web-telegram.ru
Open in
urlscan Pro
188.114.96.3
Malicious Activity!
Public Scan
Submission: On September 23 via manual from GR — Scanned from NL
Summary
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.
This is the only time web-telegram.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
web-telegram.ru
web-telegram.ru |
248 KB |
24 | 1 |
Domain | Requested by | |
---|---|---|
15 | web-telegram.ru |
web-telegram.ru
|
24 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
github.com |
core.telegram.org |
telegram.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
web-telegram.ru WE1 |
2024-09-18 - 2024-12-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://web-telegram.ru/
Frame ID: E6B8C5EF03FBC01CA1C2B6407DD65B0E
Requests: 23 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: WebK
Search URL Search Domain Scan URL
Title: Telegram API
Search URL Search Domain Scan URL
Title: пользовательское соглашение с Telegram
Search URL Search Domain Scan URL
Title: https://telegram.org/apps
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
web-telegram.ru/ |
17 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
speculation
web-telegram.ru/cdn-cgi/ |
128 B 538 B |
Other
application/speculationrules+json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-kkUYwrZF.js
web-telegram.ru/ |
137 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-BZ4hP6DU.css
web-telegram.ru/ |
476 KB 81 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ARLRDBD.woff
web-telegram.ru/assets/fonts/ |
29 KB 30 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
mtproto.worker-qwz4OBI1.js
web-telegram.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
crypto.worker-CfCshcpI.js
web-telegram.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
369 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
crypto.worker-CfCshcpI.js
web-telegram.ru/ |
67 KB 24 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
59 B 59 B |
Image
image/jxl |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
311 B 0 |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
web-telegram.ru/assets/img/ |
15 KB 3 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lang-CAQET9jA.js
web-telegram.ru/ |
129 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
langSign-CN-ja8rh.js
web-telegram.ru/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
countries-CzeCvYH8.js
web-telegram.ru/ |
23 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
14c25a68-6022-43a1-bb3d-355b54746e9c
https://web-telegram.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dcf20c20-1673-477e-a5e5-e5c3f8020459
https://web-telegram.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
4ba39a0a-c27a-48e1-9715-fc065fc074b5
https://web-telegram.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pageSignQR-DPKHGQt4.js
web-telegram.ru/ |
5 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
page-DueTWsnQ.js
web-telegram.ru/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
button-C9TZruNP.js
web-telegram.ru/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
putPreloader-DyQgWzVq.js
web-telegram.ru/ |
649 B 896 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
textToSvgURL-Cnw_Q8Rw.js
web-telegram.ru/ |
307 B 700 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qr-code-styling-CvBVNv73.js
web-telegram.ru/ |
65 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_commonjsHelpers-Cpj98o6Y.js
web-telegram.ru/ |
236 B 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tgico.ttf
web-telegram.ru/assets/fonts/ |
89 KB 0 |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_padded.svg
web-telegram.ru/assets/img/ |
1 KB 0 |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- web-telegram.ru
- URL
- https://web-telegram.ru/mtproto.worker-qwz4OBI1.js
- Domain
- web-telegram.ru
- URL
- https://web-telegram.ru/crypto.worker-CfCshcpI.js
- Domain
- web-telegram.ru
- URL
- blob:https://web-telegram.ru/14c25a68-6022-43a1-bb3d-355b54746e9c
- Domain
- web-telegram.ru
- URL
- blob:https://web-telegram.ru/dcf20c20-1673-477e-a5e5-e5c3f8020459
- Domain
- web-telegram.ru
- URL
- blob:https://web-telegram.ru/4ba39a0a-c27a-48e1-9715-fc065fc074b5
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| modal object| btn object| span object| rootScope function| deferredPromise function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| appNavigationController object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes object| customProperties object| windowSize object| liteMode object| themeController object| overlayCounter function| formatDateAccordingToTodayNew function| fillTipDates object| sequentialDom function| dispatchHeavyAnimationEvent object| pagesManager function| putPreloader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=86400 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
web-telegram.ru
web-telegram.ru
188.114.96.3
03558962af362f80f89545c391f51e2a03891c30070e12bc8ef4c856447993f3
03bb063615040f6fb37fb264baae99b54aae9d86df28d4dbc218acb937bba13b
03e942676f3b1a81b4acf89d9b23052331805b1bb9dbc2cdfc38dd97cbeb4118
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
0a3fcde14fc5ef749f8c5648c826ab7378c17d8c56a7c5050bb6ced25eb49ced
118c14f54747e256af803a1878c276f4609a2556dd3606a789f6690d102b2068
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
144f104a5733505a75ae22b9c2d6ca9e03097eea17c546e8aa7024fe104bebfd
20eed087d62b221083c82b23a2a810acef90c27b956bb084a702a2906c52a3f3
3667812550b378f960a3e072dab1cd6cd27275106ceca72f4038b8ed4fdd979d
37b8efec9a531814820b3420e24c3e56f3a7ac6baf5bc29338ae940ecb5cc0b5
44b663afb6ffdd2b41d13f2d32acdd1a2e7b114533837ec640fd165eb85a5187
623d739173671e3705321d3073992e1875f77f709d71b2bbe571e837d6d9127a
6d26c84ed2a4ec975d8a208c5907a95d00bf0d7193be1dc82cbeace0ef637b0f
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
9625379badd4849610dfe6c15453cdf0c0071264c90eef177307fac094d2aa6c
a5ecd1d2ccd03ead85bcb79c5bddd585573c9e030595c9cba833ffd4bee2eb13
ab327886bebbe07733ff2b6e3982afc4e2cfb472e76da946ad28a4c35a1f2ff9
b9a27828a525d66c8b02fe99b090699326c04ab7fc91bbffa6fed9ad3b5d04c3
d952e7e1133fec9ac15e6dd40ff4fb31123720b29f0f877c6c79c67500de6f61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e01602eee2f78d624e1f2a3e3f8ec2fb30e6ed5d88dd5c259a4ff336773e5a
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4