telegramto.com
Open in
urlscan Pro
142.54.182.50
Malicious Activity!
Public Scan
Effective URL: https://telegramto.com/
Submission: On February 14 via api from SG — Scanned from SG
Summary
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on February 11th 2023. Valid for: a year.
This is the only time telegramto.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 142.54.182.50 142.54.182.50 | 33387 (NOCIX) (NOCIX) | |
21 | 154.82.100.52 154.82.100.52 | 399077 (TERAEXCH) (TERAEXCH) | |
3 | 2404:6800:400... 2404:6800:4003:c0f::61 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2001:4860:480... 2001:4860:4802:32::178 | 15169 (GOOGLE) (GOOGLE) | |
34 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
telegroom.com
www.telegroom.com |
23 MB |
8 |
telegramto.com
1 redirects
telegramto.com |
6 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 93 |
20 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 109 |
166 KB |
34 | 4 |
Domain | Requested by | |
---|---|---|
21 | www.telegroom.com |
telegramto.com
www.telegroom.com |
8 | telegramto.com |
1 redirects
telegramto.com
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | www.googletagmanager.com |
telegramto.com
www.googletagmanager.com |
34 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
telegramga123.oss-cn-hongkong.aliyuncs.com |
macos.telegram.org |
apps.apple.com |
telegram.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
telegramto.com TrustAsia RSA DV TLS CA G2 |
2023-02-11 - 2024-02-11 |
a year | crt.sh |
telegroom.com Certum Domain Validation CA SHA2 |
2023-01-18 - 2024-02-16 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://telegramto.com/
Frame ID: 9A3B1360E336BC6C1E30E191686839BF
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
Telegram中文官网Page URL History Show full URLs
-
http://telegramto.com/
HTTP 301
https://telegramto.com/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Twitter
Search URL Search Domain Scan URL
Title: Telegram 中文桌面版
Search URL Search Domain Scan URL
Title: Telegram macOS版
Search URL Search Domain Scan URL
Title: Telegram 安卓版
Search URL Search Domain Scan URL
Title: Telegram iPhone / iPad
Search URL Search Domain Scan URL
Title: 网页版
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://telegramto.com/
HTTP 301
https://telegramto.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
telegramto.com/ Redirect Chain
|
21 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.telegroom.com/TG_ZH/index_files/ |
42 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram.css
www.telegroom.com/TG_ZH/index_files/ |
108 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js.download
www.telegroom.com/TG_ZH/index_files/ |
116 KB 55 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.telegroom.com/TG_ZH/index_files/ |
105 KB 50 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js(1)
telegramto.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t_logo.png
www.telegroom.com/TG_ZH/index_files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cbc986292284a428e2.jpg
www.telegroom.com/file/ |
144 KB 144 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66eebb00fd46acb1ce.jpg
www.telegroom.com/file/ |
167 KB 168 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dd4eeb46cc5efc0688.gif
www.telegroom.com/TG_ZH/index_files/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d4b936ecc2c939f4fa.gif
www.telegroom.com/TG_ZH/index_files/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7318c11715aa2ec45b.gif
www.telegroom.com/TG_ZH/index_files/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7d57d7159cf4fbe9b2.gif
www.telegroom.com/TG_ZH/index_files/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
911807f65dfb4f8f20.gif
www.telegroom.com/TG_ZH/index_files/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feb1e161b1d3608613.gif
www.telegroom.com/TG_ZH/index_files/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9ce5fa5f3fb74460b4.gif
www.telegroom.com/TG_ZH/index_files/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f3cec6c451d023c109.gif
www.telegroom.com/TG_ZH/index_files/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b6c5dbc0e4f6553805.gif
www.telegroom.com/TG_ZH/index_files/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
telegramto.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
download.js
telegramto.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v652eace1692a40cfa3763df669d7439c1639079717194
telegramto.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
122 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.png
www.telegroom.com/TG_ZH/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t_main_Android_demo.mp4
telegramto.com/img/ |
0 0 |
Media
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t_main_iOS_demo.mp4
telegramto.com/img/ |
0 0 |
Media
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SiteDesktop.jpg
www.telegroom.com/TG_ZH/img/ |
95 KB 96 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SiteLogos.png
www.telegroom.com/TG_ZH/img/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SiteAndroid.jpg
www.telegroom.com/TG_ZH/img/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SiteiOS.jpg
www.telegroom.com/TG_ZH/img/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
110 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
215 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 170 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.telegramto.com/ | Name: _ga_VE3X12E1EV Value: GS1.1.1676407110.1.0.1676407110.0.0.0 |
|
.telegramto.com/ | Name: _ga Value: GA1.2.873882739.1676407111 |
|
.telegramto.com/ | Name: _gid Value: GA1.2.1570470350.1676407111 |
|
.telegramto.com/ | Name: _gat_gtag_UA_212845866_1 Value: 1 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
telegramto.com
www.google-analytics.com
www.googletagmanager.com
www.telegroom.com
142.54.182.50
154.82.100.52
2001:4860:4802:32::178
2404:6800:4003:c0f::61
116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471
15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365
15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d
1a2b102a55c9f22ec06063eb2be4ee54f6ca0e21391c8b096ee9e0c08fe92d89
20f4c7a3a145bb8bd7bbed583088379b30196e62437926bb0433042b81102e19
321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6
377a867c84d7622e8505d60ab3f2cd91c2bee74035d45971e9fd11f904cc3da6
3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
8cbaae5ea817ea19555ba3c88649f6db86533c6a0fb945042ac060b0c446199c
8ddab33bd2921e0a99c5f9919ca4a9c22a11916db184f15b9501c0dd6a99947a
8f525efedf280517ef44af0da648cb99b6590d233ee1465601d428c394f3e351
9d47030d555e1765171c05b57ed755744d6051364674efbd99a98df9ec7fa9cd
abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45
adbb4d0a389cd244a73b98167b6ee4ce19f18a1c9a31e25628a618609ef0352c
b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417
c53d805c9824ffe3334aea451047fa47bf52297c0617156f3bec845f20caa0b2
e105c7cdd8ead1cb46d3f012246fd6848eed708afaef6ecb72389cf366d3c8cc
e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
f7636c7f7e73714a6b64aa8ca0ee8a0f705b49acd709c17bc223a0963cf6000f
f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b