yd10-telegram.org
Open in
urlscan Pro
104.21.24.151
Malicious Activity!
Public Scan
Submission: On August 26 via api from SG — Scanned from SG
Summary
This is the only time yd10-telegram.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 104.21.24.151 104.21.24.151 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
yd10-telegram.org
yd10-telegram.org |
23 MB |
19 | 1 |
Domain | Requested by | |
---|---|---|
19 | yd10-telegram.org |
yd10-telegram.org
|
19 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://yd10-telegram.org/
Frame ID: 928B39D3BF9520584FD2516430B5A385
Requests: 19 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Twitter
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
yd10-telegram.org/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
yd10-telegram.org/style/ |
62 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
matomo.js.%E4%B8%8B%E8%BD%BD
yd10-telegram.org/style/ |
64 KB 65 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.4.min.js.%E4%B8%8B%E8%BD%BD
yd10-telegram.org/style/ |
84 KB 84 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navright1.png
yd10-telegram.org/style/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navright.png
yd10-telegram.org/style/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
yd10-telegram.org/style/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
session3.jpg
yd10-telegram.org/style/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
window.jpg
yd10-telegram.org/style/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
section4i9.gif
yd10-telegram.org/style/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
section4i8.gif
yd10-telegram.org/style/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
section4i7.gif
yd10-telegram.org/style/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
section4i6.gif
yd10-telegram.org/style/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
section4i5.gif
yd10-telegram.org/style/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
section4i4.gif
yd10-telegram.org/style/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
section4i3.gif
yd10-telegram.org/style/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
section4i2.gif
yd10-telegram.org/style/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
section4i1.gif
yd10-telegram.org/style/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skin.css
yd10-telegram.org/style/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| $ function| jQuery function| navright0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
yd10-telegram.org
104.21.24.151
116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471
15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d
321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6
33d6be96b9ceed78dc9b32bb3fcdf2814836635d2d376d746f42728c35538f9e
3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48
5182cdb2242dfc599f4b581b06dbb62a8999c3c10b9f28fe5a41abc07c0bc1c1
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
64e7a48d6b1ffad1238d25ecf2353fe3a008a7f3426a11138cf149bb07d4fbd7
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a
88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45
b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
c443c78239489b2ee75618b26460dae55a87a132b74807780ceab30130eb7a68
e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402
e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2
f123a86b52bc881b75b0afe9201a8cf1ed563c59e44b84c2c21f58e80ce3b44b
f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b