URL History Show full URLs

http://oblosvita.mk.gov.ua/ Page URL
https://t.me/rwhack_group Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

27
Requests

41 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

837 kB
Transfer

1022 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://telegram.org/dl?tme=b5130952a32b8d1536_7024159386318646443
Title: Download

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oblosvita.mk.gov.ua/ Page URL
https://t.me/rwhack_group Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
oblosvita.mk.gov.ua/ 13 KB
4 KB 358ms
99ms Document
text/html 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx / PHP/5.2.17
Resource Hash: 68d66319349f3336bdf03a33b28ce3916faa301a2c3ae888bd9a2cbe5b0deebf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Fri, 04 Mar 2022 12:47:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.17
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK highslide.css
oblosvita.mk.gov.ua/highslide/ 21 KB
4 KB 51ms
51ms Stylesheet
text/css 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/highslide/highslide.css
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: 18cfa77b3c0c18b30696c4b1405e804dccfba69164f334088a97226e36d722d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: W/"24bf424-5375-518017bb44940"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style.css
oblosvita.mk.gov.ua/img/ 6 KB
2 KB 52ms
52ms Stylesheet
text/css 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/img/style.css
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: 5a69deda17d437d197187612a6a70f51fbb84071faafe7224de00d5873f6bacb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: W/"24bf44c-171a-518017bb44940"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style2.css
oblosvita.mk.gov.ua/img/ 5 KB
1 KB 100ms
52ms Stylesheet
text/css 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/img/style2.css
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: c563e426c209116c1992eda5f2dc4a09a8f672769cfb0e2dcf8182dd4b6bdda1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: W/"24bf44d-13eb-518017bb44940"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery-1.4.4.js Show response
oblosvita.mk.gov.ua/js/ 77 KB
77 KB 101ms
54ms Script
application/javascript 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/js/jquery-1.4.4.js
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: 900b8e0052d80e532dcdca466e31b30d4f8eea58992ed9ff2b253d7d5346c811

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: "24bf462-13308-518017bb44940"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78600

GET
H/1.1 200
OK jquery.flash.js Show response
oblosvita.mk.gov.ua/js/ 8 KB
9 KB 101ms
53ms Script
application/javascript 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/js/jquery.flash.js
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: 210eeedf0241abc9113c36a1a866930b9935e3390fab3eba9958af3120e705a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: "24bf466-2146-518017bb44940"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8518

GET
H/1.1 200
OK jquery-ui.js Show response
oblosvita.mk.gov.ua/js/ 205 KB
206 KB 102ms
52ms Script
application/javascript 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/js/jquery-ui.js
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: bf4b4e698282d6248aced4f883656de33d64e79b79d9dec9e53afd45afb7b487

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: "24bf463-33546-518017bb44940"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210246

GET
H/1.1 200
OK jquery.validate.js Show response
oblosvita.mk.gov.ua/js/ 36 KB
37 KB 102ms
52ms Script
application/javascript 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/js/jquery.validate.js
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: 968016105229e24b5df9bb00f8669763907507921210412c85978e27961c2a8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: "24bf469-91ce-518017bb44940"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37326

GET
H/1.1 200
OK messages_ru.js Show response
oblosvita.mk.gov.ua/js/ 2 KB
2 KB 102ms
52ms Script
application/javascript 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/js/messages_ru.js
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: 3ed3a1aa9a9de9aa9748ac7fbdda4f83a3cf2d19ba519e6e441dfe08d98f8291

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: "24bf46b-7a9-518017bb44940"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1961

GET
H/1.1 200
OK highslide-full.js Show response
oblosvita.mk.gov.ua/highslide/ 98 KB
98 KB 154ms
52ms Script
application/javascript 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/highslide/highslide-full.js
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: 60a9e8ad101cdf2ecc7bff09992bf5f96a42d89e78c885ac5d50f2072040b159

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: "24bf41a-186c1-518017bb44940"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100033

GET
H/1.1 200
OK script.js Show response
oblosvita.mk.gov.ua/js/ 563 B
820 B 154ms
52ms Script
application/javascript 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/js/script.js
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: 48c1ea74048ef8cad48498a340b3472147618d18a3e87b479a96678189d95e68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: "24bf46d-233-518017bb44940"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 563

GET
H/1.1 200
OK jquery.jcarousel.min.js Show response
oblosvita.mk.gov.ua/js/ 16 KB
16 KB 198ms
50ms Script
application/javascript 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to

Full URL: http://oblosvita.mk.gov.ua/js/jquery.jcarousel.min.js
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash: 2ba1e4c9679afe019c519165efcc53e593f43e9cf32928eb15866bdfbe55d621

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Last-Modified: Thu, 02 Jul 2015 14:25:22 GMT
Server: nginx
ETag: "24bf471-3ed8-519e535a89880"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16088

GET
H/1.1 200
OK uaflag.png
oblosvita.mk.gov.ua/img/ 25 KB
25 KB 53ms
53ms Image
image/png 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oblosvita.mk.gov.ua/img/uaflag.png
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Last-Modified: Mon, 08 Jun 2015 13:18:53 GMT
Server: nginx
ETag: "24bf44e-635b-518017bb44940"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25435

GET
H/1.1 404
Not Found logo.png
oblosvita.mk.gov.ua/store/files/ 218 B
218 B 50ms
50ms Image
text/html 217.77.210.254
WILDPARK-AS ISP W...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oblosvita.mk.gov.ua/store/files/logo.png
Requested by: Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/
Protocol: HTTP/1.1
Server: 217.77.210.254 Mykolayiv, Ukraine, ASN31272 (WILDPARK-AS ISP WildPark, Ukraine, Nikolaev, UA),
Reverse DNS: clyde.mk.gov.ua
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:47:15 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

49ms
14ms

Script
text/javascript

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2543
date: Fri, 04 Mar 2022 12:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 04 Mar 2022 14:04:52 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 Primary Request rwhack_group Show response
t.me/ 7 KB
2 KB 137ms
100ms Document
text/html 2001:67c:4e8:1033:3:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.me/rwhack_group

Requested by

Host: oblosvita.mk.gov.ua
URL: http://oblosvita.mk.gov.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:3:100:0:a , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5f7729fd424edfe17b7749849a16fdf47ba73e040406ba854d1a5b995b4a1c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://oblosvita.mk.gov.ua/

Response headers

server: nginx/1.18.0
date: Fri, 04 Mar 2022 12:47:15 GMT
content-type: text/html; charset=utf-8
content-length: 2227
pragma: no-cache
cache-control: no-store
x-frame-options: SAMEORIGIN
content-encoding: gzip
strict-transport-security: max-age=35768000

POST
H2 200 collect
www.google-analytics.com/j/ 2 B
209 B 25ms
25ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1440361808&t=pageview&_s=1&dl=http%3A%2F%2Foblosvita.mk.gov.ua%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20%E2%80%94%20%3Cscript%3Edocument.location.href%3D%27https%3A%2F%2Ft.me%2Frwhack_group%27%3C%2Fscript%3E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=838678699&gjid=995111870&cid=1218735164.1646398035&tid=UA-21417474-21&_gid=891439199.1646398035&_r=1&_slc=1&z=1079196915

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://oblosvita.mk.gov.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:47:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://oblosvita.mk.gov.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 136ms
20ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: t.me
URL: https://t.me/rwhack_group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://t.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 11:27:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 12:47:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 12:47:15 GMT

GET
H2 200 bootstrap.min.css
telegram.org/css/ 42 KB
10 KB 219ms
16ms Stylesheet
text/css 2001:67c:4e8:1033:5:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/bootstrap.min.css?3

Requested by

Host: t.me
URL: https://t.me/rwhack_group

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:5:100:0:a , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://t.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:15 GMT
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-a61b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=345600
expires: Tue, 08 Mar 2022 12:47:15 GMT

GET
H2 200 telegram.css
telegram.org/css/ 113 KB
30 KB 233ms
30ms Stylesheet
text/css 2001:67c:4e8:1033:5:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/telegram.css?219

Requested by

Host: t.me
URL: https://t.me/rwhack_group

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:5:100:0:a , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

ec78edb2c2efad1b281d4e39023dedf99c91688ab2a11349a9c9274f88656b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://t.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:15 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 19:57:25 GMT
server: nginx/1.18.0
etag: W/"62211da5-1c322"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=345600
expires: Tue, 08 Mar 2022 12:47:15 GMT

GET
H/1.1 200
OK qJSITk0AQb7TvqIiD0BVPJpm1THuO85bga8hy9wTx4gWMSUQ1pWYsdyxcHTnPwwWZbEm4iQ7tW46uQIi1P6Z6AQIaScZuRLT75ZJaz7L_5ig8cmECt74XMkS-Tn0XRrE_FvtFXQVy0J5zYAqsmO4w7Yq77Zt6aubucDVmmAePSkUA0lXiMqc29z_ARon1-BdCCRKq...
cdn4.telesco.pe/file/ 23 KB
24 KB 163ms
31ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/qJSITk0AQb7TvqIiD0BVPJpm1THuO85bga8hy9wTx4gWMSUQ1pWYsdyxcHTnPwwWZbEm4iQ7tW46uQIi1P6Z6AQIaScZuRLT75ZJaz7L_5ig8cmECt74XMkS-Tn0XRrE_FvtFXQVy0J5zYAqsmO4w7Yq77Zt6aubucDVmmAePSkUA0lXiMqc29z_ARon1-BdCCRKq7tSOgfmPkBhjWLUfwFxF8hHvQbfZa2k82iaCmZPaID6uf4NzCvJhHQK2mnRV8jj9STV1ZrImQ1VLGoQWwyAyM_zKIhOEJqnlu-wjXexywACStOlsZl__Kmso5AZU_zotvdatQNih1tC7n6YZA.jpg

Requested by

Host: t.me
URL: https://t.me/rwhack_group

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2812df9040244969616bec20eeb4b5be8690a854a703662e8d5787bfa7607cb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://t.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 23555
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 04 Mar 2022 12:47:15 GMT
Server: nginx/1.18.0
Date: Fri, 04 Mar 2022 12:47:15 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-23555, bytes
Expires: Sun, 03 Apr 2022 12:47:15 GMT

GET
H2 200 tgwallpaper.min.js Show response
telegram.org/js/ 3 KB
2 KB 244ms
41ms Script
application/javascript 2001:67c:4e8:1033:5:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/tgwallpaper.min.js?3

Requested by

Host: t.me
URL: https://t.me/rwhack_group

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:5:100:0:a , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://t.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:15 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 19:57:25 GMT
server: nginx/1.18.0
etag: W/"62211da5-ba3"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 08 Mar 2022 12:47:15 GMT

GET
H2 200 pattern.svg
telegram.org/img/tgme/ 225 KB
226 KB 16ms
16ms Image
image/svg+xml 2001:67c:4e8:1033:5:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegram.org/img/tgme/pattern.svg

Requested by

Host: telegram.org
URL: https://telegram.org/css/telegram.css?219

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:5:100:0:a , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegram.org/css/telegram.css?219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:15 GMT
last-modified: Thu, 03 Mar 2022 09:45:08 GMT
server: nginx/1.18.0
etag: "62208e24-385d7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=345600
accept-ranges: bytes
content-length: 230871
expires: Tue, 08 Mar 2022 12:47:15 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfb3909225efbbe5a1ac53950d32296140a8188a1328d0f987bd54b0aee93d5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 47ms
24ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://t.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 232760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 20:07:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 46ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://t.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 236846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 18:59:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
10 KB 39ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://t.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 12:42:17 GMT
x-content-type-options: nosniff
age: 518698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 26 Feb 2023 12:42:17 GMT

GET tg://resolve?domain=rwhack_group
tg://resolve?domain=rwhack_group 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: resolve
URL: tg://resolve?domain=rwhack_group

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
oblosvita.mk.gov.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: c80ffc9de8c8019a71722b25f93e9f68
.mk.gov.ua/	1970-01-20 18:51:10	Name: _ga Value: GA1.3.1218735164.1646398035
.mk.gov.ua/	1970-01-20 01:21:24	Name: _gid Value: GA1.3.891439199.1646398035
.mk.gov.ua/	1970-01-20 01:19:58	Name: _gat Value: 1
t.me/	1970-01-20 01:21:24	Name: stel_ssid Value: b5130952a32b8d1536_7024159386318646443

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://oblosvita.mk.gov.ua/store/files/logo.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn4.telesco.pe
fonts.googleapis.com
fonts.gstatic.com
oblosvita.mk.gov.ua
resolve
t.me
telegram.org
www.google-analytics.com
resolve
149.154.165.133
2001:67c:4e8:1033:3:100:0:a
2001:67c:4e8:1033:5:100:0:a
217.77.210.254
2a00:1450:4001:808::200e
2a00:1450:4001:811::200a
2a00:1450:4001:82f::2003
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
18cfa77b3c0c18b30696c4b1405e804dccfba69164f334088a97226e36d722d1
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
210eeedf0241abc9113c36a1a866930b9935e3390fab3eba9958af3120e705a6
2812df9040244969616bec20eeb4b5be8690a854a703662e8d5787bfa7607cb8
2ba1e4c9679afe019c519165efcc53e593f43e9cf32928eb15866bdfbe55d621
3ed3a1aa9a9de9aa9748ac7fbdda4f83a3cf2d19ba519e6e441dfe08d98f8291
48c1ea74048ef8cad48498a340b3472147618d18a3e87b479a96678189d95e68
5a69deda17d437d197187612a6a70f51fbb84071faafe7224de00d5873f6bacb
5f7729fd424edfe17b7749849a16fdf47ba73e040406ba854d1a5b995b4a1c53
60a9e8ad101cdf2ecc7bff09992bf5f96a42d89e78c885ac5d50f2072040b159
68d66319349f3336bdf03a33b28ce3916faa301a2c3ae888bd9a2cbe5b0deebf
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
900b8e0052d80e532dcdca466e31b30d4f8eea58992ed9ff2b253d7d5346c811
968016105229e24b5df9bb00f8669763907507921210412c85978e27961c2a8d
bf4b4e698282d6248aced4f883656de33d64e79b79d9dec9e53afd45afb7b487
c563e426c209116c1992eda5f2dc4a09a8f672769cfb0e2dcf8182dd4b6bdda1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20
dfb3909225efbbe5a1ac53950d32296140a8188a1328d0f987bd54b0aee93d5d
ec78edb2c2efad1b281d4e39023dedf99c91688ab2a11349a9c9274f88656b70
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

t.me Open in urlscan Pro 2001:67c:4e8:1033:3:100:0:a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

41 %HTTPS

71 %IPv6

8 Domains

8 Subdomains

8 IPs

4 Countries

837 kBTransfer

1022 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

t.me Open in urlscan Pro
2001:67c:4e8:1033:3:100:0:a Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

41 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

837 kB
Transfer

1022 kB
Size

5
Cookies

27 HTTP transactions
1 data transactions