76092.net
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Submission Tags: @phish_report
Submission: On December 23 via api from FI — Scanned from NL
Summary
TLS certificate: Issued by E1 on December 20th 2023. Valid for: 3 months.
This is the only time 76092.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
25 | 2 |
Domain | Requested by | |
---|---|---|
20 | 76092.net |
76092.net
|
25 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
76092.net E1 |
2023-12-20 - 2024-03-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://76092.net/
Frame ID: 4182EA71FF66C260661D05162012C015
Requests: 20 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
76092.net/ |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.0535ee29a03f18616097.css
76092.net/ |
398 KB 71 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-desktop.7ec8ed3b19fabb19d057.css
76092.net/ |
338 B 569 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mtproto.worker.a04c39423ada106790f8.chunk.js
76092.net/ |
723 KB 165 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
85.c5a45a5b8327be101844.bundle.js
76092.net/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
110.874d0e79405a58485218.bundle.js
76092.net/ |
25 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.7d4ff02df02a3cab3169.bundle.js
76092.net/ |
70 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
mtproto.worker.a04c39423ada106790f8.chunk.js
76092.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
crypto.worker.03f3724c7d6f77434f7b.chunk.js
76092.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
crypto.worker.03f3724c7d6f77434f7b.chunk.js
76092.net/ |
24 KB 9 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
104.bee5f0bbe29853cada3e.chunk.js
76092.net/ |
63 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
301.a138ad85c3f7c5e382bf.chunk.js
76092.net/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8.cf6e90ba29bab54a0fb4.chunk.js
76092.net/ |
24 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
npm.axios.68fcb0415dc68449c79d.chunk.js
76092.net/ |
28 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
147.6f6c83fdc631d19a7e7c.chunk.js
76092.net/ |
35 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
297.c801a325152b96edf3cb.chunk.js
76092.net/ |
1 MB 376 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
63.3f1eeefeb6cfe08536e3.chunk.js
76092.net/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
submit
76092.net/apis/guest/ |
0 455 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
8380eecc-31df-4ec5-9414-22efba0ae39f
https://76092.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
15a73d07-bfff-45ba-81e4-22219a04d61c
https://76092.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
93d68153-3d02-4422-8452-3fd07da13192
https://76092.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
508.68e12589c72e402241cc.chunk.js
76092.net/ |
5 KB 3 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
508.68e12589c72e402241cc.chunk.js
76092.net/ |
5 KB 3 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
508.68e12589c72e402241cc.chunk.js
76092.net/ |
5 KB 3 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
508.68e12589c72e402241cc.chunk.js
76092.net/ |
5 KB 3 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 76092.net
- URL
- https://76092.net/mtproto.worker.a04c39423ada106790f8.chunk.js
- Domain
- 76092.net
- URL
- https://76092.net/crypto.worker.03f3724c7d6f77434f7b.chunk.js
- Domain
- 76092.net
- URL
- blob:https://76092.net/8380eecc-31df-4ec5-9414-22efba0ae39f
- Domain
- 76092.net
- URL
- blob:https://76092.net/15a73d07-bfff-45ba-81e4-22219a04d61c
- Domain
- 76092.net
- URL
- blob:https://76092.net/93d68153-3d02-4422-8452-3fd07da13192
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| webpackChunktweb object| rootScope function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy object| themeController function| putPreloader function| calcImageInBox object| mediaSizes function| dispatchHeavyAnimationEvent object| sequentialDom object| appDownloadManager object| appMediaPlaybackController object| appNavigationController object| liteMode object| customProperties object| windowSize function| formatDateAccordingToTodayNew function| fillTipDates function| getVisibleRect function| generatePathData function| p function| getRichValueWithCaret function| compareNodes function| placeCaretAtEnd function| PopupNewMedia function| SlicedArray function| ScrollSaver object| emoticonsDropdown object| appSidebarRight function| getStream function| getStreamCached object| groupCallController object| callsController object| appDialogsManager object| appSidebarLeft object| uiNotificationsManager object| appImManager object| syncedPlayers object| emojiRenderers function| wrapRichText object| animationIntersector object| lottieLoader object| pagesManager0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
76092.net
76092.net
2a06:98c1:3120::3
053288d5e1e8fb9a7f2a48ef01a1433cc9d0ff82b1c453a1b1a1fbb45a9e9a60
0a38c01bd72e6b8ea645dfb686e78def74ae2266501ec4be5fa321dccfabdd0f
12a84f88fe7d1cb431508f4d4df0438979570c3212ffff168f97ecb696630944
2ef14ddad3f4c61adf025a62fb966c8093a861c2a498d3c4d168cb2854a3fb1c
322deb24d6d5efcf38e98818033dc373a21e67a4535703a0bae2772b13d9f5ce
35762c1a91e7892f95f8ff833671faef1bc972dbb5ab82ec6f7e48ea86c37540
58cd70266868d7192eede7c2b13c66a6f0a2541d1b37a205230b0cdba8ac2b31
76439e361832e5cc02496b3a55a563b5fad3993ec187cd6bb4de4b1d29e02c90
78c642a3f2d9ee2056ca21d3fdcea9ba486efd8fbcd7a61e2f4175a2a35ab9c4
7e1d4e2ce2c2a858bbbcaf1abee014609ed39919b8a08248140d121def64d095
8ce6001ed025f9a2a010f19a8bbdbfc68e8c7db58343679a8a49cbe2fff455b3
8f83c1b8597f84a4f55c9261d9df0808d6af3154340caeffe4db5c679e8dfdcf
b306f78e88be80d4519da9fae17ac1736a5227313378c4ddb9b1a9af4d4ecc28
d14e99ff949664a85178561e2d487cfa9f7c276b0e77ab90a715a2f246b5d276
d7df1f14aa9d41a5922178f5651afd43651d89d2c42a8117edf7beb9a5019b5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f30b69f0b995bc65cf3ea9b905514335cf813003b8162fd1e48d6c13470ac41a