telegrams.wtf Open in urlscan Pro
5.183.11.221 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.telegrams.wtf/
Effective URL:
https://telegrams.wtf/
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 15 via api (June 15th 2023, 2:32:58 pm UTC) from FI — Scanned from FI

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 5.183.11.221, located in United States and belongs to AS-HOSTINGER, CY. The main domain is telegrams.wtf.
TLS certificate: Issued by R3 on May 18th 2023. Valid for: 3 months.

This is the only time telegrams.wtf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
1 19	5.183.11.221 5.183.11.221		47583 (AS-HOSTINGER) (AS-HOSTINGER)
18	1

19 5.183.11.221 (United States) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

www.telegrams.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
telegrams.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	telegrams.wtf 1 redirects www.telegrams.wtf telegrams.wtf	23 MB
18	1

	Domain	Requested by
18	telegrams.wtf	telegrams.wtf
1	www.telegrams.wtf	1 redirects
18	2

This site contains links to these domains. Also see Links.

Domain
telegram.org
apps.apple.com

Subject Issuer	Validity	Valid
telegrams.wtf R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://telegrams.wtf/
Frame ID: 9F0A1565A13B84669E00AB6BCD1BD33C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

telegram中文版官网

Page URL History Show full URLs

https://www.telegrams.wtf/ HTTP 302
https://telegrams.wtf/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

23888 kB
Transfer

24279 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/dl/desktop/win64
Title: Telegram 中文版下载 (Windows)

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/telegram-messenger/id686449807
Title: Telegram 中文版下载 (iPhone)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.telegrams.wtf/ HTTP 302
https://telegrams.wtf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response telegrams.wtf/ Redirect Chain https://www.telegrams.wtf/ https://telegrams.wtf/	909 B 591 B	558ms 186ms	Document text/html	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `936ea060b9d411ec9e528d41085c38bdd6a14681f1ee53f424a86b86d443d932` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers content-encoding gzip content-length 461 content-type text/html; charset=utf-8 date Thu, 15 Jun 2023 14:32:26 GMT etag "rq6dhep9" last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy vary Accept-Encoding Redirect headers content-length 0 date Thu, 15 Jun 2023 14:32:25 GMT location https://telegrams.wtf/ server Caddy
GET H2	200	app.f9ee57f4.css telegrams.wtf/css/	12 KB 3 KB	225ms 124ms	Stylesheet text/css	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://telegrams.wtf/css/app.f9ee57f4.css Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `3f919b423931fbcb5795bc801ea2d0c6bf317bf037895f813ecc0d1b62275eb3` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:26 GMT content-encoding gzip last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe9ep" vary Accept-Encoding content-type text/css; charset=utf-8 content-length 3185
GET H2	200	chunk-vendors.10cb7556.css telegrams.wtf/css/	81 KB 38 KB	547ms 447ms	Stylesheet text/css	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://telegrams.wtf/css/chunk-vendors.10cb7556.css Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `b03f00acd525db782e0c47736c1470f10081d4131af6c9119e66cd6a51968833` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:26 GMT content-encoding gzip last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe1s3o" vary Accept-Encoding content-type text/css; charset=utf-8
GET H2	200	app.f46fefb2.js Show response telegrams.wtf/js/	145 KB 53 KB	440ms 340ms	Script application/javascript	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://telegrams.wtf/js/app.f46fefb2.js Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `776165a2cfb1ea839686c3e4a79af7da8033227a5a80caa5bdac6e0e8c91e615` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:26 GMT content-encoding gzip last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe36iy" vary Accept-Encoding content-type application/javascript
GET H2	200	chunk-vendors.b54c69f8.js Show response telegrams.wtf/js/	379 KB 119 KB	226ms 130ms	Script application/javascript	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://telegrams.wtf/js/chunk-vendors.b54c69f8.js Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `6c8cde78d9e1b9f1876c159249e2fe9878c1eb0d94a2057e69580ae32f375bae` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:26 GMT content-encoding gzip last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe8bqm" vary Accept-Encoding content-type application/javascript
GET H2	200	logo-1.2c84be4c.png telegrams.wtf/img/	11 KB 11 KB	245ms 187ms	Image image/png	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/logo-1.2c84be4c.png Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe8u1" content-length 11449 content-type image/png
GET H2	200	android_img3.6a6b0573.png telegrams.wtf/img/	80 KB 80 KB	245ms 187ms	Image image/png	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/android_img3.6a6b0573.png Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `ec944d0e2ab5e484ab13b9358782c66635f56d7f4b5606646930cff212bc73d5` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe1qz3" content-length 81615 content-type image/png
GET H2	200	window_img.f1c5283a.png telegrams.wtf/img/	37 KB 37 KB	421ms 363ms	Image image/png	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/window_img.f1c5283a.png Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `431b4cb2c228f8ea5cad449b1f23d4fc43a10610842e976af764602b10c65f25` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhet0n" content-length 37607 content-type image/png
GET H2	200	iphone_img3.ce06304c.png telegrams.wtf/img/	197 KB 197 KB	246ms 188ms	Image image/png	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/iphone_img3.ce06304c.png Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `23a3d3f6cad25b7740db63a3bc1da7683628923f20c0dcfb7e3fc59402a3f643` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe4bwq" content-length 202058 content-type image/png
GET H2	200	list-pic21.cbd2d6af.gif telegrams.wtf/img/	2 MB 2 MB	246ms 189ms	Image image/gif	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/list-pic21.cbd2d6af.gif Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe1fru6" content-length 2415534 content-type image/gif
GET H2	200	list-pic22.9f6cb1e0.gif telegrams.wtf/img/	2 MB 2 MB	444ms 387ms	Image image/gif	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/list-pic22.9f6cb1e0.gif Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe1b7fr" content-length 2202471 content-type image/gif
GET H2	200	list-pic23.999ccb07.gif telegrams.wtf/img/	2 MB 2 MB	465ms 408ms	Image image/gif	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/list-pic23.999ccb07.gif Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe1cbum" content-length 2254846 content-type image/gif
GET H2	200	list-pic24.e60746b1.gif telegrams.wtf/img/	3 MB 3 MB	445ms 388ms	Image image/gif	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/list-pic24.e60746b1.gif Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe21ct2" content-length 3422486 content-type image/gif
GET H2	200	list-pic25.6a88bbd5.gif telegrams.wtf/img/	2 MB 2 MB	450ms 394ms	Image image/gif	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/list-pic25.6a88bbd5.gif Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe16x47" content-length 2002471 content-type image/gif
GET H2	200	list-pic26.14c0a010.gif telegrams.wtf/img/	2 MB 2 MB	454ms 398ms	Image image/gif	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/list-pic26.14c0a010.gif Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe1fyzn" content-length 2424803 content-type image/gif
GET H2	200	list-pic27.3ca4222d.gif telegrams.wtf/img/	3 MB 3 MB	1594ms 1538ms	Image image/gif	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/list-pic27.3ca4222d.gif Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe1zba4" content-length 3327196 content-type image/gif
GET H2	200	list-pic28.21528f53.gif telegrams.wtf/img/	3 MB 3 MB	1596ms 1540ms	Image image/gif	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/list-pic28.21528f53.gif Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe1lvl6" content-length 2700330 content-type image/gif
GET H2	200	list-pic29.5433cf6c.gif telegrams.wtf/img/	3 MB 3 MB	1590ms 1542ms	Image image/gif	5.183.11.221 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://telegrams.wtf/img/list-pic29.5433cf6c.gif Requested by Host: telegrams.wtf URL: https://telegrams.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.183.11.221 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software Caddy / Resource Hash `321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6` Request headers accept-language fi-FI,fi;q=0.9 Referer https://telegrams.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 14:32:27 GMT last-modified Thu, 16 Feb 2023 13:29:38 GMT server Caddy etag "rq6dhe1vewt" content-length 3145277 content-type image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

telegrams.wtf
www.telegrams.wtf
5.183.11.221
116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471
15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d
23a3d3f6cad25b7740db63a3bc1da7683628923f20c0dcfb7e3fc59402a3f643
321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6
3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48
3f919b423931fbcb5795bc801ea2d0c6bf317bf037895f813ecc0d1b62275eb3
431b4cb2c228f8ea5cad449b1f23d4fc43a10610842e976af764602b10c65f25
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
6c8cde78d9e1b9f1876c159249e2fe9878c1eb0d94a2057e69580ae32f375bae
776165a2cfb1ea839686c3e4a79af7da8033227a5a80caa5bdac6e0e8c91e615
88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
936ea060b9d411ec9e528d41085c38bdd6a14681f1ee53f424a86b86d443d932
abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45
b03f00acd525db782e0c47736c1470f10081d4131af6c9119e66cd6a51968833
b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417
e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402
ec944d0e2ab5e484ab13b9358782c66635f56d7f4b5606646930cff212bc73d5
f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b

telegrams.wtf Open in urlscan Pro 5.183.11.221 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

23888 kBTransfer

24279 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

telegrams.wtf Open in urlscan Pro
5.183.11.221 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

23888 kB
Transfer

24279 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!