urlscan.io logo urlscan.io
SecurityTrails logo

zhukov.github.io Open in urlscan Pro
2606:50c0:8000::153  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://telegram.1-0-5.ch/
Effective URL: https://zhukov.github.io/webogram/
Submission: On August 20 via automatic, source openphish — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2606:50c0:8000::153, located in United States and belongs to FASTLY, US. The main domain is zhukov.github.io.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 15th 2024. Valid for: a year.
This is the only time zhukov.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
1 1 116.202.46.42 24940 (HETZNER-AS)
11 2606:50c0:800... 54113 (FASTLY)
7 2001:67c:4e8:... 62041 (TELEGRAM)
19 3
Apex Domain
Subdomains		 Transfer
11 github.io
zhukov.github.io
762 KB
7 telegram.org
venus.web.telegram.org — Cisco Umbrella Rank: 41555
vesta.web.telegram.org — Cisco Umbrella Rank: 257153
4 KB
1 1-0-5.ch
telegram.1-0-5.ch
289 B
19 3
Domain Requested by
11 zhukov.github.io zhukov.github.io
5 venus.web.telegram.org zhukov.github.io
2 vesta.web.telegram.org zhukov.github.io
1 telegram.1-0-5.ch 1 redirects
19 4

This site contains links to these domains. Also see Links.

Domain
desktop.telegram.org
telegram.org
Subject Issuer Validity Valid
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh
*.web.telegram.org
Go Daddy Secure Certificate Authority - G2		 2023-08-30 -
2024-09-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://zhukov.github.io/webogram/
Frame ID: 6AF7BA76BB95417352B29841B2291847
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telegram Web

Page URL History Show full URLs

  1. https://telegram.1-0-5.ch/ HTTP 301
    http://zhukov.github.io/webogram/ HTTP 307
    https://zhukov.github.io/webogram/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.github\.io

Page Statistics

19
Requests

95 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

765 kB
Transfer

2876 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://telegram.1-0-5.ch/ HTTP 301
    http://zhukov.github.io/webogram/ HTTP 307
    https://zhukov.github.io/webogram/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zhukov.github.io/webogram/
Redirect Chain
  • https://telegram.1-0-5.ch/
  • http://zhukov.github.io/webogram/
  • https://zhukov.github.io/webogram/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zhukov.github.io/webogram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
4c2c1ecda421d589e2e016298ef887da21516f115976dc1c81ae683ea67b083c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
662
content-type
text/html; charset=utf-8
date
Tue, 20 Aug 2024 13:10:58 GMT
etag
W/"64567639-688"
expires
Tue, 20 Aug 2024 08:25:02 GMT
last-modified
Sat, 06 May 2023 15:46:01 GMT
permissions-policy
interest-cohort=()
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-fastly-request-id
eb1c42605fca8ee85e89a3a7617e1089e00cfc5d
x-github-request-id
DE79:170212:2B56382:2C6CB40:66C45086
x-origin-cache
HIT
x-proxy-cache
MISS
x-served-by
cache-mxp6943-MXP
x-timer
S1724159459.875519,VS0,VE111

Redirect headers

Location
https://zhukov.github.io/webogram/
Non-Authoritative-Reason
HttpsUpgrades
app.css
zhukov.github.io/webogram/css/ 		188 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zhukov.github.io/webogram/css/app.css
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
ab24b8258e6d00603702753a091af931e3995de0059ab0aadc1bf8700a8cb37e

Request headers

Referer
https://zhukov.github.io/webogram/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 08:25:03 GMT
x-fastly-request-id
450423fbaab75c094425d33d7307c0648295b8ee
date
Tue, 20 Aug 2024 13:10:59 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
content-length
37143
x-served-by
cache-mxp6943-MXP
last-modified
Sat, 06 May 2023 15:46:00 GMT
server
GitHub.com
x-github-request-id
9598:36FCBA:AD5CEB:B1735B:66C45087
x-timer
S1724159459.041686,VS0,VE97
etag
W/"64567638-2ee4f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
app.js
zhukov.github.io/webogram/js/ 		3 MB
692 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zhukov.github.io/webogram/js/app.js
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7583205460e8aa46ec80d7ef8340f10db692ec7ca8b7df2decb95a558246c4c9

Request headers

Referer
https://zhukov.github.io/webogram/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 12:06:00 GMT
x-fastly-request-id
a33ad1ab9de445f087f692fed72b54ed39fa2f60
date
Tue, 20 Aug 2024 13:10:59 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
content-length
708476
x-served-by
cache-mxp6943-MXP
last-modified
Sat, 06 May 2023 15:46:01 GMT
server
GitHub.com
x-github-request-id
BD16:2E3A93:36BB81C:3820FDE:66C4844F
x-timer
S1724159459.042428,VS0,VE104
etag
W/"64567639-282d49"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
desktop.css
zhukov.github.io/webogram/css/ 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zhukov.github.io/webogram/css/desktop.css
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
c47434acd9cc3f90b5bce8c782561ce10c52903c7fac19e141030c57d9c6dcf3

Request headers

Referer
https://zhukov.github.io/webogram/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 09:08:24 GMT
x-fastly-request-id
36358490c75d0f2c251d2b510acc664539e024fc
date
Tue, 20 Aug 2024 13:10:59 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
content-length
9112
x-served-by
cache-mxp6943-MXP
last-modified
Sat, 06 May 2023 15:46:00 GMT
server
GitHub.com
x-github-request-id
BCF7:359A8D:305E97D:318E4DC:66C45AB0
x-timer
S1724159459.377779,VS0,VE104
etag
W/"64567638-c1c3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
en-us.json
zhukov.github.io/webogram/js/locales/ 		48 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zhukov.github.io/webogram/js/locales/en-us.json
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
de4c9d4b70bd3057b0b5a9392746eab9374dfdc5992d3f72eb819cb0ee44a577

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://zhukov.github.io/webogram/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 08:24:12 GMT
x-fastly-request-id
57df1a2d197566e8bf2e71f3025c72fa291b239a
date
Tue, 20 Aug 2024 13:10:59 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
content-length
11796
x-served-by
cache-mxp6943-MXP
last-modified
Sat, 06 May 2023 15:46:01 GMT
server
GitHub.com
x-github-request-id
254A:A67E0:37AB4B1:391A327:66C4508B
x-timer
S1724159459.379569,VS0,VE107
etag
W/"64567639-becf"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
HIT
favicon.ico
zhukov.github.io/webogram/ 		959 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zhukov.github.io/webogram/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
462c72824442b77689e0650dfe56a218cbea68b48669d68f3f7b3247af187d09

Request headers

Referer
https://zhukov.github.io/webogram/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 08:25:33 GMT
x-fastly-request-id
faf01bd7be3b20575875fdaf30b2bd074c5bf60d
date
Tue, 20 Aug 2024 13:10:59 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
content-length
982
x-served-by
cache-mxp6943-MXP
last-modified
Sat, 06 May 2023 15:46:00 GMT
server
GitHub.com
x-github-request-id
36C9:34DC72:2DD28EF:2EF26D5:66C450A5
x-timer
S1724159460.506378,VS0,VE103
etag
W/"64567638-3bf"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
truncated
/ 		58 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		682 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd4187fa4010f3daef2226882a74e8767c65ba9e531a6b1eee5f53d520535417

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		340 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3408991e570821c11e13240c7a7382d5a3ff7d41b16625131173650868d519b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		751 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
617f22f8c6cc829644c0a45c1c83cae9dcf76812165c6f9e4fee75e45663086c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
General.png
zhukov.github.io/webogram/img/icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhukov.github.io/webogram/img/icons/General.png
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
1787211bb6c15bc910e4aa84f5840a92bf1d52d9fed9975d604e91a2164d894e

Request headers

Referer
https://zhukov.github.io/webogram/css/app.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 12:39:15 GMT
x-fastly-request-id
89e1a849eb60146bd92ab38bca54f9cf045c2196
date
Tue, 20 Aug 2024 13:10:59 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
content-length
6355
x-served-by
cache-mxp6943-MXP
last-modified
Sat, 06 May 2023 15:46:01 GMT
server
GitHub.com
x-github-request-id
3255:A67E0:3B5E1A6:3CDEAB6:66C48C1B
x-timer
S1724159460.597000,VS0,VE115
etag
"64567639-18d3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
Telegram.svg
zhukov.github.io/webogram/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhukov.github.io/webogram/img/Telegram.svg
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
bd24e2e781d27a24a5b689e340f6acfd17069cf48814d563160c8c9265382d77

Request headers

Referer
https://zhukov.github.io/webogram/css/app.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 08:25:35 GMT
x-fastly-request-id
127dff6bea63e6ee32943a96bc2688b5d7f4694d
date
Tue, 20 Aug 2024 13:10:59 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
content-length
2036
x-served-by
cache-mxp6943-MXP
last-modified
Sat, 06 May 2023 15:46:00 GMT
server
GitHub.com
x-github-request-id
78E5:36FCBA:AD7C61:B19370:66C450A7
x-timer
S1724159460.596981,VS0,VE107
etag
W/"64567638-14c9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
favicon.ico
zhukov.github.io/webogram/ 		959 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://zhukov.github.io/webogram/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
462c72824442b77689e0650dfe56a218cbea68b48669d68f3f7b3247af187d09

Request headers

Referer
https://zhukov.github.io/webogram/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 08:25:33 GMT
x-fastly-request-id
faf01bd7be3b20575875fdaf30b2bd074c5bf60d
date
Tue, 20 Aug 2024 13:10:59 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
content-length
982
x-served-by
cache-mxp6943-MXP
last-modified
Sat, 06 May 2023 15:46:00 GMT
server
GitHub.com
x-github-request-id
36C9:34DC72:2DD28EF:2EF26D5:66C450A5
x-timer
S1724159460.506378,VS0,VE103
etag
W/"64567638-3bf"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
crypto_worker.js
zhukov.github.io/webogram/js/lib/ 		1 KB
790 B 		Other
General
Check archive.org
Download Go to
Full URL
https://zhukov.github.io/webogram/js/lib/crypto_worker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
fe146019189901e1e9b9a1d1ce67ed7435ddf121c04461169c6fd4b3e8ed1f6c

Request headers

Referer
https://zhukov.github.io/webogram/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 08:25:17 GMT
x-fastly-request-id
ba7f7a6b603eab3c1998332ed1701ad3d107e692
date
Tue, 20 Aug 2024 13:10:59 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
content-length
534
x-served-by
cache-mxp6943-MXP
last-modified
Sat, 06 May 2023 15:46:01 GMT
server
GitHub.com
x-github-request-id
12E5:13AD5F:3992EFB:3B02ACD:66C45095
x-timer
S1724159460.605596,VS0,VE94
etag
W/"64567639-4a3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
apiw1
venus.web.telegram.org/ 		84 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venus.web.telegram.org/apiw1
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ffd7d461702bdd282794ad00a0ed3d7892fcc78e5797709bcaff6cc6373c7095
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://zhukov.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 13:10:59 GMT
strict-transport-security
max-age=35768000
server
nginx/1.18.0
access-control-max-age
1728000
access-control-allow-methods
POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-store
access-control-allow-headers
origin, content-type
content-length
84
favicon.ico
zhukov.github.io/webogram/ 		959 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://zhukov.github.io/webogram/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
462c72824442b77689e0650dfe56a218cbea68b48669d68f3f7b3247af187d09

Request headers

Referer
https://zhukov.github.io/webogram/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 08:25:33 GMT
x-fastly-request-id
faf01bd7be3b20575875fdaf30b2bd074c5bf60d
date
Tue, 20 Aug 2024 13:10:59 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
content-length
982
x-served-by
cache-mxp6943-MXP
last-modified
Sat, 06 May 2023 15:46:00 GMT
server
GitHub.com
x-github-request-id
36C9:34DC72:2DD28EF:2EF26D5:66C450A5
x-timer
S1724159460.506378,VS0,VE103
etag
W/"64567638-3bf"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
apiw1
venus.web.telegram.org/ 		652 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venus.web.telegram.org/apiw1
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
14420542b7ae65db84e6fce7834c97470d98d5fedb6acd2404e6dc07781bd76b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://zhukov.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 13:11:01 GMT
strict-transport-security
max-age=35768000
server
nginx/1.18.0
access-control-max-age
1728000
access-control-allow-methods
POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-store
access-control-allow-headers
origin, content-type
content-length
652
apiw1
venus.web.telegram.org/ 		72 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venus.web.telegram.org/apiw1
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
01b872616c537f2bb7d56057c8487ca3e61bbf95976047d2416415de2eb6ff00
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://zhukov.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 13:11:02 GMT
strict-transport-security
max-age=35768000
server
nginx/1.18.0
access-control-max-age
1728000
access-control-allow-methods
POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-store
access-control-allow-headers
origin, content-type
content-length
72
apiw1
venus.web.telegram.org/ 		168 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venus.web.telegram.org/apiw1
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c3b87aac725098eb864ceca786dfdb8e4ec68b2a9d52c18163af24523390c637
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://zhukov.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 13:11:03 GMT
strict-transport-security
max-age=35768000
server
nginx/1.18.0
access-control-max-age
1728000
access-control-allow-methods
POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-store
access-control-allow-headers
origin, content-type
content-length
168
apiw1
venus.web.telegram.org/ 		168 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venus.web.telegram.org/apiw1
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
23708afecf0b51c01dd06fd86f7536246857705927f1049b5e70d010682ba5cc
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://zhukov.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 13:11:03 GMT
strict-transport-security
max-age=35768000
server
nginx/1.18.0
access-control-max-age
1728000
access-control-allow-methods
POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-store
access-control-allow-headers
origin, content-type
content-length
168
apiw1
vesta.web.telegram.org/ 		84 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vesta.web.telegram.org/apiw1
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
76fa1f418571c7be7b2a4b490239b9b0885c75f83cd656746c70997a94ebe6ab
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://zhukov.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 13:11:03 GMT
strict-transport-security
max-age=35768000
server
nginx/1.18.0
access-control-max-age
1728000
access-control-allow-methods
POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-store
access-control-allow-headers
origin, content-type
content-length
84
apiw1
vesta.web.telegram.org/ 		652 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vesta.web.telegram.org/apiw1
Requested by
Host: zhukov.github.io
URL: https://zhukov.github.io/webogram/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3b846ab06dc999e79f90874a1397c3bc2b40c7a65489015e149d88ab16a4b4a1
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://zhukov.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 13:11:04 GMT
strict-transport-security
max-age=35768000
server
nginx/1.18.0
access-control-max-age
1728000
access-control-allow-methods
POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-store
access-control-allow-headers
origin, content-type
content-length
652
apiw1
vesta.web.telegram.org/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vesta.web.telegram.org
URL
https://vesta.web.telegram.org/apiw1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

349 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInteger function| nbi function| am1 function| am2 function| am3 function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse function| bnIsProbablePrime function| bnpMillerRabin function| rng_seed_int function| rng_seed_time function| rng_get_byte function| rng_get_bytes function| SecureRandom function| Arcfour function| ARC4init function| ARC4next function| prng_newstate function| findPrimes function| millerRabinInt function| millerRabin function| bitSize function| expand function| randTruePrime function| randProbPrime function| randProbPrimeRounds function| mod function| addInt function| mult function| powMod function| sub function| add function| inverseMod function| multMod function| randTruePrime_ function| randBigInt function| randBigInt_ function| GCD function| GCD_ function| inverseMod_ function| inverseModInt function| inverseModInt_ function| eGCD_ function| negative function| greaterShift function| greater function| divide_ function| carry_ function| modInt function| int2bigInt function| str2bigInt function| equalsInt function| equals function| isZero function| bigInt2str function| dup function| copy_ function| copyInt_ function| addInt_ function| rightShift_ function| halve_ function| leftShift_ function| multInt_ function| divInt_ function| linComb_ function| linCombShift_ function| addShift_ function| subShift_ function| sub_ function| add_ function| mult_ function| mod_ function| multMod_ function| squareMod_ function| trim function| powMod_ function| mont_ function| dT function| checkClick function| isInDOM function| checkDragEvent function| cancelEvent function| hasOnclick function| getScrollWidth function| onCtrlEnter function| setFieldSelection function| getFieldSelection function| getRichValue function| getRichValueWithCaret function| getRichElementValue function| setRichFocus function| getSelectedText function| scrollToNode function| onContentLoaded function| tsNow function| safeReplaceObject function| listMergeSorted function| listUniqSorted function| templateUrl function| encodeEntities function| calcImageInBox function| versionCompare function| bigint function| bigStringInt function| dHexDump function| bytesToHex function| bytesFromHex function| bytesToBase64 function| uint6ToBase64 function| base64ToBlob function| dataUrlToBlob function| blobConstruct function| blobSafeMimeType function| bytesCmp function| bytesXor function| bytesToWords function| bytesFromWords function| bytesFromBigInt function| bytesFromLeemonBigInt function| bytesToArrayBuffer function| convertToArrayBuffer function| convertToUint8Array function| convertToByteArray function| bytesFromArrayBuffer function| bufferConcat function| longToInts function| longToBytes function| longFromInts function| intToUint function| uintToInt function| sha1HashSync function| sha1BytesSync function| sha256HashSync function| rsaEncrypt function| addPadding function| aesEncryptSync function| aesDecryptSync function| gzipUncompress function| nextRandomInt function| pqPrimeFactorization function| pqPrimeBigInteger function| gcdLong function| pqPrimeLong function| pqPrimeLeemon function| bytesModPow function| TLSerialization function| TLDeserialization function| EmojiTooltip function| EmojiPanel function| MessageComposer function| Scroller number| dbits number| canary boolean| j_lm number| BI_FP string| BI_RM object| BI_RC number| rr number| vv object| lowprimes number| lplim object| rng_state object| rng_pool object| global object| t object| ua number| rng_psize object| CryptoJS function| OGVDemuxerOgg function| OGVDecoderAudioOpus function| OGVDecoderAudioVorbis number| _logTimer object| extraModules function| setZeroTimeout function| $ function| jQuery object| Config object| ConfigStorage function| safeConfirm object| angular function| Rusha object| Zlib object| goog number| bpe number| mask number| radix string| digitsStr object| buff object| one object| ss object| s0 object| s1 object| s2 object| s3 object| s4 object| s5 object| s6 object| s7 object| T object| sa object| mr_x1 object| mr_r object| mr_a object| eg_v object| eg_u object| eg_A object| eg_B object| eg_C object| eg_D object| md_q1 object| md_q2 object| md_q3 object| md_r object| md_r1 object| md_r2 object| md_tt object| primes object| pows object| s_i object| s_i2 object| s_R object| s_rm object| s_q object| s_n1 object| s_a object| s_r2 object| s_n object| s_b object| s_d object| s_x1 object| s_x2 object| s_aa object| rpprb function| WebPDecoder function| OGVTimeRanges function| OGVMediaError string| prop object| OGVCompat object| OGVLoader function| OGVMediaType function| OGVPlayer string| OGVVersion object| ogvjs function| Recorder function| onAnimationFrameCallback object| SearchIndexManager object| EmojiHelper object| jQuery1111018714117791906815 function| requestFileSystem object| rushaInstance object| cachedFs number| k

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

telegram.1-0-5.ch
venus.web.telegram.org
vesta.web.telegram.org
zhukov.github.io
vesta.web.telegram.org
116.202.46.42
2001:67c:4e8:f004::9
2606:50c0:8000::153
01b872616c537f2bb7d56057c8487ca3e61bbf95976047d2416415de2eb6ff00
14420542b7ae65db84e6fce7834c97470d98d5fedb6acd2404e6dc07781bd76b
1787211bb6c15bc910e4aa84f5840a92bf1d52d9fed9975d604e91a2164d894e
23708afecf0b51c01dd06fd86f7536246857705927f1049b5e70d010682ba5cc
3b846ab06dc999e79f90874a1397c3bc2b40c7a65489015e149d88ab16a4b4a1
462c72824442b77689e0650dfe56a218cbea68b48669d68f3f7b3247af187d09
4c2c1ecda421d589e2e016298ef887da21516f115976dc1c81ae683ea67b083c
617f22f8c6cc829644c0a45c1c83cae9dcf76812165c6f9e4fee75e45663086c
7583205460e8aa46ec80d7ef8340f10db692ec7ca8b7df2decb95a558246c4c9
76fa1f418571c7be7b2a4b490239b9b0885c75f83cd656746c70997a94ebe6ab
ab24b8258e6d00603702753a091af931e3995de0059ab0aadc1bf8700a8cb37e
bd24e2e781d27a24a5b689e340f6acfd17069cf48814d563160c8c9265382d77
c3b87aac725098eb864ceca786dfdb8e4ec68b2a9d52c18163af24523390c637
c47434acd9cc3f90b5bce8c782561ce10c52903c7fac19e141030c57d9c6dcf3
de4c9d4b70bd3057b0b5a9392746eab9374dfdc5992d3f72eb819cb0ee44a577
f3408991e570821c11e13240c7a7382d5a3ff7d41b16625131173650868d519b
fd4187fa4010f3daef2226882a74e8767c65ba9e531a6b1eee5f53d520535417
fe146019189901e1e9b9a1d1ce67ed7435ddf121c04461169c6fd4b3e8ed1f6c
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514
ffd7d461702bdd282794ad00a0ed3d7892fcc78e5797709bcaff6cc6373c7095