telegeram-tl.com
Open in
urlscan Pro
103.163.208.164
Malicious Activity!
Public Scan
Submission: On March 09 via manual from HU — Scanned from IT
Summary
TLS certificate: Issued by R3 on March 8th 2024. Valid for: 3 months.
This is the only time telegeram-tl.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 103.163.208.164 103.163.208.164 | 140683 (STARBOWLT...) (STARBOWLTD-AS-AP Starbow Ltd.) | |
20 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
telegeram-tl.com
telegeram-tl.com |
247 KB |
20 | 1 |
Domain | Requested by | |
---|---|---|
15 | telegeram-tl.com |
telegeram-tl.com
|
20 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
telegeram-oy.com R3 |
2024-03-08 - 2024-06-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://telegeram-tl.com/
Frame ID: 502373E7D17024D7B3D25961629CBCAB
Requests: 17 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
telegeram-tl.com/ |
13 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-40J9BzD0.js
telegeram-tl.com/ |
123 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-oCcwLZ8q.css
telegeram-tl.com/ |
428 KB 93 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
mtproto.worker-PZnWtDVr.js
telegeram-tl.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
crypto.worker-mzGEe2SL.js
telegeram-tl.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
369 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crypto.worker-mzGEe2SL.js
telegeram-tl.com/ |
67 KB 26 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lang-5amZgLT1.js
telegeram-tl.com/ |
109 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
langSign-lcKrqmwM.js
telegeram-tl.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
countries-lRU-UavE.js
telegeram-tl.com/ |
24 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pageSignQR-kMqijRed.js
telegeram-tl.com/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-penn5KPV.js
telegeram-tl.com/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button-F6R52O6s.js
telegeram-tl.com/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
putPreloader-UsQA8bRA.js
telegeram-tl.com/ |
699 B 913 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
textToSvgURL-Z4O-nL1S.js
telegeram-tl.com/ |
357 B 571 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
42b2ce2f-6e02-441d-ab2e-4198d3f30f50
https://telegeram-tl.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
af6b02ca-e10d-4621-9c2a-c916009e6ebf
https://telegeram-tl.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
800d1dc6-6a80-488d-9876-e28352fa549e
https://telegeram-tl.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr-code-styling-ogpV7fl-.js
telegeram-tl.com/ |
65 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_commonjsHelpers-5-cIlDoe.js
telegeram-tl.com/ |
290 B 503 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_padded.svg
telegeram-tl.com/assets/img/ |
1 KB 1 KB |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- telegeram-tl.com
- URL
- https://telegeram-tl.com/mtproto.worker-PZnWtDVr.js
- Domain
- telegeram-tl.com
- URL
- https://telegeram-tl.com/crypto.worker-mzGEe2SL.js
- Domain
- telegeram-tl.com
- URL
- blob:https://telegeram-tl.com/42b2ce2f-6e02-441d-ab2e-4198d3f30f50
- Domain
- telegeram-tl.com
- URL
- blob:https://telegeram-tl.com/af6b02ca-e10d-4621-9c2a-c916009e6ebf
- Domain
- telegeram-tl.com
- URL
- blob:https://telegeram-tl.com/800d1dc6-6a80-488d-9876-e28352fa549e
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| rootScope function| deferredPromise function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes object| customProperties object| windowSize object| liteMode object| themeController object| overlayCounter function| formatDateAccordingToTodayNew function| fillTipDates function| dispatchHeavyAnimationEvent object| pagesManager object| sequentialDom function| putPreloader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
telegeram-tl.com
telegeram-tl.com
103.163.208.164
0be36cb6971c6cb8b8ddb4d58d716016fbb36dd3fa86727ef19c82b691b0c741
11df89f1d878c787a7eb40b8af94cd60eb61186bceb1715e725efbe59a4cd9d0
2f78c4179871385702e53835e1b2e1d7e835b02b51a43ff0410ba83aac7fdada
36cb02e59322028c02c5365bd56cbd129b3eb2fb4aaec625160ca2dc9786a4bd
3b0a846ca954526613e6c4baf812e30304a13281cb95f6c9604449f845e7fdb5
54972c5f4c193cc61f91f64f54bb98d5c0cd1441bfef522fcc4d89ac3fa09245
6c4900d40f3335423817340edddd7655d96e707156923fcf3cbf5a6520008d6e
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
8528a55ba5d25bb2b6463f369b7a2046c08ced5f20256978a06119c0d50d08a2
900f22723c45f67600638812021437a089daa7c2f0a559ebb85a0726183cee79
a683d0ebbbf0055d1aa8f02a21e2a6faaa2319eabfcd0e1e4a10d57a59e33027
a70d8eda5cb7a693c6518861b6edde3086187a675d6e7ed50d768f10efd6084c
a8df41d98a0fa3d1cb8c8661377ac1a572beb9cd0b68e968f92d69f7c8331483
ba13c9ebc95dc73dfe46a3ecb61bd70b63938d1983bebc573c681e7de74370fb
e76923c354b89bc0a5830380492116ff23abcb7205fe83f071fbf37f7bed5f38
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4